Assertion-Directed Precondition Synthesis for Loops over Data Structures

Abstract

Program verification typically generates verification conditions for a program to be proven and then uses a theorem prover to prove their correctness. These verification conditions are normally generated by means of weakest-precondition calculus. Nevertheless, the weakest-precondition calculus faces a big challenge when dealing with loops. In this paper, we propose a framework that automatically generates preconditions for loops that iterate over commonly-used data structures. The preconditions are generated based on given assertions of loops and they are proved to be strong enough to ensure those given assertions hold. The data structures dealt with in our framework include one-dimensional arrays, acyclic singly-linked lists, doubly-linked lists and static lists. Such loops usually achieve their final results by focusing on one element in each iteration. In many such cases, the given assertion and the corresponding precondition of the loop separately reflect the part and the whole or vice versa. Inspired by this, our framework automatically generates precondition candidates for loops by transforming a given assertion. Then the framework uses the SMT solver Z3 and the weakest-precondition calculator for non-loop statements provided in the interactive code-verification tool Accumulator to check whether they are strong enough to prove the given assertion. The framework has been integrated into the tool Accumulator to generate suitable preconditions for loops, which greatly relieves the burden of manually providing preconditions for loops.