Contract Strengthening through Constrained Horn Clause Verification

by   Emanuele De Angelis, et al.

The functional properties of a program are often specified by providing a contract for each of its functions. A contract of a function consists of a pair of formulas, called a precondition and a postcondition, which, respectively, should hold before and after execution of that function. It might be the case that the contracts supplied by the programmer are not adequate to allow a verification system to prove program correctness, that is, to show that for every function, if the precondition holds and the execution of the function terminates, then the postcondition holds. We address this problem by providing a technique which may strengthen the postconditions of the functions, thereby improving the ability of the verifier to show program correctness. Our technique consists of four steps. First, the translation of the given program, which may manipulate algebraic data structures (ADTs), and its contracts into a set of constrained Horn clauses (CHCs) whose satisfiability implies the validity of the given contracts. Then, the derivation, via CHC transformation performed by the VeriCaT tool, of a new set of CHCs that manipulate only basic sorts (such as booleans or integers) and whose satisfiability implies the satisfiability of the original set of clauses. Then, the construction of a model, if any, of the new, derived CHCs using the CHC solver SPACER for basic sorts. Finally, the translation of that model into the formulas that suitably strengthen the postconditions of the given contracts. We will present our technique through an example consisting of a Scala program for reversing lists. Note that the Stainless verifier is not able to prove the correctness of that program when considering the given contracts, while it succeeds when considering the contracts with the strengthened postconditions constructed by applying our technique.


page 1

page 2

page 3

page 4


Verifying Catamorphism-Based Contracts using Constrained Horn Clauses

We address the problem of verifying that the functions of a program meet...

MetAcsl: Specification and Verification of High-Level Properties

Modular deductive verification is a powerful technique capable to show t...

Transformational Verification of Quicksort

Many transformation techniques developed for constraint logic programs, ...

Online Learning in a Contract Selection Problem

In an online contract selection problem there is a seller which offers a...

Formal Modeling and Analysis of Legal Contracts using ContractCheck

We describe a method and tool called ContractCheck that allows for the c...

Reasoning about Polymorphic Manifest Contracts

Manifest contract calculi, which integrate cast-based dynamic contract c...

Soft Contract Verification for Higher-Order Stateful Programs

Software contracts allow programmers to state rich program properties us...

Please sign up or login with your details

Forgot password? Click here to reset