Loop invariants: Analysis, classification, and examples

Software verification has emerged as a key concern for ensuring the continued progress of information technology. Full verification generally requires, as a crucial step, equipping each loop with a “loop invariant.” Beyond their role in verification, loop invariants help program understanding by providing fundamental insights into the nature of algorithms. In practice, finding sound and useful invariants remains a challenge. Fortunately, many invariants seem intuitively to exhibit a common flavor. Understanding these fundamental invariant patterns could therefore provide help for understanding and verifying a large variety of programs. We performed a systematic identification, validation, and classification of loop invariants over a range of fundamental algorithms from diverse areas of computer science. This article analyzes the patterns, as uncovered in this study, governing how invariants are derived from postconditions; it proposes a taxonomy of invariants according to these patterns; and it presents its application to the algorithms reviewed. The discussion also shows the need for high-level specifications based on “domain theory.” It describes how the invariants and the corresponding algorithms have been mechanically verified using an automated program prover; the proof source files are available. The contributions also include suggestions for invariant inference and for model-based specification.

[1]  Klaudia Frankfurter Computers And Intractability A Guide To The Theory Of Np Completeness , 2016 .

[2]  Ronald L. Rivest,et al.  Introduction to Algorithms, third edition , 2009 .

[3]  Carlo Ghezzi,et al.  Synthesizing intensional behavior models by graph transformation , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[4]  Patrick Cousot,et al.  A static analyzer for large safety-critical software , 2003, PLDI '03.

[5]  Kurt Mehlhorn,et al.  Review of algorithms and data structures: the basic toolbox by Kurt Mehlhorn and Peter Sanders , 2011, SIGA.

[6]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[7]  Bor-Yuh Evan Chang,et al.  Abstract Interpretation with Alien Expressions and Heap Structures , 2005, VMCAI.

[8]  David Gries,et al.  The Science of Programming , 1981, Text and Monographs in Computer Science.

[9]  Alastair F. Donaldson,et al.  Software Model Checking , 2014, Computing Handbook, 3rd ed..

[10]  Michael Karr,et al.  Affine relationships among variables of a program , 1976, Acta Informatica.

[11]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[12]  Carroll Morgan,et al.  Programming from specifications , 1990, Prentice Hall International Series in computer science.

[13]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[14]  M. Ben-Ari,et al.  Principles of Concurrent and Distributed Programming (2nd Edition) (Prentice-Hall International Series in Computer Science) , 2006 .

[15]  共立出版株式会社 コンピュータ・サイエンス : ACM computing surveys , 1978 .

[16]  Henny B. Sipma,et al.  Linear Invariant Generation Using Non-linear Constraint Solving , 2003, CAV.

[17]  Mikoláš Janota Assertion-based loop invariant generation , 2007 .

[18]  Xin-She Yang,et al.  Introduction to Algorithms , 2021, Nature-Inspired Optimization Algorithms.

[19]  Henny B. Sipma,et al.  What's Decidable About Arrays? , 2006, VMCAI.

[20]  Leslie Lamport Teaching concurrency , 2009, SIGA.

[21]  William G. Griswold,et al.  Dynamically discovering likely program invariants to support program evolution , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[22]  Bertrand Meyer,et al.  Inferring better contracts , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[23]  Eric Walter From Calculus to Computation , 2014 .

[24]  Susan Owicki,et al.  An axiomatic proof technique for parallel programs I , 1976, Acta Informatica.

[25]  Dino Mandrioli,et al.  Modeling Time in Computing , 2012, Monographs in Theoretical Computer Science. An EATCS Series.

[26]  Bertrand Meyer,et al.  Object-oriented software construction (2nd ed.) , 1997 .

[27]  Bertrand Meyer A Basis for the Constructive Approach to Programming , 1980, IFIP Congress.

[28]  Nikolai Tillmann,et al.  Discovering Likely Method Specifications , 2006, ICFEM.

[29]  Bertrand Meyer,et al.  Stateful testing: Finding more errors in code and contracts , 2011, 2011 26th IEEE/ACM International Conference on Automated Software Engineering (ASE 2011).

[30]  Samson Abramsky,et al.  Domain theory , 1995, LICS 1995.

[31]  Andreas Zeller,et al.  Exploiting Common Object Usage in Test Case Generation , 2011, 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation.

[32]  Edsger W. Dijkstra,et al.  A Discipline of Programming , 1976 .

[33]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[34]  Thomas A. Henzinger,et al.  Invariant and Type Inference for Matrices , 2010, VMCAI.

[35]  Gary T. Leavens,et al.  Behavioral interface specification languages , 2012, CSUR.

[36]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[37]  Edmund M. Clarke,et al.  State space reduction using partial order techniques , 1999, International Journal on Software Tools for Technology Transfer.

[38]  Carroll Morgan,et al.  Programming from specifications (2nd ed.) , 1994 .

[39]  Salil P. Vadhan,et al.  Computational Complexity , 2005, Encyclopedia of Cryptography and Security.

[40]  Bertrand Meyer,et al.  Object-Oriented Software Construction, 2nd Edition , 1997 .

[41]  C. A. R. Hoare,et al.  Proof of correctness of data representations , 1972, Acta Informatica.

[42]  Thomas Wies,et al.  Intra-module Inference , 2009, CAV.

[43]  Viggo Stoltenberg-hansen,et al.  In: Handbook of Logic in Computer Science , 1995 .

[44]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[45]  André Platzer,et al.  Differential-algebraic Dynamic Logic for Differential-algebraic Programs , 2010, J. Log. Comput..

[46]  Bertrand Meyer,et al.  Inferring Loop Invariants Using Postconditions , 2010, Fields of Logic and Computation.

[47]  Donald E. Knuth Art of Computer Programming, Volumes 1-4A Boxed Set , 2011 .

[48]  Enric Rodríguez-Carbonell,et al.  Generating all polynomial invariants in simple loops , 2007, J. Symb. Comput..

[49]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[50]  Ida Eriksson,et al.  Extra, extra, read all about it. , 2011, Nature methods.

[51]  J. Michael Spivey,et al.  Z Notation - a reference manual (2. ed.) , 1992, Prentice Hall International Series in Computer Science.

[52]  室 章治郎 Michael R.Garey/David S.Johnson 著, "COMPUTERS AND INTRACTABILITY A guide to the Theory of NP-Completeness", FREEMAN, A5判変形判, 338+xii, \5,217, 1979 , 1980 .

[53]  Michael D. Ernst,et al.  Efficient incremental algorithms for dynamic detection of likely invariants , 2004, SIGSOFT '04/FSE-12.

[54]  Alan Robinson,et al.  Handbook of automated reasoning , 2001 .

[55]  Nikolai Tillmann,et al.  DySy: dynamic symbolic execution for invariant inference , 2008, ICSE.

[56]  C. A. R. Hoare,et al.  The verifying compiler: A grand challenge for computing research , 2003, JACM.

[57]  K. Rustan M. Leino,et al.  This is Boogie 2 , 2016 .

[58]  F. Frances Yao,et al.  Computational Geometry , 1991, Handbook of Theoretical Computer Science, Volume A: Algorithms and Complexity.

[59]  Andrei Voronkov,et al.  Finding Loop Invariants for Programs over Arrays Using a Theorem Prover , 2009, 2009 11th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing.

[60]  F. Petrus Cuperus,et al.  Eiffel Analysis, Design and Programming Language , 2005 .

[61]  G. Toussaint Solving geometric problems with the rotating calipers , 1983 .

[62]  Deeparnab Chakrabarty,et al.  Knapsack Problems , 2008 .

[63]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[64]  Bruno Buchberger Mathematical Theory Exploration , 2006, 2006 Eighth International Symposium on Symbolic and Numeric Algorithms for Scientific Computing.

[65]  Corina S. Pasareanu,et al.  Verification of Java Programs Using Symbolic Execution and Invariant Generation , 2004, SPIN.

[66]  Neelam Gupta,et al.  A new structural coverage criterion for dynamic detection of program invariants , 2003, 18th IEEE International Conference on Automated Software Engineering, 2003. Proceedings..

[67]  Thomas A. Henzinger,et al.  Invariant Synthesis for Combined Theories , 2007, VMCAI.

[68]  Henny B. Sipma,et al.  Non-linear loop invariant generation using Gröbner bases , 2004, POPL.

[69]  Robert W. Floyd,et al.  Assigning Meanings to Programs , 1993 .

[70]  Tomás Vojnar,et al.  Automatic Verification of Integer Array Programs , 2009, CAV.

[71]  Nachum Dershowitz,et al.  In handbook of automated reasoning , 2001 .

[72]  Lauretta O. Osho,et al.  Axiomatic Basis for Computer Programming , 2013 .

[73]  Diego Garbervetsky,et al.  Reducing the Number of Annotations in a Verification-oriented Imperative Language , 2010, ArXiv.

[74]  Deepak Kapur,et al.  Using dynamic analysis to discover polynomial and array invariants , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[75]  Bertrand Meyer,et al.  A comparative study of programmer-written and automatically inferred contracts , 2009, ISSTA.

[76]  Andrei Voronkov,et al.  Finding Loop Invariants for Programs over Arrays Using a Theorem Prover , 2009, FASE.

[77]  Daniel Kroening,et al.  Decision Procedures - An Algorithmic Point of View , 2008, Texts in Theoretical Computer Science. An EATCS Series.

[78]  Francesco Logozzo,et al.  Automatic Inference of Class Invariants , 2004, VMCAI.