2019
DOI: 10.1007/978-3-030-25540-4_14
|View full text |Cite
|
Sign up to set email alerts
|

Quantified Invariants via Syntax-Guided Synthesis

Abstract: Programs with arrays are ubiquitous. Automated reasoning about arrays necessitates discovering properties about ranges of elements at certain program points. Such properties are formally specified by universally quantified formulas, which are difficult to find, and difficult to prove inductive. In this paper, we propose an algorithm based on an enumerative search that discovers quantified invariants in stages. First, by exploiting the program syntax, it identifies ranges of elements accessed in each loop. Seco… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
51
0

Year Published

2020
2020
2021
2021

Publication Types

Select...
5

Relationship

0
5

Authors

Journals

citations
Cited by 48 publications
(51 citation statements)
references
References 41 publications
0
51
0
Order By: Relevance
“…For example, one can represent the memory state as a pair of an array h and an index sp indicating the maximum index that has been allocated so far. Finding quantified invariants is known to be difficult in general despite active studies on it [41,2,36,26,19] and most current array-supporting CHC solvers give up finding quantified invariants. In general, much more complex operations on pointers can naturally take place, which makes the universally quantified invariants highly involved and hard to automatically find.…”
Section: Challenges In Verifying Pointer-manipulating Programsmentioning
confidence: 99%
See 1 more Smart Citation
“…For example, one can represent the memory state as a pair of an array h and an index sp indicating the maximum index that has been allocated so far. Finding quantified invariants is known to be difficult in general despite active studies on it [41,2,36,26,19] and most current array-supporting CHC solvers give up finding quantified invariants. In general, much more complex operations on pointers can naturally take place, which makes the universally quantified invariants highly involved and hard to automatically find.…”
Section: Challenges In Verifying Pointer-manipulating Programsmentioning
confidence: 99%
“…We introduce a special variable res to represent the result of a function. 19 For a label L in a function f in a program Π, we defineφ Π,f,L , Ξ Π,f,L and ∆ Π,f,L as follows, if the items in the variable context for the label are enumerated as x 0 : a0 T 0 , . .…”
Section: Translation From Cor Programs To Chcsmentioning
confidence: 99%
“…Specifically, (i) we do not require explicit or implicit loop-specific invariants to be provided by the user or generated by a solver (viz. by constrained Horn clause solvers [20,14,9] or recurrence solvers [25,16]), (ii) we induct on the full program (possibly containing multiple loops) with parameter N and not on iterations of individual loops in the program, and (iii) we perform non-trivial correctby-construction code transformations, whenever feasible, to simplify the inductive step of reasoning. The combination of these factors often reduces reasoning about a program with multiple loops to reasoning about one with fewer (sometimes even none) and "simpler" loops, thereby simplifying proof goals.…”
Section: Introductionmentioning
confidence: 99%
“…1(a) using such techniques, it would be necessary to use appropriate loop-specific invariants for each of the three loops in Fig. 1 [9][10][11][12]. Unfortunately, automatically deriving such quantified non-linear loop invariants is far from trivial.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation