Abstract
This paper describes a sound technique that combines the precision of theorem proving with the loop-invariant inference of abstract interpretation. The loop-invariant computations are invoked on demand when the need for a stronger loop invariant arises, which allows a gradual increase in the level of precision used by the abstract interpreter. The technique generates loop invariants that are specific to a subset of a program’s executions, achieving a dynamic and automatic form of value-based trace partitioning. Finally, the technique can be incorporated into a lemmas-on-demand theorem prover, where the loop-invariant inference happens after the generation of verification conditions.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Alpern, B., Wegman, M.N., Zadeck, F.K.: Detecting equality of variables in programs. In: 15th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL 1988), January 1988, pp. 1–11. ACM, New York (1988)
Ball, T., Cook, B., Lahiri, S.K., Zhang, L.: zapato: Automatic theorem proving for predicate abstraction refinement. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 457–461. Springer, Heidelberg (2004)
Ball, T., Rajamani, S.K.: Automatically validating temporal safety properties of interfaces. In: Dwyer, M.B. (ed.) SPIN 2001. LNCS, vol. 2057, pp. 103–122. Springer, Heidelberg (2001)
Barnett, M., Leino, K.R.M.: Weakest-precondition of unstructured programs. In: 6th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE 2005), ACM, New York (2005)
Barnett, M., Leino, K.R.M., Schulte, W.: The spec# programming system: An overview. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 49–69. Springer, Heidelberg (2005)
Barrett, C.W., Berezin, S.: CVC lite: A new implementation of the cooperating validity checker category B. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 515–518. Springer, Heidelberg (2004)
Bourdoncle, F.: Abstract interpretation by dynamic partitioning. Journal of Functional Programming 2(4), 407–423 (1992)
Chang, B.-Y.E., Leino, K.R.M.: Inferring object invariants. In: Proceedings of the First International Workshop on Abstract Interpretation of Object-Oriented Languages (AIOOL 2005), January 2005. Electronic Notes in Theoretical Computer Science, vol. 131. Elsevier, Amsterdam (2005)
Cousot, P.: The calculational design of a generic abstract interpreter. In: Broy, M., Steinbrüggen, R. (eds.) Calculational System Design. NATO ASI Series F. IOS Press, Amsterdam (1999)
Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: 4th ACM Symposium on Principles of Programming Languages (POPL 1977), January 1977, pp. 238–252. ACM, New York (1977)
Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: 6th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 1979), pp. 269–282. ACM, New York (1979)
Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: 5th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 1978), pp. 84–97. ACM, New York (1978)
de Moura, L., Rueß, H.: Lemmas on demand for satisfiability solvers. In: Fifth International Symposium on the Theory and Applications of Satisfiability Testing (SAT 2002) (May 2002)
DeLine, R., Leino, K.R.M.: BoogiePL: A typed procedural language for checking object-oriented programs. Technical Report 2005-70, Microsoft Research (May 2005)
Dijkstra, E.W.: A Discipline of Programming. Prentice Hall, Englewood Cliffs (1976)
Flanagan, C., Joshi, R., Ou, X., Saxe, J.B.: Theorem proving using lazy proof explication. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 355–367. Springer, Heidelberg (2003)
Flanagan, C., Joshi, R., Saxe, J.B.: An explicating theorem prover for quantified formulas. Technical Report HPL-2004-199, HP Labs (2004)
Flanagan, C., Saxe, J.B.: Avoiding exponential explosion: generating compact verification conditions. In: 28th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL 2001), pp. 193–205 (2001)
Floyd, R.W.: Assigning meanings to programs. In: Proceedings of Symposium in Applied Mathematics. Mathematical Aspects of Computer Science, vol. 19, pp. 19–32. American Mathematical Society, Providence (1967)
Giacobazzi, R., Ranzato, F.: The reduced relative power operation on abstract domains. Theoretical Computer Science 216(1-2), 159–211 (1999)
Graf, S., Saïdi, H.: Construction of abstract state graphs via PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 72–83. Springer, Heidelberg (1997)
Handjieva, M., Tzolovski, S.: Refining static analyses by trace-based partitioning using control flow. In: Levi, G. (ed.) SAS 1998. LNCS, vol. 1503, pp. 200–214. Springer, Heidelberg (1998)
Henzinger, T.A., Jhala, R., Majumdar, R., McMillan, K.L.: Abstractions from proofs. In: Proceedings of POPL 2004, pp. 232–244. ACM, New York (2004)
Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: 29th Syposium on Principles of Programming Languages (POPL 2002), pp. 58–70. ACM Press, New York (2002)
Hoare, C.A.R.: An axiomatic approach to computer programming. Communications of the ACM 12, 576–583 (1969)
Jeannet, B., Halbwachs, N., Raymond, P.: Dynamic partitioning in analyses of numerical properties. In: Cortesi, A., Filé, G. (eds.) SAS 1999. LNCS, vol. 1694, p. 39. Springer, Heidelberg (1999)
Rustan, K., Leino, M.: Efficient weakest preconditions. Information Processing Letters 93(6), 281–288 (2005)
Leino, K.R.M., Musuvathi, M., Ou, X.: A two-tier technique for supporting quantifiers in a lazily proof-explicating theorem prover. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 334–348. Springer, Heidelberg (2005)
Leino, K.R.M., Saxe, J.B., Stata, R.: Checking Java programs via guarded commands. In: Formal Techniques for Java Programs, Technical Report 251. Fernuniversität Hagen (May 1999); Also available as Technical Note 1999-002, Compaq Systems Research Center
Logozzo, F.: Approximating module semantics with constraints. In: Proceedings of the 19th ACM SIGAPP Symposium on Applied Computing (SAC 2004), pp. 1490–1495. ACM, New York (2004)
Logozzo, F.: Modular Static Analysis of Object-oriented Languages. PhD thesis, École Polytechnique (2004)
Mauborgne, L., Rival, X.: Trace partitioning in abstract interpretation based static analyzers. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 5–20. Springer, Heidelberg (2005)
Miné, A.: The octagon abstract domain. In: AST 2001 in WCRE 2001, October 2001, pp. 310–319. IEEE, Los Alamitos (2001)
Nelson, G.: A generalization of Dijkstra’s calculus. ACM Transactions on Programming Languages and Systems 11(4), 517–561 (1989)
Sagiv, S., Reps, T.W., Wilhelm, R.: Parametric shape analysis via 3-valued logic. ACM Transactions on Programming Languages and Systems 24(3), 217–298 (2002)
Yorsh, G., Reps, T.W., Sagiv, S.: Symbolically computing most-precise abstract operations for shape analysis. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 530–545. Springer, Heidelberg (2004)
Zee, K., Lam, P., Kuncak, V., Rinard, M.C.: Combining theorem proving with static analysis for data structure consistency. In: International Workshop on Software Verification and Validation (November 2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Leino, K.R.M., Logozzo, F. (2005). Loop Invariants on Demand. In: Yi, K. (eds) Programming Languages and Systems. APLAS 2005. Lecture Notes in Computer Science, vol 3780. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11575467_9
Download citation
DOI: https://doi.org/10.1007/11575467_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29735-2
Online ISBN: 978-3-540-32247-4
eBook Packages: Computer ScienceComputer Science (R0)