Rahft: A Tool for Verifying Horn Clauses Using Abstract Interpretation and Finite Tree Automata

  • Bishoksan Kafle
  • John P. Gallagher
  • José F. Morales
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9779)

Abstract

We present Rahft (Refinement of Abstraction in Horn clauses using Finite Tree automata), an abstraction refinement tool for verifying safety properties of programs expressed as Horn clauses. The paper describes the architecture, strength and weakness, implementation and usage aspects of the tool. Rahft loosely combines three powerful techniques for program verification: (i) program specialisation, (ii) abstract interpretation, and (iii) trace abstraction refinement in a non-trivial way, with the aim of exploiting their strengths and mitigating their weaknesses through the complementary techniques. It is interfaced with an abstract domain, a tool for manipulating finite tree automata and various solvers for reasoning about constraints. Its modular design and customizable components allows for experimenting with new verification techniques and tools developed for Horn clauses.

References

  1. 1.
    SMT-LIB format. http://smtlib.cs.uiowa.edu. Accessed 5 May 2016
  2. 2.
    Bagnara, R., Hill, P.M., Zaffanella, E.: The Parma Polyhedra Library: toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems. SCP 72(1–2), 3–21 (2008)MathSciNetGoogle Scholar
  3. 3.
    Bancilhon, F., Maier, D., Sagiv, Y., Ullman, J.: Magic sets and other strange ways to implement logic programs. In: Proceedings of the 5th ACM SIGMOD-SIGACT Symposium on Principles of Database Systems (1986)Google Scholar
  4. 4.
    Beyer, D.: Second competition on software verification - (summary of SV-COMP 2013). In: Piterman and Smolka [35], pp. 594–609Google Scholar
  5. 5.
    Beyer, D.: Software verification and verifiable witnesses. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 401–416. Springer, Heidelberg (2015)Google Scholar
  6. 6.
    Bjørner, N., McMillan, K., Rybalchenko, A.: On solving universally quantified Horn clauses. In: Logozzo, F., Fähndrich, M. (eds.) Static Analysis. LNCS, vol. 7935, pp. 105–125. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  7. 7.
    Bradley, A.R., Manna, Z.: Property-directed incremental invariant generation. Formal Asp. Comput. 20(4–5), 379–405 (2008)CrossRefMATHGoogle Scholar
  8. 8.
    Brat, G., Navas, J.A., Shi, N., Venet, A.: IKOS: a framework for static analysis based on abstract interpretation. In: Giannakopoulou, D., Salaün, G. (eds.) SEFM 2014. LNCS, vol. 8702, pp. 271–277. Springer, Heidelberg (2014)Google Scholar
  9. 9.
    Cimatti, A., Griggio, A., Schaafsma, B.J., Sebastiani, R.: The MathSAT5 SMT solver. In: Piterman and Smolka [35], pp. 93–107Google Scholar
  10. 10.
    Codish, M., Søndergaard, H.: Meta-circular abstract interpretation in prolog. In: Mogensen, T.Æ., Schmidt, D.A., Sudborough, I.H. (eds.) The Essence of Computation. LNCS, vol. 2566, pp. 109–134. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Cortesi, A., Costantini, G., Ferrara, P.: A survey on product operators in abstract interpretation. In: Banerjee, A., Danvy, O., Doh, K., Hatcliff, J. (eds.) Semantics, Abstract Interpretation, and Reasoning About Programs. EPTCS, vol. 129, pp. 325–336 (2013)Google Scholar
  12. 12.
    Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Proceedings of the 5th Annual ACM Symposium on Principles of Programming Languages, pp. 84–96 (1978)Google Scholar
  13. 13.
    Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Graham, R.M., Harrison, M.A., Sethi, R. (eds.) POPL, pp. 238–252. ACM (1977)Google Scholar
  14. 14.
    Cousot, P., Cousot, R., Mauborgne, L.: The reduced product of abstract domains and the combination of decision procedures. In: Hofmann, M. (ed.) FOSSACS 2011. LNCS, vol. 6604, pp. 456–472. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    De Angelis, E., Fioravanti, F., Pettorossi, A., Proietti, M.: Program verification via iterated specialization. SCP 95, 149–175 (2014)Google Scholar
  16. 16.
    De Angelis, E., Fioravanti, F., Pettorossi, A., Proietti, M.: VeriMAP: a tool for verifying programs through transformations. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014 (ETAPS). LNCS, vol. 8413, pp. 568–574. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  17. 17.
    Debray, S., Ramakrishnan, R.: Abstract interpretation of logic programs using magic transformations. J. Logic Program. 18, 149–176 (1994)MathSciNetCrossRefMATHGoogle Scholar
  18. 18.
    Dutertre, B.: Yices 2.2. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 737–744. Springer, Heidelberg (2014)Google Scholar
  19. 19.
    Gallagher, J.P., Ajspur, M., Kafle, B.: An optimised algorithm for determinisation and completion of finite tree automata. CoRR, abs/1511.03595 (2015)Google Scholar
  20. 20.
    Gallagher, J.P., Kafle, B.: Analysis and transformation tools for constrained Horn clause verification. TPLP 14(4–5 (additional materials in online edition)), 90–101 (2014)Google Scholar
  21. 21.
    Grebenshchikov, S., Lopes, N.P., Popeea, C., Rybalchenko, A.: Synthesizing software verifiers from proof rules. In: Vitek, J., Lin, H., Tip, F. (eds.) PLDI, pp. 405–416. ACM (2012)Google Scholar
  22. 22.
    Gulavani, B.S., Chakraborty, S., Nori, A.V., Rajamani, S.K.: Automatically refining abstract interpretations. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 443–458. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  23. 23.
    Gupta, A., Rybalchenko, A.: InvGen: an efficient invariant generator. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 634–640. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Gurfinkel, A., Kahsai, T., Komuravelli, A., Navas, J.A.: The SeaHorn verification framework. In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 343–361. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  25. 25.
    Heizmann, M., Hoenicke, J., Podelski, A.: Refinement of trace abstraction. In: Palsberg, J., Su, Z. (eds.) SAS 2009. LNCS, vol. 5673, pp. 69–85. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  26. 26.
    Hermenegildo, M.V., Bueno, F., Carro, M., López-García, P., Mera, E., Morales, J.F., Puebla, G.: An overview of Ciao and its design philosophy. TPLP 12(1–2), 219–252 (2012)MathSciNetMATHGoogle Scholar
  27. 27.
    Hojjat, H., Konečný, F., Garnier, F., Iosif, R., Kuncak, V., Rümmer, P.: A verification toolkit for numerical transition systems - tool paper. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 247–251. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  28. 28.
    Jaffar, J., Maher, M.: Constraint logic programming: a survey. J. Logic Program. 1920, 503–581 (1994)MathSciNetCrossRefMATHGoogle Scholar
  29. 29.
    Jaffar, J., Murali, V., Navas, J.A., Santosa, A.E.: TRACER: a symbolic execution tool for verification. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 758–766. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  30. 30.
    Kafle, B., Gallagher, J.P.: Constraint specialisation in Horn clause verification. In: Asai, K., Sagonas, K. (eds.) Proceedings Workshop on PEPM, PEPM, Mumbai, India, 15–17 January 2015, pp. 85–90. ACM (2015)Google Scholar
  31. 31.
    Kafle, B., Gallagher, J.P.: Horn clause verification with convex polyhedral abstraction and tree automata-based refinement. Comput. Lang. Syst. Struct. (2015, In press). http://www.sciencedirect.com/science/article/pii/S1477842415000822, doi:10.1016/j.cl.2015.11.001
  32. 32.
    Kafle, B., Gallagher, J.P.: Interpolant tree automata and their application in Horn clause verification. CoRR, abs/1601.06521 (2016)Google Scholar
  33. 33.
    McMillan, K.L.: Interpolants from Z3 proofs. In: Bjesse, P., Slobodová, A. (eds.) FMCAD 2011, Austin, TX, USA, 30 October–02 November 2011, pp. 19–27. FMCAD Inc. (2011)Google Scholar
  34. 34.
    McMillan, K.L., Rybalchenko, A.: Solving constrained Horn clauses using interpolation. Technical report, Microsoft Research (2013)Google Scholar
  35. 35.
    Piterman, N., Smolka, S.A. (eds.): TACAS 2013 (ETAPS 2013). LNCS, vol. 7795. Springer, Heidelberg (2013)MATHGoogle Scholar
  36. 36.
    Rybalchenko, A., Sofronie-Stokkermans, V.: Constraint solving for interpolation. J. Symb. Comput. 45(11), 1212–1233 (2010)MathSciNetCrossRefMATHGoogle Scholar
  37. 37.
    Wang, W., Jiao, L.: Trace abstraction refinement for solving Horn clauses. Technical report ISCAS-SKLCS-15-19, SCAS-SKLCS, December 2015. http://lcs.ios.ac.cn/wangwf/TechReportISCAS-SKLCS-15-19.pdf

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Bishoksan Kafle
    • 1
  • John P. Gallagher
    • 1
    • 2
  • José F. Morales
    • 2
  1. 1.Roskilde UniversityRoskildeDenmark
  2. 2.IMDEA Software InstituteMadridSpain

Personalised recommendations