research-article

Program verification using templates over predicate abstraction

Authors:

Saurabh Srivastava,

Sumit GulwaniAuthors Info & Claims

PLDI '09: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation

Pages 223 - 234

https://doi.org/10.1145/1542476.1542501

Published: 15 June 2009 Publication History

Abstract

We address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating pre-conditions under which the assertions are valid. We present three novel algorithms, having different strengths, that combine template and predicate abstraction based formalisms to discover required sophisticated program invariants using SMT solvers.

Two of these algorithms use an iterative approach to compute fixed-points (one computes a least fixed-point and the other computes a greatest fixed-point), while the third algorithm uses a constraint based approach to encode the fixed-point. The key idea in all these algorithms is to reduce the problem of invariant discovery to that of finding optimal solutions for unknowns (over conjunctions of some predicates from a given set) in a template formula such that the formula is valid.

Preliminary experiments using our implementation of these algorithms show encouraging results over a benchmark of small but complicated programs. Our algorithms can verify program properties that, to our knowledge, have not been automatically verified before. In particular, our algorithms can generate full correctness proofs for sorting algorithms (which requires nested universally-existentially quantified invariants) and can also generate preconditions required to establish worst-case upper bounds of sorting algorithms. Furthermore, for the case of previously considered properties, in particular sortedness in sorting algorithms, our algorithms take less time than reported by previous techniques.

References

[1]

Dirk Beyer, Thomas Henzinger, Rupak Majumdar, and Andrey Rybalchenko. Invariant synthesis for combined theories. In VMCAI, volume 4349 of LNCS, pages 378--394, 2007.

Digital Library

[2]

Dirk Beyer, Tom Henzinger, Rupak Majumdar, and Andrey Rybalchenko. Path invariants. In PLDI, pages 300--309, 2007.

Digital Library

[3]

Edmund M. Clarke, Orna Grumberg, Somesh Jha, Yuan Lu, and Helmut Veith. Counterexample-guided abstraction refinement. In CAV, pages 154--169, 2000.

Digital Library

[4]

Michael Colon, Sriram Sankaranarayanan, and Henny Sipma. Linear invariant generation using non-linear constraint solving. In CAV, pages 420--432, 2003.

[5]

Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In POPL, pages 238--252, 1977.

Digital Library

[6]

Leonardo de Moura and Nikolaj Bjorner. Efficient E-matching for smt solvers. In CADE, pages 183--198, 2007.

Digital Library

[7]

Leonardo de Moura and Nikolaj Bjorner. Z3: Efficient SMT solver. In TACAS, volume 4963 of LNCS, pages 337--340, April 2008.

Digital Library

[8]

Jr. Edmund M. Clarke, Orna Grumberg, and Doron A. Peled. Model checking. MIT Press, Cambridge, MA, USA, 1999.

Digital Library

[9]

Cormac Flanagan and Shaz Qadeer. Predicate abstraction for software verification. In POPL, pages 191--202, 2002.

Digital Library

[10]

Susanne Graf and Hassen Saidi. Construction of abstract state graphs with PVS. In Computer Aided Verification, pages 72--83, 1997.

Digital Library

[11]

Sumit Gulwani, Sagar Jain, and Eric Koskinen. Control-flow refinement and progress invariants for bound analysis. In PLDI, 2009.

Digital Library

[12]

Sumit Gulwani, Bill McCloskey, and Ashish Tiwari. Lifting abstract interpreters to quantified logical domains. In POPL, pages 235--246, 2008.

Digital Library

[13]

Sumit Gulwani, Saurabh Srivastava, and Ramarathnam Venkatesan. Program analysis as constraint solving. In PLDI, pages 281--292, 2008.

Digital Library

[14]

Sumit Gulwani, Saurabh Srivastava, and Ramarathnam Venkatesan. Constraint-based invariant inference over predicate abstraction. In VMCAI, pages 120--135, 2009.

Digital Library

[15]

Nicolas Halbwachs and Mathias Peron. Discovering properties about arrays in simple programs. In PLDI, pages 339--348, 2008.

Digital Library

[16]

Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Kenneth L. McMillan. Abstractions from proofs. In POPL, pages 232--244, 2004.

Digital Library

[17]

Ranjit Jhala and Ken McMillan. Array abstraction from proofs. In CAV, 2007.

Digital Library

[18]

Deepak Kapur. Automatically generating loop invariants using quantifier elimination. In Deduction and Applications, 2005.

[19]

Gary A. Kildall. A unified approach to global program optimization. In POPL, pages 194---206, 1973.

Digital Library

[20]

Laura Kovacs and Andrei Voronkov. Finding loop invariants for programs over arrays using a theorem prover. In FASE, 2009.

Digital Library

[21]

Shuvendu K. Lahiri and Randal E. Bryant. Predicate abstraction with indexed predicates. ACM Trans. on Computational Logic, 9(1), 2007.

Digital Library

[22]

Andreas Podelski and Thomas Wies. Boolean heaps. In SAS, 2005.

Digital Library

[23]

Thomas W. Reps, Shmuel Sagiv, and Greta Yorsh. Symbolic impl. of the best transformer. In VMCAI, pages 252--266, 2004.

[24]

Microsoft Research. Phoenix. http://research.microsoft.com/Phoenix/.

[25]

Microsoft Research. Z3. http://research.microsoft.com/projects/Z3/.

[26]

Sriram Sankaranarayanan, Henny Sipma, and Zohar Manna. Non-linear loop invariant generation using grobner bases. In POPL, pages 318--329, 2004.

Digital Library

[27]

Sriram Sankaranarayanan, Henny B. Sipma, and Zohar Manna. Constraint-based linear-relations analysis. In SAS, pages 53--68, 2004.

[28]

Armando Solar-Lezama, Gilad Arnold, Liviu Tancau, Rastislav Bodik, Vijay Saraswat, and Sanjit A. Seshia. Sketching stencils. In PLDI, pages 167--178, June 2007.

Digital Library

[29]

Armando Solar-Lezama, Liviu Tancau, Rastislav Bodik, Vijay Saraswat, and Sanjit A. Seshia. Combinatorial sketching for finite programs. In ASPLOS, pages 404--415, Oct 2006.

Digital Library

[30]

Saurabh Srivastava and Sumit Gulwani. Program verification using templates over predicate abstraction. Technical Report MSR-TR-2008-173, Nov 2008.

[31]

Saurabh Srivastava, Sumit Gulwani, and Jeffrey Foster. VS3 : SMT-solvers for program verification. In CAV, 2009.

Digital Library

[32]

Karen Zee, Viktor Kuncak, and Martin C. Rinard. Full functional verification of linked data structures. In PLDI, pages 349--361, 2008.

Digital Library

Cited By

Yao PKe JSun JFu HWu RRen K(2023)Demystifying Template-Based Invariant Generation for Bit-Vector Programs2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE56229.2023.00069(673-685)Online publication date: 11-Sep-2023
https://doi.org/10.1109/ASE56229.2023.00069
Hussein SRayadurgam SMcCamant SSharma VHeimdahl MGnesi SPlat NHartmanns ASchaefer I(2022)Counterexample-guided inductive repair of reactive contractsProceedings of the IEEE/ACM 10th International Conference on Formal Methods in Software Engineering10.1145/3524482.3527650(46-57)Online publication date: 18-May-2022
https://dl.acm.org/doi/10.1145/3524482.3527650
Sharma VHietala KMcCamant S(2021)Finding Substitutable Binary Code By Synthesizing AdaptersIEEE Transactions on Software Engineering10.1109/TSE.2019.293100047:8(1626-1643)Online publication date: 1-Aug-2021
https://doi.org/10.1109/TSE.2019.2931000
Show More Cited By

Index Terms

Program verification using templates over predicate abstraction
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Formal software verification
  2. Software organization and properties
    1. Software functional properties
      1. Correctness
      2. Formal methods
2. Theory of computation
  1. Logic
    1. Programming logic
    2. Proof theory
  2. Semantics and reasoning
    1. Program reasoning
    2. Program semantics

Recommendations

Program verification using templates over predicate abstraction
PLDI '09

We address the problem of automatically generating invariants with quantified and boolean structure for proving the validity of given assertions or generating pre-conditions under which the assertions are valid. We present three novel algorithms, having ...
Combining Theorem Proving with Model Checking through Predicate Abstraction

This article presents a procedure for proving invariants of infinite-state reactive systems using a combination of two formal verification techniques: theorem proving and model checking. This method uses term rewriting on the definition of the target ...
Verification of SpecC using predicate abstraction

Languages such as SystemC or SpecC offer modeling of hardware and whole system designs at a high level of abstraction. However, formal verification techniques are widely applied in the hardware design industry only for low level designs, such as a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PLDI '09: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation

June 2009

492 pages

ISBN:9781605583921

DOI:10.1145/1542476

General Chair:
Michael Hind
IBM Research, USA
,
Program Chair:
Amer Diwan
University of Colorado at Boulder, USA

ACM SIGPLAN Notices Volume 44, Issue 6
PLDI '09
June 2009
478 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1543135
Issue’s Table of Contents

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 June 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

PLDI '09

Sponsor:

PLDI '09: ACM SIGPLAN Conference on Programming Language Design and Implementation

June 15 - 21, 2009

Dublin, Ireland

Acceptance Rates

Overall Acceptance Rate 406 of 2,067 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

122
Total Citations
View Citations
684
Total Downloads

Downloads (Last 12 months)27
Downloads (Last 6 weeks)1

Reflects downloads up to 01 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yao PKe JSun JFu HWu RRen K(2023)Demystifying Template-Based Invariant Generation for Bit-Vector Programs2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE56229.2023.00069(673-685)Online publication date: 11-Sep-2023
https://doi.org/10.1109/ASE56229.2023.00069
Hussein SRayadurgam SMcCamant SSharma VHeimdahl MGnesi SPlat NHartmanns ASchaefer I(2022)Counterexample-guided inductive repair of reactive contractsProceedings of the IEEE/ACM 10th International Conference on Formal Methods in Software Engineering10.1145/3524482.3527650(46-57)Online publication date: 18-May-2022
https://dl.acm.org/doi/10.1145/3524482.3527650
Sharma VHietala KMcCamant S(2021)Finding Substitutable Binary Code By Synthesizing AdaptersIEEE Transactions on Software Engineering10.1109/TSE.2019.293100047:8(1626-1643)Online publication date: 1-Aug-2021
https://doi.org/10.1109/TSE.2019.2931000
Zhang QZhang YLi XWu B(2021)Discovering Properties about Arrays via Path Dependence Analysis2021 International Symposium on Theoretical Aspects of Software Engineering (TASE)10.1109/TASE52547.2021.00022(55-62)Online publication date: Aug-2021
https://doi.org/10.1109/TASE52547.2021.00022
Montenegro MNieva SPeña RSegura C(2020)Extending Liquid Types to ArraysACM Transactions on Computational Logic10.1145/336274021:2(1-41)Online publication date: 21-Jan-2020
https://dl.acm.org/doi/10.1145/3362740
Feldman YImmerman NSagiv MShoham S(2019)Complexity and information in invariant inferenceProceedings of the ACM on Programming Languages10.1145/33710734:POPL(1-29)Online publication date: 20-Dec-2019
https://dl.acm.org/doi/10.1145/3371073
Zhang XKong WJiang JHou GFukuda A(2019)Steering Interpolants Generation with Efficient Interpolation Abstraction Exploration2019 International Symposium on Theoretical Aspects of Software Engineering (TASE)10.1109/TASE.2019.00-11(113-120)Online publication date: Jul-2019
https://doi.org/10.1109/TASE.2019.00-11
Feldman YWilcox JShoham SSagiv M(2019)Inferring Inductive Invariants from Phase StructuresComputer Aided Verification10.1007/978-3-030-25543-5_23(405-425)Online publication date: 12-Jul-2019
https://doi.org/10.1007/978-3-030-25543-5_23
Paci FSquicciarini AZannone N(2018)Survey on Access Control for Community-Centered Collaborative SystemsACM Computing Surveys10.1145/314602551:1(1-38)Online publication date: 4-Jan-2018
https://dl.acm.org/doi/10.1145/3146025
Sharma VHietala KMcCamant S(2018)Finding Substitutable Binary Code for Reverse Engineering by Synthesizing Adapters2018 IEEE 11th International Conference on Software Testing, Verification and Validation (ICST)10.1109/ICST.2018.00024(150-160)Online publication date: Apr-2018
https://doi.org/10.1109/ICST.2018.00024
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents