Data-driven Verification of Procedural Programs with Integer Arrays
Ahmed Bouajjani, Wael-Amine Boutglay, Peter Habermehl
TL;DR
The paper tackles automatic verification of procedural programs that manipulate parametric-size integer arrays by encoding verification conditions as constrained Horn clauses and synthesizing invariants and pre/post-conditions as universally quantified formulas. It extends the Horn-ICE learning framework with a data-driven, decision-tree-based approach (Horn-ICE-DT) and introduces diagramization to convert array-based CHCs into learnable classification problems, using Z3 as the teacher in an iterative loop. The authors implement this as the Tapis tool and demonstrate improved coverage on a large SV-COMP/TAPIS-Bench benchmark, including recursive procedures, with competitive performance against state-of-the-art tools. The work offers a scalable, data-driven method for inferring quantified invariants and pre/post-conditions for array-manipulating programs, contributing a practical approach to CHC solving in the presence of arrays and recursion.
Abstract
We address the problem of verifying automatically procedural programs manipulating parametric-size arrays of integers, encoded as a constrained Horn clauses solving problem. We propose a new algorithmic method for synthesizing loop invariants and procedure pre/post-conditions represented as universally quantified first-order formulas constraining the array elements and program variables. We adopt a data-driven approach that extends the decision tree Horn-ICE framework to handle arrays. We provide a powerful learning technique based on reducing a complex classification problem of vectors of integer arrays to a simpler classification problem of vectors of integers. The obtained classifier is generalized to get universally quantified invariants and procedure pre/post-conditions. We have implemented our method and shown its efficiency and competitiveness w.r.t. state-of-the-art tools on a significant benchmark.