Citation Context

...nation proving techniques and automatic detection of quasi-reductivity and confluence. To deal with constraints, the tool is coupled both with a small internal reasoner and the external SMT-solver Z3 =-=[16]-=-. Here, Z3 has the advantage of being quite strong at unsatisfiability as well as satisfiability, which is essential to automatically test validity of constraints. The internal reasoner has two functi...

Citation Context

...) [i ≥ n] (5) sum4(arr, k)→ return(arr, 0) [k ≤ 0] (6) sum4(arr, k)→ error [k − 1 ≥ size(arr)] (7) sum4(arr, k)→ w(select(arr, k − 1), sum4(arr, k − 1)) [0 ≤ k − 1 < size(arr)] (8) w(n, error)→ error =-=(9)-=- w(n, return(a, r))→ return(a, n+ r) 26 C. Kop and N. Nishida Here, note that a constraint x ≤ y < b should be read as: x ≤ y ∧ y < b. We want to see that these two implementations are equivalent, at ...

Citation Context

... proofs in general), the generation of suitable lemma equations E ′ is not only part, but even at the heart, of inductive theorem proving. Consequently, this subject has been extensively investigated =-=[3,10,11,17,22,23]-=-, and a large variety of lemma generation techniques exist. The new Generalization rule has a similar purpose: a more general equation is sometimes easier to handle than the original, as it gives stro...

Citation Context

...to trace relevant properties; this is not useful in our setting. An interesting alternative is inductive theorem proving, which is well investigated in the field of functional programming (see, e.g., =-=[2]-=-). For a functional program f to be checked against a specification fspec , it suffices if f( −→x ) ≈ fspec(−→x ) is an inductive theorem of the combined system of f and fspec. For this initial settin...

Citation Context

...ds, we do not limit interest to integer functions. Second, we develop a verification method for LCTRSs, designed in particular for LCTRSs obtained from procedural programs. We use rewriting induction =-=[19]-=-, one of the well-investigated methods for inductive theorem proving, together with a generalization technique that performs particularly well for transformed iterative functions. Although our example...

Citation Context

...nction (conditional on ϕ, and assuming confluence). To prove that an equation is an inductive theorem, we consider eight inference rules. Four of them originate in [19]; three are based on extensions =-=[1,5,21]-=-. The 3 A more standard definition of this propertywould be that for every defined or calculation symbol f and suitable ground constructor terms s1, . . . , sn the term f(s1, . . . , sn) reduces. As o...

Citation Context

... proofs in general), the generation of suitable lemma equations E ′ is not only part, but even at the heart, of inductive theorem proving. Consequently, this subject has been extensively investigated =-=[3,10,11,17,22,23]-=-, and a large variety of lemma generation techniques exist. The new Generalization rule has a similar purpose: a more general equation is sometimes easier to handle than the original, as it gives stro...

Citation Context

... proofs in general), the generation of suitable lemma equations E ′ is not only part, but even at the heart, of inductive theorem proving. Consequently, this subject has been extensively investigated =-=[3,10,11,17,22,23]-=-, and a large variety of lemma generation techniques exist. The new Generalization rule has a similar purpose: a more general equation is sometimes easier to handle than the original, as it gives stro...

Citation Context

...knowledge is required, only the definitions of f and fspec . Recently, analyses of procedural programs (in C, Java Bytecode, etc.) via transformations into term rewrite systems have been investigated =-=[4,6,8,18]-=-. In particular, constrained rewriting systems are popular for these transformations, since logical constraints used for modeling the control flow can be separated ? This research is supported by the ...

Citation Context

... < 0 ∨ i ≥ size(arr))] (3) u(arr, n, ret, i)→ u(arr, n, ret+ select(arr, i), i+ 1) [i < n ∧ 0 ≤ i < size(arr)] (4) u(arr, n, ret, i)→ return(arr, ret) [i ≥ n] (5) sum4(arr, k)→ return(arr, 0) [k ≤ 0] =-=(6)-=- sum4(arr, k)→ error [k − 1 ≥ size(arr)] (7) sum4(arr, k)→ w(select(arr, k − 1), sum4(arr, k − 1)) [0 ≤ k − 1 < size(arr)] (8) w(n, error)→ error (9) w(n, return(a, r))→ return(a, n+ r) 26 C. Kop and ...

Citation Context

...tructor terms of all sorts. Methods to prove both quasi-reductivity and termination have previously been published for different styles of constrained rewriting; see e.g. [5] for quasireductivity and =-=[7,20]-=- for termination. These methods are easily adapted to LCTRSs. Quasi-reductivity is handled in Appendix A, and is moreover always satisfied by systems obtained from the transformations in Section 3. So...

Citation Context

...r substitution. As values are not reduced, also δ respects ϕ. Therefore sδ ↔E tδ, which implies sδ ↔∗R tδ. We conclude: C[sγ]↔∗R C[sδ]↔∗R C[tδ]↔∗R C[tγ], giving the desired result. uunionsq Lemma 20 (=-=[19,12]-=-). Let →1 and →2 be binary relations over some set A. Then, ↔∗1 = ↔∗2 if all of the following hold: – →1 ⊆ →2, – →2 is well-founded, and – →2 ⊆ (→1 · →∗2 · ←∗2). Proof. It follows from →1 ⊆ →2 that ↔∗...

Citation Context

...intermediate states [8,4,21,17,6]. To capture the existing approaches for constrained rewriting in one setting, the framework of logically constrained term rewriting systems (LCTRS) has been proposed =-=[14]-=-. The aim of this paper is twofold. First, we define a new transformation method from procedural programs into constrained term rewriting. This transformation – which is designed to give LCTRSs which ...

Citation Context

...sity’s Graduate Program for Real-World Data Circulation Leaders from MEXT, Japan. ar X iv :1 40 9. 01 66 v1s[ cs .L O]s3 0 A ugs20 14 2 C. Kop and N. Nishida from terms expressing intermediate states =-=[8,4,21,17,6]-=-. To capture the existing approaches for constrained rewriting in one setting, the framework of logically constrained term rewriting systems (LCTRS) has been proposed [14]. The aim of this paper is tw...

Citation Context

... proofs in general), the generation of suitable lemma equations E ′ is not only part, but even at the heart, of inductive theorem proving. Consequently, this subject has been extensively investigated =-=[3,10,11,17,22,23]-=-, and a large variety of lemma generation techniques exist. The new Generalization rule has a similar purpose: a more general equation is sometimes easier to handle than the original, as it gives stro...

Citation Context

...knowledge is required, only the definitions of f and fspec . Recently, analyses of procedural programs (in C, Java Bytecode, etc.) via transformations into term rewrite systems have been investigated =-=[4,6,8,18]-=-. In particular, constrained rewriting systems are popular for these transformations, since logical constraints used for modeling the control flow can be separated ? This research is supported by the ...

Citation Context

...ion hypothesis. As it is not always easy to find a suitable generalization the (automatic) generation of suitable generalizations, and lemma equations for Postulate, has been extensively investigated =-=[3,10,11,17,22,23]-=-. Lemma equations are typically derived during solving: we generate candidates when the proof state is in divergence. Here, we propose a new method, specialized for systems with constraints. The gener...

Citation Context

...sity’s Graduate Program for Real-World Data Circulation Leaders from MEXT, Japan. ar X iv :1 40 9. 01 66 v1s[ cs .L O]s3 0 A ugs20 14 2 C. Kop and N. Nishida from terms expressing intermediate states =-=[8,4,21,17,6]-=-. To capture the existing approaches for constrained rewriting in one setting, the framework of logically constrained term rewriting systems (LCTRS) has been proposed [14]. The aim of this paper is tw...

Citation Context

...malism from [14] (Section 2), and show a way to translate procedural programs to LCTRSs (Section 3). Then we adapt existing rewriting induction methods for earlier variations of constrained rewriting =-=[5,21]-=- to LCTRSs (Section 4), which is strengthened with a dedicated generalization technique (Section 5). Finally, we briefly discuss implementation ideas (Section 6), give a comparison with related work (...

Citation Context

... results, but the current definitions cause a bit less bookkeeping. A non-equivalent change is the requirement on rules: in [14] left-hand sides must have a root symbol in Σterms \Σtheory . We follow =-=[13]-=- in weakening this. Automatic Constrained Rewriting Induction 7 Note that, like [14], we refrain from imposing several natural restrictions, such as regularity (for all ` → r [ϕ] ∈ R: Var(ϕ) ⊆ Var(`))...