Program Analysis Using Quantifier-Elimination Heuristics

(Extended Abstract)
  • Deepak Kapur
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7287)


Software is being employed for life-critical, safety-critical, infrastructure-critical and economically critical applications. Our daily lives rely heavily on proper functioning of software in gadgets we directly or indirectly use-airplanes, flight control, high speed trains, cars, cell-phones, medical devices and instruments, banks, and what not. Malfunctioning of a program can have very severe consequences-costing lives (e.g. Therac-25 [13], Patriot missile) and money (e.g. Ariane 5, malfunctioning of economic transactions, problems in stock exchanges) [14]. Validation and verification of software have become even more and more important. Given that full verification of software has been found increasingly difficult to achieve because of lack of rigorous and complete specifications on one hand as well as difficulty of verification systems/theorem provers to address the increasing complexity of software despite considerable advances in automated reasoning techniques, ensuring absence of various types of bugs becomes a critical first step in ensuring reliability.


Atomic Formula High Speed Train Abstract Interpretation Program Variable Branch Condition 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Allamigeon, X.: Static analysis of memory manipulations by abstract interpretation Algorithmics of tropical polyhedra, and application to abstract interpretation. PhD thesis, Ecole Polytechnique, Palaiseau, France (November 2009),
  2. 2.
    Cousot, P., Cousot, R.: Abstract Interpretation: a Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In: Conference Record of the Fourth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Los Angeles, California, pp. 238–252. ACM Press, New York (1977)CrossRefGoogle Scholar
  3. 3.
    Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTREÉ Analyzer. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 21–30. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Cousot, P., Halbwachs, N.: Automatic Discovery of Linear Restraints among Variables of a Program. In: Conference Record of the Fifth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Tucson, Arizona, pp. 84–97. ACM Press, New York (1978)CrossRefGoogle Scholar
  5. 5.
    Gulwani, S., Jha, S., Tiwari, A., Venkatesan, R.: Synthesis of loop-free programs. In: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 62–73. ACM (2011)Google Scholar
  6. 6.
    Gulwani, S., Srivastava, S., Venkatesan, R.: Program analysis as constraint solving. In: PLDI, pp. 281–292 (2008)Google Scholar
  7. 7.
    Jaffar, J., Maher, M., Stuckey, P., Yap, R.: Beyond Finite Domains. In: Borning, A. (ed.) PPCP 1994. LNCS, vol. 874, pp. 86–94. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  8. 8.
    Jeannet, B., Argoud, M., Lalire, G.: The interproc interprocedural analyzerGoogle Scholar
  9. 9.
    Jhala, R., Majumdar, R.: Software model checking. ACM Computing Surveys (CSUR) 41(4), 21 (2009)CrossRefGoogle Scholar
  10. 10.
    Kapur, D.: Automatically Generating Loop Invariants using Quantifier Elimination. Technical report, Department of Computer Science, University of New Mexico, Albuquerque, NM, USA (2003)Google Scholar
  11. 11.
    Kapur, D.: A quantifier-elimination based heuristic for automatically generating inductive assertions for programs. Journal of Systems Science and Complexity 19(3), 307–330 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Kapur, D., Zarba, C.: A Reduction Approach to Decison Procedures. Technical Report, Department of Computer Science, UNM (December 2006)Google Scholar
  13. 13.
    Leveson, N., Turner, C.: An investigation of the therac-25 accidents. Computer 26(7), 18–41 (1993)CrossRefGoogle Scholar
  14. 14.
    Lions, J., Luebeck, L., Fauquembergue, J., Kahn, G., Kubbat, W., Levedag, S., Mazzini, L., Merle, D., Halloran, C.O.: Ariane 5, flight 501 failure (1996)Google Scholar
  15. 15.
    Miné, A.: Weakly relational numerical abstract domains. These de doctorat en informatique, École polytechnique, Palaiseau, France (2004)Google Scholar
  16. 16.
    Sankaranarayanan, S., Sipma, H., Manna, Z.: Non-linear Loop Invariant Generation using Gröbner Bases. In: Symp. on Principles of Programming Languages (2004)Google Scholar
  17. 17.
    Schrijver, A.: Theory of Linear and Integer Programming. John Wiley (1998)Google Scholar
  18. 18.
    Sheini, H.M., Sakallah, K.A.: A Scalable Method for Solving Satisfiability of Integer Linear Arithmetic Logic. In: Bacchus, F., Walsh, T. (eds.) SAT 2005. LNCS, vol. 3569, pp. 241–256. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Deepak Kapur
    • 1
  1. 1.Dept. of Computer ScienceUniversity of New MexicoAlbuquerqueUSA

Personalised recommendations