Identifying Overly Restrictive Matching Patterns in SMT-based Program Verifiers (extended version)

Universal quantifiers occur frequently in proof obligations produced by program verifiers, for instance, to axiomatize uninterpreted functions and to express properties of arrays. SMT-based verifiers typically reason about them via E-matching, an SMT algorithm that requires syntactic matching patterns to guide the quantifier instantiations. Devising good matching patterns is challenging. In particular, overly restrictive patterns may lead to spurious verification errors if the quantifiers needed for a proof are not instantiated; they may also conceal unsoundness caused by inconsistent axiomatizations. In this paper, we present the first technique that identifies and helps the users remedy the effects of overly restrictive matching patterns. We designed a novel algorithm to synthesize missing triggering terms required to complete a proof. Tool developers can use this information to refine their matching patterns and prevent similar verification errors, or to fix a detected unsoundness.

[1]  Tiziana Margaria,et al.  Tools and algorithms for the construction and analysis of systems: a special issue for TACAS 2017 , 2001, International Journal on Software Tools for Technology Transfer.

[2]  Annabelle McIver,et al.  Logic for Programming, Artificial Intelligence, and Reasoning , 2015, Lecture Notes in Computer Science.

[3]  K. Rustan M. Leino,et al.  Reasoning about comprehensions with first-order SMT solvers , 2009, SAC '09.

[4]  K. Rustan M. Leino,et al.  Practical Reasoning About Invocations and Implementations of Pure Methods , 2007, FASE.

[5]  Pascal Fontaine,et al.  Revisiting Enumerative Instantiation , 2018, TACAS.

[6]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[7]  Viktor Kuncak,et al.  Counterexample-Guided Quantifier Instantiation for Synthesis in SMT , 2015, CAV.

[8]  Wolfram Schulte,et al.  VCC: Contract-based modular verification of concurrent C , 2009, 2009 31st International Conference on Software Engineering - Companion Volume.

[9]  Christopher L. Conway,et al.  Cvc4 , 2011, CAV.

[10]  Bor-Yuh Evan Chang,et al.  Boogie: A Modular Reusable Verifier for Object-Oriented Programs , 2005, FMCO.

[11]  K. Rustan M. Leino,et al.  Verification of Equivalent-Results Methods , 2008, ESOP.

[12]  Peter Müller,et al.  Checking Well-Formedness of Pure-Method Specifications , 2008, FM.

[13]  Geoff Sutcliffe The CADE ATP System Competition - CASC , 2016, AI Mag..

[14]  Nikolaj Bjørner,et al.  AVATAR Modulo Theories , 2016, GCAI.

[15]  K. Rustan M. Leino,et al.  A Polymorphic Intermediate Verification Language: Design and Logical Encoding , 2010, TACAS.

[16]  Leonardo Mendonça de Moura,et al.  Complete Instantiation for Quantified Formulas in Satisfiabiliby Modulo Theories , 2009, CAV.

[17]  Michał Moskal,et al.  Programming with triggers , 2009, SMT '09.

[18]  K. Rustan M. Leino,et al.  Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.

[19]  David Detlefs,et al.  Simplify: a theorem prover for program checking , 2005, JACM.

[20]  M. Gario,et al.  PySMT: a Solver-Agnostic Library for Fast Prototyping of SMT-Based Algorithms , 2015 .

[21]  Cesare Tinelli,et al.  Towards Bit-Width-Independent Proofs in SMT Solvers , 2019, CADE.

[22]  Andrei Voronkov,et al.  First-Order Theorem Proving and Vampire , 2013, CAV.

[23]  Marieke Huisman,et al.  VerCors: A Layered Approach to Practical Verification of Concurrent Software , 2016, 2016 24th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP).

[24]  Franz Baader,et al.  Unification theory , 1986, Decis. Support Syst..

[25]  Peter Müller,et al.  Nagini: A Static Verifier for Python , 2018, CAV.

[26]  Shuvendu K. Lahiri,et al.  A Reachability Predicate for Analyzing Low-Level Software , 2007, TACAS.

[27]  Philipp Rümmer,et al.  E-Matching with Free Variables , 2012, LPAR.

[28]  Juan Chen,et al.  Verifying higher-order programs with the dijkstra monad , 2013, PLDI.

[29]  Peter Müller,et al.  Leveraging rust types for modular specification and verification , 2019, Proc. ACM Program. Lang..

[30]  Benjamin Livshits,et al.  Verifying higher-order programs with the dijkstra monad , 2013, PLDI.

[31]  Peter Müller,et al.  Gobra: Modular Specification and Verification of Go Programs (extended version) , 2021, CAV.

[32]  Andrei Voronkov,et al.  AVATAR: The Architecture for First-Order Theorem Provers , 2014, CAV.

[33]  Clark W. Barrett,et al.  The SMT-LIB Standard Version 2.0 , 2010 .

[34]  Peter Müller,et al.  Viper: A Verification Infrastructure for Permission-Based Reasoning , 2016, VMCAI.

[35]  Peter Müller,et al.  Verification Condition Generation for Permission Logics with Abstract Predicates and Abstraction Functions , 2013, ECOOP.

[36]  Pierre-Yves Strub,et al.  Dependent types and multi-monadic effects in F* , 2016, POPL.

[37]  Nachum Dershowitz,et al.  In handbook of automated reasoning , 2001 .