Running example Concrete semantics Abstract semantics Evaluation References Analysis of Program Differences with Numerical Abstract Interpretation Airbus – LIP6 day David Delmas 1, 2 e 2 Antoine Min´ 1 Airbus EYYW 2 LIP6 APR 20 february 2019
Running example Concrete semantics Abstract semantics Evaluation References Introduction PhD on“portability analysis” Portability analysis is about comparing the semantics of two syntactically close versions of a program in two different environments (machine, OS, library, etc.)
Running example Concrete semantics Abstract semantics Evaluation References Introduction PhD on“portability analysis” Portability analysis is about comparing the semantics of two syntactically close versions of a program in two different environments (machine, OS, library, etc.) To start with Let us consider two syntactically close versions of a program in the same environment i.e. patch analysis
Running example Concrete semantics Abstract semantics Evaluation References Agenda Running example 1 Concrete semantics 2 Abstract semantics 3 Evaluation 4
Running example Concrete semantics Abstract semantics Evaluation References Running example Unchloop from Trostanetski et al. [2017] Original program 1 { 2 int a; int b; int c; int i ; int r; 3 4 a = input ( − 1000,1000); 5 b = input ( − 1000,1000); 6 c = 1; 7 8 i=0; 9 ( i < a ) { while 10 c=c+b; 11 i=i+1; 12 } 13 14 r = c; 15 16 }
Running example Concrete semantics Abstract semantics Evaluation References Running example Unchloop from Trostanetski et al. [2017] Change request 1 { 2 int a; int b; int c; int i ; int r; 3 4 a = input ( − 1000,1000); 5 b = input ( − 1000,1000); 6 c = 1; // to change 7 8 i=0; 9 ( i < a ) { while 10 c=c+b; 11 i=i+1; 12 } 13 14 r = c ; // to change 15 16 }
Running example Concrete semantics Abstract semantics Evaluation References Running example Unchloop from Trostanetski et al. [2017] Patched program 1 { 2 int a; int b; int c; int i ; int r; 3 4 a = input ( − 1000,1000); 5 b = input ( − 1000,1000); 6 c = 0; // 1 7 8 i=0; 9 ( i < a ) { while 10 c=c+b; 11 i=i+1; 12 } 13 14 r = c + 1; // c 15 16 }
Running example Concrete semantics Abstract semantics Evaluation References Running example Unchloop from Trostanetski et al. [2017] Joint representation: double program P 1 { 2 int a; int b; int c; int i ; int r; 3 4 a = input ( − 1000,1000); 5 b = input ( − 1000,1000); 6 c = 1 � 0; 7 8 i=0; 9 ( i < a ) { while 10 c=c+b; 11 i=i+1; 12 } 13 14 r = c � c + 1; 15 assert sync (r); 16 }
Running example Concrete semantics Abstract semantics Evaluation References Running example Unchloop from Trostanetski et al. [2017] Left projection: simple program P 1 = π 1 ( P ) 1 { 2 int a 1 ; int b 1 ; int c 1 ; int i 1 ; int r 1 ; 3 4 a 1 = input ( − 1000,1000); 5 b 1 = input ( − 1000,1000); 6 c 1 = 1; 7 def π 1 ( x ∈ V ) = x 1 ∈ V 1 8 i 1 =0; def 9 while ( i 1 < a 1 ) { π 1 ( s 1 � s 2 ) = s 1 10 c 1 =c 1 +b 1 ; 11 i 1 =i 1 +1; 12 } 13 14 r 1 = c 1 ; 15 16 }
Running example Concrete semantics Abstract semantics Evaluation References Running example Unchloop from Trostanetski et al. [2017] Right projection: simple program P 2 = π 2 ( P ) 1 { 2 int a 2 ; int b 2 ; int c 2 ; int i 2 ; int r 2 ; 3 4 a 2 = input ( − 1000,1000); 5 b 2 = input ( − 1000,1000); 6 c 2 = 0; 7 def π 2 ( x ∈ V ) = x 2 ∈ V 2 8 i 2 =0; def 9 while ( i 2 < a 2 ) { π 2 ( s 1 � s 2 ) = s 2 10 c 2 =c 2 +b 2 ; 11 i 2 =i 2 +1; 12 } 13 14 r 2 = c 2 + 1; 15 16 }
Running example Concrete semantics Abstract semantics Evaluation References Agenda Running example 1 Concrete semantics 2 Abstract semantics 3 Evaluation 4
❉ Running example Concrete semantics Abstract semantics Evaluation References Lifting simple program semantics to double programs Simple programs P k = π k ( P ) k ∈ { 1; 2 } variables in V k = { x k | x ∈ V } def memory states in E k = V k → ❘ expression semantics ❊ k � e � ∈ E k → P ( ❘ ) condition semantics ❈ k � c � ∈ E k → P ( { true , false } ) statement semantics ❙ k � s � ∈ P ( E k × E k ): input-output relation
Running example Concrete semantics Abstract semantics Evaluation References Lifting simple program semantics to double programs Simple programs P k = π k ( P ) k ∈ { 1; 2 } variables in V k = { x k | x ∈ V } def memory states in E k = V k → ❘ expression semantics ❊ k � e � ∈ E k → P ( ❘ ) condition semantics ❈ k � c � ∈ E k → P ( { true , false } ) statement semantics ❙ k � s � ∈ P ( E k × E k ): input-output relation Double program P variables in V def memory states in D = E 1 × E 2 statement semantics ❉ � s � ∈ P ( D × D ): input-output relation
Running example Concrete semantics Abstract semantics Evaluation References Assignment and blocs ❉ � dstat � ∈ P ( D × D ) def ❉ � skip � = ∆ D def ❉ � s 1 � s 2 � = { (( i 1 , i 2 ) , ( o 1 , o 2 )) | ( i 1 , o 1 ) ∈ ❙ 1 � s 1 � ∧ ( i 2 , o 2 ) ∈ ❙ 2 � s 2 � } def ❉ � V ← e 1 � e 2 � = ❉ � V ← e 1 � V ← e 2 � def ❉ � s 1 ; s 2 � = ❉ � s 1 � � ❉ � s 2 � where def R 1 � R 2 = { ( x , z ) | ∃ y : ( x , y ) ∈ R 1 ∧ ( y , z ) ∈ R 2 }
Running example Concrete semantics Abstract semantics Evaluation References if statement def ❉ � if c then s 1 else s 2 � = ❋ � c � � ❉ � s 1 � ∪ ❋ � ¬ c � � ❉ � s 2 � ∪ ❋ � c � ¬ c � � ❉ 1 � s 1 � � ❉ 2 � s 2 � ∪ ❋ � ¬ c � c � � ❉ 1 � s 2 � � ❉ 2 � s 1 � where def ❋ � c 1 � c 2 � = { (( ρ 1 , ρ 2 ) , ( ρ 1 , ρ 2 )) | true ∈ ❈ 1 � c 1 � ρ 1 ∩ ❈ 2 � c 2 � ρ 2 } def ❋ � c � = ❋ � c � c � def ❉ 1 � s � = ❉ � π 1 ( s ) � skip � def ❉ 2 � s � = ❉ � skip � π 2 ( s ) �
Running example Concrete semantics Abstract semantics Evaluation References while statement def ❉ � while c do s � = (lfp H ) � ❋ � ¬ c � where ❋ � c � � ❉ � s � ∪ � � def H ( R ) = ∆ D ∪ R � ❋ � c � ¬ c � � ❉ 1 � s � ∪ ❋ � ¬ c � c � � ❉ 2 � s �
Running example Concrete semantics Abstract semantics Evaluation References Semantics of the example 1 c = 1 � 0; 2 3 i=0; 4 while ( i < a ) { 5 c=c+b; 6 i=i+1; 7 } 8 9 r = c � c + 1;
Running example Concrete semantics Abstract semantics Evaluation References Semantics of the example 1 c = 1 � 0; 2 3 i=0; 4 ( i < a ) { while 5 c=c+b; 6 i=i+1; 7 } 8 9 r = c � c + 1; ❉ � � = { s 0 , (( a 1 , b 1 , 1 , 0 , 1) , ( a 2 , b 2 , 0 , 0 , 1)) | a 1 ≤ 0 ∧ a 2 ≤ 0 ∧ H 0 } ∪ { s 0 , (( a 1 , b 1 , 1 + a 1 × b 1 , a 1 , 1 + a 1 × b 1 ) , ( a 2 , b 2 , 0 , 0 , 1)) | a 1 > 0 ∧ a 2 ≤ 0 ∧ H 0 } ∪ { s 0 , (( a 1 , b 1 , 1 , 0 , 1) , ( a 2 , b 2 , a 2 × b 2 , a 2 , 1 + a 2 × b 2 )) | a 1 ≤ 0 ∧ a 2 > 0 ∧ H 0 } ∪ { s 0 , (( a 1 , b 1 , 1 + a 1 × b 1 , a 1 , 1 + a 1 × b 1 ) , ( a 2 , b 2 , a 2 × b 2 , a 2 , 1 + a 2 × b 2 )) | a 1 > 0 ∧ a 2 > 0 ∧ H 0 } where def = (( a 1 , b 1 , c 1 , i 1 , r 1 ) , ( a 2 , b 2 , c 2 , i 2 , r 2 )) s 0 def = ∀ k ∈ { 1 , 2 } : ( b k , c k , i k , r k ) ∈ ❘ 4 H 0
Running example Concrete semantics Abstract semantics Evaluation References Semantics of the example 1 c = 1 � 0; 2 3 i=0; equal initial states 4 ( i < a ) { while assuming a def = a 1 = a 2 and 5 c=c+b; def 6 i=i+1; b = b 1 = b 2 7 } 8 9 r = c � c + 1; ❉ � � = { s 0 , (( a , b , 1 , 0 , 1) , ( a , b , 0 , 0 , 1)) | a ≤ 0 ∧ H 0 } ∪ ∅ ∪ ∅ ∪ { s 0 , (( a , b , 1 + a × b , a , 1 + a × b ) , ( a , b , a × b , a , 1 + a × b )) | a > 0 ∧ H 0 } where def = (( a , b , c 1 , i 1 , r 1 ) , ( a , b , c 2 , i 2 , r 2 )) s 0 def = b ∈ ❘ ∧ ∀ k ∈ { 1 , 2 } : ( c k , i k , r k ) ∈ ❘ 3 H 0
Running example Concrete semantics Abstract semantics Evaluation References Agenda Running example 1 Concrete semantics 2 Abstract semantics 3 Evaluation 4
❉ ❉ ❙ ❙ ❉ ❉ ❉ ❉ ❉ ❉ ❉ ❉ ❉ ❉ Running example Concrete semantics Abstract semantics Evaluation References ❉ is not computable in general Numerical abstraction memory states in D ≈ ❘ |V 1 ∪V 2 | ⇒ any numeric abstract domain on pairs of environments
Running example Concrete semantics Abstract semantics Evaluation References ❉ is not computable in general Numerical abstraction memory states in D ≈ ❘ |V 1 ∪V 2 | ⇒ any numeric abstract domain on pairs of environments Abstract semantics ❉ defined by induction the syntax def but for ❉ � s 1 � s 2 � = { ... | ... ❙ 1 � s 1 � ∧ ... ❙ 2 � s 2 � } notice ❉ � s 1 � s 2 � = ❉ 1 � s 1 � � ❉ 2 � s 2 � e.g. ❉ � c ← 1 � 0 � = ❉ � c 1 ← 1 � � ❉ � c 2 ← 0 � ❉ ♯ is standard 1 � s 1 � � ♯ ❉ ♯ def = ❉ ♯ e.g. ❉ ♯ � s 1 � s 2 � 2 � s 2 �
Running example Concrete semantics Abstract semantics Evaluation References Which numerical abstract domains?
Recommend
More recommend
![Abstract interpretation based Analysis [FPCA 95], Predicate Abstraction [Mannas festschrift](https://c.sambuz.com/842045/abstract-interpretation-s.jpg)
