A Complete Approach to Loop Verification with Invariants and Summaries
Loop invariants characterize the partial result computed by a loop so far up to an intermediate state. It has been noted, however, that complementing invariants by summaries, which characterize the remaining iterations of a loop, can often lead to simpler correctness proofs. In this paper, we derive sound verification conditions for this approach, and moreover characterize completeness relative to a class of "safe" invariants, alongside with fundamental and novel insights in the relation between invariants and summaries. All theoretical results have immediate practical consequences for tool use and construction. Summaries should therefore be regarded as a principal alternative to invariants. To substantiate this claim experimentally, we evaluate the automation potential using state-of-the-art Horn solvers, which shows that the the proposed approach is competitive, even without specialized solving strategies.
READ FULL TEXT