This work addresses the specification synthesis problem for nondeterministic programs, overcoming two key limitations of existing frameworks: (i) inability to handle existential-quantified queries, and (ii) support for synthesizing only unidirectional logical consequences—either strongest postconditions or weakest preconditions, but not both. We propose the first unified synthesis method capable of generating both strongest L-postconditions (over-approximations capturing demonic properties valid across all executions) and weakest L-implications (under-approximations capturing angelic properties satisfied by some execution), fully supporting existentially quantified queries. Our approach integrates SMT solving, quantifier reasoning, and formal modeling in specification language L, built upon the constraint-solving and logic-synthesis framework LOU D and the solver ASPIRE. We empirically validate our method on tasks including concurrent program property extraction, bug localization, and winning strategy synthesis for two-player games, demonstrating its precision, interpretability, and semantic completeness.

This paper tackles the problem of synthesizing specifications for nondeterministic programs. For such programs, useful specifications can capture demonic properties, which hold for every nondeterministic execution, but also angelic properties, which hold for some nondeterministic execution. We build on top of a recently proposed a framework by Park et al. in which given (i) a quantifier-free query posed about a set of function definitions (i.e., the behavior for which we want to generate a specification), and (ii) a language L in which each extracted property is to be expressed (we call properties in the language L-properties), the goal is to synthesize a conjunction of L-properties such that each of the conjunct is a strongest L-consequence for the query: each property is an over-approximation of the query and there is no other L-property that over-approximates the query and is strictly more precise than each property. This framework does not apply to nondeterministic programs for two reasons: it does not support existential quantifiers in queries (which are necessary to expressing nondeterminism) and it can only compute L-consequences, i.e., it is unsuitable for capturing both angelic and demonic properties. This paper addresses these two limitations and presents a framework, LOUD, for synthesizing both strongest L-consequences and weakest L-implicants (i.e., under-approximations of the query) for queries that can involve existential quantifiers. We implement a solver, ASPIRE, for problems expressed in LOUD which can be used to describe and identify sources of bugs in both deterministic and nondeterministic programs, extract properties from concurrent programs, and synthesize winning strategies in two-player games.