Computing Exact Loop Bounds for Bounded Program Verification

@inproceedings{Liu2017ComputingEL,
  title={Computing Exact Loop Bounds for Bounded Program Verification},
  author={Tianhai Liu and Shmuel S. Tyszberowicz and Bernhard Beckert and Mana Taghdiri},
  booktitle={SETTA},
  year={2017}
}
Bounded program verification techniques verify functional properties of programs by analyzing the program for user-provided bounds on the number of objects and loop iterations. Whereas those two kinds of bounds are related, existing bounded program verification tools treat them as independent parameters and require the user to provide them. We present a new approach for automatically calculating exact loop bounds, i.e., the greatest lower bound and the least upper bound, based on the number of… 
Efficient Verification of Programs with Complex Data Structures Using SMT Solvers
TLDR
This thesis presents a verification infrastructure combing the benefits of different program verification techniques for verifying programs with complex data structures against the properties that constrain the configurations of the objects on the heap.
Optimization Modulo Theories with OptiMathSAT
TLDR
A variety of techniques that deal with the identified issues and advance both the expressiveness and the efficiency of OMT are presented, including implementation of these techniques inside OptiMathSAT, a state-of-the-art OMT solver based on MathSAT5, along with its high-level architecture, Input/Output interfaces and configurable options.
From MiniZinc to Optimization Modulo Theories, and Back (Extended Version)
TLDR
This paper has extended the OMT solver OptiMathSAT with a FlatZinc interface and introduced a tool for translating SMT and OMT problems on the linear arithmetic and bit-vector theories into MiniZinc.

References

SHOWING 1-10 OF 24 REFERENCES
Incremental bounded software model checking
TLDR
This work presents an incremental approach to Bounded Software Model Checking, which enables increasing the bound without incurring the overhead of a restart, and provides an LLVM-based open-source implementation which supports a wide range of incremental SMT solvers.
Test-based inference of polynomial loop-bound functions
TLDR
This paper presents an interpolation-based method of inferring arbitrary degree loop-bound functions for Java programs and develops a prototype tool which can infer piecewise polynomial loop- bound functions for a large class of loops in Java programs.
SPEED: precise and efficient static estimation of program computational complexity
TLDR
An inter-procedural technique for computing symbolic bounds on the number of statements a procedure executes in terms of its scalar inputs and user-defined quantitative functions of input data-structures and an algorithm for automating this proof methodology is introduced.
Bounded Program Verification Using an SMT Solver: A Case Study
TLDR
This paper presents a novel approach that translates bounded Java programs and their JML specifications to quantified bit-vector formulas (QBVF) with arrays, and solves them using an SMT solver, and indicates that the approach provides significant speedups over a SAT-based approach.
Static Loop Bound Analysis of C Programs Based on Flow Analysis and Abstract Interpretation
TLDR
A static loop bound analysis which associates flow analysis and abstract interpretation is proposed which considers binary operators (+, -, *, \) for the loop increment, nested loops, non-recursive function calls, simple loop conditions and loop upper bound values.
Control-flow refinement and progress invariants for bound analysis
TLDR
This paper describes two techniques, control-flow refinement and progress invariants, that together enable estimation of precise bounds for procedures with nested and multi-path loops, and presents an algorithm that uses progress invariant to compute precise limits for nested loops.
ABC: Algebraic Bound Computation for Loops
We present ABC, a software tool for automatically computing symbolic upper bounds on the number of iterations of nested program loops. The system combines static analysis of programs with symbolic
A relational framework for bounded program verification
TLDR
A new program-analysis framework that allows a procedure in an object-oriented language to be automatically checked against a strong specification of its behavior, based on an intermediate relational representation of code and an analysis that examines all executions of a procedure up to a bound on the size of the heap and the number of loop unrollings.
Data-Flow Based Detection of Loop Bounds
TLDR
A novel data-flow based analysis for aiT to calculate the needed loop bounds on the assembler level is described and the new method is compared with a pattern based loop analysis already in use by this tool.
Symbolic optimization with SMT solvers
TLDR
SYMBA is presented, an efficient SMT-based optimization algorithm for objective functions in the theory of linear real arithmetic (LRA) that can optimize a set of objective functions, reusing information between them to speed up the analysis.
...
...