Theory of linear and integer programming
Theory of linear and integer programming
Temporal verification of reactive systems: safety
Temporal verification of reactive systems: safety
An axiomatic basis for computer programming
Communications of the ACM
Dynamically Discovering Likely Program Invariants to Support Program Evolution
IEEE Transactions on Software Engineering - Special issue on 1999 international conference on software engineering
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic discovery of linear restraints among variables of a program
POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A static analyzer for large safety-critical software
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Non-linear loop invariant generation using Gröbner bases
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Higher-Order and Symbolic Computation
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
A buffer overflow benchmark for software model checkers
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Program analysis as constraint solving
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Invariant synthesis for combined theories
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Automatically refining abstract interpretations
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Combining widening and acceleration in linear relation analysis
SAS'06 Proceedings of the 13th international conference on Static Analysis
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Scalable analysis of linear systems using mathematical programming
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Using statically computed invariants inside the predicate abstraction and refinement loop
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
InvGen: An Efficient Invariant Generator
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
On inter-procedural analysis of programs with lists and data
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Automatically refining partial specifications for program verification
FM'11 Proceedings of the 17th international conference on Formal methods
Relational abstractions for continuous and hybrid systems
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Shape refinement through explicit heap analysis
FASE'10 Proceedings of the 13th international conference on Fundamental Approaches to Software Engineering
RED: a tool for runtime error detection in C programs using abstract interpretation
Proceedings of the 5th India Software Engineering Conference
Constraint solving for program verification: theory and practice by example
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Discovering invariants via simple component analysis
Journal of Symbolic Computation
Proceedings of the 2012 International Symposium on Software Testing and Analysis
A unified approach for static and runtime verification: framework and applications
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
A data driven approach for algebraic loop invariants
ESOP'13 Proceedings of the 22nd European conference on Programming Languages and Systems
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Solving existentially quantified horn clauses
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Bias-variance tradeoffs in program analysis
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Automatically refining partial specifications for heap-manipulating programs
Science of Computer Programming
Hi-index | 0.00 |
We describe the design and implementation of an automatic invariant generator for imperative programs. While automatic invariant generation through constraint solving has been extensively studied from a theoretical viewpoint as a classical means of program verification, in practice existing tools do not scale even to moderately sized programs. This is because the constraints that need to be solved even for small programs are already too difficult for the underlying (non-linear) constraint solving engines. To overcome this obstacle, we propose to strengthen static constraint generation with information obtained from static abstract interpretation and dynamic execution of the program. The strengthening comes in the form of additional linear constraints that trigger a series of simplifications in the solver, and make solving more scalable. We demonstrate the practical applicability of the approach by an experimental evaluation on a collection of challenging benchmark programs and comparisons with related tools based on abstract interpretation and software model checking.