Abstract
We address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating pre-conditions under which the assertions are valid. We present three novel algorithms, having different strengths, that combine template and predicate abstraction based formalisms to discover required sophisticated program invariants using SMT solvers.
Two of these algorithms use an iterative approach to compute fixed-points (one computes a least fixed-point and the other computes a greatest fixed-point), while the third algorithm uses a constraint based approach to encode the fixed-point. The key idea in all these algorithms is to reduce the problem of invariant discovery to that of finding optimal solutions for unknowns (over conjunctions of some predicates from a given set) in a template formula such that the formula is valid.
Preliminary experiments using our implementation of these algorithms show encouraging results over a benchmark of small but complicated programs. Our algorithms can verify program properties that, to our knowledge, have not been automatically verified before. In particular, our algorithms can generate full correctness proofs for sorting algorithms (which requires nested universally-existentially quantified invariants) and can also generate preconditions required to establish worst-case upper bounds of sorting algorithms. Furthermore, for the case of previously considered properties, in particular sortedness in sorting algorithms, our algorithms take less time than reported by previous techniques.
- Dirk Beyer, Thomas Henzinger, Rupak Majumdar, and Andrey Rybalchenko. Invariant synthesis for combined theories. In VMCAI, volume 4349 of LNCS, pages 378--394, 2007. Google Scholar
Digital Library
- Dirk Beyer, Tom Henzinger, Rupak Majumdar, and Andrey Rybalchenko. Path invariants. In PLDI, pages 300--309, 2007. Google Scholar
Digital Library
- Edmund M. Clarke, Orna Grumberg, Somesh Jha, Yuan Lu, and Helmut Veith. Counterexample-guided abstraction refinement. In CAV, pages 154--169, 2000. Google Scholar
Digital Library
- Michael Colon, Sriram Sankaranarayanan, and Henny Sipma. Linear invariant generation using non-linear constraint solving. In CAV, pages 420--432, 2003.Google Scholar
- Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In POPL, pages 238--252, 1977. Google Scholar
Digital Library
- Leonardo de Moura and Nikolaj Bjorner. Efficient E-matching for smt solvers. In CADE, pages 183--198, 2007. Google Scholar
Digital Library
- Leonardo de Moura and Nikolaj Bjorner. Z3: Efficient SMT solver. In TACAS, volume 4963 of LNCS, pages 337--340, April 2008. Google Scholar
Digital Library
- Jr. Edmund M. Clarke, Orna Grumberg, and Doron A. Peled. Model checking. MIT Press, Cambridge, MA, USA, 1999. Google Scholar
Digital Library
- Cormac Flanagan and Shaz Qadeer. Predicate abstraction for software verification. In POPL, pages 191--202, 2002. Google Scholar
Digital Library
- Susanne Graf and Hassen Saidi. Construction of abstract state graphs with PVS. In Computer Aided Verification, pages 72--83, 1997. Google Scholar
Digital Library
- Sumit Gulwani, Sagar Jain, and Eric Koskinen. Control-flow refinement and progress invariants for bound analysis. In PLDI, 2009. Google Scholar
Digital Library
- Sumit Gulwani, Bill McCloskey, and Ashish Tiwari. Lifting abstract interpreters to quantified logical domains. In POPL, pages 235--246, 2008. Google Scholar
Digital Library
- Sumit Gulwani, Saurabh Srivastava, and Ramarathnam Venkatesan. Program analysis as constraint solving. In PLDI, pages 281--292, 2008. Google Scholar
Digital Library
- Sumit Gulwani, Saurabh Srivastava, and Ramarathnam Venkatesan. Constraint-based invariant inference over predicate abstraction. In VMCAI, pages 120--135, 2009. Google Scholar
Digital Library
- Nicolas Halbwachs and Mathias Peron. Discovering properties about arrays in simple programs. In PLDI, pages 339--348, 2008. Google Scholar
Digital Library
- Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Kenneth L. McMillan. Abstractions from proofs. In POPL, pages 232--244, 2004. Google Scholar
Digital Library
- Ranjit Jhala and Ken McMillan. Array abstraction from proofs. In CAV, 2007. Google Scholar
Digital Library
- Deepak Kapur. Automatically generating loop invariants using quantifier elimination. In Deduction and Applications, 2005.Google Scholar
- Gary A. Kildall. A unified approach to global program optimization. In POPL, pages 194---206, 1973. Google Scholar
Digital Library
- Laura Kovacs and Andrei Voronkov. Finding loop invariants for programs over arrays using a theorem prover. In FASE, 2009. Google Scholar
Digital Library
- Shuvendu K. Lahiri and Randal E. Bryant. Predicate abstraction with indexed predicates. ACM Trans. on Computational Logic, 9(1), 2007. Google Scholar
Digital Library
- Andreas Podelski and Thomas Wies. Boolean heaps. In SAS, 2005.Google Scholar
Digital Library
- Thomas W. Reps, Shmuel Sagiv, and Greta Yorsh. Symbolic impl. of the best transformer. In VMCAI, pages 252--266, 2004.Google Scholar
Cross Ref
- Microsoft Research. Phoenix. http://research.microsoft.com/Phoenix/.Google Scholar
- Microsoft Research. Z3. http://research.microsoft.com/projects/Z3/.Google Scholar
- Sriram Sankaranarayanan, Henny Sipma, and Zohar Manna. Non-linear loop invariant generation using grobner bases. In POPL, pages 318--329, 2004. Google Scholar
Digital Library
- Sriram Sankaranarayanan, Henny B. Sipma, and Zohar Manna. Constraint-based linear-relations analysis. In SAS, pages 53--68, 2004.Google Scholar
Cross Ref
- Armando Solar-Lezama, Gilad Arnold, Liviu Tancau, Rastislav Bodik, Vijay Saraswat, and Sanjit A. Seshia. Sketching stencils. In PLDI, pages 167--178, June 2007. Google Scholar
Digital Library
- Armando Solar-Lezama, Liviu Tancau, Rastislav Bodik, Vijay Saraswat, and Sanjit A. Seshia. Combinatorial sketching for finite programs. In ASPLOS, pages 404--415, Oct 2006. Google Scholar
Digital Library
- Saurabh Srivastava and Sumit Gulwani. Program verification using templates over predicate abstraction. Technical Report MSR-TR-2008-173, Nov 2008.Google Scholar
- Saurabh Srivastava, Sumit Gulwani, and Jeffrey Foster. VS3 : SMT-solvers for program verification. In CAV, 2009. Google Scholar
Digital Library
- Karen Zee, Viktor Kuncak, and Martin C. Rinard. Full functional verification of linked data structures. In PLDI, pages 349--361, 2008. Google Scholar
Digital Library
Index Terms
Program verification using templates over predicate abstraction
Recommendations
Program verification using templates over predicate abstraction
PLDI '09: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and ImplementationWe address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating pre-conditions under which the assertions are valid. We present three novel algorithms, having ...
Verification of SpecC using predicate abstraction
Languages such as SystemC or SpecC offer modeling of hardware and whole system designs at a high level of abstraction. However, formal verification techniques are widely applied in the hardware design industry only for low level designs, such as a ...
Modeling Predicate Abstraction of Timed Automata in PVS
ITHINGSCPSCOM '11: Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social ComputingIn this paper, we propose a mechanized framework for formal verification of real-time systems based on predicate abstraction in PVS (Prototype Verification System) based on timed automata model. This framework is composed by two parts: one for modeling ...







Comments