Program verification using templates over predicate abstraction

SrivastavaSaurabh,; GulwaniSumit,

doi:10.1145/1543135.1542501

Cited by 22 publications

(4 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our inferred invariants are comprised of universally quantified predicates, but unlike these approaches, our computation of the predicates is property directed and does not employ predicate abstraction. Additional works for generation of quantified invariants include using abstract domains of quantified data automata [25,26] or ones tailored to Presburger arithmetic with arrays [20], instantiating quantifier templates [8,38], applying symbolic proof techniques [30], or using abstractions based on separation logic [4,21].…”

Section: Related Workmentioning

confidence: 99%

Property-Directed Inference of Universal Invariants or Proving Their Absence

Karbyshev

Bjørner

Itzhaky

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We present Universal Property Directed Reachability (PDR ∀ ), a property-directed procedure for automatic inference of invariants in a universal fragment of first-order logic. PDR ∀ is an extension of Bradley's PDR/IC3 algorithm for inference of propositional invariants. PDR ∀ terminates when it either discovers a concrete counterexample, infers an inductive universal invariant strong enough to establish the desired safety property, or finds a proof that such an invariant does not exist. We implemented an analyzer based on PDR ∀ , and applied it to a collection of list-manipulating programs. Our analyzer was able to automatically infer universal invariants strong enough to establish memory safety and certain functional correctness properties, show the absence of such invariants for certain natural programs and specifications, and detect bugs. All this, without the need for user-supplied abstraction predicates.

show abstract

Section: Related Workmentioning

confidence: 99%

Property-Directed Inference of Universal Invariants or Proving Their Absence

Karbyshev

Bjørner

Itzhaky

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…5], but instead of concretely enumerating the (potentially exponential) set of paths inside the program (corresponding to all disjuncts in a disjunctive normal form of the transition relation), each path corresponding to one constraint, we lazily enumerate witnesses for such paths. Unfortunately, we do not have an implementation of the algorithm from [23] at our disposal for performance comparisons.…”

Section: Related Workmentioning

confidence: 99%

“…Other Template Forms We have described our algorithm for templates of the form C 1 ∨• • •∨C m where the C i are conjunctions constructed from the chosen predicates, but the algorithm is not specific to this template shape. Instead of disjunctive normal form, one could choose conjunctive normal form, for instance, or actually any form [23], though reductions of the search space such as those from Sec. 2.3.1 or 2.3.2 may be more difficult to define.…”

Section: Extensionsmentioning

confidence: 99%

“…Reductions from loop invariant inference in predicate abstraction to Boolean constraint solving were introduced in [10], but that work assumed a postcondition to prove, as opposed to minimizing the result. The problem we solve is the same as the one from the later work [23,Sec. 5], but instead of concretely enumerating the (potentially exponential) set of paths inside the program (corresponding to all disjuncts in a disjunctive normal form of the transition relation), each path corresponding to one constraint, we lazily enumerate witnesses for such paths.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Modular Abstractions of Reactive Nodes Using Disjunctive Invariants

Monniaux

Bodin

2011

Programming Languages and Systems

View full text Add to dashboard Cite

We wish to abstract nodes in a reactive programming language, such as Lustre, into nodes with a simpler control structure, with a bound on the number of control states. In order to do so, we compute disjunctive invariants in predicate abstraction, with a bounded number of disjuncts, then we abstract the node, each disjunct representing an abstract state. The computation of the disjunctive invariant is performed by a form of quantifier elimination expressed using SMT-solving.The same method can also be used to obtain disjunctive loop invariants.

show abstract

Verifying Array Manipulating Programs with Full-Program Induction

Chakraborty

Gupta

Unadkat

2020

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

We present a full-program induction technique for proving (a sub-class of) quantified as well as quantifier-free properties of programs manipulating arrays of parametric size N . Instead of inducting over individual loops, our technique inducts over the entire program (possibly containing multiple loops) directly via the program parameter N . Significantly, this does not require generation or use of loop-specific invariants. We have developed a prototype tool Vajra to assess the efficacy of our technique. We demonstrate the performance of Vajra vis-a-vis several state-of-the-art tools on a set of array manipulating benchmarks. // assume(true) 1. for (int t1=0; t1

show abstract

Program verification using templates over predicate abstraction

Cited by 22 publications

References 31 publications

Property-Directed Inference of Universal Invariants or Proving Their Absence

Property-Directed Inference of Universal Invariants or Proving Their Absence

Modular Abstractions of Reactive Nodes Using Disjunctive Invariants

Verifying Array Manipulating Programs with Full-Program Induction

Contact Info

Product

Resources

About