Zhenpeng Fang,Xibin Zhao,Min Zhou

DOI: https://doi.org/10.1109/compsac.2017.149

2017-01-01

Abstract:Program invariant is formal description of properties that should hold at certain program location in every valid execution. It is very useful for program analysis and verification. In this paper, we introduce an abstraction interpretation approach for generating program invariant efficiently and precisely. A polynomial interval domain is proposed for representing abstract state and precise loop effect is summarized by recognizing and solving recurrence relations. Our method has implemented and its effectiveness is shown in various kinds of cases. Experiment results show that our approach generates more accurate program invariants quickly.

Bican Xia,Lu Yang,Naijun Zhan

DOI: https://doi.org/10.1007/978-3-540-88479-8_20

2008-01-01

Abstract:The discovery of invariants and ranking functions plays a central role in program verification. In our previous work, we investigated invariant generation and non-linear ranking function discovering of polynomial programs by reduction to semi-algebraic systems solving. In this paper we will first summarize our results on the two topics and then show how to generalize the approach to discovering more expressive invariants and ranking functions, and applying to more general programs.

Wei He

DOI: https://doi.org/10.48550/arXiv.1906.11929

2019-06-28

Abstract:Compilers can specialize programs having invariants for performance improvement. Detecting program invariants that span large and complex code, however, is difficult for compilers. Traditional compilers do not perform very expensive analysis and thus only identify limited invariants, which limits the potential of subsequent optimizations. We would like to address the invariant detection problem via more sophisticated analyses using program verification tools. In this paper, we reveal pitfalls of choosing program verification tools for invariant detection, identify challenges of modeling program behavior using one of these tools---CVC4, and propose some ideas about how to address the challenges.

Programming Languages

Yang Xiao-hua,Jie Liu,Yu Tong-lan,Yang Luo,QuJin Wu

DOI: https://doi.org/10.1109/CISE.2009.5364452

2009-01-01

Abstract:Dynamic likely program invariant detection technology is an available instrument for discovering contract from large program in non-formal description. It is of benefit to contract technology exerting more influence on program quality assurance. Since the research of invariant detection technology has just started that the rough detection usually use hypothesis verification approach which relies on the experience of the detector and his degree of understanding of the detected program so that there is serious lack of accuracy and efficiency. This paper tempts to divide the invariants into two kinds that one is called functional invariant and the other is non-functional type based on relational data theory before starting the invariant detection. The paper focuses on the approach of detecting functional likely invariant, which accomplish detecting existence of them by discovering functional dependence set of the program variable at first and then detecting the forms of the existent invariants after deducing the function dependence set. Experiments demonstrate that this approach not only solves the problems of blind detection to improve the efficiency but also reduces the possibility of missing important functional invariants compared with the traditional hypothesis verification approach such as Daikon.

Junyan Qian,Baowen Xu

DOI: https://doi.org/10.15388/informatica.2007.178

2007-01-01

Informatica

Abstract:Iterative abstraction refinement has emerged in the last few years as the leading approach to software model checking. We present an approach for automatically verifying C programs against safety specifications based on finite state machine. The approach eliminates unneeded variables using program slicing technique, and then automatically extracts an initial abstract model from C source code using predicate abstraction and theorem proving. In order to reduce time complexities, we partition the set of candidate predicates into subsets, and construct abstract model independently. On the basis of a counterexample-guided abstraction refinement scheme, the abstraction refines incrementally until the specification is either satisfied or refuted. Our methods can be extended to verifying concurrency C programs by parallel composition.

Junyan Qian,Baowen Xu

2007-01-01

Abstract:we present a methodology for automatically verifying programs against safety specifications based on finite state machine. Firstly, computing the abstract transition between abstract states is done by calling a theorem prover, and then an initial abstract model automatically is extracted from concrete program using predicate abstraction. However, the process of abstraction can be exponential in the number of predicates used. Program slicing, predicate inference and partitioning the set of candidate predicates into subsets make abstract model construction effective. By counterexample-guided abstraction refinement scheme, the abstraction refines incrementally until the specification is either satisfied or refuted. Finally, our methods can be extended to verifying concurrency programs by parallel composition.

Marius Bozga,Radu Iosif,Joseph Sifakis

DOI: https://doi.org/10.48550/arXiv.1902.02696

2019-02-07

Abstract:We consider concurrent systems consisting of a finite but unknown number of components, that are replicated instances of a given set of finite state automata. The components communicate by executing interactions which are simultaneous atomic state changes of a set of components. We specify both the type of interactions (e.g.\ rendez-vous, broadcast) and the topology (i.e.\ architecture) of the system (e.g.\ pipeline, ring) via a decidable interaction logic, which is embedded in the classical weak sequential calculus of one successor (WS1S). Proving correctness of such system for safety properties, such as deadlock freedom or mutual exclusion, requires the inference of an inductive invariant that subsumes the set of reachable states and avoids the unsafe states. Our method synthesizes such invariants directly from the formula describing the interactions, without costly fixed point iterations. We applied our technique to the verification of several textbook examples, such as dining philosophers, mutual exclusion protocols and concurrent systems with preemption and priorities.

Formal Languages and Automata Theory

LIU Shu-kun,YANG Xiao-hua

DOI: https://doi.org/10.3969/j.issn.1007-130X.2011.03.020

2011-01-01

Abstract:Design by contract is an important technology which can be used to improve software quality.Contract can express the basic properties which are invisible to the users and the conditions used to guarantee the correct results of programs.Program invariant is a kind of contract including class invariants,pre-conditions invariants and post-conditions invariants.The program invariants can be applied to the range of program verification and software test.In this paper,the current mainstream research technology of detecting program invariants is described and the main process and key methods of discovering the invariants are shown.

刘树锟,阳小华

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2008.07.054

2008-01-01

Abstract:Up to now,the system of computer software has been a very popular and important application system.In order to improve the quality of software,a theory model of dynamically generating technique of program invariant was built.A new method of dynamically generating technique of program invariant of functional dependence based on the theory of database was showed.In this way,program invariant of functional dependence can be detected in a nimble way.

Li Bin,Tang Zhenhao,Zhai Juan,Zhao Jianhua

DOI: https://doi.org/10.1109/qrs.2016.23

2016-01-01

Abstract:This paper proposes a way of using abstract interpretation for discovering properties about array contents in programs which manipulate arrays by sequential traversal. The method summarizes an array property as a universally quantified property. It directly treats invariant properties (including universally quantified formulas and atomic formulas) as abstract domains. Our method is sound and converges in finite time, and it is flexible. The method has been used to automatically discover nontrivial invariants for several examples. In particular, the method can represent and process multidimensional array properties.

Litao Zhou,Jianxing Qin,Qinshi Wang,Andrew W. Appel,Qinxiang Cao

2023-10-26

Abstract:Program verifiers for imperative languages such as C may be annotation-based, in which assertions and invariants are put into source files and then checked, or tactic-based, where proof scripts separate from programs are interactively developed in a proof assistant such as Coq. Annotation verifiers have been more automated and convenient, but some interactive verifiers have richer assertion languages and formal proofs of soundness. We present VST-A, an annotation verifier that uses the rich assertion language of VST, leverages the formal soundness proof of VST, but allows users to describe functional correctness proofs intuitively by inserting assertions. VST-A analyzes control flow graphs, decomposes every C function into control flow paths between assertions, and reduces program verification problems into corresponding straightline Hoare triples. Compared to existing foundational program verification tools like VST and Iris, in VST-A, such decompositions and reductions are allowed to be nonstructural, which makes VST-A more flexible to use. VST-A's decomposition and reduction is defined in Coq, proved sound in Coq, and computed in a call-by-value way in Coq. The soundness proof for reduction is totally logical, independent of the complicated semantic model (and soundness proof) of VST's Hoare triple. Because of the rich assertion language, not all reduced proof goals can be automatically checked, but the system allows users to prove residual proof goals using the full power of the Coq proof assistant.

Programming Languages

ThanhVu Nguyen,Deepak Kapur,Westley Weimer,Stephanie Forrest

DOI: https://doi.org/10.1145/2568225.2568275

2019-04-16

Abstract:Program invariants are important for defect detection, program verification, and program repair. However, existing techniques have limited support for important classes of invariants such as disjunctions, which express the semantics of conditional statements. We propose a method for generating disjunctive invariants over numerical domains, which are inexpressible using classical convex polyhedra. Using dynamic analysis and reformulating the problem in non-standard "max-plus" and "min-plus" algebras, our method constructs hulls over program trace points. Critically, we introduce and infer a weak class of such invariants that balances expressive power against the computational cost of generating nonconvex shapes in high dimensions. Existing dynamic inference techniques often generate spurious invariants that fit some program traces but do not generalize. With the insight that generating dynamic invariants is easy, we propose to verify these invariants statically using k-inductive SMT theorem proving which allows us to validate invariants that are not classically inductive. Results on difficult kernels involving nonlinear arithmetic and abstract arrays suggest that this hybrid approach efficiently generates and proves correct program invariants.

Software Engineering,Programming Languages

Juan Zhai,Hanfei Wang,Jianhua Zhao

DOI: https://doi.org/10.1109/sere-c.2014.40

2014-01-01

Abstract:In the automatic code verification, it is often necessary for programmers to provide logical annotations in the form of pre-/post-conditions and loop invariants. In this paper, we propose a framework that automatically infers loop invariants of loops manipulating commonly-used data structures. These data structures include one-dimensional arrays, singly-linked lists, doubly-linked lists and static lists. In practical cases, a majority of the loops operating on such data structures work by iterating over the elements of these data structures. The loop invariants of this kind of loops are usually similar in form with their corresponding post-conditions. The framework takes advantage of this observation by generating invariant candidates automatically from a given post-condition following several heuristics. These invariant candidates are subsequently validated via the SMT solver Z3 and the weakest-precondition calculator provided in the interactive code-verification tool Accumulator. The framework, which has been implemented for a small C-like language, suffices to infer suitable loop invariants of a range of loops w.r.t. given post-conditions. The framework has been integrated into the tool Accumulator to ease the verification tasks by alleviating the burden of providing loop invariants manually.

Liu Shukun,Yang Xiaohua

DOI: https://doi.org/10.1109/apcip.2009.91

2009-01-01

Abstract:With the development of computer science and technology, software has been widely applied in all kinds of business. It has been a very popular and important application system. So the quality of software causes more serious attention than before. Design by program invariant is a very important method which is used to improve quality of software. In this paper, a theory model of dynamically detecting technology of program invariant was built. And a new method of dynamically generating technology of program invariant of functional dependence based on the theory of database was showed. In this way, program invariant of functional dependence can be detected in a nimble way. Experiments have been done and the result demonstrates that the method is obviously reliable and efficient.

Liu Shukun,Yang Xiaohua,Chen Jifeng,Duan Shan

DOI: https://doi.org/10.1109/ICIE.2009.41

2009-01-01

Abstract:In this paper, the notation of program invariant was described, and a theory model of dynamical generating technique of invariants was researched. Then, the technology of dynamical generating technique of invariants of nonfunctional dependence was discussed. A new method of dynamical generating technique of invariants of nonfunctional dependence based on the theory of database was showed. Then, a series of detecting measures of specific nonfunctional dependence invariants were proposed .Many kinds of program invariants can be dynamically discovered by the means.

Yijun Feng,Lijun Zhang,David N. Jansen,Naijun Zhan,Bican Xia

DOI: https://doi.org/10.1007/978-3-319-68167-2_26

2017-01-01

Abstract:Quantitative loop invariants are an essential element in the verification of probabilistic programs. Recently, multivariate Lagrange interpolation has been applied to synthesizing polynomial invariants. In this paper, we propose an alternative approach. First, we fix a polynomial template as a candidate of a loop invariant. Using Stengle's Positivstellensatz and a transformation to a sum-of-squares problem, we find sufficient conditions on the coefficients. Then, we solve a semidefinite programming feasibility problem to synthesize the loop invariants. If the semidefinite program is unfeasible, we backtrack after increasing the degree of the template. Our approach is semi-complete in the sense that it will always lead us to a feasible solution if one exists and numerical errors are small. Experimental results show the efficiency of our approach.

Dirk Beyer,Po-Chun Chien,Nian-Ze Lee

2024-10-25

Abstract:Software model checking is a challenging problem, and generating relevant invariants is a key factor in proving the safety properties of a program. Program invariants can be obtained by various approaches, including lightweight procedures based on data-flow analysis and intensive techniques using Craig interpolation. Although data-flow analysis runs efficiently, it often produces invariants that are too weak to prove the properties. By contrast, interpolation-based approaches build strong invariants from interpolants, but they might not scale well due to expensive interpolation procedures. Invariants can also be injected into model-checking algorithms to assist the analysis. Invariant injection has been studied for many well-known approaches, including k-induction, predicate abstraction, and symbolic execution. We propose an augmented interpolation-based verification algorithm that injects external invariants into interpolation-based model checking (McMillan, 2003), a hardware model-checking algorithm recently adopted for software verification. The auxiliary invariants help prune unreachable states in Craig interpolants and confine the analysis to the reachable parts of a program. We implemented the proposed technique in the verification framework CPAchecker and evaluated it against mature SMT-based methods in CPAchecker as well as other state-of-the-art software verifiers. We found that injecting invariants reduces the number of interpolation queries needed to prove safety properties and improves the run-time efficiency. Consequently, the proposed invariant-injection approach verified difficult tasks that none of its plain version (i.e., without invariants), the invariant generator, or any compared tools could solve.

Software Engineering

Yi-Fan Tsai,Devin Coughlin,Bor-Yuh Evan Chang,Xavier Rival

DOI: https://doi.org/10.48550/arXiv.1511.04846

2015-11-16

Abstract:This paper presents incremental verification-validation, a novel approach for checking rich data structure invariants expressed as separation logic assertions. Incremental verification-validation combines static verification of separation properties with efficient, short-circuiting dynamic validation of arbitrarily rich data constraints. A data structure invariant checker is an inductive predicate in separation logic with an executable interpretation; a short-circuiting checker is an invariant checker that stops checking whenever it detects at run time that an assertion for some sub-structure has been fully proven statically. At a high level, our approach does two things: it statically proves the separation properties of data structure invariants using a static shape analysis in a standard way but then leverages this proof in a novel manner to synthesize short-circuiting dynamic validation of the data properties. As a consequence, we enable dynamic validation to make up for imprecision in sound static analysis while simultaneously leveraging the static verification to make the remaining dynamic validation efficient. We show empirically that short-circuiting can yield asymptotic improvements in dynamic validation, with low overhead over no validation, even in cases where static verification is incomplete.

Programming Languages

Junyan Qian,Baowen Xu,Yingzhou Zhang

2007-01-01

Journal of Computational Information Systems

Abstract:Model checking is an automatic formal verification technique for a finite state system. Iterative abstraction refinement has emerged recently as the leading approach to software model checking. We present a methodology for automatically verifying programs against safety specifications based on finite state machine. As the first step, an initial abstract model is automatically extracted from source code using predicate abstraction and theorem proving. In order to reduce time complexities of this process, we partition the set of candidate predicates into subsets, and then construct abstract model independently.

Lu Yang,Chaochen Zhou,Naijun Zhan,Bican Xia

DOI: https://doi.org/10.1007/s11704-009-0074-7

2010-01-01

Frontiers of Computer Science in China

Abstract:In this paper, we summarize the results on program verification through semi-algebraic systems (SASs) solving that we have obtained, including automatic discovery of invariants and ranking functions, symbolic decision procedure for the termination of a class of linear loops, termination analysis of nonlinear systems, and so on.