learning loop invariants for program verification
play

Learning Loop Invariants for Program Verification Xujie Si*, Hanjun - PowerPoint PPT Presentation

Aug 17, 2023 •46 likes •386 views

Learning Loop Invariants for Program Verification Xujie Si*, Hanjun Dai*, Mukund Raghothaman, Mayur Naik, Le Song University of Pennsylvania Georgia Institute of Technology NeurIPS 2018 Code: https://github.com/PL-ML/code2inv * equal

  1. Learning Loop Invariants for Program Verification Xujie Si*, Hanjun Dai*, Mukund Raghothaman, Mayur Naik, Le Song University of Pennsylvania Georgia Institute of Technology NeurIPS 2018 Code: https://github.com/PL-ML/code2inv * equal contribution

  2. Program verification • Prove whether your code is bug-free

  3. Program verification • Prove whether your code is bug-free -- Some of rules can be automated: sequence rule, conditional rule, ......

  4. Program verification • Prove whether your code is bug-free -- Some of rules can be automated: sequence rule, conditional rule, ...... -- Except ‘while rule’ Loop Invariant <> Halting Problem

  5. What is loop invariant?

  6. What is loop invariant? Program

  7. What is loop invariant? Loop Invariant Program

  8. What is loop invariant? Loop Invariant Program Requirement:

  9. Loop Invariant Checker

  10. Loop Invariant Checker

  11. Loop Invariant Checker

  12. Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward code

  13. Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward Agent code

  14. Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward Agent code

  15. Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward Agent code 0 / 1 (Correct or not)

  16. Difficulties of learning loop invariant 2. Generalization ability ! ≥ 1 ⋁ % = 0 ( ) ≤ 2 ⋀ ( - > 0 ...... Agent Agent Agent codeN code2 code1 0 / 1 (Correct or not) 0 / 1 (Correct or not) 0 / 1 (Correct or not)

  17. Difficulties of learning loop invariant 2. Generalization ability ! ≥ 1 ⋁ % = 0 ( ) ≤ 2 ⋀ ( - > 0 ...... Agent Agent Agent codeN code2 code1 0 / 1 (Correct or not) 0 / 1 (Correct or not) 0 / 1 (Correct or not) New code => Agent

  18. Solution to sparsity and non-smoothness Agent code 0 (not correct)

  19. Solution to sparsity and non-smoothness Agent code 0 (not correct) Counter-example: why am I wrong? ! = 1, % = −10

  20. Solution to sparsity and non-smoothness Collection of counter-examples: Agent code 0 (not correct) Counter-example: why am I wrong? ! = 1, % = −10

  21. Solution to sparsity and non-smoothness Collection of counter-examples: ! = 3, % = −2 Agent ! = 3, % = −1 code ! = 3, % = −1 ! = 0, % = −2 ! = 2, % = −2 0 (not correct) ! = 0, % = −1 ! = 2, % = −1 ! = 0, % = −4 ! = 1, % = −1 ! = 2, % = −1 ! = 0, % = −3 Counter-example: why am I wrong? Pre Inv Post ! = 1, % = −10

  22. Solution to sparsity and non-smoothness Collection of counter-examples: ! = 3, % = −2 Agent ! = 3, % = −1 code ! = 3, % = −1 ! = 0, % = −2 ! = 2, % = −2 0 (not correct) ! = 0, % = −1 ! = 2, % = −1 ! = 0, % = −4 ! = 1, % = −1 ! = 2, % = −1 ! = 0, % = −3 Counter-example: why am I wrong? Pre Inv Post ! = 1, % = −10 • Smoothed reward

  23. Solution to sparsity and non-smoothness Collection of counter-examples: ! = 3, % = −2 Agent ! = 3, % = −1 code ! = 3, % = −1 ! = 0, % = −2 ! = 2, % = −2 0 (not correct) ! = 0, % = −1 ! = 2, % = −1 ! = 0, % = −4 ! = 1, % = −1 ! = 2, % = −1 ! = 0, % = −3 Counter-example: why am I wrong? Pre Inv Post ! = 1, % = −10 • Smoothed reward • Reduced Z3 calls

  24. Solution to generalization • Transferable graph representation of source code => SSA Transformation =>

  25. Code2Inv: End-to-end learning framework ...... ! ≥ 0 && ! < 4 ' ≥ 100

  26. Experimental evaluation of Code2Inv • We collect 133 benchmark programs OOPSLA 2013, Dillig et al POPL 2016, Garag et al

  27. Experimental evaluation of Code2Inv • We collect 133 benchmark programs OOPSLA 2013, Dillig et al POPL 2016, Garag et al

  28. Code2Inv as an out-of-the-box solver Ours Solved more instances with same # Z3 calls

  29. Generalize to new programs void main (int n) { int x = 0 int m = 0 while (x < n) { if (unknown()) { m = x } x = x + 1 } if (n > 0) { assert (m < n) } }

  30. Generalize to new programs void main (int n) { int x = 0 int w = 0 int m = 0 int z = 0 while (x < n) { if (unknown()) { m = x } x = x + 1 } if (n > 0) { assert (m < n) } }

  31. Generalize to new programs void main (int n) { int x = 0 int w = 0 int m = 0 int z = 0 while (x < n) { z = z + 1 if (unknown()) { m = x z = m + 1 } x = x + 1 w = m + x } if (n > 0) { assert (m < n) } }

  32. Generalize to new programs void main (int n) { void main (int n) { int x = 0 int x = 0 int w = 0 int w = 0 int m = 0 int m = 0 int z = 0 int z = 0 while (x < n) { while (x < n) { z = z + 1 z = z + 1 if (unknown()) { if (unknown()) { m = x m = x z = m + 1 z = m + 1 } } x = x + 1 x = x + 1 w = m + x w = m + x } } if (n > 0) { if (n > 0) { assert (m < n) assert (m < n) } } } }

  33. 1 confounding variable 3 confounding variables 5 confounding variables Generalization ability of Code2Inv

  34. Poster session: 05:00 -- 07:00 PM Room 210 & 230 AB #23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Loop invariants &lt;precondition: n&gt;0&gt; int i = 0; while (i &lt; n){ i = i+1; We want to

Loop invariants &lt;precondition: n&gt;0&gt; int i = 0; while (i &lt; n){ i = i+1; We want to

4/23/16 Loop invariants as a way of reasoning about the state of your program Loop invariants &lt;precondition: n&gt;0&gt; int i = 0; while (i &lt; n){ i = i+1; We want to prove: } i==n right after the loop &lt;post condition: i==n&gt;

80 views • 7 slides
CS 220: Discrete Structures and their Applications Loop Invariants Chapter 3 in zybooks Program

CS 220: Discrete Structures and their Applications Loop Invariants Chapter 3 in zybooks Program

CS 220: Discrete Structures and their Applications Loop Invariants Chapter 3 in zybooks Program verification How do we know our program works correctly? In this lecture we will focus on a tool for verifying the correctness of programs that

605 views • 25 slides
Decision Tree Based Learning of Program Invariants Deepak DSouza Department of Computer

Decision Tree Based Learning of Program Invariants Deepak DSouza Department of Computer

Floyd-Hoare Style Verification Decision Tree Learning ICE Learning Proofs with Multiple Invariants Decision Tree Based Learning of Program Invariants Deepak DSouza Department of Computer Science and Automation Indian Institute of Science,

648 views • 37 slides
Loop Invariants: Part 2 7 January 2019 OSU CSE 1 Maintaining the Loop Invariant A claimed

Loop Invariants: Part 2 7 January 2019 OSU CSE 1 Maintaining the Loop Invariant A claimed

Loop Invariants: Part 2 7 January 2019 OSU CSE 1 Maintaining the Loop Invariant A claimed loop invariant is valid only if the loop body actually maintains the property, i.e., the loop invariant remains true at the end of each execution of

386 views • 20 slides
Loop Invariants Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of

Loop Invariants Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of

Introduction Loops Loop Equations Loop Invariants Termination Loop Invariants Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer Science Introduction Loops Loop Equations Loop Invariants Termination

292 views • 18 slides
Learning to Specify soundly Suresh Jagannathan Joint work with He Zhu, Stephen Magill, and

Learning to Specify soundly Suresh Jagannathan Joint work with He Zhu, Stephen Magill, and

Learning to Specify soundly Suresh Jagannathan Joint work with He Zhu, Stephen Magill, and Gustavo Petri Goal + Verification Program Specifications Conditions Types Assertions Contracts Pre/Post Loop Invariants Spec Spec

482 views • 33 slides
Objectives You should be able to ... Loop Invariants Explain the concept of well formed

Objectives You should be able to ... Loop Invariants Explain the concept of well formed

od Introduction Loops Loop Equations Loop Invariants Termination Introduction Loops Loop Equations Loop Invariants Termination Objectives You should be able to ... Loop Invariants Explain the concept of well formed induction. Dr.

579 views • 5 slides
Program Program Learning Learning Outcomes: Outcomes: Closing Closing the the Lo Loop op

Program Program Learning Learning Outcomes: Outcomes: Closing Closing the the Lo Loop op

Program Program Learning Learning Outcomes: Outcomes: Closing Closing the the Lo Loop op Amal BouZeineddine bouzein@aub.edu.lb Associate Director Center for Teaching and Learning (CTL) American University of Beirut June 19, 2019

1.62k views • 106 slides
Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of

Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of

Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of Recurrence Sets via Constraint Solving Andreas Podelski January 17, 2012 1 Program Verification and Constraints Reasoning about program

422 views • 28 slides
Lecture 5: Loop Invariants and Insertion-sort COMS10007 - Algorithms Dr. Christian Konrad

Lecture 5: Loop Invariants and Insertion-sort COMS10007 - Algorithms Dr. Christian Konrad

Lecture 5: Loop Invariants and Insertion-sort COMS10007 - Algorithms Dr. Christian Konrad 11.01.2019 Dr. Christian Konrad Lecture 5: Loop Invariants and Insertion-sort 1 / 12 Proofs by Induction Structure of a Proof by Induction 1 Statement

692 views • 30 slides
Loop Invariants Announcements for This Lecture Prelim 2 Assignments A6 due TOMORROW

Loop Invariants Announcements for This Lecture Prelim 2 Assignments A6 due TOMORROW

Lecture 23 Loop Invariants Announcements for This Lecture Prelim 2 Assignments A6 due TOMORROW Difficulty was reasonable Complete it by midnight Mean : 72, Median : 75 Also, fill out survey Just 2 points below target

745 views • 36 slides
Verification Techniques for Object Invariants Peter Mller Microsoft Research Joint work with

Verification Techniques for Object Invariants Peter Mller Microsoft Research Joint work with

A Unified Framework for Verification Techniques for Object Invariants Peter Mller Microsoft Research Joint work with Sophia Drossopoulou and Adrian Francalanza 2 Object Invariants Express consistency criteria of objects Support

503 views • 18 slides
Loop Invariants Announcements for This Lecture Prelim 2 Assignments A6 due TOMORROW

Loop Invariants Announcements for This Lecture Prelim 2 Assignments A6 due TOMORROW

Lecture 23 Loop Invariants Announcements for This Lecture Prelim 2 Assignments A6 due TOMORROW Thursday at 7:30 pm Complete it by midnight AF in Uris G01 Also, fill out survey G-H in Malott 228 A7 due December 10

567 views • 39 slides
Verification of Object-Oriented Programs with Invariants Mike Barnett, Robert DeLine, Manual

Verification of Object-Oriented Programs with Invariants Mike Barnett, Robert DeLine, Manual

Verification of Object-Oriented Programs with Invariants Mike Barnett, Robert DeLine, Manual Fahndrich, K. Rustan M. Leino an Wolfram Shulte 1 Overview Goal : design a sound methodology for specifying object invariants that can then be

809 views • 33 slides
SECTION 2: What is a loop invariant? Loop Reasoning An assertion that always holds at

SECTION 2: What is a loop invariant? Loop Reasoning An assertion that always holds at

Review: Reasoning about loops SECTION 2: What is a loop invariant? Loop Reasoning An assertion that always holds at the top of a loop &amp; HW3 Setup Why do we need invariants? Most code is not straight line Most

451 views • 14 slides
Searching for Program Invariants using Genetic Programming and Mutation Testing Sam Ratcliff,

Searching for Program Invariants using Genetic Programming and Mutation Testing Sam Ratcliff,

Searching for Program Invariants using Genetic Programming and Mutation Testing Sam Ratcliff, David R. White and John A. Clark. The 13th CREST Open Workshop Thursday 12 May 2011 Outline Invariants Using GP to find Invariants Identifying

417 views • 38 slides
Shift all Schools 20 Minutes Later A Current Proposed Elementary 8:25 a.m. - 3:00 p.m. 8:45

Shift all Schools 20 Minutes Later A Current Proposed Elementary 8:25 a.m. - 3:00 p.m. 8:45

Shift all Schools 20 Minutes Later A Current Proposed Elementary 8:25 a.m. - 3:00 p.m. 8:45 a.m. - 3:20 p.m. Oak Hill Middle 8:20 a.m. - 2:50 p.m. 8:00 a.m. - 2:30 p.m. Day Middle 8:05 a.m. - 2:35 p.m. 8:25 a.m. - 2:55 p.m. Bigelow

315 views • 7 slides
Who Am I? Secure Identity Registration on Distributed Ledgers Sarah Azouvi Mustafa Al-Bassam

Who Am I? Secure Identity Registration on Distributed Ledgers Sarah Azouvi Mustafa Al-Bassam

Who Am I? Secure Identity Registration on Distributed Ledgers Sarah Azouvi Mustafa Al-Bassam Sarah Meiklejohn (University College London) 1 Cryptocurrencies 2 Cryptocurrencies Pseudonyms 2 Cryptocurrencies Pseudonyms tx(pk A pk B ) 2

719 views • 43 slides
HASH FUNCTIONS Mihir Bellare UCSD 1 Mihir Bellare UCSD 2 Hash functions Hash functions

HASH FUNCTIONS Mihir Bellare UCSD 1 Mihir Bellare UCSD 2 Hash functions Hash functions

SHA1 is dead ... HASH FUNCTIONS Mihir Bellare UCSD 1 Mihir Bellare UCSD 2 Hash functions Hash functions MD: MD4, MD5, MD6 MD: MD4, MD5, MD6 SHA2: SHA1, SHA224, SHA256, SHA384, SHA512 SHA2: SHA1, SHA224, SHA256, SHA384,

329 views • 13 slides
Agenda Why All Digital AM? All Digital AM on WWFD Future vision from Xperi Dave

Agenda Why All Digital AM? All Digital AM on WWFD Future vision from Xperi Dave

Agenda Why All Digital AM? All Digital AM on WWFD Future vision from Xperi Dave Kolesar Mike Raide Chuck Kelly Senior Broadcast Engineer Regional Sales Manager Senior Manager Future vision from DRM WTOP/WFED Asia Pacific,

991 views • 48 slides
Video Surveillance Event Detection Track The TRECVID 2009 Evaluation Jonathan Fiscus, Martial

Video Surveillance Event Detection Track The TRECVID 2009 Evaluation Jonathan Fiscus, Martial

Video Surveillance Event Detection Track The TRECVID 2009 Evaluation Jonathan Fiscus, Martial Michel, John Garofolo, Paul Over NIST Heather Simpson, Stephanie Strassel LDC VACE VACE V ideo A nalysis C ontent E xtraction Science and

481 views • 46 slides
2115 W. 182nd Street Torrance, CA 90504 310.217.7000 www.faithsouthbay.org @faithsouthbay

2115 W. 182nd Street Torrance, CA 90504 310.217.7000 www.faithsouthbay.org @faithsouthbay

2115 W. 182nd Street Torrance, CA 90504 310.217.7000 www.faithsouthbay.org @faithsouthbay faithsouthbay IT IS WELL SIMPLE STEPS TO STAY PHYSICALLY, SPIRITUALLY &amp; EMOTIONALLY WELL IN AN AGE OF THE CORONAVIRUS 1 WASH YOUR HANDS

338 views • 33 slides
Lo Logis istic ics Feedback Slides and Recording Survey will pop up on Slides are

Lo Logis istic ics Feedback Slides and Recording Survey will pop up on Slides are

9/9/20 As Asset Mana nagement Software Sept 9, 2020 12:00 1:30 EDT Wh What at to Know Bef efore You Buy www.chamonline.org 1 Questions Chat Write into the Q&amp;A For logistics and section announcements only Lo

296 views • 5 slides
Who Am I?. Alex Werth, Policy Associate East Bay Housing Organizations alex@ebho.org Who Am I

Who Am I?. Alex Werth, Policy Associate East Bay Housing Organizations alex@ebho.org Who Am I

Who Am I?. Alex Werth, Policy Associate East Bay Housing Organizations alex@ebho.org Who Am I Not?. A lawyer A tenant counselor Eviction Moratoriums 101 What Are We Going to Discuss Today?. 1. What is an eviction moratorium? How does it

528 views • 24 slides

More recommend