Results 1 
9 of
9
From Program Verification to Program Synthesis
"... This paper describes a novel technique for the synthesis of imperative programs. Automated program synthesis has the potential to make programming and the design of systems easier by allowing programs to be specified at a higherlevel than executable code. In our approach, which we call prooftheore ..."
Abstract

Cited by 81 (24 self)
 Add to MetaCart
(Show Context)
This paper describes a novel technique for the synthesis of imperative programs. Automated program synthesis has the potential to make programming and the design of systems easier by allowing programs to be specified at a higherlevel than executable code. In our approach, which we call prooftheoretic synthesis, the user provides an inputoutput functional specification, a description of the atomic operations in the programming language, and a specification of the synthesized program’s looping structure, allowed stack space, and bound on usage of certain operations. Our technique synthesizes a program, if there exists one, that meets the inputoutput specification and uses only the given resources. The insight behind our approach is to interpret program synthesis as generalized program verification, which allows us to bring verification tools and techniques to program synthesis. Our synthesis
Program Verification using Templates over Predicate Abstraction
"... We address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating preconditions under which the assertions are valid. We present three novel algorithms, having different strengths, that combine template and ..."
Abstract

Cited by 37 (4 self)
 Add to MetaCart
(Show Context)
We address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating preconditions under which the assertions are valid. We present three novel algorithms, having different strengths, that combine template and predicate abstraction based formalisms to discover required sophisticated program invariants using SMT solvers. Two of these algorithms use an iterative approach to compute fixedpoints (one computes a least fixedpoint and the other computes a greatest fixedpoint), while the third algorithm uses a constraint based approach to encode the fixedpoint. The key idea in all these algorithms is to reduce the problem of invariant discovery to that of finding optimal solutions for unknowns (over conjunctions of some predicates from a given set) in a template formula such that
Z3^10: Applications, Enablers, Challenges and Directions
"... Modern program analysis and modelbased tools are increasingly complex and multifaceted software systems. However, at their core is invariably a component using a logic for describing states and transformations between system states. Logic inferences engines are then critical for the functionality ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
Modern program analysis and modelbased tools are increasingly complex and multifaceted software systems. However, at their core is invariably a component using a logic for describing states and transformations between system states. Logic inferences engines are then critical for the functionality of these systems. A commonly adapted approach has been to use a custom solver, built and tailored for the specific application. Custom solvers come with custom limitations: extending and scaling these often require a high investment. Taking as a starting point the solver Z3, developed at Microsoft Research; we describe how an efficient, scalable and expressive solver for Satisfiability Modulo Theories (SMT) is part of changing this landscape. Tools can now use the SMT solver with advantage to solve logicrelated problems at a relatively highlevel of abstraction while attaining scalability and features that custom solvers would have to duplicate. We summarize 10 current applications of the Z3 solver and relate these to 10 main technological enabling factors. With every application there is a new opportunity, and with every solution there is a new challenge problem. Thus, we also summarize 10 challenges and 10 aspiring directions in the context of Z3 in particular, and for SMT solvers in general.
Modular Abstractions of Reactive Nodes using Disjunctive Invariants ∗
, 2011
"... We wish to abstract nodes in a reactive programming language, such as Lustre, into nodes with a simpler control structure, with a bound on the number of control states. In order to do so, we compute disjunctive invariants in predicate abstraction, with a bounded number of disjuncts, then we abstract ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
We wish to abstract nodes in a reactive programming language, such as Lustre, into nodes with a simpler control structure, with a bound on the number of control states. In order to do so, we compute disjunctive invariants in predicate abstraction, with a bounded number of disjuncts, then we abstract the node, each disjunct representing an abstract state. The computation of the disjunctive invariant is performed by a form of quantifier elimination expressed using SMTsolving. The same method can also be used to obtain disjunctive loop invariants. 1
PINS: Pathbased Inductive Synthesis ∗
"... In this paper, we present a novel program synthesis approach that is inspired by symbolic testing. We symbolically execute an unknown template program and constrain the program’s behavior over each executed path. As more paths are explored the space of candidate programs narrows until only the valid ..."
Abstract
 Add to MetaCart
(Show Context)
In this paper, we present a novel program synthesis approach that is inspired by symbolic testing. We symbolically execute an unknown template program and constrain the program’s behavior over each executed path. As more paths are explored the space of candidate programs narrows until only the valid ones remain. Instead of randomly picking paths, we find that is possible and more efficient to direct path exploration over the unknown template program using a novel technique that parameterizes the symbolic executor by the remaining candidate solutions. We call this approach Pathbased Inductive Synthesis (PINS). We apply PINS to the problem of automatic program inversion. The specification for inversion is implicit as the combination of the original program and the inverse is the identity transform. We observe that an inverse is typically related to the original program and so the space of possible inverses can be inferred by automatically mining the original program for expressions, predicates, and control flow. Using PINS, we show we can synthesize inverses for compressors (e.g., LZ77), packers (e.g., UUEncode), and arithmetic transformers (e.g., image rotations). PINS synthesizes these inverses in a median time of 40 seconds and an average time of 293 seconds, demonstrating the viability of our testinginspired synthesis approach. 1.
Templatebased Program Verification and Program Synthesis
 SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER
"... Program verification is the task of automatically generating proofs for a program’s compliance with a given specification. Program synthesis is the task of automatically generating a program that meets a given specification. Both program verification and program synthesis can be viewed as search pr ..."
Abstract
 Add to MetaCart
(Show Context)
Program verification is the task of automatically generating proofs for a program’s compliance with a given specification. Program synthesis is the task of automatically generating a program that meets a given specification. Both program verification and program synthesis can be viewed as search problems, for proofs and programs, respectively. For these search problems, we present approaches based on userprovided insights in the form of templates. Templates are hints about the syntactic forms of the invariants and programs, and help guide the search for solutions. We show how to reduce the templatebased search problem to satisfiability solving, which permits the use of offtheshelf solvers to efficiently explore the search space. Templatebased approaches have allowed us to verify and synthesize programs outside the abilities of previous verifiers and synthesizers. Our approach can verify and synthesize difficult algorithmic textbook programs (e.g., sorting, and dynamic programmingbased algorithms, etc.), and difficult arithmetic programs.
DISS. ETH NO. 19589 Termination Analysis for BitVector Programs
, 2011
"... Recent advances in software termination analysis have shown that program termination can be decided efficiently for many practically relevant problems, despite the fact that the Halting Problem in general is undecidable. This dissertation presents a new algorithm for termination analysis, called Co ..."
Abstract
 Add to MetaCart
(Show Context)
Recent advances in software termination analysis have shown that program termination can be decided efficiently for many practically relevant problems, despite the fact that the Halting Problem in general is undecidable. This dissertation presents a new algorithm for termination analysis, called Compositional Termination Analysis, which is based on compositional (or transitive) transition invariants. This algorithm depends on an underlying ranking relation synthesis engine and this dissertation presents two such engines that are able to synthesize BitVector ranking relations. This class of ranking relations is especially important for verification of embedded software or for software that interacts with hardware, like device drivers. Furthermore, a method for certification of decision procedures for quantified Boolean formulae (QBF) is presented; a requirement for one of the ranking relation synthesis methods and many other applications of QBF. Since decision procedures for QBF face performance problems in practice, an alterna
unknown title
, 2012
"... These informal proceedings contain the papers presented at BOOGIE 2012, the Second International ..."
Abstract
 Add to MetaCart
(Show Context)
These informal proceedings contain the papers presented at BOOGIE 2012, the Second International