Abstract
During deductive verification of programs written in imperative languages, the generation and proof of verification conditions corresponding to loops can cause difficulties, because each one must be provided with an invariant whose construction is often a challenge. As a rule, the methods of invariant synthesis are heuristic ones. This impedes its application. An alternative is the symbolic method of loop invariant elimination suggested by V.A. Nepomniaschy in 2005. Its idea is to represent a loop body in a form of special replacement operation under certain constraints. This operation expresses loop effect in a symbolic form and allows to introduce an inference rule which uses no invariants in axiomatic semantics. This work represents the further development of this method. It extends the mixed axiomatic semantics method suggested for C-light program verification. This extension includes the verification method of iterations over changeable arrays possibly with loop exit in C-light programs. The method contains the inference rule for iterations without loop invariants. This rule was implemented in verification conditions generator which is a part of the automated system of C-light program verification. To prove verification conditions automatically in ACL2, two algorithms were developed and implemented. The first one automatically generates the replacement operation in ACL2 language, the second one automatically generates auxiliary lemmas which allow to prove the obtained verification conditions in ACL2 successfully in automatic mode. An example which illustrates the application of the mentioned methods is described.
Highlights
During deductive verification of programs written in imperative languages
the generation and proof of verification conditions corresponding to loops can cause difficulties
because each one must be provided with an invariant whose construction is often a challenge
Summary
Метод элиминации инвариантов циклов для финитной итерации был предложен в [14]. 1. Финитная итерация над неизменяемыми структурами данных без выхода из цикла. 2. Финитная итерация над неизменяемыми структурами данных с выходом из цикла. 2. choo(S) возвращает элемент из memb(S), если ¬empty(S). 3. rest(S) = S , где S структура типа S и memb(S ) = memb(S) \ {choo(S)}, если ¬empty(S). Рассмотрим оператор for x in S do v := body(v, x) end, где S структура, x переменная типа элемент S , v вектор переменных цикла, не содержащий x, а body представляет вычисление, реализуемое телом цикла, которое не изменяет x и завершается для каждого x ∈ memb(S). Правило вывода для финитной итерации имеет вид: E, SP {P } A;{Q(v ← rep(v, S, body))} E, SP {P } A; for x in S do v := body(v, x) end{Q}. SP спецификация программы, которая включает все предусловия, постусловия и инварианты циклов и помеченных операторов
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
