Geometric Quantifier Elimination Heuristics for Automatically Generating Octagonal and Max-plus Invariants

Kapur, Deepak; Zhang, Zhihai; Horbach, Matthias; Zhao, Hongbin; Lü, Qi; Nguyen, ThanhVu

doi:10.1007/978-3-642-36675-8_11

Cited by 6 publications

(8 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The recent static analysis work of Kapur et al [26] uses quantifier elimination to find max invariants over pairs of variables. Their method uses table look-ups to modify max relations based on the program structures (e.g., to determine how the max relation is changed after an assignment a = a + 10).…”

Section: Related Workmentioning

confidence: 99%

Using dynamic analysis to generate disjunctive invariants

Nguyen

Kapur

Weimer

et al. 2014

Proceedings of the 36th International Conference on Software Engineering

Self Cite

View full text Add to dashboard Cite

Program invariants are important for defect detection, program verification, and program repair. However, existing techniques have limited support for important classes of invariants such as disjunctions, which express the semantics of conditional statements. We propose a method for generating disjunctive invariants over numerical domains, which are inexpressible using classical convex polyhedra. Using dynamic analysis and reformulating the problem in nonstandard "max-plus" and "min-plus" algebras, our method constructs hulls over program trace points. Critically, we introduce and infer a weak class of such invariants that balances expressive power against the computational cost of generating nonconvex shapes in high dimensions.Existing dynamic inference techniques often generate spurious invariants that fit some program traces but do not generalize. With the insight that generating dynamic invariants is easy, we propose to verify these invariants statically using k-inductive SMT theorem proving which allows us to validate invariants that are not classically inductive.Results on difficult kernels involving nonlinear arithmetic and abstract arrays suggest that this hybrid approach efficiently generates and proves correct program invariants.

show abstract

Section: Related Workmentioning

confidence: 99%

Using dynamic analysis to generate disjunctive invariants

Nguyen

Kapur

Weimer

et al. 2014

Proceedings of the 36th International Conference on Software Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

“…Two closely related works are [21] and [22], in which invariants of slightly more general classes than difference logic are generated following the constraintbased method, but with different strategies for producing the constraints over template unknowns. In [21], the authors discover octagonal invariants, i.e., of the form ±x 1 ± x 2 ≤ k, as well as max-plus invariants max 1≤i≤n (a 0 , x i + a i ) ≤ max 1≤i≤n (b 0 , x i + b i ).…”

Section: Introductionmentioning

confidence: 99%

“…In [21], the authors discover octagonal invariants, i.e., of the form ±x 1 ± x 2 ≤ k, as well as max-plus invariants max 1≤i≤n (a 0 , x i + a i ) ≤ max 1≤i≤n (b 0 , x i + b i ). While our approach cannot currently produce max-plus invariants, the standard technique of adding for each variable x a copy standing for −x [16,23] allows generating octagonal invariants too.…”

Section: Introductionmentioning

confidence: 99%

“…While our approach cannot currently produce max-plus invariants, the standard technique of adding for each variable x a copy standing for −x [16,23] allows generating octagonal invariants too. However, the quantifier elimination method in [21] is incomplete and, as a result, invariants may be missed. Moreover, program assignments must be of the form x := ±x + K or x := K, where K is a constant, and so unlike with our techniques the common case of assignments like x := y, where x, y are different variables, is not allowed.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Speeding up the Constraint-Based Method in Difference Logic

Candeago

Larraz

Oliveras

et al. 2016

Theory and Applications of Satisfiability Testing – SAT 2016

View full text Add to dashboard Cite

Abstract. Over the years the constraint-based method has been successfully applied to a wide range of problems in program analysis, from invariant generation to termination and non-termination proving. Quite often the semantics of the program under study as well as the properties to be generated belong to difference logic, i.e., the fragment of linear arithmetic where atoms are inequalities of the form u − v ≤ k. However, so far constraint-based techniques have not exploited this fact: in general, Farkas' Lemma is used to produce the constraints over template unknowns, which leads to non-linear SMT problems. Based on classical results of graph theory, in this paper we propose new encodings for generating these constraints when program semantics and templates belong to difference logic. Thanks to this approach, instead of a heavyweight non-linear arithmetic solver, a much cheaper SMT solver for difference logic or linear integer arithmetic can be employed for solving the resulting constraints. We present encouraging experimental results that show the high impact of the proposed techniques on the performance of the VeryMax verification system.

show abstract

“…It was also suggested to let the theorem prover generate formulae from formulae specifying the loop, and take as candidate invariants those that only use the desired subset of symbols [40,45]. In approaches based on quantifier elimination, the symbols to be eliminated are quantified, so that quantifier elimination expunges them (e.g., [43,44]). An early lead towards this application can be traced back to [17].…”

mentioning

confidence: 99%

On Interpolation in Automated Theorem Proving

Bonacina

Johansson

2014

J Autom Reasoning

View full text Add to dashboard Cite

Given two inconsistent formulae, a (reverse) interpolant is a formula implied by one, inconsistent with the other, and only containing symbols they share. Interpolation finds application in program analysis, verification, and synthesis, for example, towards invariant generation. An interpolation system takes a refutation of the inconsistent formulae and extracts an interpolant by building it inductively from partial interpolants. Known interpolation systems for ground proofs use colors to track symbols. We show by examples that the color-based approach cannot handle non-ground refutations by resolution and paramodulation/superposition. We present a two-stage approach that works by tracking literals, computes a provisional interpolant, which may contain non-shared symbols, and applies lifting to replace non-shared constants by quantified variables. We obtain an interpolation system for non-ground refutations, and we prove that it is complete, if the only non-shared symbols in provisional interpolants are constants.

show abstract

Geometric Quantifier Elimination Heuristics for Automatically Generating Octagonal and Max-plus Invariants

Cited by 6 publications

References 28 publications

Using dynamic analysis to generate disjunctive invariants

Using dynamic analysis to generate disjunctive invariants

Speeding up the Constraint-Based Method in Difference Logic

On Interpolation in Automated Theorem Proving

Contact Info

Product

Resources

About