Counterexample-Guided Prophecy for Model Checking Modulo the Theory of Arrays

Makai Mann,Oded Padon,Alberto Griggio,Clark Barrett,Ahmed Irfan

doi:10.1007/978-3-030-72016-2_7

Makai Mann, Oded Padon + Show 3 more

Open Access

https://doi.org/10.1007/978-3-030-72016-2_7

Copy DOI

Abstract

We develop a framework for model checking infinite-state systems by automatically augmenting them with auxiliary variables, enabling quantifier-free induction proofs for systems that would otherwise require quantified invariants. We combine this mechanism with a counterexample-guided abstraction refinement scheme for the theory of arrays. Our framework can thus, in many cases, reduce inductive reasoning with quantifiers and arrays to quantifier-free and array-free reasoning. We evaluate the approach on a wide set of benchmarks from the literature. The results show that our implementation often outperforms state-of-the-art tools, demonstrating its practical potential.

Highlights

Model checking is a widely-used and highly-effective technique for automated property checking
The paper makes the following contributions: i) we introduce an algorithm called Prophecize which uses history and prophecy variables to target a specific term at a specific time step of an execution, producing a new transition system that can effectively reason universally about that term; ii) we develop an automatic abstraction-refinement procedure for arrays, which leverages the Prophecize algorithm during the refinement step, and show that it is sound and produces no false positives; iii) we develop a prototype implementation of our technique; and iv) we evaluate our technique on four sets of model checking benchmarks containing arrays and show that our implementation outperforms state-of-the-art tools on a majority of the benchmark sets
We look for violations of array axioms in the returned counterexample, and instantiate each violated axiom

Summary

Introduction

Model checking is a widely-used and highly-effective technique for automated property checking. While some automated reasoning tools can reason about quantified formulas, such reasoning is typically not very robust Just discovering these quantified invariants remains very challenging. During the refinement step of an abstraction-refinement loop, our technique automatically introduces prophecy variables, which both help with the refinement step and may reduce the need for quantified reasoning. We demonstrate the technique in the context of model checking for infinite-state systems with arrays, a domain which is known for requiring quantified reasoning. We show how a standard abstraction for arrays can be augmented with counterexample-guided prophecy to obtain an algorithm that reduces the model checking problem to quantifier-free, array-free reasoning. We denote with φ{x → t} the formula obtained by replacing every free occurrence of x in φ with t We extend this notation to sets of variables and terms in the usual way.

Methods

Results

Conclusion