skip to main content
10.1145/3106237.3106307acmconferencesArticle/Chapter ViewAbstractPublication PagesfseConference Proceedingsconference-collections
research-article

Craig vs. Newton in software model checking

Published: 21 August 2017 Publication History

Abstract

Ever since the seminal work on SLAM and BLAST, software model checking with counterexample-guided abstraction refinement (CEGAR) has been an active topic of research. The crucial procedure here is to analyze a sequence of program statements (the counterexample) to find building blocks for the overall proof of the program. We can distinguish two approaches (which we name Craig and Newton) to implement the procedure. The historically first approach, Newton (named after the tool from the SLAM toolkit), is based on symbolic execution. The second approach, Craig, is based on Craig interpolation. It was widely believed that Craig is substantially more effective than Newton. In fact, 12 out of the 15 CEGAR-based tools in SV-COMP are based on Craig. Advances in software model checkers based on Craig, however, can go only lockstep with advances in SMT solvers with Craig interpolation. It may be time to revisit Newton and ask whether Newton can be as effective as Craig. We have implemented a total of 11 variants of Craig and Newton in two different state-of-the-art software model checking tools and present the outcome of our experimental comparison.

References

[1]
Aws Albarghouthi, Arie Gurfinkel, and Marsha Chechik. 2012. Craig Interpretation. In SAS 2012. Springer, 300–316. Craig vs. Newton in Software Model Checking ESEC/FSE’17, September 4–8, 2017, Paderborn, Germany
[2]
Aws Albarghouthi, Yi Li, Arie Gurfinkel, and Marsha Chechik. 2012. Ufo: A Framework for Abstraction- and Interpolation-Based Software Verification. In CAV (Lecture Notes in Computer Science), Vol. 7358. Springer, 672–678.
[3]
Aws Albarghouthi and Kenneth L. McMillan. 2013. Beautiful Interpolants. In CAV (Lecture Notes in Computer Science), Vol. 8044. Springer, 313–329.
[4]
Thomas Ball, Rupak Majumdar, Todd D. Millstein, and Sriram K. Rajamani. 2001. Automatic Predicate Abstraction of C Programs. In PLDI 2001. 203–213.
[5]
Tom Ball and Sriram Rajamani. 2002. Generating Abstract Explanations of Spurious Counterexamples in C Programs. Technical Report. 15 pages.
[6]
Clark Barrett, Christopher L Conway, Morgan Deters, Liana Hadarean, Dejan Jovanović, Tim King, Andrew Reynolds, and Cesare Tinelli. 2011. CVC4. In CAV 2011. Springer, 171–177.
[7]
Dirk Beyer. 2016. Reliable and Reproducible Competition Results with BenchExec and Witnesses (Report on SV-COMP 2016). In TACAS 2016. 887–904.
[8]
Dirk Beyer. 2017. Software Verification with Validation of Results - (Report on SV-COMP 2017). In TACAS 2017. 331–349.
[9]
Dirk Beyer, Thomas A. Henzinger, Rupak Majumdar, and Andrey Rybalchenko. 2007. Path Invariants. In PLDI 2007. 300–309.
[10]
Dirk Beyer and M. Erkan Keremoglu. 2011. CPAchecker: A Tool for Configurable Software Verification. In CAV 2011. 184–190.
[11]
Dirk Beyer, Stefan Löwe, and Philipp Wendler. 2015. Refinement Selection. In SPIN 2015. 20–38.
[12]
Dirk Beyer, Stefan Löwe, and Philipp Wendler. 2015. Sliced Path Prefixes: An Effective Method to Enable Refinement Selection. In FORTE 2015. 228–243.
[13]
Aaron R. Bradley. 2011. SAT-Based Model Checking without Unrolling. In VMCAI 2011. 70–87.
[14]
Martin Brain, Vijay D’Silva, Alberto Griggio, Leopold Haller, and Daniel Kroening. 2013. Interpolation-Based Verification of Floating-Point Programs with Abstract CDCL. In SAS (Lecture Notes in Computer Science), Vol. 7935. Springer, 412–432.
[15]
Angelo Brillout, Daniel Kroening, Philipp Rümmer, and Thomas Wahl. 2010. An Interpolating Sequent Calculus for Quantifier-Free Presburger Arithmetic. In IJCAR (Lecture Notes in Computer Science), Vol. 6173. Springer, 384–399.
[16]
Angelo Brillout, Daniel Kroening, Philipp Rümmer, and Thomas Wahl. 2011. An Interpolating Sequent Calculus for Quantifier-Free Presburger Arithmetic. J. Autom. Reasoning 47, 4 (2011), 341–367.
[17]
Franck Cassez, Takashi Matsuoka, Edward Pierzchalski, and Nathan Smyth. 2015. Perentie: Modular Trace Refinement and Selective Value Tracking - (Competition Contribution). In TACAS (Lecture Notes in Computer Science), Vol. 9035. Springer, 439–442.
[18]
Jürgen Christ and Jochen Hoenicke. 2016. Proof Tree Preserving Tree Interpolation. J. Autom. Reasoning 57, 1 (2016), 67–95.
[19]
Jürgen Christ, Jochen Hoenicke, and Alexander Nutz. 2012. SMTInterpol: An Interpolating SMT Solver. In SPIN 2012. 248–254.
[20]
Alessandro Cimatti and Alberto Griggio. 2012. Software Model Checking via IC3. In CAV (Lecture Notes in Computer Science), Vol. 7358. Springer, 277–293.
[21]
Alessandro Cimatti, Alberto Griggio, Bastiaan Joost Schaafsma, and Roberto Sebastiani. 2013. The MathSAT5 SMT Solver. In TACAS 2013. 93–107.
[22]
Patrick Cousot. 2015. Abstracting Induction by Extrapolation and Interpolation. In VMCAI 2015. 19–42.
[23]
Leonardo Mendonça de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In TACAS 2008. 337–340.
[24]
Klaus Dräger, Andrey Kupriyanov, Bernd Finkbeiner, and Heike Wehrheim. 2010. SLAB: A Certifying Model Checker for Infinite-State Concurrent Systems. In TACAS 2010. 271–274.
[25]
Evren Ermis, Jochen Hoenicke, and Andreas Podelski. 2012. Splitting via Interpolants. In VMCAI 2012. 186–201.
[26]
Sicun Gao and Damien Zufferey. 2016. Interpolants in Nonlinear Theories Over the Reals. In TACAS (Lecture Notes in Computer Science), Vol. 9636. Springer, 625–641.
[27]
Denis Gopan and Thomas Reps. 2006. Lookahead Widening. In CAV 2006. Springer, 452–466.
[28]
Alberto Griggio. 2011. Effective word-level interpolation for software verification. In FMCAD. FMCAD Inc., 28–36.
[29]
Alberto Griggio, Thi Thieu Hoa Le, and Roberto Sebastiani. 2011. Efficient Interpolant Generation in Satisfiability Modulo Linear Integer Arithmetic. In TACAS (Lecture Notes in Computer Science), Vol. 6605. Springer, 143–157.
[30]
Bhargav S. Gulavani, Supratik Chakraborty, Aditya V. Nori, and Sriram K. Rajamani. 2008. Automatically Refining Abstract Interpretations. In TACAS 2008.
[31]
443–458.
[32]
Bhargav S. Gulavani and Sriram K. Rajamani. 2006. Counterexample Driven Refinement for Abstract Interpretation. In TACAS 2006. 474–488.
[33]
Matthias Heizmann, Daniel Dietsch, Marius Greitschus, Jan Leike, Betim Musa, Claus Schätzle, and Andreas Podelski. 2016. Ultimate Automizer with Twotrack Proofs - (Competition Contribution). In TACAS 2016. 950–953.
[34]
Matthias Heizmann, Jochen Hoenicke, and Andreas Podelski. 2009. Refinement of Trace Abstraction. In SAS 2009. 69–85.
[35]
Matthias Heizmann, Jochen Hoenicke, and Andreas Podelski. 2010. Nested Interpolants. In POPL 2010. 471–482.
[36]
[37]
Matthias Heizmann, Jochen Hoenicke, and Andreas Podelski. 2013. Software Model Checking for People Who Love Automata. In CAV 2013. 36–52.
[38]
Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Kenneth L. McMillan. 2004. Abstractions from Proofs. In POPL 2004. 232–244.
[39]
Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Grégoire Sutre. 2002. Lazy Abstraction. In POPL 2002. 58–70.
[40]
[41]
Krystof Hoder and Nikolaj Bjørner. 2012. Generalized Property Directed Reachability. In SAT (Lecture Notes in Computer Science), Vol. 7317. Springer, 157–171.
[42]
Ranjit Jhala and Rupak Majumdar. 2005. Path Slicing. In PLDI 2005. 38–47.
[43]
Ranjit Jhala and Kenneth L. McMillan. 2006. A Practical and Complete Approach to Predicate Refinement. In TACAS (Lecture Notes in Computer Science), Vol. 3920.
[44]
Springer, 459–473.
[45]
Aleksandr Karbyshev, Nikolaj Bjørner, Shachar Itzhaky, Noam Rinetzky, and Sharon Shoham. 2015. Property-Directed Inference of Universal Invariants or Proving Their Absence. In CAV (1) (Lecture Notes in Computer Science), Vol. 9206.
[46]
Springer, 583–602.
[47]
K. Rustan M. Leino. 2008. This is Boogie 2. Manuscript Working Draft. (24 jun 2008). Microsoft Research, Redmond, WA, USA (http://research.microsoft.com/ en-us/um/people/leino/papers/krml178.pdf).
[48]
Kenneth L. McMillan. 2003. Interpolation and SAT-Based Model Checking. In CAV (Lecture Notes in Computer Science), Vol. 2725. Springer, 1–13.
[49]
Kenneth L. McMillan. 2004. An Interpolating Theorem Prover. In TACAS (Lecture Notes in Computer Science), Vol. 2988. Springer, 16–30.
[50]
Kenneth L. McMillan. 2006. Lazy Abstraction with Interpolants. In CAV 2006. Springer, 123–136.
[51]
Kenneth L. McMillan. 2011. Interpolants from Z3 Proofs. In FMCAD 2011. 19–27. http://dl.acm.org/citation.cfm?id=2157661
[52]
Kenneth L. McMillan and Nina Amla. 2003. Automatic Abstraction Without Counterexamples. In TACAS 2003. 2–17.
[53]
Kedar S. Namjoshi and Robert P. Kurshan. 2000. Syntactic Program Transformations for Automatic Abstraction. In CAV (Lecture Notes in Computer Science), Vol. 1855. Springer, 435–449.
[54]
Alexander Nutz, Daniel Dietsch, Mostafa Mahmoud Mohamed, and Andreas Podelski. 2015. Ultimate Kojak with Memory Safety Checks - (Competition Contribution). In TACAS 2015. 458–460.
[55]
Andrey Rybalchenko and Viorica Sofronie-Stokkermans. 2010. Constraint solving for interpolation. J. Symb. Comput. 45, 11 (2010), 1212–1233.

Cited By

View all
  • (2023)Ultimate Automizer and the CommuHash Normal FormTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-30820-8_39(577-581)Online publication date: 20-Apr-2023
  • (2022)Evaluation of SMT solvers in abstraction-based software model checkingProceedings of the 11th Latin-American Symposium on Dependable Computing10.1145/3569902.3570187(109-116)Online publication date: 21-Nov-2022
  • (2022)Decomposing software verification into off-the-shelf componentsProceedings of the 44th International Conference on Software Engineering10.1145/3510003.3510064(536-548)Online publication date: 21-May-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ESEC/FSE 2017: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering
August 2017
1073 pages
ISBN:9781450351058
DOI:10.1145/3106237
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 August 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Craig Interpolation
  2. Formal Verification
  3. Unsatisfiable Cores

Qualifiers

  • Research-article

Conference

ESEC/FSE'17
Sponsor:

Acceptance Rates

Overall Acceptance Rate 112 of 543 submissions, 21%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)18
  • Downloads (Last 6 weeks)3
Reflects downloads up to 17 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Ultimate Automizer and the CommuHash Normal FormTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-30820-8_39(577-581)Online publication date: 20-Apr-2023
  • (2022)Evaluation of SMT solvers in abstraction-based software model checkingProceedings of the 11th Latin-American Symposium on Dependable Computing10.1145/3569902.3570187(109-116)Online publication date: 21-Nov-2022
  • (2022)Decomposing software verification into off-the-shelf componentsProceedings of the 44th International Conference on Software Engineering10.1145/3510003.3510064(536-548)Online publication date: 21-May-2022
  • (2021)Bitvector Support in the Theta Formal Verification Framework2021 10th Latin-American Symposium on Dependable Computing (LADC)10.1109/LADC53747.2021.9672595(01-08)Online publication date: Nov-2021
  • (2019)Ultimate TreeAutomizer (CHC-COMP Tool Description)Electronic Proceedings in Theoretical Computer Science10.4204/EPTCS.296.7296(42-47)Online publication date: 9-Jul-2019
  • (2019)Differentially testing soundness and precision of program analyzersProceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3293882.3330553(239-250)Online publication date: 10-Jul-2019
  • (2018)Incremental Verification Using Trace AbstractionStatic Analysis10.1007/978-3-319-99725-4_22(364-382)Online publication date: 29-Aug-2018
  • (2018)Ultimate Taipan with Dynamic Block EncodingTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-319-89963-3_31(452-456)Online publication date: 14-Apr-2018
  • (2018)Ultimate Automizer and the Search for Perfect InterpolantsTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-319-89963-3_30(447-451)Online publication date: 14-Apr-2018

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media