Horn Clause Solvers for Program Verification

  • Nikolaj Bjørner
  • Arie Gurfinkel
  • Ken McMillan
  • Andrey Rybalchenko
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9300)

Abstract

Automatic program verification and symbolic model checking tools interface with theorem proving technologies that check satisfiability of formulas. A theme pursued in the past years by the authors of this paper has been to encode symbolic model problems directly as Horn clauses and develop dedicated solvers for Horn clauses. Our solvers are called Duality, HSF, SeaHorn, and \(\mu {Z}\) and we have devoted considerable attention in recent papers to algorithms for solving Horn clauses. This paper complements these strides as we summarize main useful properties of Horn clauses, illustrate encodings of procedural program verification into Horn clauses and then highlight a number of useful simplification strategies at the level of Horn clauses. Solving Horn clauses amounts to establishing Existential positive Fixed-point Logic formulas, a perspective that was promoted by Blass and Gurevich.

References

  1. 1.
    Alberti, F., Ghilardi, S., Sharygina, N.: Booster: an acceleration-based verification framework for array programs. In: Cassez, F., Raskin, J.-F. (eds.) ATVA 2014. LNCS, vol. 8837, pp. 18–23. Springer, Heidelberg (2014) Google Scholar
  2. 2.
    Apt, K.R.: Logic programming. In: Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics (B), pp. 493–574. Elsevier (1990)Google Scholar
  3. 3.
    Ball, T., Rajamani, S.K.: Bebop: a path-sensitive interprocedural dataflow engine. In: Proceedings of the 2001 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, PASTE 2001, Snowbird, Utah, USA, 18–19 June 2001, pp. 97–103 (2001)Google Scholar
  4. 4.
    Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., M. Leino, K.R.: Boogie: a modular reusable verifier for object-oriented programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  5. 5.
    Barnett, M., Leino, K.R.M.: Weakest-precondition of unstructured programs. In: PASTE, pp. 82–87 (2005)Google Scholar
  6. 6.
    Barrett, C., Stump, A., Tinelli, C.: The Satisfiability Modulo Theories Library (SMT-LIB) (2010). www.SMT-LIB.org
  7. 7.
    Barvinok, A.I.: A polynomial time algorithm for counting integral points in polyhedra when the dimension is fixed. In: 34th Annual Symposium on Foundations of Computer Science, Palo Alto, California, USA, 3–5 November 1993, pp. 566–572 (1993)Google Scholar
  8. 8.
    Berdine, J., Bjørner, N., Ishtiaq, S., Kriener, J.E., Wintersteiger, C.M.: Resourceful reachability as HORN-LA. In: McMillan, K., Middeldorp, A., Voronkov, A. (eds.) LPAR-19 2013. LNCS, vol. 8312, pp. 137–146. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  9. 9.
    Beyene, T.A., Chaudhuri, S., Popeea, C., Rybalchenko, A.: A constraint-based approach to solving games on infinite graphs. In: POPL, pp. 221–234 (2014)Google Scholar
  10. 10.
    Beyer, D., Cimatti, A., Griggio, A., Erkan Keremoglu, M., Sebastiani, R.: Software model checking via large-block encoding. In: FMCAD, pp. 25–32 (2009)Google Scholar
  11. 11.
    Bjørner, N., Gurfinkel, A.: Property directed polyhedral abstraction. In: D’Souza, D., Lal, A., Larsen, K.G. (eds.) VMCAI 2015. LNCS, vol. 8931, pp. 263–281. Springer, Heidelberg (2015) Google Scholar
  12. 12.
    Bjørner, N., McMillan, K.L., Rybalchenko, A.: Program verification as satisfiability modulo theories. In: SMT at IJCAR, pp. 3–11 (2012)Google Scholar
  13. 13.
    Bjørner, N., McMillan, K.L., Rybalchenko, A.: Higher-order program verification as satisfiability modulo theories with algebraic data-types. CoRR, abs/1306.5264 (2013)Google Scholar
  14. 14.
    Bjørner, N., McMillan, K., Rybalchenko, A.: On solving universally quantified horn clauses. In: Logozzo, F., Fähndrich, M. (eds.) SAS 2013. LNCS, vol. 7935, pp. 105–125. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  15. 15.
    Blass, A., Gurevich, Y.: Existential fixed-point logic. In: Börger, E. (ed.) Computation Theory and Logic. LNCS, vol. 270, pp. 20–36. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  16. 16.
    Blass, A., Gurevich, Y.: Inadequacy of computable loop invariants. ACM Trans. Comput. Log. 2(1), 1–11 (2001)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Bradley, A.R.: SAT-based model checking without unrolling. In: Jhala, R., Schmidt, D. (eds.) VMCAI 2011. LNCS, vol. 6538, pp. 70–87. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  18. 18.
    Burstall, R.M., Darlington, J.: A transformation system for developing recursive programs. JACM 24, 44–67 (1977)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Ceri, S., Gottlob, G., Tanca, L.: Logic Programming and Databases. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  20. 20.
    Clarke, E.M.: Programming language constructs for which it is impossible to obtain good hoare axiom systems. J. ACM 26(1), 129–147 (1979)MathSciNetCrossRefMATHGoogle Scholar
  21. 21.
    Cook, S.A.: Soundness and completeness of an axiom system for program verif. SIAM J. Comput. 7(1), 70–90 (1978)MathSciNetCrossRefMATHGoogle Scholar
  22. 22.
    Craig, W.: Three uses of the herbrand-gentzen theorem in relating model theory and proof theory. J. Symb. Log. 22(3), 269–285 (1957)MathSciNetCrossRefMATHGoogle Scholar
  23. 23.
    De Angelis, E., Fioravanti, F., Pettorossi, A., Proietti, M.: Program verification via iterated specialization. Sci. Comput. Program. 95, 149–175 (2014)CrossRefGoogle Scholar
  24. 24.
    De Angelis, E., Fioravanti, F., Pettorossi, A., Proietti, M.: VeriMAP: a tool for verifying programs through transformations. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014 (ETAPS). LNCS, vol. 8413, pp. 568–574. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  25. 25.
    Dellunde, P., Jansana, R.: Some characterization theorems for infinitary universal horn logic without equality. J. Symb. Log. 61(4), 1242–1260 (1996)MathSciNetCrossRefMATHGoogle Scholar
  26. 26.
    Dijkstra, E.W.: A Discipline of Programming. Prentice-Hall, New Jersey (1976)MATHGoogle Scholar
  27. 27.
    Fietzke, A., Weidenbach, C.: Superposition as a decision procedure for timed automata. Math. Comput. Sci. 6(4), 409–425 (2012)MathSciNetCrossRefMATHGoogle Scholar
  28. 28.
    Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for java. In: PLDI, pp. 234–245 (2002)Google Scholar
  29. 29.
    Floyd, R.W.: Assigning meaning to programs. In: Proceedings of Symposium on Applied Mathematics, vol. 19, pp. 19–32. American Math. Soc. (1967)Google Scholar
  30. 30.
    Gallagher, J.P., Kafle, B.: Analysis and transformation tools for constrained horn clause verification. CoRR, abs/1405.3883 (2014)Google Scholar
  31. 31.
    German, S.M., Clarke, E.M., Halpern, J.Y.: Reasoning about procedures as parameters in the language L4. Inf. Comput. 83(3), 265–359 (1989)MathSciNetCrossRefMATHGoogle Scholar
  32. 32.
    Grebenshchikov, S., Lopes, N.P., Popeea, C., Rybalchenko, A.: Synthesizing software verifiers from proof rules. In: PLDI (2012)Google Scholar
  33. 33.
    Gurfinkel, A., Chaki, S., Sapra, S.: Efficient Predicate Abstraction of Program Summaries. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 131–145. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  34. 34.
    Gurfinkel, A., Kahsai, T., Komuravelli, A., Navas, J.A.: The seahorn verification framework. In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 343–361. Springer, Heidelberg (2015) CrossRefGoogle Scholar
  35. 35.
    Gurfinkel, A., Wei, O., Chechik, M.: Model checking recursive programs with exact predicate abstraction. In: Cha, S.S., Choi, J.-Y., Kim, M., Lee, I., Viswanathan, M. (eds.) ATVA 2008. LNCS, vol. 5311, pp. 95–110. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  36. 36.
    Hermenegildo, M.V., Bueno, F., Carro, M., Lopez-Garcia, P., Mera, E., Morales, J.F., Puebla, G.: An overview of ciao and its design philosophy. TPLP 12(1–2), 219–252 (2012)MathSciNetMATHGoogle Scholar
  37. 37.
    Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM 12(10), 576–580 (1969)CrossRefMATHGoogle Scholar
  38. 38.
    Hoder, K., Bjørner, N.: Generalized property directed reachability. In: Cimatti, A., Sebastiani, R. (eds.) SAT 2012. LNCS, vol. 7317, pp. 157–171. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  39. 39.
    Hojjat, H., Iosif, R., Konečný, F., Kuncak, V., Rümmer, P.: Accelerating interpolants. In: Chakraborty, S., Mukund, M. (eds.) ATVA 2012. LNCS, vol. 7561, pp. 187–202. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  40. 40.
    Horn, A.: On sentences which are true of direct unions of algebras. J. Symb. Log. 16(1), 14–21 (1951)MathSciNetCrossRefMATHGoogle Scholar
  41. 41.
    Jaffar, J.: A CLP approach to modelling systems. In: Davies, J., Schulte, W., Barnett, M. (eds.) ICFEM 2004. LNCS, vol. 3308, p. 14. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  42. 42.
    Jaffar, J., Maher, M.J.: Constraint logic programming: a survey. J. Log. Program. 19(20), 503–581 (1994)MathSciNetCrossRefMATHGoogle Scholar
  43. 43.
    Jaffar, J., Santosa, A.E., Voicu, R.: An interpolation method for CLP traversal. In: Gent, I.P. (ed.) CP 2009. LNCS, vol. 5732, pp. 454–469. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  44. 44.
    Jhala, R., Majumdar, R., Rybalchenko, A.: HMC: verifying functional programs using abstract interpreters. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 470–485. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  45. 45.
    Jones, N.D., Gomard, C.K., Sestoft, P.: Partial Evaluation and Automatic Program Generation. Prentice Hall international series in computer science. Prentice Hall, Englewood Cliff (1993) MATHGoogle Scholar
  46. 46.
    Kafle, B., Gallagher, J.P.: Constraint specialisation in horn clause verification. In: PEPM, pp. 85–90 (2015)Google Scholar
  47. 47.
    Karbyshev, A., Bjørner, N., Itzhaky, S., Rinetzky, N., Shoham, S.: Property-directed inference of universal invariants or proving their absence (2015)Google Scholar
  48. 48.
    Komuravelli, A., Gurfinkel, A., Chaki, S.: SMT-based model checking for recursive programs. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 17–34. Springer, Heidelberg (2014) Google Scholar
  49. 49.
    Lal, A., Qadeer, S.: A program transformation for faster goal-directed search. In: Formal Methods in Computer-Aided Design, FMCAD 2014, Lausanne, Switzerland, 21–24 October 2014, pp. 147–154 (2014)Google Scholar
  50. 50.
    Rustan, K., Leino, M.: Efficient weakest preconditions. Inf. Process. Lett. 93(6), 281–288 (2005)MathSciNetCrossRefMATHGoogle Scholar
  51. 51.
    Lopes, N.P., Bjørner, N., Godefroid, P., Jayaraman, K., Varghese, G.: Checking beliefs in dynamic networks. In: NSDI, May 2015Google Scholar
  52. 52.
    Manna, Z., Pnueli, A.: Temporal Verification of Reactive Systems: Safety. Springer, Berlin (1995)CrossRefMATHGoogle Scholar
  53. 53.
    McCarthy, J.: Towards a mathematical science of computation. In: IFIP Congress, pp. 21–28 (1962)Google Scholar
  54. 54.
    McMillan, K.L.: Lazy annotation revisited. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 243–259. Springer, Heidelberg (2014) Google Scholar
  55. 55.
    Oppen, D.C.: Complexity, convexity and combinations of theories. Theor. Comput. Sci. 12, 291–302 (1980)MathSciNetCrossRefMATHGoogle Scholar
  56. 56.
    Navarro Pérez, J.A., Rybalchenko, A.: Separation logic modulo theories. In: Shan, C. (ed.) APLAS 2013. LNCS, vol. 8301, pp. 90–106. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  57. 57.
    Pettorossi, A., Proietti, M.: Synthesis and transformation of logic programs using unfold/fold proofs. Technical report 457, Universitá di Roma Tor Vergata (1997)Google Scholar
  58. 58.
    Pudl’ak, P.: Lower bounds for resolution and cutting planes proofs and monotone computations. J. Symbolic Logic 62(3), 981–998 (1995)MathSciNetCrossRefGoogle Scholar
  59. 59.
    Ramsay, S.J., Neatherway, R.P., Luke Ong, C.-H.: A type-directed abstraction refinement approach to higher-order model checking. In: POPL, pp. 61–72 (2014)Google Scholar
  60. 60.
    Reps, T.W., Horwitz, S., Sagiv, S.: Precise interprocedural dataflow analysis via graph reachability. In: POPL, pp. 49–61 (1995)Google Scholar
  61. 61.
    Revesz, P.Z.: Safe datalog queries with linear constraints. In: Maher, M.J., Puget, J.-F. (eds.) CP 1998. LNCS, vol. 1520, pp. 355–369. Springer, Heidelberg (1998) CrossRefGoogle Scholar
  62. 62.
    Rondon, P.M., Kawaguchi, M., Jhala, R.: Liquid types. In: PLDI, pp. 159–169 (2008)Google Scholar
  63. 63.
    Rümmer, P., Hojjat, H., Kuncak, V.: Disjunctive interpolants for horn-clause verification. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 347–363. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  64. 64.
    Sheeran, M., Singh, S., Stålmarck, G.: Checking safety properties using induction and a SAT-solver. In: Johnson, S.D., Hunt Jr., W.A. (eds.) FMCAD 2000. LNCS, vol. 1954, pp. 108–125. Springer, Heidelberg (2000) CrossRefGoogle Scholar
  65. 65.
    Tamaki, H., Sato, T.: Unfold/fold transformation of logic programs. In: Proceedings of the Second International Conference on Logic Programming (1984)Google Scholar
  66. 66.
    Turchin, V.F.: The concept of a supercompiler. ACM TOPLAS 8(3), 292–325 (1986)MathSciNetCrossRefMATHGoogle Scholar
  67. 67.
    van Emden, M.H., Kowalski, R.A.: The semantics of predicate logic as a programming language. J. ACM 23(4), 733–742 (1976)MathSciNetCrossRefMATHGoogle Scholar
  68. 68.
    Warren, D.S.: Memoing for logic programs. Commun. ACM 35(3), 93–111 (1992)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Nikolaj Bjørner
    • 1
  • Arie Gurfinkel
    • 2
  • Ken McMillan
    • 1
  • Andrey Rybalchenko
    • 3
  1. 1.Microsoft ResearchRedmondUSA
  2. 2.Software Engineering InstitutePittsburghUSA
  3. 3.Microsoft ResearchCambridgeUK

Personalised recommendations