{"title":"数据结构上循环的后条件定向不变量推理","authors":"Juan Zhai, Hanfei Wang, Jianhua Zhao","doi":"10.1109/SERE-C.2014.40","DOIUrl":null,"url":null,"abstract":"In the automatic code verification, it is often necessary for programmers to provide logical annotations in the form of pre-/post-conditions and loop invariants. In this paper, we propose a framework that automatically infers loop invariants of loops manipulating commonly-used data structures. These data structures include one-dimensional arrays, singly-linked lists, doubly-linked lists and static lists. In practical cases, a majority of the loops operating on such data structures work by iterating over the elements of these data structures. The loop invariants of this kind of loops are usually similar in form with their corresponding post-conditions. The framework takes advantage of this observation by generating invariant candidates automatically from a given post-condition following several heuristics. These invariant candidates are subsequently validated via the SMT solver Z3 and the weakest-precondition calculator provided in the interactive code-verification tool Accumulator. The framework, which has been implemented for a small C-like language, suffices to infer suitable loop invariants of a range of loops w.r.t. given post-conditions. The framework has been integrated into the tool Accumulator to ease the verification tasks by alleviating the burden of providing loop invariants manually.","PeriodicalId":373062,"journal":{"name":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Post-condition-Directed Invariant Inference for Loops over Data Structures\",\"authors\":\"Juan Zhai, Hanfei Wang, Jianhua Zhao\",\"doi\":\"10.1109/SERE-C.2014.40\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the automatic code verification, it is often necessary for programmers to provide logical annotations in the form of pre-/post-conditions and loop invariants. In this paper, we propose a framework that automatically infers loop invariants of loops manipulating commonly-used data structures. These data structures include one-dimensional arrays, singly-linked lists, doubly-linked lists and static lists. In practical cases, a majority of the loops operating on such data structures work by iterating over the elements of these data structures. The loop invariants of this kind of loops are usually similar in form with their corresponding post-conditions. The framework takes advantage of this observation by generating invariant candidates automatically from a given post-condition following several heuristics. These invariant candidates are subsequently validated via the SMT solver Z3 and the weakest-precondition calculator provided in the interactive code-verification tool Accumulator. The framework, which has been implemented for a small C-like language, suffices to infer suitable loop invariants of a range of loops w.r.t. given post-conditions. The framework has been integrated into the tool Accumulator to ease the verification tasks by alleviating the burden of providing loop invariants manually.\",\"PeriodicalId\":373062,\"journal\":{\"name\":\"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-06-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERE-C.2014.40\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Eighth International Conference on Software Security and Reliability-Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2014.40","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Post-condition-Directed Invariant Inference for Loops over Data Structures
In the automatic code verification, it is often necessary for programmers to provide logical annotations in the form of pre-/post-conditions and loop invariants. In this paper, we propose a framework that automatically infers loop invariants of loops manipulating commonly-used data structures. These data structures include one-dimensional arrays, singly-linked lists, doubly-linked lists and static lists. In practical cases, a majority of the loops operating on such data structures work by iterating over the elements of these data structures. The loop invariants of this kind of loops are usually similar in form with their corresponding post-conditions. The framework takes advantage of this observation by generating invariant candidates automatically from a given post-condition following several heuristics. These invariant candidates are subsequently validated via the SMT solver Z3 and the weakest-precondition calculator provided in the interactive code-verification tool Accumulator. The framework, which has been implemented for a small C-like language, suffices to infer suitable loop invariants of a range of loops w.r.t. given post-conditions. The framework has been integrated into the tool Accumulator to ease the verification tasks by alleviating the burden of providing loop invariants manually.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
