skip to main content
research-article
Open Access

Software model-checking as cyclic-proof search

Published:12 January 2022Publication History
Skip Abstract Section

Abstract

This paper shows that a variety of software model-checking algorithms can be seen as proof-search strategies for a non-standard proof system, known as a cyclic proof system. Our use of the cyclic proof system as a logical foundation of software model checking enables us to compare different algorithms, to reconstruct well-known algorithms from a few simple principles, and to obtain soundness proofs of algorithms for free. Among others, we show the significance of a heuristics based on a notion that we call maximal conservativity; this explains the cores of important algorithms such as property-directed reachability (PDR) and reveals a surprising connection to an efficient solver of games over infinite graphs that was not regarded as a kind of PDR.

References

  1. Aws Albarghouthi and Kenneth L. McMillan. 2013. Beautiful Interpolants. In CAV ’13 (LNCS, Vol. 8044). Springer, 313–329. https://doi.org/10.1007/978-3-642-39799-8_22 Google ScholarGoogle ScholarCross RefCross Ref
  2. Thomas Ball, Byron Cook, Vladimir Levin, and Sriram K. Rajamani. 2004. SLAM and Static Driver Verifier: Technology Transfer of Formal Methods inside Microsoft. In Integrated Formal Methods. Springer, 1–20. https://doi.org/10.1007/978-3-540-24756-2_1 Google ScholarGoogle ScholarCross RefCross Ref
  3. Thomas Ball, Rupak Majumdar, Todd Millstein, and Sriram K. Rajamani. 2001. Automatic predicate abstraction of C programs. In PLDI ’01. ACM, 203–213. https://doi.org/10.1145/378795.378846 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Thomas Ball and Sriram K. Rajamani. 2002. The SLAM project: debugging system software via static analysis. In POPL ’02. ACM, 1–3. https://doi.org/10.1145/503272.503274 Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Josh Berdine, Cristiano Calcagno, and Peter W. O’Hearn. 2004. A Decidable Fragment of Separation Logic. In FSTTCS ’04 (LNCS, Vol. 3328). Springer, 97–109. https://doi.org/10.1007/b104325 Google ScholarGoogle ScholarCross RefCross Ref
  6. Dirk Beyer and Matthias Dangl. 2020. Software Verification with PDR: An Implementation of the State of the Art. In TACAS ’20. Springer, 3–21. https://doi.org/10.1007/978-3-030-45190-5_1 Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Dirk Beyer, Matthias Dangl, and Philipp Wendler. 2018. A Unifying View on SMT-Based Software Verification. Journal of Automated Reasoning, 60, 3 (2018), 299––335. https://doi.org/10.1007/s10817-017-9432-6 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Dirk Beyer, Thomas A. Henzinger, and Grégory Théoduloz. 2007. Configurable Software Verification: Concretizing the Convergence of Model Checking and Program Analysis. In CAV ’07. Springer, 504–518. https://doi.org/10.1007/978-3-540-73368-3_51 Google ScholarGoogle ScholarCross RefCross Ref
  9. D. Beyer, T. A. Henzinger, and G. Theoduloz. 2008. Program Analysis with Dynamic Precision Adjustment. In ASE ’08. IEEE, 29–38. https://doi.org/10.1109/ASE.2008.13 Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Dirk Beyer and M. Erkan Keremoglu. 2011. CPAchecker: A Tool for Configurable Software Verification. In CAV ’11. Springer, 184–190. https://doi.org/10.1007/978-3-642-22110-1_16 Google ScholarGoogle ScholarCross RefCross Ref
  11. D. Beyer and P. Wendler. 2012. Algorithms for software model checking: Predicate abstraction vs. Impact. In FMCAD ’12. IEEE, 106–113.Google ScholarGoogle Scholar
  12. Armin Biere, Alessandro Cimatti, Edmund Clarke, and Yunshan Zhu. 1999. Symbolic Model Checking without BDDs. In TACAS ’99. Springer, 193–207. https://doi.org/10.1007/3-540-49059-0_14 Google ScholarGoogle ScholarCross RefCross Ref
  13. Johannes Birgmeier, Aaron R. Bradley, and Georg Weissenbacher. 2014. Counterexample to Induction-Guided Abstraction-Refinement (CTIGAR). In CAV ’14. Springer, 831–848. https://doi.org/10.1007/978-3-319-08867-9_55 Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Nikolaj Bjørner, Arie Gurfinkel, Kenneth L. McMillan, and Andrey Rybalchenko. 2015. Horn Clause Solvers for Program Verification. In Fields of Logic and Computation II: Essays Dedicated to Yuri Gurevich on the Occasion of His 75th Birthday (LNCS, Vol. 9300). Springer, 24–51. https://doi.org/10.1007/978-3-319-23534-9_2 Google ScholarGoogle ScholarCross RefCross Ref
  15. Aaron R. Bradley. 2011. SAT-based Model Checking Without Unrolling. In VMCAI ’11 (LNCS, Vol. 6538). Springer, 70–87. https://doi.org/10.1007/978-3-642-18275-4_7 Google ScholarGoogle ScholarCross RefCross Ref
  16. James Brotherston. 2005. Cyclic Proofs for First-Order Logic with Inductive Definitions. In TABLEAUX ’05 (LNCS, Vol. 3702). Springer, 78–92. https://doi.org/10.1007/11554554_8 Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. James Brotherston, Richard Bornat, and Cristiano Calcagno. 2008. Cyclic Proofs of Program Termination in Separation Logic. In POPL ’08. ACM, 101–112. https://doi.org/10.1145/1328438.1328453 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. James Brotherston, Dino Distefano, and Rasmus Lerchedahl Petersen. 2011. Automated Cyclic Entailment Proofs in Separation Logic. In CADE-23. Springer, 131–146. https://doi.org/10.1007/978-3-642-22438-6_12 Google ScholarGoogle ScholarCross RefCross Ref
  19. James Brotherston, Nikos Gorogiannis, and Rasmus L. Petersen. 2012. A Generic Cyclic Theorem Prover. In APLAS ’12. Springer, 350–367. https://doi.org/10.1007/978-3-642-35182-2_25 Google ScholarGoogle Scholar
  20. J. Brotherston and A. Simpson. 2011. Sequent calculi for induction and infinite descent. Journal of Logic and Computation, 21, 6 (2011), 1177–1216. https://doi.org/10.1093/logcom/exq052 Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Alan Bundy. 2001. The Automation of Proof by Mathematical Induction. In Handbook of Automated Reasoning. I, Elsevier, 845–911. https://doi.org/10.1016/b978-044450813-3/50015-1 Google ScholarGoogle ScholarCross RefCross Ref
  22. Wei-Ngan Chin, Cristina David, Huu Hai Nguyen, and Shengchao Qin. 2012. Automated Verification of Shape, Size and Bag Properties via User-Defined Predicates in Separation Logic. Sci. Comput. Program., 77, 9 (2012), 1006–1036. https://doi.org/10.1016/j.scico.2010.07.004 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Duc-Hiep Chu, Joxan Jaffar, and Minh-Thai Trinh. 2015. Automatic Induction Proofs of Data-structures in Imperative Programs. In PLDI ’15. ACM, 457–466. https://doi.org/10.1145/2737924.2737984 Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Alessandro Cimatti and Alberto Griggio. 2012. Software Model Checking via IC3. In CAV ’12. Springer, 277–293. https://doi.org/10.1007/978-3-642-31424-7_23 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Alessandro Cimatti, Alberto Griggio, Sergio Mover, and Stefano Tonetta. 2014. IC3 Modulo Theories via Implicit Predicate Abstraction. In TACAS ’14. Springer, 46–61. https://doi.org/10.1007/978-3-642-54862-8_4 Google ScholarGoogle ScholarCross RefCross Ref
  26. Edmund M. Clarke, Orna Grumberg, Somesh Jha, Yuan Lu, and Helmut Veith. 2003. Counterexample-guided abstraction refinement for symbolic model checking. J. ACM, 50, 5 (2003), 752–794. https://doi.org/10.1145/876638.876643 Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Michael A. Colón, Sriram Sankaranarayanan, and Henny B. Sipma. 2003. Linear Invariant Generation Using Non-linear Constraint Solving. In CAV ’03 (LNCS, Vol. 2725). Springer, 420–432. https://doi.org/10.1007/978-3-540-45069-6_39 Google ScholarGoogle Scholar
  28. William Craig. 1957. Three Uses of the Herbrand-Gentzen Theorem in Relating Model Theory and Proof Theory. Journal of Symbolic Logic, 22 (1957), 269–285. https://doi.org/10.2307/2963594 Google ScholarGoogle ScholarCross RefCross Ref
  29. Niklas Een, Alan Mishchenko, and Robert Brayton. 2011. Efficient Implementation of Property Directed Reachability. In FMCAD ’11. IEEE, 125–134.Google ScholarGoogle Scholar
  30. Constantin Enea, Mihaela Sighireanu, and Zhilin Wu. 2015. On Automated Lemma Generation for Separation Logic with Inductive Definitions. In ATVA ’15. Springer, 80–96. https://doi.org/10.1007/978-3-319-24953-7_7 Google ScholarGoogle ScholarCross RefCross Ref
  31. Azadeh Farzan and Zachary Kincaid. 2016. Linear Arithmetic Satisfiability via Strategy Improvement. In IJCAI ’16. AAAI Press, 735–743.Google ScholarGoogle Scholar
  32. Azadeh Farzan and Zachary Kincaid. 2017. Strategy Synthesis for Linear Arithmetic Games. Proceedings of the ACM on Programming Languages, 2, POPL (2017), Article 61, Dec., 30 pages. https://doi.org/10.1145/3158149 Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Cormac Flanagan. 2004. Automatic software model checking via constraint logic. Science of Computer Programming, 50, 1 (2004), 253–270. https://doi.org/10.1016/j.scico.2004.01.006 Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Pranav Garg, Daniel Neider, P. Madhusudan, and Dan Roth. 2016. Learning Invariants Using Decision Trees and Implication Counterexamples. In POPL ’16. ACM, 499–512. https://doi.org/10.1145/2837614.2837664 Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Susanne Graf and Hassen Saïdi. 1997. Construction of Abstract State Graphs with PVS. In CAV ’97 (LNCS, Vol. 1254). Springer, 72–83. https://doi.org/10.1007/3-540-63166-6_10 Google ScholarGoogle ScholarCross RefCross Ref
  36. Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Kenneth L. McMillan. 2004. Abstractions from proofs. In POPL ’04. ACM, 232–244. https://doi.org/10.1145/964001.964021 Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Grégoire Sutre. 2002. Lazy abstraction. In POPL ’02. ACM, 58–70. https://doi.org/10.1145/503272.503279 Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Kryštof Hoder and Nikolaj Bjørner. 2012. Generalized Property Directed Reachability. In SAT ’12. Springer, 157–171. https://doi.org/10.1007/978-3-642-31612-8_13 Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Radu Iosif, Adam Rogalewicz, and Jiri Simacek. 2013. The Tree Width of Separation Logic with Recursive Definitions. In CADE-24. Springer, 21–38. https://doi.org/10.1007/978-3-642-38574-2_2 Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Ranjit Jhala and Rupak Majumdar. 2009. Software Model Checking. ACM Comput. Surv., 41, 4 (2009), Article 21, Oct., 54 pages. https://doi.org/10.1145/1592434.1592438 Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Alexey Khoroshilov, Vadim Mutilin, Alexander Petrenko, and Vladimir Zakharov. 2010. Establishing Linux Driver Verification Process. In Perspectives of Systems Informatics. Springer, 165–176. https://doi.org/10.1007/978-3-642-11486-1_14 Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Daisuke Kimura, Koji Nakazawa, Tachio Terauchi, and Hiroshi Unno. 2020. Failure of Cut-Elimination in Cyclic Proofs of Separation Logic. Computer Software, 37, 1 (2020), 1_39–1_52. https://doi.org/10.11309/jssst.37.1_39 Google ScholarGoogle ScholarCross RefCross Ref
  43. Anvesh Komuravelli, Nikolaj Bjørner, Arie Gurfinkel, and Kenneth L. McMillan. 2015. Compositional Verification of Procedural Programs Using Horn Clauses over Integers and Arrays. In FMCAD ’15. FMCAD Inc, 89–96. https://doi.org/10.1109/FMCAD.2015.7542257 Google ScholarGoogle ScholarCross RefCross Ref
  44. Anvesh Komuravelli, Arie Gurfinkel, and Sagar Chaki. 2014. SMT-Based Model Checking for Recursive Programs. In CAV ’14 (LNCS, Vol. 8559). Springer, 17–34. https://doi.org/10.1007/978-3-319-08867-9_2 Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Anvesh Komuravelli, Arie Gurfinkel, and Sagar Chaki. 2016. SMT-Based Model Checking for Recursive Programs. Formal Methods in System Design, 48, 3 (2016), June, 175–205. issn:0925-9856 https://doi.org/10.1007/s10703-016-0249-4 Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Anvesh Komuravelli, Arie Gurfinkel, Sagar Chaki, and Edmund M. Clarke. 2013. Automatic Abstraction in SMT-Based Unbounded Software Model Checking. In CAV ’13. Springer, 846–862. https://doi.org/10.1007/978-3-642-39799-8_59 Google ScholarGoogle ScholarCross RefCross Ref
  47. Quang Loc Le, Makoto Tatsuta, Jun Sun, and Wei-Ngan Chin. 2017. A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic. In CAV ’17. Springer, 495–517. https://doi.org/10.1007/978-3-319-63390-9_26 Google ScholarGoogle ScholarCross RefCross Ref
  48. Per Martin-Löf. 1971. Hauptsatz for the Intuitionistic Theory of Iterated Inductive Definitions. In Proceedings of the Second Scandinavian Logic Symposium (Studies in Logic and the Foundations of Mathematics, Vol. 63). Elsevier, 179 – 216. https://doi.org/10.1016/S0049-237X(08)70847-4 Google ScholarGoogle ScholarCross RefCross Ref
  49. Yukihiro Masuoka and Makoto Tatsuta. 2021. Counterexample to cut-elimination in cyclic proof system for first-order logic with inductive definitions. CoRR, abs/2106.11798 (2021), arxiv:2106.11798.Google ScholarGoogle Scholar
  50. Kenneth L. McMillan. 2006. Lazy Abstraction with Interpolants. In CAV ’06 (LNCS, Vol. 4144). Springer, 123–136. https://doi.org/10.1007/11817963 Google ScholarGoogle ScholarCross RefCross Ref
  51. Andreas Podelski and Andrey Rybalchenko. 2007. ARMC: The Logical Choice for Software Model Checking with Abstraction Refinement. In Practical Aspects of Declarative Languages. Springer, 245–259. https://doi.org/10.1007/978-3-540-69611-7_16 Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Xiaokang Qiu, Pranav Garg, Andrei Ştefănescu, and Parthasarathy Madhusudan. 2013. Natural Proofs for Structure, Data, and Separation. In PLDI ’13. ACM, 231–242. https://doi.org/10.1145/2491956.2462169 Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Andrew Reynolds and Viktor Kuncak. 2015. Induction for SMT Solvers. In VMCAI ’15 (LNCS, Vol. 8931). Springer, 80–98. https://doi.org/10.1007/978-3-662-46081-8_5 Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. Sriram Sankaranarayanan, Henny B. Sipma, and Zohar Manna. 2004. Non-linear loop invariant generation using Gröbner bases. In POPL ’04. ACM, 318–329. https://doi.org/10.1145/964001.964028 Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Rahul Sharma, Saurabh Gupta, Bharath Hariharan, Alex Aiken, and Aditya V. Nori. 2013. Verification as Learning Geometric Concepts. In SAS ’13. Springer, 388–411. https://doi.org/10.1007/978-3-642-38856-9_21 Google ScholarGoogle ScholarCross RefCross Ref
  56. Mary Sheeran, Satnam Singh, and Gunnar Stålmarck. 2000. Checking Safety Properties Using Induction and a SAT-Solver. In FMCAD ’00. Springer, 127–144. https://doi.org/10.1007/3-540-40922-X_8 Google ScholarGoogle ScholarCross RefCross Ref
  57. Armando Solar-Lezama, Liviu Tancau, Rastislav Bodik, Sanjit Seshia, and Vijay Saraswat. 2006. Combinatorial Sketching for Finite Programs. In ASPLOS XII. ACM, 404–415. https://doi.org/10.1145/1168857.1168907 Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. Christoph Sprenger and Mads Dam. 2003. On the Structure of Inductive Reasoning: Circular and Tree-Shaped Proofs in the μ Calculus. In FoSSaCS ’03. Springer, 425–440. https://doi.org/10.1007/3-540-36576-1_27 Google ScholarGoogle ScholarCross RefCross Ref
  59. Philippe Suter, Mirco Dotta, and Viktor Kuncak. 2010. Decision procedures for algebraic data types with abstractions. In POPL ’10. ACM, 199–210. https://doi.org/10.1145/1706299.1706325 Google ScholarGoogle ScholarDigital LibraryDigital Library
  60. Philippe Suter, Ali Sinan Köksal, and Viktor Kuncak. 2011. Satisfiability modulo recursive programs. In SAS ’11 (LNCS, Vol. 6887). Springer, 298–315. https://doi.org/10.1007/978-3-642-23702-7_23 Google ScholarGoogle ScholarCross RefCross Ref
  61. Quang-Trung Ta, Ton Chanh Le, Siau-Cheng Khoo, and Wei-Ngan Chin. 2016. Automated Mutual Explicit Induction Proof in Separation Logic. In FM ’16. Springer, 659–676. https://doi.org/10.1007/978-3-319-48989-6_40 Google ScholarGoogle ScholarCross RefCross Ref
  62. Quang-Trung Ta, Ton Chanh Le, Siau-Cheng Khoo, and Wei-Ngan Chin. 2017. Automated Lemma Synthesis in Symbolic-Heap Separation Logic. Proceedings of the ACM on Programming Languages, 2, POPL (2017), Article 9, Dec., 29 pages. https://doi.org/10.1145/3158097 Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. Gadi Tellez and James Brotherston. 2020. Automatically Verifying Temporal Properties of Pointer Programs with Cyclic Proof. Journal of Automated Reasoning, 64, 3 (2020), 555–578. https://doi.org/10.1007/s10817-019-09532-0 Google ScholarGoogle ScholarCross RefCross Ref
  64. Takeshi Tsukada and Hiroshi Unno. 2021. Software Model-Checking as Cyclic-Proof Search. arxiv:2111.05617.Google ScholarGoogle Scholar
  65. Hiroshi Unno, Sho Torii, and Hiroki Sakamoto. 2017. Automating Induction for Solving Horn Clauses. In CAV ’17. Springer, 571–591. https://doi.org/10.1007/978-3-319-63390-9_30 Google ScholarGoogle ScholarCross RefCross Ref
  66. Yakir Vizel and Arie Gurfinkel. 2014. Interpolating Property Directed Reachability. In CAV ’14. Springer, 260–276. https://doi.org/10.1007/978-3-319-08867-9_17 Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Software model-checking as cyclic-proof search

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!