Title :
Inferring Loop Invariants by Mutation, Dynamic Analysis, and Static Checking
Author :
Galeotti, Juan P. ; Furia, Carlo A. ; May, Eva ; Fraser, Gordon ; Zeller, Andreas
Author_Institution :
Dept. of Comput. Sci., Saarland Univ., Saarbrucken, Germany
Abstract :
Verifiers that can prove programs correct against their full functional specification require, for programs with loops, additional annotations in the form of loop invariants-properties that hold for every iteration of a loop. We show that significant loop invariant candidates can be generated by systematically mutating postconditions; then, dynamic checking (based on automatically generated tests) weeds out invalid candidates, and static checking selects provably valid ones. We present a framework that automatically applies these techniques to support a program prover, paving the way for fully automatic verification without manually written loop invariants: Applied to 28 methods (including 39 different loops) from various java.util classes (occasionally modified to avoid using Java features not fully supported by the static checker), our DYNAMATE prototype automatically discharged 97 percent of all proof obligations, resulting in automatic complete correctness proofs of 25 out of the 28 methods-outperforming several state-of-the-art tools for fully automatic verification.
Keywords :
Java; formal specification; program control structures; program testing; program verification; system monitoring; DYNAMATE prototype; Java.util classes; automatic complete correctness proofs; automatic verification; dynamic analysis; functional specification; loop invariant inference; mutation; program prover; static checking; test automatic generation; Arrays; Detectors; Generators; Heuristic algorithms; Instruments; Java; Prototypes; Loop invariants; automatic verification; dynamic analysis; functional properties; inference;
Journal_Title :
Software Engineering, IEEE Transactions on
DOI :
10.1109/TSE.2015.2431688
