Results 1 
8 of
8
A.: MinimalModelGuided Approaches to Solving Polynomial Constraints and Extensions
"... Abstract. In this paper we present new methods for deciding the satisfiability of formulas involving integer polynomial constraints. In previous work we proposed to solve SMT(NIA) problems by reducing them to SMT(LIA): nonlinear monomials are linearized by abstracting them with fresh variables and ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
(Show Context)
Abstract. In this paper we present new methods for deciding the satisfiability of formulas involving integer polynomial constraints. In previous work we proposed to solve SMT(NIA) problems by reducing them to SMT(LIA): nonlinear monomials are linearized by abstracting them with fresh variables and by performing case splitting on integer variables with finite domain. When variables do not have finite domains, artificial ones can be introduced by imposing a lower and an upper bound, and made iteratively larger until a solution is found (or the procedure times out). For the approach to be practical, unsatisfiable cores are used to guide which domains have to be relaxed (i.e., enlarged) from one iteration to the following one. However, it is not clear then how large they have to be made, which is critical. Here we propose to guide the domain relaxation step by analyzing minimal models produced by the SMT(LIA) solver. Namely, we consider two different cost functions: the number of violated artificial domain bounds, and the distance with respect to the artificial domains. We compare these approaches with other techniques on benchmarks coming from constraintbased program analysis and show the potential of the method. Finally, we describe how one of these minimalmodelguided techniques can be smoothly adapted to deal with the extension MaxSMT of SMT(NIA) and then applied to program termination proving. 1
Ranking Functions for LinearConstraint Loops
, 2013
"... Ranking functions are a tool successfully used in termination analysis, complexity analysis, and program parallelization. Among the different types of ranking functions and approaches to finding them, this talk will concentrate on functions that are found by linear programming techniques. The settin ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Ranking functions are a tool successfully used in termination analysis, complexity analysis, and program parallelization. Among the different types of ranking functions and approaches to finding them, this talk will concentrate on functions that are found by linear programming techniques. The setting is that of a loop that has been preabstracted so that it is described by linear constraints over a finite set of numeric variables. I will review results (more or less recent) regarding the search for ranking functions which are either linear or lexicographiclinear.
Proving Nontermination Using MaxSMT
"... Abstract. We show how MaxSMTbased invariant generation can be exploited for proving nontermination of programs. The construction of the proof of nontermination is guided by the generation of quasiinvariants – properties such that if they hold at a location during execution once, then they will c ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We show how MaxSMTbased invariant generation can be exploited for proving nontermination of programs. The construction of the proof of nontermination is guided by the generation of quasiinvariants – properties such that if they hold at a location during execution once, then they will continue to hold at that location from then onwards. The check that quasiinvariants can indeed be reached is then performed separately. Our technique considers strongly connected subgraphs of a program’s control flow graph for analysis and thus produces more generic witnesses of nontermination than existing methods. Moreover, it can handle programs with unbounded nondeterminism and is more likely to converge than previous approaches. 1
A Decision Tree Abstract Domain for Proving Conditional Termination?
"... Abstract. We present a new parameterized abstract domain able to refine existing numerical abstract domains with finite disjunctions. The elements of the abstract domain are decision trees where the decision nodes are labeled with linear constraints, and the leaf nodes belong to a numerical abstrac ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Abstract. We present a new parameterized abstract domain able to refine existing numerical abstract domains with finite disjunctions. The elements of the abstract domain are decision trees where the decision nodes are labeled with linear constraints, and the leaf nodes belong to a numerical abstract domain. The abstract domain is parametric in the choice between the expressivity and the cost of the linear constraints for the decision nodes (e.g., polyhedral or octagonal constraints), and the choice of the abstract domain for the leaf nodes. We describe an instance of this domain based on piecewisedefined ranking functions for the automatic inference of sufficient preconditions for program termination. We have implemented a static analyzer for proving conditional termination of programs written in (a subset of) C and, using experimental evidence, we show that it performs well on a wide variety of benchmarks, it is competitive with the state of the art and is able to analyze programs that are out of the reach of existing methods. 1
Unrestricted Termination and Nontermination Arguments for BitVector Programs
"... Abstract. Proving program termination is typically done by finding a wellfounded ranking function for the program states. Existing termination provers typically find ranking functions using either linear algebra or templates. As such they are often restricted to finding linear ranking functions o ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Proving program termination is typically done by finding a wellfounded ranking function for the program states. Existing termination provers typically find ranking functions using either linear algebra or templates. As such they are often restricted to finding linear ranking functions over mathematical integers. This class of functions is insufficient for proving termination of many terminating programs, and furthermore a termination argument for a program operating on mathematical integers does not always lead to a termination argument for the same program operating on fixedwidth machine integers. We propose a termination analysis able to generate nonlinear, lexicographic ranking functions and nonlinear recurrence sets that are correct for fixedwidth machine arithmetic and floatingpoint arithmetic. Our technique is based on a reduction from program termination to secondorder satisfaction. We provide formulations for termination and nontermination in a fragment of secondorder logic with restricted quantification which is decidable over finite domains [1]. The resulting technique is a sound and complete analysis for the termination of finitestate programs with fixedwidth integers and IEEE floatingpoint arithmetic.
Proving Termination Of Imperative Programs Via MaxSMT Satisfiability Checking Seminar SS 2015
"... Abstract. Developing reliable programs and proving their total correctness is hard. Not only do we have to prove that they compute ”the right thing”, but we also have to prove that they terminate on a specified, possibly infinite number of inputs. For the latter we present an elegant way to encode t ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. Developing reliable programs and proving their total correctness is hard. Not only do we have to prove that they compute ”the right thing”, but we also have to prove that they terminate on a specified, possibly infinite number of inputs. For the latter we present an elegant way to encode the properties of a ranking function and supporting invariants, both being key parts of our termination argument, as a logical formula, thereby transforming our original problem into a satisfiability problem for which efficient solvers exist. Our focus on MaxSMT allows us to retrieve useful information in the case where regular SMT solving would leave us with an inconclusive result, allowing us to refine our formula and continue a better guided termination analysis. Using this approach we can prove a greater number of imperative programs with linear assignments and test conditions than previous approaches with SMT. 1
Compositional Safety Verification with MaxSMT
"... Abstract—We present an automated compositional program verification technique for safety properties based on conditional inductive invariants. For a given program part (e.g., a single loop) and a postcondition ϕ, we show how to, using a MaxSMT solver, an inductive invariant together with a precondi ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract—We present an automated compositional program verification technique for safety properties based on conditional inductive invariants. For a given program part (e.g., a single loop) and a postcondition ϕ, we show how to, using a MaxSMT solver, an inductive invariant together with a precondition can be synthesized so that the precondition ensures the validity of the invariant and that the invariant implies ϕ. From this, we build a bottomup program verification framework that propagates preconditions of small program parts as postconditions for preceding program parts. The method recovers from failures to prove the validity of a precondition, using the obtained intermediate results to restrict the search space for further proof attempts. As only small program parts need to be handled at a time, our method is scalable and distributable. The derived conditions can be viewed as implicit contracts between different parts of the program, and thus enable an incremental program analysis. I.