Beyond the Elementary Representations of Program Invariants over Algebraic Data Types

First-order logic is a natural way of expressing the properties of computation, traditionally used in various program logics for expressing the correctness properties and certificates. Subsequently, modern methods in the automated inference of program invariants progress towards the construction of first-order definable invariants. Although such representations are expressive for some theories, they fail to express many interesting properties of algebraic data types (ADTs). In this paper, we explore three different approaches of representing the inductive invariants of ADT-manipulating programs: by first-order formulas, by tree automata and by first-order formulas with size constraints. We compare the expressive power of these representations. For this purposes, we formulate and prove the analogues of pumping lemmas for the elementary languages and use them to prove the negative definability results. We show how to automatically infer regular invariants of ADT-manipulating programs using finite model finders. We have implemented our approach and evaluated it against the state-of-art engines for the invariant inference in first-order logic for ADT-manipulating programs. Our evaluation shows that automata-based representation of invariants is more practical than the one based on first-order logic since invariants are capable of expressing more complex properties of the computation and their automatic construction is less expensive.