article

From invariant checking to invariant inference using randomized search

Authors:

Alex AikenAuthors Info & Claims

Formal Methods in System Design, Volume 48, Issue 3

Pages 235 - 256

https://doi.org/10.1007/s10703-016-0248-5

Published: 01 June 2016 Publication History

Abstract

We describe a general framework c2i for generating an invariant inference procedure from an invariant checking procedure. Given a checker and a language of possible invariants, c2i generates an inference procedure that iteratively invokes two phases. The search phase uses randomized search to discover candidate invariants and the validate phase uses the checker to either prove or refute that the candidate is an actual invariant. To demonstrate the applicability of c2i, we use it to generate inference procedures that prove safety properties of numerical programs, prove non-termination of numerical programs, prove functional specifications of array manipulating programs, prove safety properties of string manipulating programs, and prove functional specifications of heap manipulating programs that use linked list data structures.

References

[1]

Alur R, Bodík R, Juniwal G, Martin MMK, Raghothaman M, Seshia SA, Singh R, Solar-Lezama A, Torlak E, Udupa A (2013) Syntax-guided synthesis. In: FMCAD

[2]

Amato G, Parton M, Scozzari F (2012) Discovering invariants via simple component analysis. J Symb Comput 47(12):1533---1560

Digital Library

[3]

Andrieu C, de Freitas N, Doucet A, Jordan MI (2003) An introduction to MCMC for machine learning. Mach Learn 50(1):5---43

[4]

Beyer D Competition on Software Verification (SV-COMP) benchmarks. https://svn.sosy-lab.org/software/sv-benchmarks/tags/svcomp13/loops/

[5]

Beyer D, Henzinger TA, Jhala R, Majumdar R (2007) The software model checker blast. STTT 9(5---6):505---525

Digital Library

[6]

Beyer D, Henzinger TA, Majumdar R, Rybalchenko A (2007) Invariant synthesis for combined theories. In: VMCAI

Digital Library

[7]

BjØrner N, McMillan KL, Rybalchenko A (2013) On solving universally quantified horn clauses. In: SAS

[8]

Burckhardt S, Kothari P, Musuvathi M, Nagarakatte S (2010) A randomized scheduler with probabilistic guarantees of finding bugs. In: ASPLOS

Digital Library

[9]

Burnim J, Jalbert N, Stergiou C, Sen K (2009) Looper: Lightweight detection of infinite loops at runtime. In: ASE

Digital Library

[10]

Calcagno C, Distefano D, O'Hearn PW, Yang H (2009) Compositional shape analysis by means of bi-abduction. In: POPL

Digital Library

[11]

Chib S, Greenberg E (1995) Understanding the Metropolis-Hastings algorithm. Am Stat 49(4):327---335

[12]

Clarisó R, Cortadella J (2004) The octahedron abstract domain. In: SAS

[13]

Cobleigh JM, Giannakopoulou D, Pasareanu CS (2003) Learning assumptions for compositional verification. In: TACAS

Digital Library

[14]

Colón M, Sankaranarayanan S, Sipma H (2003) Linear invariant generation using non-linear constraint solving. In: CAV

[15]

Costantini G, Ferrara P, Cortesi A (2011) Static analysis of string values. In: ICFEM

Digital Library

[16]

Cousot P, Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL

Digital Library

[17]

Dillig I, Dillig T, Aiken A (2010) Fluid updates: beyond strong vs. weak updates. In: ESOP

Digital Library

[18]

Dillig I, Dillig T, Li B, McMillan KL (2013) Inductive invariant generation via abductive inference. In: OOPSLA

Digital Library

[19]

Ernst MD, Perkins JH, Guo PJ, McCamant S, Pacheco C, Tschantz MS, Xiao C (2007) The Daikon system for dynamic detection of likely invariants. Sci Comput Prog 69(1---3):35---45

Digital Library

[20]

Flanagan C, Leino KRM (2001) Houdini, an annotation assistant for ESC/Java. In: FME

Digital Library

[21]

Garg P, Löding C, Madhusudan P, Neider D (2013) Learning universally quantified invariants of linear data structures. In: CAV

[22]

Garg P, Löding C, Madhusudan P, Neider D (2014) ICE: a robust learning framework for synthesizing invariants. In: CAV

[23]

Grebenshchikov S, Lopes NP, Popeea C, Rybalchenko A (2012) Synthesizing software verifiers from proof rules. In: PLDI

Digital Library

[24]

Gulavani BS, Henzinger TA, Kannan Y, Nori AV, Rajamani SK (2006) Synergy: a new algorithm for property checking. In: FSE

Digital Library

[25]

Gulwani S, Jojic N (2007) Program verification as probabilistic inference. In: POPL

Digital Library

[26]

Gulwani S, Necula GC (2003) Discovering affine equalities using random interpretation. In: POPL

Digital Library

[27]

Gulwani S, Srivastava S, Venkatesan R (2008) Program analysis as constraint solving. In: PLDI

Digital Library

[28]

Gulwani S, Srivastava S, Venkatesan R (2009) Constraint-based invariant inference over predicate abstraction. In: VMCAI

Digital Library

[29]

Gupta A, Henzinger TA, Majumdar R, Rybalchenko A, Xu RG (2008) Proving non-termination. In: POPL

Digital Library

[30]

Gupta A, Majumdar R, Rybalchenko A (2009) From tests to proofs. In: TACAS

Digital Library

[31]

Harder M, Mellen J, Ernst MD (2003) Improving test suites via operational abstraction. In: ICSE

Digital Library

[32]

Hoder K, BjØrner N (2012) Generalized property directed reachability. In: SAT

Digital Library

[33]

Itzhaky S, Banerjee A, Immerman N, Nanevski A, Sagiv M (2013) Effectively-propositional reasoning about reachability in linked data structures. In: CAV

[34]

Itzhaky S, BjØrner N, Reps TW, Sagiv M, Thakur AV (2014) Property-directed shape analysis. In: CAV

Digital Library

[35]

Ivancic F, Sankaranarayanan S NECLA static analysis benchmarks. https://www.nec-labs.com/research/system/systems_SAV-website/small_static_bench-v1.1.tar.gz

[36]

Jhala R, McMillan KL (2006) A practical and complete approach to predicate refinement. In: TACAS. Springer, Berlin

Digital Library

[37]

Jung Y, Kong S, Wang BY, Yi K (2010) Deriving invariants by algorithmic learning, decision procedures, and predicate abstraction. In: VMCAI. Springer, Berlin

Digital Library

[38]

Kannan Y, Sen K (2008) Universal symbolic execution and its application to likely data structure invariant generation. In: Proceedings of the ISSTA

Digital Library

[39]

Kong S, Jung Y, David C, Wang BY, Yi K (2010) Automatically inferring quantified loop invariants by algorithmic learning from simple templates. In: APLAS

Digital Library

[40]

McMillan K, Rybalchenko A (2013) Combinatorial approach to some sparse-matrix problems. Technical report, Microsoft Research

[41]

Miné A (2006) The octagon abstract domain. High-order Symb Comput 19(1):31---100

Digital Library

[42]

de Moura LM, BjØrner N (2008) Z3: an efficient SMT solver. In: TACAS

Digital Library

[43]

Naik M, Yang H, Castelnuovo G, Sagiv M (2012) Abstractions from tests. In: POPL

Digital Library

[44]

Neuwald AF, Liu JS, Lipman DJ, Lawrence CE (1997) Extracting protein alignment models from the sequence database. Nucleic Acids Res 25:1665---1677

[45]

Nguyen T, Kapur D, Weimer W, Forrest S (2012) Using dynamic analysis to discover polynomial and array invariants. In: ICSE

Digital Library

[46]

Nori AV, Sharma R (2013) Termination proofs from tests. In: ESEC/SIGSOFT FSE

Digital Library

[47]

Qiu X, Garg P, Stefanescu A, Madhusudan P (2013) Natural proofs for structure, data, and separation. In: PLDI

Digital Library

[48]

Reps TW, Sagiv S, Yorsh G (2004) Symbolic implementation of the best transformer. In: VMCAI

[49]

Sagiv S, Reps TW, Wilhelm R (2002) Parametric shape analysis via 3-valued logic. ACM Trans Program Lang Syst 24(3):217---298

Digital Library

[50]

Sankaranarayanan S, Chang RM, Jiang G, Ivancic F (2007) State space exploration using feedback constraint generation and monte-carlo sampling. In: ESEC/SIGSOFT FSE

Digital Library

[51]

Schkufza E, Sharma R, Aiken A (2013) Stochastic superoptimization. In: ASPLOS

Digital Library

[52]

Sharma R, Aiken A (2014) From invariant checking to invariant inference using randomized search. In: CAV

Digital Library

[53]

Sharma R, Gupta S, Hariharan B, Aiken A, Liang P, Nori AV (2013) A data driven approach for algebraic loop invariants. In: ESOP

Digital Library

[54]

Sharma R, Gupta S, Hariharan B, Aiken A, Nori AV (2013) Program verification as learning geometric concepts. In: SAS

[55]

Sharma R, Nori A, Aiken A (2012) Interpolants as classifiers. In: CAV

Digital Library

[56]

Sharma R, Nori AV, Aiken A (2014) Bias-variance tradeoffs in program analysis. In: POPL

Digital Library

[57]

Solar-Lezama A (2009) The sketching approach to program synthesis. In: APLAS

Digital Library

[58]

Srivastava S, Gulwani S (2009) Program verification using templates over predicate abstraction. In: PLDI

Digital Library

[59]

Srivastava S, Gulwani S, Foster JS (2009) VS3: SMT solvers for program verification. In: CAV

Digital Library

[60]

Zheng Y, Zhang X, Ganesh V (2013) Z3-str: a Z3-based string solver for web application analysis. In: ESEC/SIGSOFT FSE

Digital Library

Cited By

Wu GCao WYao YWei HChen TMa XFilkov VRay BZhou M(2024)LLM Meets Bounded Model Checking: Neuro-symbolic Loop Invariant InferenceProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695014(406-417)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695014
Endres MFakhoury SChakraborty SLahiri S(2024)Can Large Language Models Transform Natural Language Intent into Formal Method Postconditions?Proceedings of the ACM on Software Engineering10.1145/36607911:FSE(1889-1912)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660791
Pei KBieber DShi KSutton CYin PKrause ABrunskill ECho KEngelhardt BSabato SScarlett J(2023)Can large language models reason about program invariants?Proceedings of the 40th International Conference on Machine Learning10.5555/3618408.3619552(27496-27520)Online publication date: 23-Jul-2023
https://dl.acm.org/doi/10.5555/3618408.3619552
Show More Cited By

From invariant checking to invariant inference using randomized search
1. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning

Recommendations

From Invariant Checking to Invariant Inference Using Randomized Search
Proceedings of the 16th International Conference on Computer Aided Verification - Volume 8559

We describe a general framework c2i for generating an invariant inference procedure from an invariant checking procedure. Given a checker and a language of possible invariants, c2i generates an inference procedure that iteratively invokes two phases. ...
Property-specific sequential invariant extraction for SAT-based unbounded model checking
ICCAD '11: Proceedings of the International Conference on Computer-Aided Design

In this paper, we propose a property-specific sequential invariant extraction algorithm to improve the performance of the SAT-based Unbounded Modeling Checkers (UMCs). By analyzing the property-related predicates and their corresponding high-level ...
Bounded model checking of high-integrity software
HILT '13: Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technology

Model checking [5] is an automated algorithmic technique for exhaustive verification of systems, described as finite state machines, against temporal logic [9] specifications. It has been used successfully to verify hardware at an industrial scale [6]. ...

Comments

Information & Contributors

Information

Published In

cover image Formal Methods in System Design

Formal Methods in System Design Volume 48, Issue 3

June 2016

152 pages

ISSN:0925-9856

Issue’s Table of Contents

Copyright © Copyright © 2016 Springer Science+Business Media New York.

Publisher

Kluwer Academic Publishers

United States

Publication History

Published: 01 June 2016

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

22
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wu GCao WYao YWei HChen TMa XFilkov VRay BZhou M(2024)LLM Meets Bounded Model Checking: Neuro-symbolic Loop Invariant InferenceProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695014(406-417)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695014
Endres MFakhoury SChakraborty SLahiri S(2024)Can Large Language Models Transform Natural Language Intent into Formal Method Postconditions?Proceedings of the ACM on Software Engineering10.1145/36607911:FSE(1889-1912)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660791
Pei KBieber DShi KSutton CYin PKrause ABrunskill ECho KEngelhardt BSabato SScarlett J(2023)Can large language models reason about program invariants?Proceedings of the 40th International Conference on Machine Learning10.5555/3618408.3619552(27496-27520)Online publication date: 23-Jul-2023
https://dl.acm.org/doi/10.5555/3618408.3619552
Cirisci BEnea CFarzan AMutluergil S(2023)A Pragmatic Approach to Stateful Partial Order ReductionVerification, Model Checking, and Abstract Interpretation10.1007/978-3-031-24950-1_7(129-154)Online publication date: 16-Jan-2023
https://dl.acm.org/doi/10.1007/978-3-031-24950-1_7
Liu HFu HYu ZSong JLi G(2022)Scalable linear invariant generation with Farkas’ lemmaProceedings of the ACM on Programming Languages10.1145/35632956:OOPSLA2(204-232)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563295
Liu JChen YTan BDillig IFeng Y(2022)Learning Contract Invariants Using Reinforcement LearningProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556962(1-11)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3556962
Wang JWang C(2022)Learning to Synthesize Relational InvariantsProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556942(1-12)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3556942
Greenberg MBeckett RCampbell EJhala RDillig I(2022)Kleene algebra modulo theories: a framework for concrete KATsProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523722(594-608)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523722
Feldman YSagiv MShoham SWilcox J(2022)Property-directed reachability as abstract interpretation in the monotone theoryProceedings of the ACM on Programming Languages10.1145/34986766:POPL(1-31)Online publication date: 12-Jan-2022
https://dl.acm.org/doi/10.1145/3498676
Feldman YShoham S(2022)SAT-Based Invariant Inference and Its Relation to Concept LearningReachability Problems10.1007/978-3-031-19135-0_1(3-27)Online publication date: 17-Oct-2022
https://dl.acm.org/doi/10.1007/978-3-031-19135-0_1
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents