Finding Loop Invariants for Programs over Arrays Using a Theorem Prover

Kovács, Laura; Воронков, Андрей

doi:10.1109/synasc.2009.66

Cited by 51 publications

(71 citation statements)

References 3 publications

(4 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…More precise approximations of ι and ι will improve the performance by reducing the number of iterations via increasing the number of resolvable queries. Also, a variety of techniques from static analysis or loop invariant generation (Flanagan and Qadeer 2002;Gulwani et al 2009;Gulwani et al 2008b;Gupta and Rybalchenko 2009;Kovács and Voronkov 2009;Lahiri et al 2004;McMillan 2008) in particular can be integrated to resolve queries in addition to one SMT solver with coin tossing. Such a set of multiple teachers will increase the number of resolvable queries because it suffices to have just one teacher to answer the query to proceed.…”

Section: Discussion and Future Workmentioning

confidence: 99%

Automatically inferring loop invariants via algorithmic learning

Jung¹,

Kong²,

David

et al. 2014

Math. Struct. Comp. Sci.

View full text Add to dashboard Cite

By combining algorithmic learning, decision procedures, predicate abstraction and simple templates for quantified formulae, we present an automated technique for finding loop invariants. Theoretically, this technique can find arbitrary first-order invariants (modulo a fixed set of atomic propositions and an underlying satisfiability modulo theories solver) in the form of the given template and exploit the flexibility in invariants by a simple randomized mechanism. In our study, the proposed technique was able to find quantified invariants for loops from the Linux source and other realistic programs. Our contribution is a simpler technique than the previous works yet with a reasonable derivation power.

show abstract

Section: Discussion and Future Workmentioning

confidence: 99%

Automatically inferring loop invariants via algorithmic learning

Jung¹,

Kong²,

David

et al. 2014

Math. Struct. Comp. Sci.

View full text Add to dashboard Cite

show abstract

“…Theorem prover-based The method of Kovács and Voronkov [23] uses a saturation theorem prover to generate loop invariants. The idea is to encode the changes to an array at the i-th iteration as a quantified fact and then to systematically apply resolution to derive a closed form (one not mentioning the loop iteration i).…”

Section: Under-approximations and Templatesmentioning

confidence: 99%

A parametric segmentation functor for fully automatic and scalable array content analysis

Cousot

Logozzo

2011

SIGPLAN Not.

View full text Add to dashboard Cite

We introduce FunArray, a parametric segmentation abstract domain functor for the fully automatic and scalable analysis of array content properties. The functor enables a natural, painless and efficient lifting of existing abstract domains for scalar variables to the analysis of uniform compound data-structures such as arrays and collections. The analysis automatically and semantically divides arrays into consecutive non-overlapping possibly empty segments. Segments are delimited by sets of bound expressions and abstracted uniformly. All symbolic expressions appearing in a bound set are equal in the concrete. The FunArray can be naturally combined via reduced product with any existing analysis for scalar variables. The analysis is presented as a general framework parameterized by the choices of bound expressions, segment abstractions and the reduction operator. Once the functor has been instantiated with fixed parameters, the analysis is fully automatic. We first prototyped FunArray in Arrayal to adjust and experiment with the abstractions and the algorithms to obtain the appropriate precision/ratio cost. Then we implemented it into Clousot, an abstract interpretation-based static contract checker for .NET. We empirically validated the precision and the performance of the analysis by running it on the main libraries of .NET and on its own code. We were able to infer thousands of non-trivial invariants and verify the implementation with a modest overhead (circa 1%). To the best of our knowledge this is the first analysis of this kind applied to such a large code base, and proven to scale.

show abstract

“…To find a more useful invariant store than the trivial Striv, it is necessary to infer numeric invariants relating index variables associated with different containers or allocation sites. Since the focus of this paper is not invariant generation, we do not go into the details of how to find a "good" invariant store; various techniques based on abstract interpretation [3,4] and quantifier elimination [1,5] can be used for finding invariants. In particular, our previous work on array analysis [1] presents an algorithmic way of finding such invariants in this domain, and we use the algorithm from [1] in our implementation.…”

Section: Abstract Semantics For Iterationmentioning

confidence: 99%

Precise reasoning for programs using containers

Dillig

Aiken

2011

SIGPLAN Not.

View full text Add to dashboard Cite

Containers are general-purpose data structures that provide functionality for inserting, reading, removing, and iterating over elements. Since many applications written in modern programming languages, such as C++ and Java, use containers as standard building blocks, precise analysis of many programs requires a fairly sophisticated understanding of container contents. In this paper, we present a sound, precise, and fully automatic technique for static reasoning about contents of containers. We show that the proposed technique adds useful precision for verifying real C++ applications and that it scales to applications with over 100,000 lines of code.

show abstract

Finding Loop Invariants for Programs over Arrays Using a Theorem Prover

Cited by 51 publications

References 3 publications

Automatically inferring loop invariants via algorithmic learning

Automatically inferring loop invariants via algorithmic learning

A parametric segmentation functor for fully automatic and scalable array content analysis

Precise reasoning for programs using containers

Contact Info

Product

Resources

About