Non-linear loop invariant generation using Gröbner bases (2004)

by S Sankaranarayanan, H B Sipma, Z Manna
Venue:Proc. of POPL 2004
Add To MetaCart
Results 1 - 10 of 60

Constructing Invariants for Hybrid Systems

by Sriram Sankaranarayanan, Henny Sipma, Zohar Manna - IN HYBRID SYSTEMS: COMPUTATION AND CONTROL, LNCS 2993 , 2004
"... An invariant of a system is a predicate that holds for every reachable state. In this paper, we present techniques to generate invariants for hybrid systems. This is achieved by reducing the invariant generation problem to a constraint solving problem using methods from the theory of ideals over p ..."
Abstract - Cited by 59 (7 self) - Add to MetaCart
An invariant of a system is a predicate that holds for every reachable state. In this paper, we present techniques to generate invariants for hybrid systems. This is achieved by reducing the invariant generation problem to a constraint solving problem using methods from the theory of ideals over polynomial rings. We extend our previous work on the generation of algebraic invariants for discrete transition systems in order to generate algebraic invariants for hybrid systems. In doing so, we present a new technique to handle consecution across continuous differential equations. The techniques we present allow a trade-off between the complexity of the invariant generation process and the strength of the resulting invariants.
(Show Context)

Program analysis as constraint solving

by Sumit Gulwani, Saurabh Srivastava, Ramarathnam Venkatesan - In PLDI , 2008
"... A constraint-based approach to invariant generation in programs translates a program into constraints that are solved using off-theshelf constraint solvers to yield desired program invariants. In this paper we show how the constraint-based approach can be used to model a wide spectrum of program ana ..."
Abstract - Cited by 54 (11 self) - Add to MetaCart
A constraint-based approach to invariant generation in programs translates a program into constraints that are solved using off-theshelf constraint solvers to yield desired program invariants. In this paper we show how the constraint-based approach can be used to model a wide spectrum of program analyses in an expressive domain containing disjunctions and conjunctions of linear inequalities. In particular, we show how to model the problem of context-sensitive interprocedural program verification. We also present the first constraint-based approach to weakest precondition and strongest postcondition inference. The constraints we generate are boolean combinations of quadratic inequalities over integer variables. We reduce these constraints to SAT formulae using bitvector modeling and use off-the-shelf SAT solvers to solve them. Furthermore, we present interesting applications of the above analyses, namely bounds analysis and generation of most-general counter-examples for both safety and termination properties. We also present encouraging preliminary experimental results demonstrating the feasibility of our technique on a variety of challenging examples.
(Show Context)

Path invariants

by Dirk Beyer, Thomas A. Henzinger, Rupak Majumdar, Andrey Rybalchenko - In PLDI , 2007
"... The success of software verification depends on the ability to find a suitable abstraction of a program automatically. We propose a method for automated abstraction refinement which overcomes some limitations of current predicate discovery schemes. In current schemes, the cause of a false alarm is i ..."
Abstract - Cited by 50 (6 self) - Add to MetaCart
The success of software verification depends on the ability to find a suitable abstraction of a program automatically. We propose a method for automated abstraction refinement which overcomes some limitations of current predicate discovery schemes. In current schemes, the cause of a false alarm is identified as an infeasible error path, and the abstraction is refined in order to remove that path. By contrast, we view the cause of a false alarm —the spurious counterexample — as a full-fledged program, namely, a fragment of the original program whose control-flow graph may contain loops and represent unbounded computations. There are two advantages to using such path programs as counterexamples for abstraction refinement. First, we can bring the whole machinery of program analysis to bear on path programs, which are typically small compared to the original program. Specifically, we use constraint-based invariant generation to automatically infer invariants of path programs —so-called path invariants. Second, we use path invariants for abstraction refinement in order to remove not one infeasibility at a time, but at once all (possibly infinitely many) infeasible error computations that are represented by a path program. Unlike previous predicate discovery schemes, our method handles loops without unrolling them; it infers abstractions that involve universal quantification and naturally incorporates disjunctive reasoning.
(Show Context)

Automatically Generating Loop Invariants Using Quantifier Elimination

by Deepak Kapur - APPLICATIONS OF COMPUTER ALGEBRA (ACA-2004) , 2004
"... An approach for automatically generating loop invariants using quantifier-elimination is proposed. An invariant of a loop is hypothesized as a parameterized formula. Parameters in the invariant are discovered by generating constraints on the parameters by ensuring that the formula is indeed preser ..."
Abstract - Cited by 42 (5 self) - Add to MetaCart
An approach for automatically generating loop invariants using quantifier-elimination is proposed. An invariant of a loop is hypothesized as a parameterized formula. Parameters in the invariant are discovered by generating constraints on the parameters by ensuring that the formula is indeed preserved by the execution path corresponding to every basic cycle of the loop. The parameterized formula can be successively refined by considering execution paths one by one; heuristics can be developed for determining the order in which the paths are considered. Initialization of program variables as well as the precondition and postcondition of the loop, if available, can also be used to further refine the hypothesized invariant. Constraints on parameters generated in this way are solved for possible values of parameters. If no solution is possible, this means that an invariant of the hypothesized form does not exist for the loop. Otherwise, if the parametric constraints are solvable, then under certain conditions on methods for generating these constraints, the strongest possible invariant of the hypothesized form can be generated from most general solutions of the parametric constraints. The approach is illustrated using the first-order theory of polynomial equations as well as Presburger arithmetic.
(Show Context)

Invariant synthesis for combined theories

by Dirk Beyer, Thomas A. Henzinger, Rupak Majumdar, Andrey Rybalchenko - In Proc. VMCAI, LNCS 4349 , 2007
"... Abstract. We present a constraint-based algorithm for the synthesis of invariants expressed in the combined theory of linear arithmetic and uninterpreted function symbols. Given a set of programmer-specified invariant templates, our algorithm reduces the invariant synthesis problem to a sequence of ..."
Abstract - Cited by 42 (8 self) - Add to MetaCart
Abstract. We present a constraint-based algorithm for the synthesis of invariants expressed in the combined theory of linear arithmetic and uninterpreted function symbols. Given a set of programmer-specified invariant templates, our algorithm reduces the invariant synthesis problem to a sequence of arithmetic constraint satisfaction queries. Since the combination of linear arithmetic and uninterpreted functions is a widely applied predicate domain for program verification, our algorithm provides a powerful tool to statically and automatically reason about program correctness. The algorithm can also be used for the synthesis of invariants over arrays and set data structures, because satisfiability questions for the theories of sets and arrays can be reduced to the theory of linear arithmetic with uninterpreted functions. We have implemented our algorithm and used it to find invariants for a low-level memory allocator writteninC. 1
(Show Context)

Constraint-Based Approach for Analysis of Hybrid Systems

by Sumit Gulwani, Ashish Tiwari - of Lecture Notes in Computer Science , 2008
"... Abstract. This paper presents a constraint-based technique for discovering a rich class of inductive invariants (disjunctions of polynomial inequalities of bounded degree) for verification of hybrid systems. The key idea is to introduce a template for the unknown invariants and then translate the ve ..."
Abstract - Cited by 41 (10 self) - Add to MetaCart
Abstract. This paper presents a constraint-based technique for discovering a rich class of inductive invariants (disjunctions of polynomial inequalities of bounded degree) for verification of hybrid systems. The key idea is to introduce a template for the unknown invariants and then translate the verification condition of the hybrid system into an ∃ ∀ constraint over the template unknowns (which are variables over reals) by making use of the fact that vector fields must point inwards at the boundary. These constraints are then solved using Farkas lemma. We also present preliminary experimental results that demonstrate the feasibility of our approach of solving the ∃ ∀ constraints generated from models of realworld hybrid systems. 1
(Show Context)

Program Verification using Templates over Predicate Abstraction

by Saurabh Srivastava, Sumit Gulwani
"... We address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating pre-conditions under which the assertions are valid. We present three novel algorithms, having different strengths, that combine template and ..."
Abstract - Cited by 37 (3 self) - Add to MetaCart
We address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating pre-conditions under which the assertions are valid. We present three novel algorithms, having different strengths, that combine template and predicate abstraction based formalisms to discover required sophisticated program invariants using SMT solvers. Two of these algorithms use an iterative approach to compute fixed-points (one computes a least fixed-point and the other computes a greatest fixed-point), while the third algorithm uses a constraint based approach to encode the fixed-point. The key idea in all these algorithms is to reduce the problem of invariant discovery to that of finding optimal solutions for unknowns (over conjunctions of some predicates from a given set) in a template formula such that
(Show Context)

Automatic Generation of Polynomial Loop Invariants: Algebraic Foundations

by Enric Rodríguez-carbonell, Deepak Kapur - In International Symposium on Symbolic and Algebraic Computation 2004 (ISSAC04 , 2004
"... This paper presents the algebraic foundation for an approach for generating polynomial loop invariants in imperative programs. It is first shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Using this connection, a procedure for finding loop invaria ..."
Abstract - Cited by 34 (6 self) - Add to MetaCart
This paper presents the algebraic foundation for an approach for generating polynomial loop invariants in imperative programs. It is first shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Using this connection, a procedure for finding loop invariants is given in terms of operations on ideals, for which Gröbner basis constructions can be employed. Most importantly, it is proved that if the assignment statements in a loop are solvable (in particular, affine) mappings with positive eigenvalues, then the procedure terminates in at most 2m + 1 iterations, where m is the number of variables in the loop. The proof is done by showing that the irreducible subvarieties of the variety associated with the polynomial ideal approximating the invariant polynomial ideal of the loop either stay the same or increase their dimension in every iteration. This yields a correct and complete algorithm for inferring conjunctions of polynomial equations as invariants. The method has been implemented in Maple using the Groebner package. The implementation has been used to automatically discover nontrivial invariants for several examples to illustrate the power of the techniques.
(Show Context)

Generating All Polynomial Invariants in Simple Loops

by E. Rodríguez-Carbonell , D. Kapur , 2007
"... This paper presents a method for automatically generating all polynomial invariants in simple loops. It is rst shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Based on this connection, a xpoint procedure using operations on ideals and Grobner bas ..."
Abstract - Cited by 25 (2 self) - Add to MetaCart
This paper presents a method for automatically generating all polynomial invariants in simple loops. It is rst shown that the set of polynomials serving as loop invariants has the algebraic structure of an ideal. Based on this connection, a xpoint procedure using operations on ideals and Grobner basis constructions is proposed for nding all polynomial invariants. Most impor-tantly, it is proved that the procedure terminates in at most m + 1 iterations, where m is the number of program variables. The proof relies on showing that the irreducible components of the varieties associated with the ideals generated by the procedure either remain the same or increase their dimension at every iteration of the xpoint procedure. This yields a correct and complete algorithm for inferring conjunctions of polynomial equalities as invariants. The method has been implemented in Maple using the Groebner package. The implementation has been used to automatically discover non-trivial invariants for several examples to illustrate the power of the technique.

Constraint-based Invariant Inference over Predicate Abstraction

by Sumit Gulwani, Saurabh Srivastava, Ramarathnam Venkatesan
"... Abstract. This paper describes a constraint-based invariant generation technique for proving the validity of safety assertions over the domain of predicate abstraction in an interprocedural setting. The key idea of the technique is to represent each invariant in bounded DNF form by means of boolean ..."
Abstract - Cited by 23 (2 self) - Add to MetaCart
Abstract. This paper describes a constraint-based invariant generation technique for proving the validity of safety assertions over the domain of predicate abstraction in an interprocedural setting. The key idea of the technique is to represent each invariant in bounded DNF form by means of boolean indicator variables, one for each predicate p and each disjunct d denoting whether p is present in d or not. The verification condition of the program is then encoded by means of a boolean formula over these boolean indicator variables such that any satisfying assignment to the formula yields the inductive invariants for proving the validity of given program assertions. This paper also describes how to use the constraint-based methodology for generating weakest preconditions for safety assertions. An interesting application of weakest precondition generation is to produce mostgeneral counterexamples for safety assertions. We also present preliminary experimental evidence demonstrating the feasibility of this technique. 1
(Show Context)