Invariant Elimination of Definite Iterations over Arrays in C Programs Verification

Maryasov, Ilya V.; Nepomniaschy, V. A.; Kondratyev, Dmitry A.

doi:10.18255/1818-1015-2017-6-743-754

Cited by 7 publications

(24 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…These strategies are the new contribution relative to previous research [6][7][8]11]. Based on these methods, we conducted some experiments on error localization.…”

Section: Resultsmentioning

confidence: 99%

“…Function rep is defined in Appendix B. Semantic label ass_pre denotes hypothesis from precondition, ass_pre denotes hypothesis from postcondition, ens_post denotes goal from postcondition, rep_iter denotes substitution of replacement function [7]. As expected, vc-1 cannot be proved by SAT strategies, like those from [8,11]. It is time to use our UNSAT strategy.…”

Section: Examplementioning

confidence: 99%

“…Since all variables in ACL2 are implicitly universally quantified, the existence quantifier appears in the negated VC. Thus, our previous strategies [8,11] fail here and we need revised ones. Another requirement the unsat strategies must work for loops with abrupt termination (i.e.…”

Section: Introductionmentioning

confidence: 95%

“…At the moment, the main theorem prover for C-light is ACL2 [5]. The classic induction in ACL2 is not powerful enough to handle VCs with replacement function rep, so the proof strategies are proposed in [8,11].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Towards Automated Error Localization in C Programs With Loops

Kondratyev¹,

Promsky²

2019

View full text Add to dashboard Cite

The most recent trends in the C-light verification system are MetaVCG, semantic labels appropriate for verification condition (VC) explanation and symbolic method of definite iterations. MetaVCG takes a C-light program together with some Hoare's logic and produces on-the-fly a VC generator (VCG), which in turn processes the input program. Hoare's logic for definite iterations is a good choice if we try to get rid of loop invariants. Finally, if a theorem prover was unable to validate some VCs we could follow two ways. Obviously, we could revise/enrich specifications or/and underlying proof theory to prove the truth of VCs. Or, perhaps, we could concentrate upon establishment of falsity, which meant there were errors in annotated program. This is where semantic labels play crucial role providing some natural language comments about wrong VC as well as a back-trace to the error location. The newly developed ACL2 heuristics to prove VC falsity is the main theme of this paper.

show abstract

“…These strategies are the new contribution relative to previous research [6][7][8]11]. Based on these methods, we conducted some experiments on error localization.…”

Section: Resultsmentioning

confidence: 99%

Section: Examplementioning

confidence: 99%

Section: Introductionmentioning

confidence: 95%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Towards Automated Error Localization in C Programs With Loops

Kondratyev¹,

Promsky²

2019

View full text Add to dashboard Cite

show abstract

“…Этот способ основан на классической идее доказательства шага индукции и доказательстве индукционного перехода. Однако, для автоматизации доказательства УК такой тактики недостаточно [144,171]. Рейнольдс и Кунчак (Reynolds, Kuncak) [171] предложили набор стратегий автоматизации доказательства по индукции для SMT-решателя CVC4 [43].…”

Section: Introductionunclassified