Results 11  20
of
109
Invariant synthesis for combined theories
 In Proc. VMCAI, LNCS 4349
, 2007
"... Abstract. We present a constraintbased algorithm for the synthesis of invariants expressed in the combined theory of linear arithmetic and uninterpreted function symbols. Given a set of programmerspecified invariant templates, our algorithm reduces the invariant synthesis problem to a sequence of ..."
Abstract

Cited by 42 (8 self)
 Add to MetaCart
(Show Context)
Abstract. We present a constraintbased algorithm for the synthesis of invariants expressed in the combined theory of linear arithmetic and uninterpreted function symbols. Given a set of programmerspecified invariant templates, our algorithm reduces the invariant synthesis problem to a sequence of arithmetic constraint satisfaction queries. Since the combination of linear arithmetic and uninterpreted functions is a widely applied predicate domain for program verification, our algorithm provides a powerful tool to statically and automatically reason about program correctness. The algorithm can also be used for the synthesis of invariants over arrays and set data structures, because satisfiability questions for the theories of sets and arrays can be reduced to the theory of linear arithmetic with uninterpreted functions. We have implemented our algorithm and used it to find invariants for a lowlevel memory allocator writteninC. 1
ConstraintBased Approach for Analysis of Hybrid Systems
 of Lecture Notes in Computer Science
, 2008
"... Abstract. This paper presents a constraintbased technique for discovering a rich class of inductive invariants (disjunctions of polynomial inequalities of bounded degree) for verification of hybrid systems. The key idea is to introduce a template for the unknown invariants and then translate the ve ..."
Abstract

Cited by 41 (10 self)
 Add to MetaCart
(Show Context)
Abstract. This paper presents a constraintbased technique for discovering a rich class of inductive invariants (disjunctions of polynomial inequalities of bounded degree) for verification of hybrid systems. The key idea is to introduce a template for the unknown invariants and then translate the verification condition of the hybrid system into an ∃ ∀ constraint over the template unknowns (which are variables over reals) by making use of the fact that vector fields must point inwards at the boundary. These constraints are then solved using Farkas lemma. We also present preliminary experimental results that demonstrate the feasibility of our approach of solving the ∃ ∀ constraints generated from models of realworld hybrid systems. 1
Constraintbased linearrelations analysis
 In Proc. SAS, LNCS 3148
, 2004
"... 1 Introduction Linearrelations analysis discovers linear relationships among the variables of aprogram that hold in all the reachable program states. Such relationships are called linear invariants. Invariants are useful in the verification of both safetyand liveness properties. Many existing techn ..."
Abstract

Cited by 37 (4 self)
 Add to MetaCart
(Show Context)
1 Introduction Linearrelations analysis discovers linear relationships among the variables of aprogram that hold in all the reachable program states. Such relationships are called linear invariants. Invariants are useful in the verification of both safetyand liveness properties. Many existing techniques rely on the presence of these invariants to prove properties of interest. Some types of analysis, e.g., variablebounds analysis, can be viewed as specializations of linearrelations analysis. Traditionally, this analysis is framed as an abstract interpretation in the domainof polyhedra [6, 7]. The analysis is carried out using a propagationbased technique, wherein increasingly accurate polyhedral iterates, converging towards thefinal result, are computed. This convergence is ensured through the use of widening, or extrapolation, operators. Such techniques are popular in the domains ofdiscrete and hybrid programs, motivating tools like
Automatic Generation of Polynomial Loop Invariants: Algebraic Foundations
 In International Symposium on Symbolic and Algebraic Computation 2004 (ISSAC04
, 2004
"... This paper presents the algebraic foundation for an approach for generating polynomial loop invariants in imperative programs. It is first shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Using this connection, a procedure for finding loop invaria ..."
Abstract

Cited by 34 (6 self)
 Add to MetaCart
(Show Context)
This paper presents the algebraic foundation for an approach for generating polynomial loop invariants in imperative programs. It is first shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Using this connection, a procedure for finding loop invariants is given in terms of operations on ideals, for which Gröbner basis constructions can be employed. Most importantly, it is proved that if the assignment statements in a loop are solvable (in particular, affine) mappings with positive eigenvalues, then the procedure terminates in at most 2m + 1 iterations, where m is the number of variables in the loop. The proof is done by showing that the irreducible subvarieties of the variety associated with the polynomial ideal approximating the invariant polynomial ideal of the loop either stay the same or increase their dimension in every iteration. This yields a correct and complete algorithm for inferring conjunctions of polynomial equations as invariants. The method has been implemented in Maple using the Groebner package. The implementation has been used to automatically discover nontrivial invariants for several examples to illustrate the power of the techniques.
Termination analysis of integer linear loops
 In CONCUR
, 2005
"... Abstract. Usually, ranking function synthesis and invariant generation over a loop with integer variables involves abstracting the loop to have real variables. Integer division and modulo arithmetic must be soundly abstracted away so that the analysis over the abstracted loop is sound for the origin ..."
Abstract

Cited by 34 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Usually, ranking function synthesis and invariant generation over a loop with integer variables involves abstracting the loop to have real variables. Integer division and modulo arithmetic must be soundly abstracted away so that the analysis over the abstracted loop is sound for the original loop. Consequently, the analysis loses precision. In contrast, we introduce a technique for handling loops over integer variables directly. The resulting analysis is more precise than previous analyses.
InvGen: An efficient invariant generator
 In CAV
, 2009
"... Abstract. In this paper we present InvGen, an automatic linear arithmetic invariant generator for imperative programs. InvGen’s unique feature is in its use of dynamic analysis to make invariant generation order of magnitude more efficient. 1 ..."
Abstract

Cited by 31 (3 self)
 Add to MetaCart
(Show Context)
Abstract. In this paper we present InvGen, an automatic linear arithmetic invariant generator for imperative programs. InvGen’s unique feature is in its use of dynamic analysis to make invariant generation order of magnitude more efficient. 1
Termination of integer linear programs
 In Proc. CAV’06, LNCS 4144
, 2006
"... Abstract. We show that termination of a simple class of linear loops over the integers is decidable. Namely we show that termination of deterministic linear loops is decidable over the integers in the homogeneous case, and over the rationals in the general case. This is done by analyzing the powers ..."
Abstract

Cited by 30 (0 self)
 Add to MetaCart
Abstract. We show that termination of a simple class of linear loops over the integers is decidable. Namely we show that termination of deterministic linear loops is decidable over the integers in the homogeneous case, and over the rationals in the general case. This is done by analyzing the powers of a matrix symbolically using its eigenvalues. Our results generalize the work of Tiwari [Tiw04], where similar results were derived for termination over the reals. We also gain some insights into termination of nonhomogeneous integer programs, that are very common in practice. 1
Syntaxguided synthesis.
 In FMCAD,
, 2013
"... AbstractThe classical formulation of the programsynthesis problem is to find a program that meets a correctness specification given as a logical formula. Recent work on program synthesis and program optimization illustrates many potential benefits of allowing the user to supplement the logical sp ..."
Abstract

Cited by 29 (3 self)
 Add to MetaCart
(Show Context)
AbstractThe classical formulation of the programsynthesis problem is to find a program that meets a correctness specification given as a logical formula. Recent work on program synthesis and program optimization illustrates many potential benefits of allowing the user to supplement the logical specification with a syntactic template that constrains the space of allowed implementations. Our goal is to identify the core computational problem common to these proposals in a logical framework. The input to the syntaxguided synthesis problem (SyGuS) consists of a background theory, a semantic correctness specification for the desired program given by a logical formula, and a syntactic set of candidate implementations given by a grammar. The computational problem then is to find an implementation from the set of candidate expressions so that it satisfies the specification in the given theory. We describe three different instantiations of the counterexampleguidedinductivesynthesis (CEGIS) strategy for solving the synthesis problem, report on prototype implementations, and present experimental results on an initial set of benchmarks.
Constraintbased Invariant Inference over Predicate Abstraction
"... Abstract. This paper describes a constraintbased invariant generation technique for proving the validity of safety assertions over the domain of predicate abstraction in an interprocedural setting. The key idea of the technique is to represent each invariant in bounded DNF form by means of boolean ..."
Abstract

Cited by 23 (2 self)
 Add to MetaCart
Abstract. This paper describes a constraintbased invariant generation technique for proving the validity of safety assertions over the domain of predicate abstraction in an interprocedural setting. The key idea of the technique is to represent each invariant in bounded DNF form by means of boolean indicator variables, one for each predicate p and each disjunct d denoting whether p is present in d or not. The verification condition of the program is then encoded by means of a boolean formula over these boolean indicator variables such that any satisfying assignment to the formula yields the inductive invariants for proving the validity of given program assertions. This paper also describes how to use the constraintbased methodology for generating weakest preconditions for safety assertions. An interesting application of weakest precondition generation is to produce mostgeneral counterexamples for safety assertions. We also present preliminary experimental evidence demonstrating the feasibility of this technique. 1
From tests to proofs
 In Proc. ACAS, LNCS 5505
, 2009
"... Abstract. We describe the design and implementation of an automatic invariant generator for imperative programs. While automatic invariant generation through constraint solving has been extensively studied from a theoretical viewpoint as a classical means of program verification, in practice existin ..."
Abstract

Cited by 23 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We describe the design and implementation of an automatic invariant generator for imperative programs. While automatic invariant generation through constraint solving has been extensively studied from a theoretical viewpoint as a classical means of program verification, in practice existing tools do not scale even to moderately sized programs. This is because the constraints that need to be solved even for small programs are already too difficult for the underlying (nonlinear) constraint solving engines. To overcome this obstacle, we propose to strengthen static constraint generation with information obtained from static abstract interpretation and dynamic execution of the program. The strengthening comes in the form of additional linear constraints that trigger a series of simplifications in the solver, and make solving more scalable. We demonstrate the practical applicability of the approach by an experimental evaluation on a collection of challenging benchmark programs and comparisons with related tools based on abstract interpretation and software model checking. 1