Download PDFOpen PDF in browserReasoning About Loops Using Vampire11 pages•Published: February 23, 2016AbstractIn 2009, the symbol elimination method for loop invariant generationwas introduced, which used saturation theorem proving in first-order logic to generate quantified invariants of programs with arrays. Symbol elimination is fully automatic, requires no user guidance, and it is the first ever approach able to generate invariants with alternations of quantifiers. In this paper we describe a number of improvements and extensions to symbol elimination and invariant generation using first-order theorem proving, in particular the Vampire theorem prover. Rather than being limited to a specific programming language, our approach to reasoning about loops in Vampire relies on a simple guarded command language for its input, which can be used as an interface for more complex and realistic imperative languages. We propose new ways for extending quantified loop properties describing valid loop properties, by simplifying the properties over array updates and next state relations. We also extend symbol elimination with pre- and post-conditions of loops. We use the loop specification to generate only invariants that are relevant, that is, invariants that are needed for proving partial correctness of loops. Further, we turn symbol elimination into an automatic approach proving program correctness, providing an alternative method to Hoare-rule based loop verification or other deductive systems. We present our newly redesigned implementation of loop reasoning in Vampire and also report on experimental results. Keyphrases: automated reasoning, first order theorem proving, invariant generation, program analysis, symbol elimination In: Laura Kovács and Andrei Voronkov (editors). Proceedings of the 1st and 2nd Vampire Workshops, vol 38, pages 52-62.
|
