We introduce ICE, a robust learning paradigm for synthesizing invariants, that learns using
examples, counter-examples, and implications, and show that it admits honest teachers and …

Abstract interpretation is a well-known and extensively used method to extract over-
approximate program invariants by a sound program analysis algorithm. Soundness means …

The rise in efficiency of Satisfiability Modulo Theories (SMT) solvers has created numerous
uses for them in software verification, program synthesis, functional programming …

This paper reviews the principles behind the paradigm of “abstract interpretation via 3-
valued logic,” discusses recent work to extend the approach, and summarizes on-going …

Automatic generation of non-linear loop invariants is a long-standing challenge in program
analysis, with many applications. For instance, reasoning about exponentials provides a …

We describe a general framework c2i for generating an invariant inference procedure from
an invariant checking procedure. Given a checker and a language of possible invariants, c2i …

Automatic discovery of relationships among values of array elements is a challenging
problem due to the unbounded nature of arrays. We present a framework for analyzing array …

We address the problem of automatically generating invariants with quantified and boolean
structure for proving the validity of given assertions or generating pre-conditions under …

The x86-64 ISA sits at the bottom of the software stack of most desktop and server software.
Because of its importance, many software analysis and verification tools depend, either …

We introduce the notion of local completeness in abstract interpretation and define a logic
for proving both the correctness and incorrectness of some program specification. Abstract …