Property Checking Array Programs Using Loop Shrinking

Sanyal, Amitabha; Venkatesh, R.; Shah, Punit

doi:10.1007/978-3-319-89960-2_12

Cited by 12 publications

(5 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similar reductions were applied to array programs-a particular form of parameterized systems but with unbounded data-as we consider in this work. For example, in [33], shrinkable loops are identified as loops that traverse large or unbounded arrays but may be soundly replaced by a bounded number of nondeterministically chosen iterations; and in [37], abstraction is used to replace reasoning about unbounded arrays and quantified properties by reasoning about a bounded number of array cells.…”

Section: Related Workmentioning

confidence: 99%

Putting the Squeeze on Array Programs: Loop Verification via Inductive Rank Reduction

Ish-Shalom

Itzhaky

Rinetzky

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Automatic verification of array manipulating programs is a challenging problem because it often amounts to the inference of inductive quantified loop invariants which, in some cases, may not even be first-order expressible. In this paper, we suggest a novel verification technique that is based on induction on user-defined rank of program states as an alternative to loop-invariants. Our technique, dubbed inductive rank reduction, works in two steps. Firstly, we simplify the verification problem and prove that the program is correct when the input state contains an input array of length ℓ B or less, using the length of the array as the rank of the state. Secondly, we employ a squeezing function which converts a program state σ with an array of length ℓ > ℓ B to a state (σ) containing an array of length ℓ−1 or less. We prove that when satisfies certain natural conditions then if the program violates its specification on σ then it does so also on (σ). The correctness of the program on inputs with arrays of arbitrary lengths follows by induction. We make our technique automatic for array programs whose length of execution is proportional to the length of the input arrays by (i) performing the first step using symbolic execution, (ii) verifying the conditions required of using Z3, and (iii) providing a heuristic procedure for synthesizing . We implemented our technique and applied it successfully to several interesting array-manipulating programs, including a bidirectional summation program whose loop invariant cannot be expressed in first-order logic while its specification is quantifier-free.

show abstract

Section: Related Workmentioning

confidence: 99%

Putting the Squeeze on Array Programs: Loop Verification via Inductive Rank Reduction

Ish-Shalom

Itzhaky

Rinetzky

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…There are also techniques that abstract an array to a fixed number of elements, e.g. k-distinguished cell abstraction [32,33] and k-shrinkability [24,29]. Such abstractions usually reduce array modifying loops with unknown bounds to a known, small bound.…”

Section: Related Workmentioning

confidence: 99%

Quantified Invariants via Syntax-Guided Synthesis

Fedyukovich

Prabhu

Madhukar

et al. 2019

Computer Aided Verification

View full text Add to dashboard Cite

Programs with arrays are ubiquitous. Automated reasoning about arrays necessitates discovering properties about ranges of elements at certain program points. Such properties are formally specified by universally quantified formulas, which are difficult to find, and difficult to prove inductive. In this paper, we propose an algorithm based on an enumerative search that discovers quantified invariants in stages. First, by exploiting the program syntax, it identifies ranges of elements accessed in each loop. Second, it identifies potentially useful facts about individual elements and generalizes them to hypotheses about entire ranges. Finally, by applying recent advances of SMT solving, the algorithm filters out wrong hypotheses. The combination of properties is often enough to prove that the program meets a safety specification. The algorithm has been implemented in a solver for Constrained Horn Clauses, Freq-Horn, and extended to deal with multiple (possibly nested) loops. We show that FreqHorn advances state-of-the-art on a wide range of public array-handling programs.

show abstract

“…Our motivating examples are based on synthesizing invariants for arrays. However, there are methods for verifying array programs without using loop invariants: Abstraction of the array to a fixed number of elements is used to reduce array modifying loops with unknown bounds to loops with a known, small bound [16,22,25]. An imprecise approach involves abstracting the array so that all array elements appear in a single memory location [4].…”

Section: Related Workmentioning

confidence: 99%

SynRG: Syntax Guided Synthesis of Expressions with Alternating Quantifiers

Polgreen,

Seshia

2020

Preprint

View full text Add to dashboard Cite

Proving properties of systems frequently requires the user to provide hand-written invariants and pre-and post-conditions. A significant body of work exists attempting to automate the generation of loop invariants in code, but the state of the art cannot yet tackle the combination of quantifiers and potentially unbounded data structures. We present SynRG, a synthesis algorithm based on restricting the synthesis problem to generate candidate solutions with quantification over a finite domain, and then generalizing these candidate solutions to the unrestricted domain of the original specification. We give an exemplar of our method that generates invariants with quantifiers over array indices. Our algorithm is, in principle, able to synthesize predicates with arbitrarily many levels of alternating quantification. We report experiments that require invariants with one alternation that are already out of reach of all existing solvers.

show abstract

Property Checking Array Programs Using Loop Shrinking

Cited by 12 publications

References 23 publications

Putting the Squeeze on Array Programs: Loop Verification via Inductive Rank Reduction

Putting the Squeeze on Array Programs: Loop Verification via Inductive Rank Reduction

Quantified Invariants via Syntax-Guided Synthesis

SynRG: Syntax Guided Synthesis of Expressions with Alternating Quantifiers

Contact Info

Product

Resources

About