HoIce: An ICE-Based Non-linear Horn Clause Solver

Champion, Adrien; Kobayashi, Naoki; Sato, Ryosuke

doi:10.1007/978-3-030-02768-1_8

Adrien Champion¹⁴,
Naoki Kobayashi¹⁴ &
Ryosuke Sato¹⁵

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11275))

Included in the following conference series:

Asian Symposium on Programming Languages and Systems

760 Accesses
19 Citations

Abstract

The ICE framework is a machine-learning-based technique originally introduced for inductive invariant inference over transition systems, and building on the supervised learning paradigm. Recently, we adapted the approach to non-linear Horn clause solving in the context of higher-order program verification. We showed that we could solve more of our benchmarks (extracted from higher-order program verification problems) than other state-of-the-art Horn clause solvers. This paper discusses some of the many improvements we recently implemented in HoIce, our implementation of this generalized ICE framework.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
Available at https://github.com/hopv/hoice.
2.
https://chc-comp.github.io/.
3.
HoIce uses the Z3 [12] SMT solver.
4.
Available at https://github.com/hopv/benchmarks/tree/master/clauses.

References

The Rust language. https://www.rust-lang.org/en-US/
Barrett, C., Fontaine, P., Tinelli, C.: The satisfiability modulo theories library (SMT-LIB) (2016). www.SMT-LIB.org
Bjørner, N., Gurfinkel, A., McMillan, K., Rybalchenko, A.: Horn clause solvers for program verification. In: Beklemishev, L.D., Blass, A., Dershowitz, N., Finkbeiner, B., Schulte, W. (eds.) Fields of Logic and Computation II. LNCS, vol. 9300, pp. 24–51. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23534-9_2
Chapter Google Scholar
Bjørner, N., McMillan, K.L., Rybalchenko, A.: Program verification as satisfiability modulo theories. In: SMT@IJCAR. EPiC Series in Computing, vol. 20, pp. 3–11. EasyChair (2012)
Google Scholar
Bjørner, N., McMillan, K.L., Rybalchenko, A.: Higher-order program verification as satisfiability modulo theories with algebraic data-types. CoRR abs/1306.5264 (2013)
Google Scholar
Champion, A., Chiba, T., Kobayashi, N., Sato, R.: ICE-based refinement type discovery for higher-order functional programs. In: Beyer, D., Huisman, M. (eds.) TACAS 2018. LNCS, vol. 10805, pp. 365–384. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89960-2_20
Chapter Google Scholar
Garg, P., Löding, C., Madhusudan, P., Neider, D.: ICE: a robust framework for learning invariants. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 69–87. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08867-9_5
Chapter Google Scholar
Garg, P., Neider, D., Madhusudan, P., Roth, D.: Learning invariants using decision trees and implication counterexamples. In: Proceedings of POPL 2016, pp. 499–512. ACM (2016)
Article Google Scholar
Hoder, K., Bjørner, N.: Generalized property directed reachability. In: Cimatti, A., Sebastiani, R. (eds.) SAT 2012. LNCS, vol. 7317, pp. 157–171. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31612-8_13
Chapter Google Scholar
Hojjat, H., Konečný, F., Garnier, F., Iosif, R., Kuncak, V., Rümmer, P.: A verification toolkit for numerical transition systems. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 247–251. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32759-9_21
Chapter Google Scholar
Komuravelli, A., Gurfinkel, A., Chaki, S., Clarke, E.M.: Automatic abstraction in smt-based unbounded software model checking. CoRR abs/1306.1945 (2013)
Chapter Google Scholar
de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24
Chapter Google Scholar

Download references

Acknowledgments

We thank the anonymous referees for useful comments. This work was supported by JSPS KAKENHI Grant Number JP15H05706.

Author information

Authors and Affiliations

The University of Tokyo, Tokyo, Japan
Adrien Champion & Naoki Kobayashi
Kyushu University, Fukuoka, Japan
Ryosuke Sato

Authors

Adrien Champion
View author publications
You can also search for this author in PubMed Google Scholar
Naoki Kobayashi
View author publications
You can also search for this author in PubMed Google Scholar
Ryosuke Sato
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Adrien Champion .

Editor information

Editors and Affiliations

Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)
Sukyoung Ryu

Appendices

A Input/Output Format Example

This section illustrates HoIce ’s input/output format. For a complete discussion on the format, please refer to the HoIce wiki https://github.com/hopv/hoice/wiki. HoIce takes special SMT-LIB [2] scripts as inputs such as the one on Fig. 3. A script starts with an optional set-logic HORN command, followed by some predicate declarations using the declare-fun command. Only predicate declaration are allowed: all declarations must have codomain Bool.

The actual clauses are given as assertions which generally start with some universally quantified variables, wrapping the implication between the body and the head of the clause. Negated existential quantification is also supported, for instance the third assertion on Fig. 3 can be written as

The check-sat command asks whether the Horn clauses are satisfiable, which they are, and HoIce answers sat. Otherwise, it would have answered unsat. Since the clauses are satisifiable, it is legal to ask for a model using the get-model command. HoIce provides one in the standard SMT-LIB fashion:

Note that hoice can read scripts from files, but also on its standard input in an interactive manner.

B Arguments

HoIce has no mandatory arguments. Besides options and flags, users can provide a file path argument in which case HoIce reads the file as an SMT-LIB script encoding a Horn clause problem (see Appendix A). When called with no file path argument, HoIce reads the script from its standard input. In both cases, HoIce outputs the result on its standard output.

Running HoIce with -h or --help will display the (visible) options. We do not discuss them here. Instead, let us clarify which options we used for the results presented in Sect. 5. The relevant option for partial samples from Sect. 4.1 is --partial, while --bias_cexs and --assistant activate constraint breaking as discussed in Sect. 4.2. More precisely, --bias_cexs activates constraint breaking during counterexample extraction, while --assistant triggers post-extraction simplification. The commands ran for the variants of Fig. 1 are thus

As far as the experiments are concerned, we ran Z3 4.7.1 with only one option, the one activating Spacer: fixedpoint.engine=spacer.

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Champion, A., Kobayashi, N., Sato, R. (2018). HoIce: An ICE-Based Non-linear Horn Clause Solver. In: Ryu, S. (eds) Programming Languages and Systems. APLAS 2018. Lecture Notes in Computer Science(), vol 11275. Springer, Cham. https://doi.org/10.1007/978-3-030-02768-1_8

Download citation

DOI: https://doi.org/10.1007/978-3-030-02768-1_8
Published: 22 October 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02767-4
Online ISBN: 978-3-030-02768-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics