Speeding up the constraint-based method in difference logic

"The final publication is available at http://link.springer.com/chapter/10.1007%2F978-3-319-40970-2_18"Over the years the constraint-based method has been successfully applied to a wide range of problems in program analysis, from invariant generation to termination and non-termination proving. Quite often the semantics of the program under study as well as the properties to be generated belong to difference logic, i.e., the fragment of linear arithmetic where atoms are inequalities of the form u v = k. However, so far constraint-based techniques have not exploited this fact: in general, Farkas’ Lemma is used to produce the constraints over template unknowns, which leads to non-linear SMT problems. Based on classical results of graph theory, in this paper we propose new encodings for generating these constraints when program semantics and templates belong to difference logic. Thanks to this approach, instead of a heavyweight non-linear arithmetic solver, a much cheaper SMT solver for difference logic or linear integer arithmetic can be employed for solving the resulting constraints. We present encouraging experimental results that show the high impact of the proposed techniques on the performance of the VeryMax verification systemPeer ReviewedPostprint (author's final draft

Using Representation Theorems for Proving Polynomials Non-negative

Proving polynomials non-negative when variables range on a subset of numbers (e.g., [0, +∞)) is often required in many applications (e.g., in the analysis of program termination). Several representations for univariate polynomials P that are non-negative on [0, +∞) have been investigated. They can often be used to characterize the property, thus providing a method for checking it by trying a match of P against the representation. We introduce a new characterization based on viewing polynomials P as vectors, and find the appropriate polynomial basis B in which the non-negativeness of the coordinates [P]B representing P in B witnesses that P is non-negative on [0, +∞). Matching a polynomial against a representation provides a way to transform universal sentences ∀x ∈ [0, +∞) P(x) ≥ 0 into a constraint solving problem which can be solved by using efficient methods. We consider different approaches to solve both kind of problems and provide a quantitative evaluation of performance that points to an early result by P´olya and Szeg¨o’s as an appropriate basis for implementations in most cases.Lucas Alba, S. (2014). Using Representation Theorems for Proving Polynomials Non-negative. En Artificial Intelligence and Symbolic Computation: 12th International Conference, AISC 2014, Seville, Spain, December 11-13, 2014. Proceedings. Springer Verlag (Germany). 21-33. doi:10.1007/978-3-319-13770-4_4S2133Alarcón, B., Gutiérrez, R., Lucas, S., Navarro-Marset, R.: Proving Termination Properties with mu-term. In: Johnson, M., Pavlovic, D. (eds.) AMAST 2010. LNCS, vol. 6486, pp. 201–208. Springer, Heidelberg (2011)Basu, S., Pollack, R., Roy, M.-F.: Algorithms in Real Algebraic Geometry. Springer, Berlin (2006)Bernstein, S.: Démonstration du théorème de Weierstrass fondée sur le calcul des probabilités. Communic. Soc. Math. de Kharkow 13(2), 1–2 (1912)Bernstein, S.: Sur la répresentation des polynômes positifs. Communic. Soc. Math. de Kharkow 14(2), 227–228 (1915)Borralleras, C., Lucas, S., Oliveras, A., Rodríguez, E., Rubio, A.: SAT Modulo Linear Arithmetic for Solving Polynomial Constraints. Journal of Automated Reasoning 48, 107–131 (2012)Boudaoud, F., Caruso, F., Roy, M.-F.: Certificates of Positivity in the Bernstein Basis. Discrete Computational Geometry 39, 639–655 (2008)Choi, M.D., Lam, T.Y., Reznick, B.: Sums of squares of real polynomials. In: Proc. of the Symposium on Pure Mathematics, vol. 4, pp. 103–126. American Mathematical Society (1995)Contejean, E., Marché, C., Tomás, A.-P., Urbain, X.: Mechanically proving termination using polynomial interpretations. Journal of Automated Reasoning 32(4), 315–355 (2006)Hilbert, D.: Über die Darstellung definiter Formen als Summe von Formenquadraten. Mathematische Annalen 32, 342–350 (1888)Hong, H., Jakuš, D.: Testing Positiveness of Polynomials. Journal of Automated Reasoning 21, 23–38 (1998)Karlin, S., Studden, W.J.: Tchebycheff systems: with applications in analysis and statistics. Interscience, New York (1966)Lucas, S.: Polynomials over the reals in proofs of termination: from theory to practice. RAIRO Theoretical Informatics and Applications 39(3), 547–586 (2005)Polya, G., Szegö, G.: Problems and Theorems in Analysis II. Springer (1976)Powers, V., Reznick, B.: Polynomials that are positive on an interval. Transactions of the AMS 352(10), 4677–4692 (2000)Powers, V., Wörmann, T.: An algorithm for sums of squares of real polynomials. Journal of Pure and Applied Algebra 127, 99–104 (1998

Automatic generation of loop invariants

CppInv works in two stages. Firstly, it parses a source code written in a subset of C++ and abstracts all execution paths of the program building a control flow graph associated to a transition system. Paths are expressed as arbitrary propositional formulas over linear integer arithmetic including high level operators like integer division and modulo. That makes easy the initial modeling. Later, formulas are normalized and only paths between a set of locations that cover every cycle of the control flow graph are regarded. Secondly, CppInv generates linear invariants at the selected locations setting out a constraint solving problem. We present a method to discover all linear invariant of the considered form. As a result, our tool can find linear invariants efficiently for a large set of interesting programs. Moreover, CppInv is also able to generate some non-linear invariants automatically. For instance, it is possible to prove the total correctness of a program that multiplies two integers from the invariants returned by the tool

Synthesis of sup-interpretations: a survey

In this paper, we survey the complexity of distinct methods that allow the programmer to synthesize a sup-interpretation, a function providing an upper- bound on the size of the output values computed by a program. It consists in a static space analysis tool without consideration of the time consumption. Although clearly related, sup-interpretation is independent from termination since it only provides an upper bound on the terminating computations. First, we study some undecidable properties of sup-interpretations from a theoretical point of view. Next, we fix term rewriting systems as our computational model and we show that a sup-interpretation can be obtained through the use of a well-known termination technique, the polynomial interpretations. The drawback is that such a method only applies to total functions (strongly normalizing programs). To overcome this problem we also study sup-interpretations through the notion of quasi-interpretation. Quasi-interpretations also suffer from a drawback that lies in the subterm property. This property drastically restricts the shape of the considered functions. Again we overcome this problem by introducing a new notion of interpretations mainly based on the dependency pairs method. We study the decidability and complexity of the sup-interpretation synthesis problem for all these three tools over sets of polynomials. Finally, we take benefit of some previous works on termination and runtime complexity to infer sup-interpretations.Comment: (2012

Abstraction and Acceleration in SMT-based Model-Checking for Array Programs

Abstraction (in its various forms) is a powerful established technique in model-checking; still, when unbounded data-structures are concerned, it cannot always cope with divergence phenomena in a satisfactory way. Acceleration is an approach which is widely used to avoid divergence, but it has been applied mostly to integer programs. This paper addresses the problem of accelerating transition relations for unbounded arrays with the ultimate goal of avoiding divergence during reachability analysis of abstract programs. For this, we first design a format to compute accelerations in this domain; then we show how to adapt the so-called 'monotonic abstraction' technique to efficiently handle complex formulas with nested quantifiers generated by the acceleration preprocessing. Notably, our technique can be easily plugged-in into abstraction/refinement loops, and strongly contributes to avoid divergence: experiments conducted with the MCMT model checker attest the effectiveness of our approach on programs with unbounded arrays, where acceleration and abstraction/refinement technologies fail if applied alone.Comment: Published in the proceedings of the 9th International Symposium on Frontiers of Combining Systems (FroCoS) with the title "Definability of Accelerated Relations in a Theory of Arrays and its Applications" (available at http://www.springerlink.com

Compositional safety verification with Max-SMT

We present an automated compositional program verification technique for safety properties based on conditional inductive invariants. For a given program part (e.g., a single loop) and a postcondition, we show how to, using a Max-SMT solver, an inductive invariant together with a precondition can be synthesized so that the precondition ensures the validity of the invariant and that the invariant implies the postcondition. From this, we build a bottom-up program verification framework that propagates preconditions of small program parts as postconditions for preceding program parts. The method recovers from failures to prove the validity of a precondition, using the obtained intermediate results to restrict the search space for further proof attempts. As only small program parts need to be handled at a time, our method is scalable and distributable. The derived conditions can be viewed as implicit contracts between different parts of the program, and thus enable an incremental program analysis.Peer ReviewedPostprint (published version

Incomplete SMT techniques for solving non-linear formulas over the integers

We present new methods for solving the Satisfiability Modulo Theories problem over the theory of QuantifierFree Non-linear Integer Arithmetic, SMT(QF-NIA), which consists of deciding the satisfiability of ground formulas with integer polynomial constraints. Following previous work, we propose to solve SMT(QF-NIA) instances by reducing them to linear arithmetic: non-linear monomials are linearized by abstracting them with fresh variables and by performing case splitting on integer variables with finite domain. For variables that do not have a finite domain, we can artificially introduce one by imposing a lower and an upper bound and iteratively enlarge it until a solution is found (or the procedure times out). The key for the success of the approach is to determine, at each iteration, which domains have to be enlarged. Previously, unsatisfiable cores were used to identify the domains to be changed, but no clue was obtained as to how large the new domains should be. Here, we explain two novel ways to guide this process by analyzing solutions to optimization problems: (i) to minimize the number of violated artificial domain bounds, solved via a Max-SMT solver, and (ii) to minimize the distance with respect to the artificial domains, solved via an Optimization Modulo Theories (OMT) solver. Using this SMT-based optimization technology allows smoothly extending the method to also solve Max-SMT problems over non-linear integer arithmetic. Finally, we leverage the resulting Max-SMT(QF-NIA) techniques to solve ∃∀ formulas in a fragment of quantified non-linear arithmetic that appears commonly in verification and synthesis applications.Peer ReviewedPostprint (author's final draft

12th International Workshop on Termination (WST 2012) : WST 2012, February 19–23, 2012, Obergurgl, Austria / ed. by Georg Moser

This volume contains the proceedings of the 12th International Workshop on Termination (WST 2012), to be held February 19–23, 2012 in Obergurgl, Austria. The goal of the Workshop on Termination is to be a venue for presentation and discussion of all topics in and around termination. In this way, the workshop tries to bridge the gaps between different communities interested and active in research in and around termination. The 12th International Workshop on Termination in Obergurgl continues the successful workshops held in St. Andrews (1993), La Bresse (1995), Ede (1997), Dagstuhl (1999), Utrecht (2001), Valencia (2003), Aachen (2004), Seattle (2006), Paris (2007), Leipzig (2009), and Edinburgh (2010). The 12th International Workshop on Termination did welcome contributions on all aspects of termination and complexity analysis. Contributions from the imperative, constraint, functional, and logic programming communities, and papers investigating applications of complexity or termination (for example in program transformation or theorem proving) were particularly welcome. We did receive 18 submissions which all were accepted. Each paper was assigned two reviewers. In addition to these 18 contributed talks, WST 2012, hosts three invited talks by Alexander Krauss, Martin Hofmann, and Fausto Spoto