Loop Invariants Elimination for Definite Iterations over Unchangeable Data Structures in C Programs

The C-program verification is an urgent problem of modern programming. To apply known methods of deductive verification it is necessary to provide loop invariants which might be a challenge in many cases. In this paper we consider the C-light language [18] which is a powerful subset of the ISO C language. To verify C-light programs the two-level approach [19, 20] and the mixed axiomatic semantics method [1, 3, 11] were suggested. At the first stage, we translate [17] the source C-light program into Ckernel one. The C-kernel language [19] is a subset of C-light. The theorem of translation correctness was proved in [10, 11]. The C-kernel has less statements with respect to the C-light, this allows to decrease the number of inference rules of axiomatic semantics during its development. At the second stage of this approach, the verification conditions are generated by applying the rules of mixed axiomatic semantics [10, 11] which could contain several rules for the same program statement. In such cases the inference rules are applied depending on the context. Let us note that application of the mixed axiomatic semantics allows to significantly simplify verification conditions in many cases. This article represents an extension of this approach which includes our verification method for definite iteration over unchangeable data structures without loop exit in C-light programs. The method contains a new inference rule for the deifinite iteration without invariants. This rule was implemented in verification conditions generator. At the proof stage the SMT-solver Z3 [12] is used. An example which illustrates the application of this technique is considered.

he article is published in the authors’ wording.

1. I. S. Anureev, I. V. Maryasov, V. A. Nepomniaschy, “C-programs Verification Based on Mixed Axiomatic Semantics”, Automatic Control and Computer Sciences, 45:7 (2011), 485–500, http://link.springer.com/article/10.3103/S0146411611070029.

2. I. Anureev, I. Maryasov, V. Nepomniaschy, “Revised Mixed Axiomatic Semantics Method of C Program Verification”, Proceedings, Third Workshop ”Program Semantics, Specification and Verification: Theory and Applications”, PSSV 2012 (Nizhni Novgorod, Russia, July 1–2), eds. Valery Nepomniaschy, Valery Sokolov, 2012, 16–23.

3. I. S. Anureev, I. V. Maryasov, V. A. Nepomniaschy, “Two-level Mixed Verification Method of C-light Programs in Terms of Safety Logic”, Computer Science, 34, NCC Publisher, 2012, 23–42.

4. M. Barnett, B.-Y. E. Chang, R. DeLine, B. Jacobs, K. Rustan M. Leino, “Boogie: A Modular Reusable Verifier for Object-Oriented Programs”, Formal Methods for Components and Objects, 4th International Symposium, FMCO 2005 (Amsterdam, The Netherlands, November 1-4), Lecture Notes in Computer Science, 4111, Springer, 2006, 364–387, http://link.springer.com/chapter/10.1007/11804192 17.

5. E. Cohen, M. Dahlweid, M. Hillebrand, D. Leinenbach, M. Moskal, T. Santen, W. Schulte, S. Tobies, “VCC: A Practical System for Verifying Concurrent C”, Theorem Proving in Higher Order Logics, 22nd International Conference, TPHOLs 2009 (Munich, Germany, August 17–20), Lecture Notes in Computer Science, 5674, Springer, 2009, 23–42, http://link.springer.com/chapter/10.1007/978-3-642-03359-9 2.

6. J.-C. Filliˆatre, C. March´e, “Multi-prover Verification of C Programs”, Formal Methods and Software Engineering, 6th International Conference on Formal Engineering Methods, ICFEM 2004 (Seattle, WA, USA, November 8–12), Lecture Notes in Computer Science, 3308, Springer, 2004, 15–29, http://link.springer.com/chapter/10.1007/978-3-540-30482-1 10.

7. K. Rustan M. Leino, “Automating Induction with an SMT Solver”, Verification, Model Checking, and Abstract Interpretation, 13th International Conference, VMCAI 2012 (Philadelphia, PA, USA, January 22–24), Lecture Notes in Computer Science, 7148, Springer, 2012, 315–331, http://link.springer.com/chapter/10.1007/978-3-642-27940-9 21.

8. K. Rustan M. Leino, “Dafny: An Automatic Program Verifier for Functional Correctness”, Logic for Programming, Artificial Intelligence, and Reasoning, 16th International Conference, LPAR-16 (Dakar, Senegal, April 25–May 1), Lecture Notes in Computer Science, 6355, Springer, 2010, 348–370, http://link.springer.com/chapter/10.1007/978-3-642-17511-4 20.

9. X. Leroy, “Formal Verification of a Realistic Compiler”, Communications of the ACM, 52:7 (2009), 107–115.

10. I. V. Maryasov, The Mixed Axiomatic Semantics Method, Novosibirsk, Siberian Division of the Russian Academy of Sciences, A. P. Ershov Institute of Informatics Systems, 160, 2011, http://www.iis.nsk.su/files/preprints/160.pdf.

11. I. V. Maryasov, V. A. Nepomniaschy, A. V. Promsky, D. A. Kondratyev, “Automatic C Program Verification Based on Mixed Axiomatic Semantics”, Automatic Control and Computer Sciences, 48:7 (2014), 407–414, http://link.springer.com/article/10.3103/S0146411614070141.

12. L. de Moura, N. Bjørner, “Z3: An Efficient SMT Solver”, Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008 (Budapest, Hungary, March 29–April 6), Lecture Notes in Computer Science, 4963, Springer, 2008, 337–340, http://link.springer.com/chapter/10.1007/978-3-540-78800-3 24.

13. V. A. Nepomniaschy, “Symbolic Verification Method for Definite Iteration over Altered Data Structures”, Programming and Computer Software, 1 (2005), 1–12.

14. V. A. Nepomniaschy, “Verification of Definite Iteration over Hierarchical Data structures”, Fundamental Approaches to Software Engineering, Second International Conference, FASE’99 (Amsterdam, The Netherlands, March 22–28), Lecture Notes in Computer Science, 1577, Springer, 1999, 176–187, рttp://link.springer.com/chapter/10.1007/978-3-540-49020-3 12.

15. V. A. Nepomniaschy, “Verification of Definite Iteration over Tuples of Data Structures”, Programming and Computer Software, 1 (2002), 1–10.

16. V. A. Nepomniaschy, I. S. Anureev, M. M. Atuchin, I. V. Maryasov, A. A. Petrov, A. V. Promsky, “C Program Verification in SPECTRUM Multilanguage System”, Automatic Control and Computer Sciences, 45:7 (2011), 413–420, http://link.springer.com/article/10.3103/S014641161107011X.

17. V. A. Nepomniaschy, I. S. Anureev, I. N. Mikhaylov, A. V. Promsky, Towards The Verification of C Programs. Part 3. Translation From C-light To C-light-kernel and Its Formal Proof, Novosibirsk, Siberian Division of the Russian Academy of Sciences, A. P. Ershov Institute of Informatics Systems, 97, 2002 (Russian), http://www.iis.nsk.su/files/preprints/097.pdf.

18. V. A. Nepomniaschy, I. S. Anureev, A. V. Promsky, “Towards Verification of C Programs. C-light Language and Its Formal Semantics”, Programming and Computer Software, 28 (2002), 314–323.

19. V. A. Nepomniaschy, I. S. Anureev, A. V. Promsky, “Towards Verification of C Programs. Axiomatic Semantics of The C-kernel Language”, Programming and Computer Software, 29 (2003), 338–350.

20. V. A. Nepomniaschy, I. S. Anureev, A. V. Promsky, “Verification-Oriented Language CLight and Its Structural Operational Semantics”, Perspectives of System Informatics, 5th International Andrei Ershov Memorial Conference, PSI 2003 (Akademgorodok, Novosibirsk, Russia, July 9–12), Lecture Notes in Computer Science, 2890, Springer, 2003, 103–111, http://link.springer.com/chapter/10.1007/978-3-540-39866-0 12.