Hostname: page-component-76fb5796d-25wd4 Total loading time: 0 Render date: 2024-04-25T17:52:29.770Z Has data issue: false hasContentIssue false
  • English
  • Français

Proving correctness of imperative programs by linearizing constrained Horn clauses

Published online by Cambridge University Press:  03 September 2015

EMANUELE DE ANGELIS ,
FABIO FIORAVANTI ,
ALBERTO PETTOROSSI  and
MAURIZIO PROIETTI
EMANUELE DE ANGELIS
Affiliation:
DEC, University ‘G. d'Annunzio’, Pescara, Italy (e-mail: emanuele.deangelis@unich.it, fabio.fioravanti@unich.it)
FABIO FIORAVANTI
Affiliation:
DEC, University ‘G. d'Annunzio’, Pescara, Italy (e-mail: emanuele.deangelis@unich.it, fabio.fioravanti@unich.it)
ALBERTO PETTOROSSI
Affiliation:
DICII, Università di Roma Tor Vergata, Roma, Italy (e-mail: pettorossi@disp.uniroma2.it)
MAURIZIO PROIETTI
Affiliation:
CNR-IASI, Roma, Italy (e-mail: maurizio.proietti@iasi.cnr.it)
Get access Rights & Permissions [Opens in a new window]

Abstract

We present a method for verifying the correctness of imperative programs which is based on the automated transformation of their specifications. Given a program prog, we consider a partial correctness specification of the form {ϕ}, prog {ψ}, where the assertions ϕ and ψ are predicates defined by a set Spec of possibly recursive Horn clauses with linear arithmetic (LA) constraints in their premise (also called constrained Horn clauses). The verification method consists in constructing a set PC of constrained Horn clauses whose satisfiability implies that {ϕ}, prog, {ψ} is valid. We highlight some limitations of state-of-the-art constrained Horn clause solving methods, here called LA-solving methods, which prove the satisfiability of the clauses by looking for linear arithmetic interpretations of the predicates. In particular, we prove that there exist some specifications that cannot be proved valid by any of those LA-solving methods. These specifications require the proof of satisfiability of a set PC of constrained Horn clauses that contain nonlinear clauses (that is, clauses with more than one atom in their premise). Then, we present a transformation, called linearization, that converts PC into a set of linear clauses (that is, clauses with at most one atom in their premise). We show that several specifications that could not be proved valid by LA-solving methods, can be proved valid after linearization. We also present a strategy for performing linearization in an automatic way and we report on some experimental results obtained by using a preliminary implementation of our method.

Keywords

Program verificationPartial correctness specificationsHorn clausesConstraint Logic ProgrammingProgram transformation
Type
Regular Papers
Information
Theory and Practice of Logic Programming , Volume 15 , Special Issue 4-5: 31st International Conference on Logic Programming , July 2015 , pp. 635 - 650
Copyright
Copyright © Cambridge University Press 2015 

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Albert, E., Gómez-Zamalloa, M., Hubert, L., and Puebla, G. 2007. Verification of Java Bytecode Using Analysis and Transformation of Logic Programs. In Practical Aspects of Declarative Languages, Hanus, M., Ed. Lecture Notes in Computer Science 4354. Springer, 124139.Google Scholar
Apt, K. R., de Boer, F. S., and Olderog, E.-R. 2009. Verification of Sequential and Concurrent Programs, Third Edition, Springer.CrossRefGoogle Scholar
Benoy, F. and King, A. 1997. Inferring argument size relationships with CLP(R). In Proceedings of the 6th International Workshop on Logic Program Synthesis and Transformation, LOPSTR '96, Stockholm, Sweden, August 28-30, 1996, Gallagher, J. P., Ed. Lecture Notes in Computer Science 1207. Springer, 204223.Google Scholar
Bjørner, N., McMillan, K., and Rybalchenko, A. 2012. Program verification as satisfiability modulo theories. In Proceedings of the 10th International Workshop on Satisfiability Modulo Theories, SMT-COMP '12. 311.Google Scholar
Cimatti, A., Griggio, A., Schaafsma, B., and Sebastiani, R. 2013. The MathSAT5 SMT Solver. In Proceedings of TACAS, Piterman, N. and Smolka, S., Eds. Lecture Notes in Computer Science 7795. Springer, 93107.Google Scholar
Cousot, P. and Cousot, R. 1977. Abstract interpretation: A unified lattice model for static analysis of programs by construction of approximation of fixpoints. In Proceedings of the 4th ACM-SIGPLAN Symposium on Principles of Programming Languages, POPL '77. ACM, 238252.Google Scholar
Cousot, P. and Halbwachs, N. 1978. Automatic discovery of linear restraints among variables of a program. In Proceedings of the Fifth ACM Symposium on Principles of Programming Languages, POPL '78. ACM, 8496.Google Scholar
De Angelis, E., Fioravanti, F., Pettorossi, A., and Proietti, M. 2014a. Program verification via iterated specialization. Science of Computer Programming 95, Part 2, 149–175. Selected and extended papers from Partial Evaluation and Program Manipulation 2013.Google Scholar
De Angelis, E., Fioravanti, F., Pettorossi, A., and Proietti, M. 2014b. VeriMAP: A Tool for Verifying Programs through Transformations. In Proceedings of the 20th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS '14. Lecture Notes in Computer Science 8413. Springer, 568574. Available at: http://www.map.uniroma2.it/VeriMAP.Google Scholar
de Moura, L. M. and Bjørner, N. 2008. Z3: An efficient SMT solver. In Proceedings of the 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS '08. Lecture Notes in Computer Science 4963. Springer, 337340.Google Scholar
De Schreye, D., Glück, R., Jørgensen, J., Leuschel, M., Martens, B., and Sørensen, M. H. 1999. Conjunctive Partial Deduction: Foundations, Control, Algorithms, and Experiments. Journal of Logic Programming 41, 2–3, 231277.CrossRefGoogle Scholar
Etalle, S. and Gabbrielli, M. 1996. Transformations of CLP modules. Theoretical Computer Science 166, 101146.Google Scholar
Felsing, D., Grebing, S., Klebanov, V., Rümmer, P., and Ulbrich, M. 2014. Automating Regression Verification. In Proceedings of the 29th ACM/IEEE International Conference on Automated Software Engineering, ASE '14. ACM, 349360.CrossRefGoogle Scholar
Fioravanti, F., Pettorossi, A., Proietti, M., and Senni, V. 2013. Generalization strategies for the verification of infinite state systems. Theory and Practice of Logic Programming. Special Issue on the 25th Annual GULP Conference 13, 2, 175199.CrossRefGoogle Scholar
Grebenshchikov, S., Lopes, N. P., Popeea, C., and Rybalchenko, A. 2012. Synthesizing software verifiers from proof rules. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '12. 405416.Google Scholar
Hoare, C. 1969. An Axiomatic Basis for Computer Programming. CACM 12, 10 (October), 576580, 583.Google Scholar
Jaffar, J. and Maher, M. 1994. Constraint logic programming: A survey. Journal of Logic Programming 19/20, 503581.CrossRefGoogle Scholar
Jaffar, J., Murali, V., Navas, J. A., and Santosa, A. E. 2012. TRACER: A Symbolic Execution Tool for Verification. In Proceedings 24th International Conference on Computer Aided Verification, CAV '12. Lecture Notes in Computer Science 7358. Springer, 758766. http://paella.d1.comp.nus.edu.sg/tracer/.CrossRefGoogle Scholar
Kafle, B. and Gallagher, J. P. 2015. Constraint Specialisation in Horn Clause Verification. In Proceedings of the 2015 Workshop on Partial Evaluation and Program Manipulation, PEPM '15, Mumbai, India, January 15–17, 2015. ACM, 8590.Google Scholar
Lloyd, J. W. 1987. Foundations of Logic Programming. Springer, Berlin. 2nd Edition.CrossRefGoogle Scholar
Leuschel, M. and Massart, T. 2000. Infinite state model checking by abstract interpretation and program specialization. In Proceedings of the 9th International Workshop on Logic-based Program Synthesis and Transformation (LOPSTR '99), Venezia, Italy, Bossi, A., Ed. Lecture Notes in Computer Science 1817. Springer, 6382.Google Scholar
Lisitsa, A. and Nemytykh, A. P. 2008. Reachability analysis in verification via supercompilation. Int. J. Found. Comput. Sci. 19, 4, 953969.CrossRefGoogle Scholar
Matijasevic, Y. V. 1970. Enumerable sets are diophantine. Doklady Akademii Nauk SSSR (in Russian) 191, 279282.Google Scholar
Peralta, J. C., Gallagher, J. P., and Saglam, H. 1998. Analysis of Imperative Programs through Analysis of Constraint Logic Programs. In Proceedings of the 5th International Symposium on Static Analysis, SAS '98, Levi, G., Ed. Lecture Notes in Computer Science 1503. Springer, 246261.Google Scholar
Podelski, A. and Rybalchenko, A. 2007. ARMC: The Logical Choice for Software Model Checking with Abstraction Refinement. In Practical Aspects of Declarative Languages, PADL '07, Hanus, M., Ed. Lecture Notes in Computer Science 4354. Springer, 245259.Google Scholar
Reynolds, C. J. 1998. Theories of Programming Languages. Cambridge University Press.Google Scholar
Rodríguez-Carbonell, E. and Kapur, D. 2007a. Automatic generation of polynomial invariants of bounded degree using abstract interpretation. Sci. Comput. Program. 64, 1, 5475.Google Scholar
Rodríguez-Carbonell, E. and Kapur, D. 2007b. Generating all polynomial invariants in simple loops. J. Symb. Comput. 42, 4, 443476.Google Scholar
Rümmer, P., Hojjat, H., and Kuncak, V. 2013. Disjunctive interpolants for Horn-clause verification. In Proceedings of the 25th International Conference on Computer Aided Verification, CAV '13, Saint Petersburg, Russia, July 13–19, 2013, Sharygina, N. and Veith, H., Eds. Lecture Notes in Computer Science 8044. Springer, 347363.Google Scholar
Sebelik, J. and Stepánek, P. 1982. Horn clause programs for recursive functions. In Logic Programming, Clark, K. L. and Tärnlund, S.-A., Eds. Academic Press, 325340.Google Scholar
Supplementary material: PDF

De Angelis supplementary material

Online Appendix

Download De Angelis supplementary material(PDF)
PDF 113.2 KB