Abstract
We present a novel approach to deciding the validity of formulas in first-order fixpoint logic with background theories and arbitrarily nested inductive and co-inductive predicates defining least and greatest fixpoints. Our approach is constraint-based, and reduces the validity checking problem of the given first-order-fixpoint logic formula (formally, an instance in a language called µCLP) to a constraint satisfaction problem for a recently introduced predicate constraint language.
Coupled with an existing sound-and-relatively-complete solver for the constraint language, this novel reduction alone already gives a sound and relatively complete method for deciding µCLP validity, but we further improve it to a novel modular primal-dual method. The key observations are (1) µCLP is closed under complement such that each (co-)inductive predicate in the original primal instance has a corresponding (co-)inductive predicate representing its complement in the dual instance obtained by taking the standard De Morgan’s dual of the primal instance, and (2) partial solutions for (co-)inductive predicates synthesized during the constraint solving process of the primal side can be used as sound upper-bounds of the corresponding (co-)inductive predicates in the dual side, and vice versa. By solving the primal and dual problems in parallel and exchanging each others’ partial solutions as sound bounds, the two processes mutually reduce each others’ solution spaces, thus enabling rapid convergence. The approach is also modular in that the bounds are synthesized and exchanged at granularity of individual (co-)inductive predicates.
We demonstrate the utility of our novel fixpoint logic solving by encoding a wide variety of temporal verification problems in µCLP, including termination/non-termination, LTL, CTL, and even the full modal µ-calculus model checking of infinite state programs. The encodings exploit the modularity in both the program and the property by expressing each loops and (recursive) functions in the program and sub-formulas of the property as individual (possibly nested) (co-)inductive predicates. Together with our novel modular primal-dual µCLP solving, we obtain a novel approach to efficiently solving a wide range of temporal verification problems.
- Tomáš Babiak, Mojmír Křetínský, Vojtěch Řehák, and Jan Strejček. 2012. LTL to Büchi Automata Translation: Fast and More Deterministic. In TACAS ’12. Springer, 95–109.
Google Scholar
- Thomas Ball and Sriram K. Rajamani. 2002. The SLAM project: debugging system software via static analysis. In POPL ’02. ACM, 1–3.
Google Scholar
- Amir M. Ben-Amram and Samir Genaim. 2014. Ranking Functions for Linear-Constraint Loops. J. ACM, 61, 4 (2014), Article 26, July, 55 pages.
Google Scholar
Digital Library
- Tewodros A. Beyene, Corneliu Popeea, and Andrey Rybalchenko. 2013. Solving Existentially Quantified Horn Clauses. In CAV ’13 (LNCS, Vol. 8044). Springer, 869–882.
Google Scholar
- Nikolaj Bjørner, Arie Gurfinkel, Kenneth L. McMillan, and Andrey Rybalchenko. 2015. Horn Clause Solvers for Program Verification. In Fields of Logic and Computation II: Essays Dedicated to Yuri Gurevich on the Occasion of His 75th Birthday (LNCS, Vol. 9300). Springer, 24–51.
Google Scholar
- Julian C. Bradfield. 1999. Fixpoint Alternation and the Game Quantifier. In CSL ’99 (LNCS, Vol. 1683). Springer, 350–361.
Google Scholar
- Aaron R. Bradley. 2011. SAT-based Model Checking Without Unrolling. In VMCAI ’11 (LNCS, Vol. 6538). Springer, 70–87.
Google Scholar
- Marc Brockschmidt, Byron Cook, Samin Ishtiaq, Heidy Khlaaf, and Nir Piterman. 2016. T2: Temporal Property Verification. In TACAS ’16. Springer, 387–393. isbn:978-3-662-49674-9
Google Scholar
- Adrien Champion, Tomoya Chiba, Naoki Kobayashi, and Ryosuke Sato. 2018. ICE-Based Refinement Type Discovery for Higher-Order Functional Programs. In TACAS ’18 (LNCS, Vol. 10805). Springer, 365–384.
Google Scholar
- Witold Charatonik, David A. McAllester, Damian Niwinski, Andreas Podelski, and Igor Walukiewicz. 1998. The Horn Mu-calculus. In LICS ’98. IEEE Computer Society, 58–69.
Google Scholar
- Hong Yi Chen, Byron Cook, Carsten Fuhs, Kaustubh Nimkar, and Peter W. O’Hearn. 2014. Proving Nontermination via Safety. In TACAS ’14 (LNCS, Vol. 8413). Springer, 156–171.
Google Scholar
- Edmund M. Clarke, Orna Grumberg, Somesh Jha, Yuan Lu, and Helmut Veith. 2000. Counterexample-Guided Abstraction Refinement. In CAV ’00 (LNCS, Vol. 1855). Springer, 154–169.
Google Scholar
Cross Ref
- Byron Cook, Carsten Fuhs, Kaustubh Nimkar, and Peter W. O’Hearn. 2014. Disproving termination with overapproximation. In FMCAD ’14. IEEE, 67–74.
Google Scholar
- Byron Cook, Heidy Khlaaf, and Nir Piterman. 2015. Fairness for Infinite-State Systems. In TACAS ’15. Springer, 384–398.
Google Scholar
- Byron Cook, Heidy Khlaaf, and Nir Piterman. 2015. On Automation of CTL* Verification for Infinite-State Systems. In CAV ’15. Springer, 13–29.
Google Scholar
- Byron Cook, Heidy Khlaaf, and Nir Piterman. 2017. Verifying Increasingly Expressive Temporal Logics for Infinite-State Systems. J. ACM, 64, 2 (2017), Article 15, April, 39 pages.
Google Scholar
Digital Library
- Byron Cook and Eric Koskinen. 2011. Making Prophecies with Decision Predicates. In POPL ’11. ACM, 399–410.
Google Scholar
- Byron Cook and Eric Koskinen. 2013. Reasoning About Nondeterminism in Programs. In PLDI ’13. ACM, 219–230.
Google Scholar
- Byron Cook, Eric Koskinen, and Moshe Vardi. 2011. Temporal Property Verification As a Program Analysis Task. In CAV ’11. Springer, 333–348.
Google Scholar
- Byron Cook, Andreas Podelski, and Andrey Rybalchenko. 2006. Termination proofs for systems code. In PLDI ’06. ACM, 415–426.
Google Scholar
- Giorgio Delzanno and Andreas Podelski. 2001. Constraint-based Deductive Model Checking. International Journal on Software Tools for Technology Transfer, 3, 3 (2001), 250–270.
Google Scholar
Cross Ref
- Daniel Dietsch, Matthias Heizmann, Vincent Langenfeld, and Andreas Podelski. 2015. Fairness Modulo Theory: A New Approach to LTL Software Model Checking. In CAV ’15. Springer, 49–66.
Google Scholar
- Stephan Falke, Deepak Kapur, and Carsten Sinz. 2011. Termination Analysis of C Programs Using Compiler Intermediate Languages. In RTA ’11. 10, Schloss Dagstuhl–Leibniz-Zentrum fuer Informatik, 41–50.
Google Scholar
- Grigory Fedyukovich, Yueling Zhang, and Aarti Gupta. 2018. Syntax-Guided Termination Analysis. In CAV ’18 (LNCS, Vol. 10981). Springer, 124–143.
Google Scholar
- Fabio Fioravanti, Alberto Pettorossi, Maurizio Proietti, and Valerio Senni. 2013. Generalization strategies for the verification of infinite state systems. Theory and Practice of Logic Programming, 13, 2 (2013), 175–199.
Google Scholar
Cross Ref
- Laurent Fribourg. 1999. Constraint Logic Programming Applied to Model Checking. In LOPSTR ’99. Springer, 30–41.
Google Scholar
Cross Ref
- Juergen Giesl, Cornelius Aschermann, Marc Brockschmidt, Fabian Emmes, Florian Frohn, Carsten Fuhs, Jera Hensel, Carsten Otto, Martin Pluecker, Peter Schneider-Kamp, Thomas Stroeder, Stephanie Swiderski, and Rene Thiemann. 2017. Analyzing Program Termination and Complexity Automatically with AProVE. Journal of Automated Reasoning, 58 (2017), 3–31.
Google Scholar
Digital Library
- Patrice Godefroid, Aditya V. Nori, Sriram K. Rajamani, and SaiDeep Tetali. 2010. Compositional may-must program analysis: unleashing the power of alternation. In POPL ’10, Manuel V. Hermenegildo and Jens Palsberg (Eds.). ACM, 43–56.
Google Scholar
- Sergey Grebenshchikov, Nuno P. Lopes, Corneliu Popeea, and Andrey Rybalchenko. 2012. Synthesizing Software Verifiers from Proof Rules. In PLDI ’12. ACM, 405–416.
Google Scholar
- Ashutosh Gupta, Thomas A. Henzinger, Rupak Majumdar, Andrey Rybalchenko, and Ru-Gang Xu. 2008. Proving non-termination. In POPL ’08. ACM, 147–158.
Google Scholar
- Arie Gurfinkel, Temesghen Kahsai, Anvesh Komuravelli, and Jorge A. Navas. 2015. The SeaHorn Verification Framework. In CAV ’15. Springer, 343–361.
Google Scholar
- Matthias Heizmann, Jochen Hoenicke, and Andreas Podelski. 2014. Termination Analysis by Learning Terminating Programs. In CAV ’14. Springer, 797–813.
Google Scholar
- Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Kenneth L. McMillan. 2004. Abstractions from proofs. In POPL ’04. ACM, 232–244.
Google Scholar
- Hossein Hojjat and Philipp Rümmer. 2018. The Eldarica Horn Solver. In FMCAD ’18. IEEE, 1–7.
Google Scholar
- Joxan Jaffar and Michael J. Maher. 1994. Constraint logic programming: a survey. The Journal of Logic Programming, 19 (1994), 503 – 581.
Google Scholar
Cross Ref
- Ranjit Jhala and Kenneth L. McMillan. 2006. A Practical and Complete Approach to Predicate Refinement. In TACAS ’06 (LNCS, Vol. 3920). Springer, 459–473.
Google Scholar
- Temesghen Kahsai, Philipp Rümmer, Huascar Sanchez, and Martin Schäf. 2016. JayHorn: A Framework for Verifying Java programs. In CAV ’16. 9779, Springer, 352–358.
Google Scholar
- Naoki Kobayashi, Takeshi Nishikawa, Atsushi Igarashi, and Hiroshi Unno. 2019. Temporal Verification of Programs via First-Order Fixpoint Logic. In SAS ’19. Springer, 413–436.
Google Scholar
- Naoki Kobayashi, Takeshi Tsukada, and Keiichi Watanabe. 2018. Higher-Order Program Verification via HFL Model Checking. In ESOP ’18. Springer, 711–738.
Google Scholar
- Anvesh Komuravelli, Arie Gurfinkel, and Sagar Chaki. 2014. SMT-Based Model Checking for Recursive Programs. In CAV ’14 (LNCS, Vol. 8559). Springer, 17–34.
Google Scholar
- Anvesh Komuravelli, Arie Gurfinkel, and Sagar Chaki. 2016. SMT-Based Model Checking for Recursive Programs. Formal Methods in System Design, 48, 3 (2016), June, 175–205. issn:0925-9856
Google Scholar
Digital Library
- Takuya Kuwahara, Tachio Terauchi, Hiroshi Unno, and Naoki Kobayashi. 2014. Automatic Termination Verification for Higher-Order Functional Programs. In ESOP ’14 (LNCS, Vol. 8410). Springer, 392–411.
Google Scholar
- Ton Chanh Le, Shengchao Qin, and Wei-Ngan Chin. 2015. Termination and Non-termination Specification Inference. In PLDI ’15. ACM, 489–498.
Google Scholar
- Robert S. Lubarsky. 1993. μ -Definable Sets of Integers. Journal of Symbolic Logic, 58, 1 (1993), 291–313.
Google Scholar
Cross Ref
- Kenneth L. McMillan. 2014. Lazy Annotation Revisited. In CAV ’14, Armin Biere and Roderick Bloem (Eds.) (Lecture Notes in Computer Science, Vol. 8559). Springer, 243–259.
Google Scholar
- Yoji Nanjo, Hiroshi Unno, Eric Koskinen, and Tachio Terauchi. 2018. A Fixpoint Logic and Dependent Effects for Temporal Property Verification. In LICS ’18. ACM, 759–768.
Google Scholar
- Ulf Nilsson and Johan Lübcke. 2000. Constraint Logic Programming for Local and Symbolic Model-Checking. In CL ’00. Springer, 384–398.
Google Scholar
Cross Ref
- Oded Padon, James R. Wilcox, Jason R. Koenig, Kenneth L. McMillan, and Alex Aiken. 2022. Induction duality: primal-dual search for invariants. 6, POPL (2022), 1–29.
Google Scholar
Digital Library
- Yuki Satake, Hiroshi Unno, and Hinata Yanagi. 2020. Probabilistic Inference for Predicate Constraint Satisfaction. AAAI ’20, 34, 02 (2020), Apr., 1644–1651.
Google Scholar
- Gadi Tellez and James Brotherston. 2020. Automatically Verifying Temporal Properties of Pointer Programs with Cyclic Proof. Journal of Automated Reasoning, 64, 3 (2020), 555–578.
Google Scholar
Cross Ref
- Tachio Terauchi and Hiroshi Unno. 2015. Relaxed Stratification: A New Approach to Practical Complete Predicate Refinement. In ESOP ’15 (LNCS, Vol. 9032). Springer, 610–633.
Google Scholar
- Takeshi Tsukada. 2020. On Computability of Logical Approaches to Branching-Time Property Verification of Programs. In LICS ’20. ACM, 886–899.
Google Scholar
- Hiroshi Unno and Naoki Kobayashi. 2009. Dependent Type Inference with Interpolants. In PPDP ’09. ACM, 277–288.
Google Scholar
- Hiroshi Unno, Yuki Satake, and Tachio Terauchi. 2017. Relatively Complete Refinement Type System for Verification of Higher-order Non-deterministic Programs. Proceedings of the ACM on Programming Languages, 2, POPL (2017), Article 12, Dec., 29 pages.
Google Scholar
- Hiroshi Unno, Yuki Satake, Tachio Terauchi, and Eric Koskinen. 2020. Program Verification via Predicate Constraint Satisfiability Modulo Theories. CoRR, abs/2007.03656 (2020), arXiv:2007.03656. arxiv:2007.03656
Google Scholar
- Hiroshi Unno, Tachio Terauchi, and Eric Koskinen. 2021. Constraint-Based Relational Verification. In CAV ’21. Springer, 742–766.
Google Scholar
- Hiroshi Unno, Sho Torii, and Hiroki Sakamoto. 2017. Automating Induction for Solving Horn Clauses. In CAV ’17. Springer, 571–591.
Google Scholar
- Caterina Urban. 2013. The Abstract Domain of Segmented Ranking Functions. In SAS ’13 (LNCS, Vol. 7935). Springer, 43–62.
Google Scholar
- Caterina Urban, Arie Gurfinkel, and Temesghen Kahsai. 2016. Synthesizing Ranking Functions from Bits and Pieces. In TACAS ’16. Springer, 54–70.
Google Scholar
- Caterina Urban and Antoine Miné. 2014. An Abstract Domain to Infer Ordinal-Valued Ranking Functions. In ESOP ’14. Springer, 412–431.
Google Scholar
- Caterina Urban, Samuel Ueltschi, and Peter Müller. 2018. Abstract Interpretation of CTL Properties. In SAS ’18 (LNCS, Vol. 11002). Springer, 402–422.
Google Scholar
Index Terms
Modular Primal-Dual Fixpoint Logic Solving for Temporal Verification
Recommendations
A Fixpoint Logic and Dependent Effects for Temporal Property Verification
LICS '18: Proceedings of the 33rd Annual ACM/IEEE Symposium on Logic in Computer ScienceExisting approaches to temporal verification of higher-order functional programs have either sacrificed compositionality in favor of achieving automation or vice-versa. In this paper we present a dependent-refinement type & effect system to ensure that ...
Stratified least fixpoint logic
Stratified least fixpoint logic, or SLFP, characterizes the expressibility of stratified logic programs and, in a different formulation, has been used as a logic of imperative programs. These two formulations of SLFP are proved to be equivalent. A ...
Constructive linear-time temporal logic: Proof systems and Kripke semantics
In this paper we study a version of constructive linear-time temporal logic (LTL) with the ''next'' temporal operator. The logic is originally due to Davies, who has shown that the proof system of the logic corresponds to a type system for binding-time ...






Comments