Generation of invariants in theorema

2003

Approaching the problem of imperative program verification from a practical point of view has certain implications concerning [4]: the style of specifications, the programming language which is used, the help provided to the user for finding appropriate loop invariants, the theoretical frame used for formal verification, the language used for expressing generated verification theorems as well as the database of necessary mathematical knowledge, and finally the proving power, style and language.

Many automated techniques for invariant generation are based on the idea that the invariant should show that something "bad" will not happen in the analyzed program. In this article we present an algorithm for loop invariant generation in programs with assertions using a weakest precondition calculus. We have realized the algorithm in the extended static checker ESC/Java2. Challenges stemming from our initial experience with the implementation are also discussed.

Electronic Proceedings in Theoretical Computer Science, 2012

Invariant-Based Programming (IBP) is a diagram-based correct-by-construction programming methodology in which the program is structured around the invariants, which are additionally formulated before the actual code. Socos is a program construction and verification environment built specifically to support IBP. The front-end to Socos is a graphical diagram editor, allowing the programmer to construct invariant-based programs and check their correctness. The back-end component of Socos, the program checker, computes the verification conditions of the program and tries to prove them automatically. It uses the theorem prover PVS and the SMT solver Yices to discharge as many of the verification conditions as possible without user interaction. In this paper, we first describe the Socos environment from a user and systems level perspective; we then exemplify the IBP workflow by building a verified implementation of heapsort in Socos. The case study highlights the role of both automatic and interactive theorem proving in three sequential stages of the IBP workflow: developing the background theory, formulating the program specification and invariants, and proving the correctness of the final implementation.

IEEE Transactions on Software Engineering, 1980

Most current systems for mechanical program verification are not fully automatic, since the user himself must provide the intermediate inductive assertions. This paper describes an interactive computer program, called ADI, which automatically generates the needed inductive assertions. ADI is also able to extend partial loop assertions supplied by the user to form complete assertions. The implementation (written in QLISP and INTERLISP) is based on both the algorithmic and the heuristic approaches introduced by Katz and Manna in "Logical Analysis of Programs" [25]. For the algorithmic subsystem ADI includes: Difference Equations Constructor, Difference Equations Solver, and Invariants from Conditional Statements Generator. The heuristic subsystem includes: Exit Rules Package, Bounding Variables Component, Strengthening Executer, Weakening Executer, and a Heuristic Invariant Matcher-which is the actual implementation of two new heuristics, MATCHPQ and MATCHPT. ADI is a small step toward interactive, practical program verification. Index Tenns-Assertions, invariants, partial correctness, program verification, QLISP, synthesis of invariants.

2010

Loop invariants play a major role in program verification and drastically speed up processes like automatic test case generation. Though various techniques have been applied to automatic loop invariants generation, most interesting ones often generate only candidate invariants. Thus, a key issue, to take advantage of these invariants in a verification process, is to check that these candidate loop invariants are actual invariants. This paper introduces an original technique based on constraint programming for automatic verification of inductive loop invariants. This new approach is efficient to detect spurious invariants and nicely performs verification of valid invariants under boundness restrictions. First experiments on classical benchmarks are very promising.

Invariant based programming is an approach to program construction where we provide the program pre-and postconditions as well as loop invariants before we construct the code itself. This approach allows us to construct a program and its correctness proof hand in hand. We describe here an extension to an existing mathematics editor that supports this style of program construction. The main help that the tool provides is automatic simplification of verification conditions that are generated in the programming process. The tool shows the user a check list of those conditions that it was not able to prove automatically. The user can use this check list to complete the proof (either manually or using an interactive theorem prover) or to find errors in the program.

2006

We present an algorithm for finding valid polynomial relations (i.e. invariants) among program variables for imperative loops. The algorithm is implemented in the verification environment for imperative programs (using Hoare logic) in the frame of the Theorema system (www.theorema.org). The algorithm uses techniques from (polynomial) algebra and combinatorics, namely Gröbner Bases, variable elimination, algebraic dependencies and symbolic summation (the Gosper algorithm, handling geometric series, C-finite solving). These methods are demonstrated on several examples which have been treated automatically by our implementation.

2000

Most of the properties established during program verification are either invariants or depend crucially on invariants. The eectiveness of auto- mated verification of (imperative) programs is therefore sensitive to the ease with which invariants, even trivial ones, can be automatically deduced. We present a method for invariant generation that relies on combinatorial tech- niques, namely on recurrence solving and variable

Lecture Notes in Computer Science, 2014

Calculational Style of Programming, while very appealing, has several practical difficulties when done manually. Due to the large number of proofs involved, the derivations can be cumbersome and errorprone. To address these issues, we have developed automated theorem provers assisted program and formula transformation rules, which when coupled with the ability to extract context of a subformula, help in shortening and simplifying the derivations. We have implemented this approach in a Calculational Assistant for Programming from Specifications (CAPS). With the help of simple examples, we show how the calculational assistant helps in taking the drudgery out of the derivation process while ensuring correctness.

2006

We describe practical experiments of program verification in the frame of the Theorema system (www.theorema.org). This includes both functional programs (using fixpoint theory), as well as imperative programs (using Hoare logic). By comparing different approaches we are trying to find general schemes which are useful for practical work. The Theorema system offers facilities for working with higher-order predicate logic formulae (including various general and domain-oriented provers) and also for defining and testing algorithms both in functional and in imperative styles. We generate verification conditions as natural-style predicate logic formulae, which can be then proven by Theorema, by issuing natural-style proofs which are human-readable.