Skip to main content
SpringerLink
Log in

Approximating the safely reusable set of learned facts

  • Regular Paper
  • Published:
International Journal on Software Tools for Technology Transfer Aims and scope Submit manuscript

Abstract

Despite many advances, today’s software model checkers and extended static checkers still do not scale well to large code bases when verifying properties that depend on complex interprocedural flow of data. An obvious approach to improve performance is to exploit software structure. Although a tremendous amount of work has been done on exploiting structure at various levels of granularity, the fine-grained shared structure among multiple verification conditions has been largely ignored. In this paper, we formalize the notion of shared structure among verification conditions and propose a novel and efficient approach to exploit this sharing by safely reusing facts learned while checking one verification condition to help solve the others. Experimental results show that this approach can improve the performance of verification, even on path- and context-sensitive and dataflow-intensive properties.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Flanagan, C., Saxe, J.B.: Avoiding exponential explosion: generating compact verification conditions. In: Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages (POPL’01), vol. 36, pp. 193–205. ACM Press, New York (2001)

  2. Leino K.R.M.: Efficient weakest preconditions. Inf. Process. Lett. 93, 281–288 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  3. Ball, T., Majumdar, R., Millstein, T., Rajamani, S.K.: Automatic predicate abstraction of C programs. In: Proceedings of the ACM SIGPLAN 2001 Conference on Programming language design and implementation (PLDI’01), vol. 36, pp. 203–213. ACM Press, New York (2001)

  4. Bryant, R.E., Kroening, D., Ouaknine, J., Seshia, S.A., Strichman, O., Brady, B.A.: Deciding bit-vector arithmetic with abstraction. In: Grumberg, O., Huth, M., (eds.) Proceedings of the 13th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’07). Lecture Notes in Computer Science (LNCS), vol. 4424, pp. 358–372. Springer, Heidelberg (2007)

  5. Dutertre, B., de Moura, L.: A Fast Linear-Arithmetic Solver for DPLL(T). In: Ball, T., Jones, R.B., (eds.) Proceedings of the 18th International Conference on Computer Aided Verification (CAV’06). Lecture Notes in Computer Science (LNCS), vol. 4144, pp. 81–94. Springer, Heidelberg (2006)

  6. Ball, T., Lahiri, S.K., Musuvathi, M.: Zap: Automated theorem proving for software analysis. In: Sutcliffe, G., Voronkov, A., (eds.) Proceedings of the 12th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning (LPAR’05). Lecture Notes in Computer Science (LNCS), vol. 3835, pp. 2–22. Springer, Heidelberg (2005)

  7. Ganzinger, H., Hagen, G., Nieuwenhuis, R., Oliveras, A., Tinelli, C.: DPLL(T): Fast Decision Procedures. In: Alur, R., Peled, D.A., (eds.) Proceedings of the 16th International Conference on Computer Aided Verification (CAV’04). Lecture Notes in Computer Science (LNCS), vol. 3114, pp. 175–188. Springer, Heidelberg (2004)

  8. Moskewicz, M.W., Madigan, C.F., Zhao, Y., Zhang, L., Malik, S.: Chaff: engineering an efficient SAT solver. In: Proceedings of the 38th Design Automation Conference (DAC’01), pp. 530–535. ACM Press, New York (2001)

  9. Nelson, G.: Techniques for program verification. PhD thesis, Stanford University, Stanford, California (1980)

  10. Johnson, S.: Lint, a C Program Checker. Technical Report 65, Bell Laboratories (1977)

  11. Detlefs, D.L., Leino, K.R.M., Nelson, G., Saxe, J.B.: Extended static checking. Technical Report SRC-RR-159, Compaq Systems Research Center, Palo Alto, California (1998) (Now available from HP Labs)

  12. Engler, D., Chelf, B., Chou, A., Hallem, S.: Checking system rules using system-specific, programmer-written compiler extensions. In: Proceedings of the 4th conference on Symposium on Operating System Design & Implementation (OSDI’00), pp. 1–16. USENIX Association, Berkeley, California (2000)

  13. Xie, Y., Aiken, A.: Scalable error detection using boolean satisfiability. In: Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages (POPL’05), vol. 40, pp. 351–363. ACM Press, New York (2005)

  14. Clarke, E.M., Emerson, E.A.: Design and synthesis of synchronization skeletons using branching time temporal logic. In: Kozen, D., (ed.) Workshop on Logics of Programs. Published 1982 as Lecture Notes in Computer Science Number, vol. 131, pp. 52–71. (1981)

  15. Queille, J.P., Sifakis, J.: Specification and verification of concurrent systems in Cesar. In: 5th International Symposium on Programming, Springer (1981) 337–351 Lecture Notes in Computer Science Number 137.

  16. Silva, J.P.M., Sakallah, K.A.: Robust search algorithms for test pattern generation. In: Proceedings of the 27th International Symposium on Fault-Tolerant Computing (FTCS ’97), pp. 152–161. IEEE Computer Society, Washington (1997)

  17. Shtrichman, O.: Pruning techniques for the SAT-Based bounded model checking problem. In: Proceedings of the 11th IFIP WG 10.5 Advanced Research Working Conference on Correct Hardware Design and Verification Methods (CHARME’01), pp. 58–70. Springer, London (2001)

  18. Babić, D., Hu, A.J.: Calysto: scalable and precise extended static checking. In: 30th International Conference on Software Engineering (ICSE’08), pp. 211–220 (2008)

  19. Hoare C.A.R.: The verifying compiler: a grand challenge for computing research. J. ACM 50, 63–69 (2003)

    Article  Google Scholar 

  20. Cytron R., Ferrante J., Rosen B.K., Wegman M.N., Zadeck F.K.: Efficiently computing static single assignment form and the control dependence graph. ACM Trans. Program. Lang. Syst. 13, 451–490 (1991)

    Article  Google Scholar 

  21. King J.C.: Symbolic execution and program testing. Commun. ACM 19, 385–394 (1976)

    Article  MATH  Google Scholar 

  22. Babić, D., Hu, A.J.: Structural abstraction of software verification conditions. In: Damm, W., Hermanns, H., (eds.) Proceedings of the 19th International Conference on Computer Aided Verification (CAV’07). Lecture Notes in Computer Science (LNCS), vol. 4590, pp. 371–383. Springer, Heidelberg (2007)

  23. Babić, D.: Exploiting structure for scalable software verification. PhD thesis, University of British Columbia, Computer Science Department (2008)

  24. Ball, T., Rajamani, S.K.: SLIC: A Specification Language for Interface Checking (of C). Technical Report MSR-TR-2001-21, Microsoft Research (2001)

  25. Babić, D., Musuvathi, M.: Modular arithmetic decision procedure. Technical Report MSR-TR-2005-114, Microsoft Research Redmond (2005)

  26. Tseitin G.S.: On the complexity of derivation in propositional calculus. In: Siekmann, J., Wrightson, G.(eds) Automation of Reasoning 2: Classical Papers on Computational Logic 1967–1970, pp. 466–483. Springer, Berlin (1983)

    Google Scholar 

  27. Eén, N., Biere, A.: Effective preprocessing in SAT through variable and clause elimination. In: Bacchus, F., Walsh, T., (eds.) Proceedings of the 8th International Conference on Theory and Applications of Satisfiability Testing (SAT’05). Lecture Notes in Computer Science (LNCS), vol. 3569, pp. 61–75. Springer, Heidelberg (2005)

  28. Eén, N., Sörensson, N.: An extensible SAT solver. In: Proceedings of the 6th International Conference on theory and Applications of Satisfiability Testing (SAT’03). Lecture Notes in Computer Science (LNCS), vol. 2919, pp. 502–518. Santa Margherita Ligure, Springer, Italy (2003)

  29. Davis M., Logemann G., Loveland D.: A machine program for theorem-proving. Commun. ACM 5, 394–397 (1962)

    Article  MATH  MathSciNet  Google Scholar 

  30. Hutter, F., Babić, D., Hoos, H.H., Hu, A.J.: Boosting verification by automatic tuning of decision procedures. In: Proceedings of the Formal Methods in Computer Aided Design (FMCAD’07), pp. 27–34. IEEE Computer Society, Washington (2007)

  31. Prosser, R.T.: Applications of boolean matrices to the analysis of flow diagrams. In: Proceedings of the 16th Eastern Joint Computer Conference, pp. 133–138. Spartan Books, New York (1959)

  32. Lengauer T., Tarjan R.E.: A fast algorithm for finding dominators in a flowgraph. ACM Trans. Program. Lang. Syst. (TOPLAS) 1, 121–141 (1979)

    Article  MATH  Google Scholar 

  33. Detlefs, D., Nelson, G., Saxe, J.S.: Simplify: a theorem prover for program checking. Technical Report HPL-2003-148, HP Laboratories Palo Alto (2003)

  34. Rosen, B.K., Wegman, M.N., Zadeck, F.K.: Global value numbers and redundant computations. In: Proceedings of the 15th ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages (POPL’88), pp. 12–27. ACM Press, New York (1988)

  35. Bhalla, A., Lynce, I., de Sousa, J., Marques-Silva, J.: Heuristic backtracking algorithms for SAT. In: Proceedings of the 4th International Workshop on Microprocessor Test and Verification (MTV’03), pp. 69–74. Austin, Texas, USA (2003)

  36. Silva, J.P.M.: The impact of branching heuristics in propositional satisfiability algorithms. In: Proceedings of the 9th Portuguese Conference on Artificial Intelligence (EPIA’99). Lecture Notes in Computer Science (LNCS), vol. 1695, pp. 62–74. Springer, Heidelberg (1999)

  37. Shacham, O., Zarpas, E.: Tuning the VSIDS decision heuristic for bounded model checking. In: Proceedings of th 4th International Workshop on Microprocessor Test and Verification, Common Challenges and Solutions (MTV’03), pp. 75–79. IEEE Computer Society (2003)

  38. Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation (PLDI’02), vol. 37, pp. 234–245. ACM Press, New York (2002)

  39. Leino, K.R.M., Müller, P.: A verification methodology for model fields. In Sestoft, P., (ed.) Proceedings of the 15th European Symposium on Programming (ESOP’06), held as part of the Joint European Conferences on Theory and Practice of Software (ETAPS’06). Lecture Notes in Computer Science (LNCS), vol. 3924, pp. 115–130. Springer, Heidelberg (2006)

  40. Clarke, E.M., Kroening, D., Yorav, K.: Behavioral consistency of C and Verilog programs using bounded model checking. In: Proceedings of the 40th conference on Design automation (DAC’03), pp. 368–371. ACM Press, New York (2003)

  41. Aho A.V., Sethi R., Ullman J.D.: Compilers: Principles, Techniques, and Tools. Addison-Wesley Longman Publishing Co., Inc., Boston (1986)

    Google Scholar 

  42. Dijkstra E.W., Scholten C.S.: Predicate Calculus and Program Semantics. Springer, New York (1990)

    MATH  Google Scholar 

  43. Zhang, L., Madigan, C.F., Moskewicz, M.H., Malik, S.: Efficient conflict driven learning in a boolean satisfiability solver. In: Proceedings of the International Conference on Computer-Aided Design (ICCAD’01), Piscataway, New Jersey, USA, IEEE Press (2001) 279–285

  44. Stump, A., Dill, D.L.: Faster proof checking in the edinburgh logical framework. In: Voronkov, A., (ed.) Proceedings of the 18th International Conference on Automated Deduction (CADE’02). Lecture Notes in Computer Science (LNCS), vol. 2392, pp. 392–407. Springer, London (2002)

  45. Mahajan, Y.S., Fu, Z., Malik, S.: Zchaff2004: An efficient SAT solver. In: Proceedings of the 7th International Conference on Theory and Applications of Satisfiability Testing (SAT’04). Lecture Notes in Computer Science (LNCS), vol. 3542, pp. 360–375 (2004)

  46. Hooker J.N.: Solving the incremental satisfiability problem. J. Log. Program 15, 177–186 (1993)

    Article  MATH  MathSciNet  Google Scholar 

  47. Stump, A., Barrett, C.W., Dill, D.L.: CVC: a cooperating validity checker. In: Proceedings of the 14th International Conference on Computer Aided Verification (CAV’02). Lecture Notes in Computer Science (LNCS), vol. 2404, pp. 500-504. Springer, London (2002)

  48. Rountev, A., Kagan, S., Marlowe, T.J.: Interprocedural dataflow analysis in the presence of large libraries. In: Mycroft, A., Zeller, A., (eds.) Proceedings of the 15th International Conference on Compiler Construction (CC’06), held as a part of the Joint European Conferences on Theory and Practice of Software (ETAPS’06). Lecture Notes in Computer Science (LNCS), vol. 3923, pp. 2–16. Springer, Heidelberg (2006)

  49. Conway, C.L., Namjoshi, K.S., Dams, D., Edwards, S.A.: Incremental algorithms for inter-procedural analysis of safety properties. In: Etessami, K., Rajamani, S.K., (eds.) Proceedings of the 17th International Conference on Computer Aided Verification (CAV’05). Lecture Notes in Computer Science (LNCS), vol. 3576, pp. 449–461. Springer, Berlin (2005)

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of British Columbia, Vancouver, Canada

    Domagoj Babić & Alan J. Hu

Authors
  1. Domagoj Babić
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alan J. Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alan J. Hu.

Additional information

This work was supported in part by a research grant from the Natural Sciences and Engineering Research Council of Canada and a Microsoft Research Graduate Fellowship. This paper is based on and extended from a paper published in the 2007 Haifa Verification Conference.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Babić, D., Hu, A.J. Approximating the safely reusable set of learned facts. Int J Softw Tools Technol Transfer 11, 325–338 (2009). https://doi.org/10.1007/s10009-009-0117-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10009-009-0117-2

Keywords

Search

Navigation