Rahft: A Tool for Verifying Horn Clauses Using Abstract Interpretation and Finite Tree Automata

We present Rahft (Refinement of Abstraction in Horn clauses using Finite Tree automata), an abstraction refinement tool for verifying safety properties of programs expressed as Horn clauses. The paper describes the architecture, strength and weakness, implementation and usage aspects of the tool. Rahft loosely combines three powerful techniques for program verification: (i) program specialisation, (ii) abstract interpretation, and (iii) trace abstraction refinement in a non-trivial way, with the aim of exploiting their strengths and mitigating their weaknesses through the complementary techniques. It is interfaced with an abstract domain, a tool for manipulating finite tree automata and various solvers for reasoning about constraints. Its modular design and customizable components allows for experimenting with new verification techniques and tools developed for Horn clauses.

[1]  Michael J. Maher,et al.  Constraint Logic Programming: A Survey , 1994, J. Log. Program..

[2]  Ashutosh Gupta,et al.  InvGen: An Efficient Invariant Generator , 2009, CAV.

[3]  Supratik Chakraborty,et al.  Automatically Refining Abstract Interpretations , 2008, TACAS.

[4]  David Maier,et al.  Magic sets and other strange ways to implement logic programs (extended abstract) , 1985, PODS '86.

[5]  Dirk Beyer,et al.  Second Competition on Software Verification - (Summary of SV-COMP 2013) , 2013, TACAS.

[6]  Jochen Hoenicke,et al.  Refinement of Trace Abstraction , 2009, SAS.

[7]  Andrey Rybalchenko,et al.  Synthesizing software verifiers from proof rules , 2012, PLDI.

[8]  Alberto Pettorossi,et al.  VeriMAP: A Tool for Verifying Programs through Transformations , 2014, TACAS.

[9]  Nikolaj Bjørner,et al.  On Solving Universally Quantified Horn Clauses , 2013, SAS.

[10]  Roberto Bagnara,et al.  The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems , 2006, Sci. Comput. Program..

[11]  Zohar Manna,et al.  Property-directed incremental invariant generation , 2008, Formal Aspects of Computing.

[12]  Weifeng Wang,et al.  Trace Abstraction Refinement for Solving Horn Clauses , 2016, Comput. J..

[13]  Jorge A. Navas,et al.  IKOS: A Framework for Static Analysis Based on Abstract Interpretation , 2014, SEFM.

[14]  Jorge A. Navas,et al.  The SeaHorn Verification Framework , 2015, CAV.

[15]  Agostino Cortesi,et al.  A Survey on Product Operators in Abstract Interpretation , 2013, Festschrift for Dave Schmidt.

[16]  Jorge A. Navas,et al.  TRACER: A Symbolic Execution Tool for Verification , 2012, CAV.

[17]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[18]  K. McMillan,et al.  Solving Constrained Horn Clauses using Interpolation , 2013 .

[19]  John P. Gallagher,et al.  Constraint specialisation in Horn clause verification , 2017, Sci. Comput. Program..

[20]  Saumya K. Debray,et al.  Abstract Interpretation of Logic Programs using Magic Transformations , 1994, J. Log. Program..

[21]  Patrick Cousot,et al.  The Reduced Product of Abstract Domains and the Combination of Decision Procedures , 2011, FoSSaCS.

[22]  Dirk Beyer Software Verification and Verifiable Witnesses - (Report on SV-COMP 2015) , 2015, TACAS.

[23]  Viorica Sofronie-Stokkermans,et al.  Constraint solving for interpolation , 2007, J. Symb. Comput..

[24]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[25]  Alberto Pettorossi,et al.  Program verification via iterated specialization , 2014, Sci. Comput. Program..

[26]  John P. Gallagher,et al.  Analysis and Transformation Tools for Constrained Horn Clause Verification , 2014, ArXiv.

[27]  John P. Gallagher,et al.  Horn clause verification with convex polyhedral abstraction and tree automata-based refinement , 2017, Comput. Lang. Syst. Struct..

[28]  John P. Gallagher,et al.  Interpolant tree automata and their application in Horn clause verification , 2016, VPT@ETAPS.

[29]  Kenneth L. McMillan,et al.  Interpolants from Z3 proofs , 2011, 2011 Formal Methods in Computer-Aided Design (FMCAD).

[30]  John P. Gallagher,et al.  An Optimised Algorithm for Determinisation and Completion of Finite Tree Automata , 2015, ArXiv.

[31]  Viktor Kuncak,et al.  A Verification Toolkit for Numerical Transition Systems - Tool Paper , 2012, FM.

[32]  Alberto Griggio,et al.  The MathSAT5 SMT Solver , 2013, TACAS.

[33]  Manuel V. Hermenegildo,et al.  An overview of Ciao and its design philosophy , 2011, Theory and Practice of Logic Programming.

[34]  Michael Codish,et al.  Meta-circular Abstract Interpretation in Prolog , 2002, The Essence of Computation.

[35]  Bruno Dutertre,et al.  Yices 2.2 , 2014, CAV.