Abstract not found

. We present a framework for automating the discovery of loop invariants based upon failed proof attempts. The discovery of suitable loop invariants represents a bottleneck for automatic verification of imperative programs. Using the proof planning framework we reconstruct standard heuristics for developing invariants. We relate these heuristics to the analysis of failed proof attempts allowing us to discover invariants through a process of refinement. 1 Introduction Loop invariants are a well understood technique for specifying the behaviour of programs involving loops. The discovery of suitable invariants, however, is a major bottleneck for automatic verification of imperative programs. Early research in this area [18, 24] exploited both theorem proving techniques as well as domain specific heuristics. However, the potential for interaction between these components was not fully exploited. The proof planning framework, in which we reconstruct the standard heuristics, couples ...

We address the problem of integrating standard techniques for automatic invariant generation within the context of program reasoning. We propose the use of invariant patterns which enable us to associate common patterns of program code and specifications with invariant schemas. This allows crucial decisions relating to the development of invariants to be delayed until a proof is attempted. Moreover, it allows patterns within the program to be exploited in patching failed proof attempts.

Several induction provers have been developed to automate inductive proofs (see for instance: Nqthm, RRL INKA, LP, SPIKE, CLAM-Oyster, ...). However, inductive theorem provers very often fail to terminate. A proof to go through requires either additional lemmas, a generalization, a suitable induction variable to induce upon , or a case split. The aim of this paper is to present a simple and powerful heuristic that allows to overcome, in many cases, the divergence of induction provers when working with conditional theories. We first provide a new definition of induction variables and then formalize a new transition rule for induction (named CGT-rule). The essential idea behind it is to propose a generalized form of the conclusion just before another induction is attempted and failure begins. This generalized form is based on the induction hypothesis and the current goal. CGT-rule enables to prove many theorems completely automatically from the functions definitions alo...

Linear logic has previously been shown to be suitable for describing and deductively solving planning problems involving conjunction and disjunction. We introduce a recursively defined datatype and a corresponding induction rule, thereby allowing recursive plans to be synthesised. In order to make explicit the relationship between proofs and plans, we enhance the linear logic deduction rules to handle plans as a form of proof term.

Finding tractable methods for program reasoning remains a major research challenge. Here we address this challenge using an integrated approach to tackle a niche program reasoning application. The application