Tree Automata-Based Refinement with Application to Horn Clause Verification

In this paper we apply tree-automata techniques to refinement of abstract interpretation in Horn clause verification. We go beyond previous work on refining trace abstractions; firstly we handle tree automata rather than string automata and thereby can capture traces in any Horn clause derivations rather than just transition systems; secondly, we show how algorithms manipulating tree automata interact with abstract interpretations, establishing progress in refinement and generating refined clauses that eliminate causes of imprecision. We show how to derive a refined set of Horn clauses in which given infeasible traces have been eliminated, using a recent optimised algorithm for tree automata determinisation. We also show how we can introduce disjunctive abstractions selectively by splitting states in the tree automaton. The approach is independent of the abstract domain and constraint theory underlying the Horn clauses. Experiments using linear constraint problems and the abstract domain of convex polyhedra show that the refinement technique is practical and that iteration of abstract interpretation with tree automata-based refinement solves many challenging Horn clause verification problems. We compare the results with other state of the art Horn clause verification tools.

[1]  Viktor Kuncak,et al.  Disjunctive Interpolants for Horn-Clause Verification , 2013, CAV.

[2]  John P. Gallagher,et al.  An Optimised Algorithm for Determinisation and Completion of Finite Tree Automata , 2015, ArXiv.

[3]  Nicolas Halbwachs,et al.  Verification of Linear Hybrid Systems by Means of Convex Approximations , 1994, SAS.

[4]  Ashutosh Gupta,et al.  HSF(C): A Software Verifier Based on Horn Clauses - (Competition Contribution) , 2012, TACAS.

[5]  Giorgio Levi,et al.  Abstract Interpretation based Verification of Logic Programs , 1999, Electron. Notes Theor. Comput. Sci..

[6]  Hubert Comon,et al.  Tree automata techniques and applications , 1997 .

[7]  Jorge A. Navas,et al.  TRACER: A Symbolic Execution Tool for Verification , 2012, CAV.

[8]  Supratik Chakraborty,et al.  Automatically Refining Abstract Interpretations , 2008, TACAS.

[9]  Andy King,et al.  Inferring Argument Size Relationships with CLP(R) , 1996, LOPSTR.

[10]  Marsha Chechik,et al.  Craig Interpretation , 2012, SAS.

[11]  Nikolaj Bjørner,et al.  On Solving Universally Quantified Horn Clauses , 2013, SAS.

[12]  Roberto Bagnara,et al.  The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems , 2006, Sci. Comput. Program..

[13]  John P. Gallagher,et al.  Analysis of Imperative Programs through Analysis of Constraint Logic Programs , 1998, SAS.

[14]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[15]  Heinrich Müller,et al.  Effiziente Methoden der geometrischen Modellierung und der wissenschaftlichen Visualisierung, Dagstuhl Seminar 1997 , 1999, Effiziente Methoden der geometrischen Modellierung und der wissenschaftlichen Visualisierung.

[16]  John P. Gallagher,et al.  Analysis and Transformation Tools for Constrained Horn Clause Verification , 2014, ArXiv.

[17]  Ashutosh Gupta,et al.  InvGen: An Efficient Invariant Generator , 2009, CAV.

[18]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[19]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[20]  Jochen Hoenicke,et al.  Nested interpolants , 2010, POPL '10.

[21]  Dirk Beyer,et al.  Second Competition on Software Verification - (Summary of SV-COMP 2013) , 2013, TACAS.

[22]  Proceedings of the 2001 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), Snowbird, Utah, USA, June 20-22, 2001 , 2001, PLDI.

[23]  Jochen Hoenicke,et al.  Refinement of Trace Abstraction , 2009, SAS.

[24]  S. Rajamani,et al.  A decade of software model checking with SLAM , 2011, Commun. ACM.

[25]  Alberto Pettorossi,et al.  Verifying programs via iterated specialization , 2013, PEPM '13.

[26]  Michael J. Maher,et al.  Constraint Logic Programming: A Survey , 1994, J. Log. Program..

[27]  Alan Bundy,et al.  Logic Program Synthesis via Proof Planning , 1992, LOPSTR.

[28]  Bertrand Jeannet,et al.  Widening with Thresholds for Programs with Complex Control Graphs , 2011, ATVA.

[29]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[30]  Robert F. Stärk A Direct Proof for the Completeness of SLD-Resolution , 1989, CSL.

[31]  Conference Record of POPL 2002: The 29th SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Portland, OR, USA, January 16-18, 2002 , 2002, POPL.

[32]  Jorge A. Navas,et al.  Failure tabled constraint logic programming by interpolation , 2013, Theory Pract. Log. Program..

[33]  Giorgio Levi,et al.  Abstract interpretation based verification of logic programs , 2003, Sci. Comput. Program..

[34]  Alberto Pettorossi,et al.  VeriMAP: A Tool for Verifying Programs through Transformations , 2014, TACAS.

[35]  John P. Gallagher,et al.  Regular Approximation of Computation Paths in Logic and Functional Languages , 1996, Dagstuhl Seminar on Partial Evaluation.

[36]  Andreas Podelski,et al.  ARMC: The Logical Choice for Software Model Checking with Abstraction Refinement , 2007, PADL.

[37]  Ashutosh Gupta,et al.  Solving Recursion-Free Horn Clauses over LI+UIF , 2011, APLAS.

[38]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[39]  Olivier Danvy,et al.  Partial evaluation , 2003 .