Abstract
We present Universal Property Directed Reachability (\(\mathsf PDR ^{\forall }\)), a property-directed procedure for automatic inference of invariants in a universal fragment of first-order logic. \(\mathsf PDR ^{\forall }\) is an extension of Bradley’s PDR/IC3 algorithm for inference of propositional invariants. \(\mathsf PDR ^{\forall }\) terminates when it either discovers a concrete counterexample, infers an inductive universal invariant strong enough to establish the desired safety property, or finds a proof that such an invariant does not exist. We implemented an analyzer based on \(\mathsf PDR ^{\forall }\), and applied it to a collection of list-manipulating programs. Our analyzer was able to automatically infer universal invariants strong enough to establish memory safety and certain functional correctness properties, show the absence of such invariants for certain natural programs and specifications, and detect bugs. All this, without the need for user-supplied abstraction predicates. Open image in new window
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
