Alloy*: A Higher-Order Relational Constraint Solver

The last decade has seen a dramatic growth in the use of constraint solvers as a computational mechanism, not only for analysis and synthesis of software, but also at runtime. Solvers are available for a variety of logics but are generally restricted to first-order formulas. Some tasks, however, most notably those involving synthesis, are inherently higher order; these are typically handled by embedding a first-order solver (such as a SAT or SMT solver) in a domain-specific algorithm. Using strategies similar to those used in such algorithms, we show how to extend a first-order solver (in this case Kodkod, a model finder for relational logic used as the engine of the Alloy Analyzer) so that it can handle quantifications over higher-order structures. The resulting solver is sufficiently general that it can be applied to a range of problems; it is higher order, so that it can be applied directly, without embedding in another algorithm; and it performs well enough to be competitive with specialized tools on standard benchmarks. Although the approach is demonstrated for a particular relational logic, the principles behind it could be applied to other first-order solvers. Just as the identification of first-order solvers as reusable backends advanced the performance of specialized tools and simplified their architecture, factoring out higher-order solvers may bring similar benefits to a new class of tools.

[1]  Kathi Fisler,et al.  The Margrave Tool for Firewall Analysis , 2010, LISA.

[2]  Daniel Jackson,et al.  Software Abstractions - Logic, Language, and Analysis , 2006 .

[3]  Ruzica Piskac,et al.  Comfusy: A Tool for Complete Functional Synthesis , 2010, CAV.

[4]  Emina Torlak,et al.  Kodkod: A Relational Model Finder , 2007, TACAS.

[5]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[6]  Sumit Gulwani,et al.  Automated feedback generation for introductory programming assignments , 2012, ACM-SIGPLAN Symposium on Programming Language Design and Implementation.

[7]  Daniel Jackson,et al.  αRby - An Embedding of Alloy in Ruby , 2014, ABZ.

[8]  Armando Solar-Lezama,et al.  A language for automatically enforcing privacy policies , 2012, POPL '12.

[9]  K. Rustan M. Leino,et al.  Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.

[10]  Gregory D. Dennis A relational framework for bounded program verification , 2009 .

[11]  Sarfraz Khurshid,et al.  TestEra: a novel framework for automated testing of Java programs , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[12]  José Nuno Oliveira,et al.  Logic Training through Algorithmic Problem Solving , 2011, TICTTL.

[13]  P. Erdos,et al.  On the evolution of random graphs , 1984 .

[14]  Sumit Gulwani,et al.  Spreadsheet data manipulation using examples , 2012, CACM.

[15]  K. Rustan M. Leino,et al.  Program extrapolation with jennisys , 2012, OOPSLA '12.

[16]  Kathi Fisler,et al.  Aluminum: Principled scenario exploration through minimality , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[17]  Rajeev Alur,et al.  Syntax-guided synthesis , 2013, 2013 Formal Methods in Computer-Aided Design.

[18]  Andreas Schaad,et al.  A lightweight approach to specification and analysis of role-based access control extensions , 2002, SACMAT '02.

[19]  Emina Torlak,et al.  Growing solver-aided languages with rosette , 2013, Onward!.

[20]  Tevfik Bultan,et al.  Automated verification of access control policies using a SAT solver , 2008, International Journal on Software Tools for Technology Transfer.

[21]  Kenneth L. McMillan,et al.  Program Verication as Satisability Modulo Theories , 2012 .

[22]  Derek Rayside,et al.  Unifying execution of imperative and declarative code , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[23]  Marcelo F. Frias,et al.  Parallel bounded analysis in code with rich invariants by refinement of field bounds , 2013, ISSTA.

[24]  Todd D. Millstein,et al.  Falling Back on Executable Specifications , 2010, ECOOP.

[25]  Nikolaj Bjørner,et al.  Efficient E-Matching for SMT Solvers , 2007, CADE.

[26]  Derek Rayside,et al.  On the simplicity of synthesizing linked data structure operations , 2014 .

[27]  Sumit Gulwani,et al.  Oracle-guided component-based program synthesis , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[28]  Derek Rayside,et al.  Synthesizing iterators from abstraction functions , 2012, GPCE '12.

[29]  Sanjit A. Seshia,et al.  Combinatorial sketching for finite programs , 2006, ASPLOS XII.

[30]  K. Rustan M. Leino,et al.  Co-induction Simply - Automatic Co-inductive Proofs in a Program Verifier , 2014, FM.

[31]  Marcelo F. Frias,et al.  Analysis of invariants for efficient bounded verification , 2010, ISSTA '10.

[32]  Bor-Yuh Evan Chang,et al.  Boogie: A Modular Reusable Verifier for Object-Oriented Programs , 2005, FMCO.

[33]  Viktor Kuncak,et al.  Constraints as control , 2012, POPL '12.

[34]  M. Aigner Turán’s graph theorem , 1995 .

[35]  B. Bollobás The evolution of random graphs , 1984 .

[36]  Kathi Fisler,et al.  Verification and change-impact analysis of access-control policies , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..

[37]  Emina Torlak,et al.  A constraint solver for software engineering: finding models and cores of large relational specifications , 2009 .

[38]  Nikolaj Bjørner,et al.  Program Verification as Satisfiability Modulo Theories , 2013, SMT@IJCAR.

[39]  Patrick Maxim Rondon,et al.  Liquid types , 2008, PLDI '08.

[40]  Sumit Gulwani,et al.  Path-based inductive synthesis for program inversion , 2011, PLDI '11.

[41]  Rishabh Singh,et al.  Synthesizing data structure manipulations from storyboards , 2011, ESEC/FSE '11.

[42]  Rupak Majumdar,et al.  HMC: Verifying Functional Programs Using Abstract Interpreters , 2011, CAV.