program equivalence from trace equivalence
play

Program Equivalence From Trace Equivalence Tim Wood 1 Sophia - PowerPoint PPT Presentation

May 31, 2023 •389 likes •1.02k views

Program Equivalence From Trace Equivalence Tim Wood 1 Sophia Drossopoulou 1 1 Imperial College London Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 1 / 30 Context Program maintenance is a common and important

  1. Program Equivalence From Trace Equivalence Tim Wood 1 Sophia Drossopoulou 1 1 Imperial College London Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 1 / 30

  2. Context Program maintenance is a common and important activity Programmers need to change or extend behaviour Intent is often to preserve most of the behaviour When changing one behaviour, easy and common to unintentionally damage some other behaviour Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 2 / 30

  3. Context Program maintenance is a common and important activity Programmers need to change or extend behaviour Intent is often to preserve most of the behaviour When changing one behaviour, easy and common to unintentionally damage some other behaviour Programmers often don’t want to specify write tests for read or understand the whole program before they can change it Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 2 / 30

  4. Question What does it mean “preserve most of the behaviour”? Can we automatically check that most of the behaviour is preserved? Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 3 / 30

  5. Answer We propose a precise criterion to judge preservation of most of the behaviour Programmer tells us which objects should be affected by the modification If any other objects are affected, then the behaviour was not preserved Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 4 / 30

  6. Answer We propose a sufficient condition for the criteria that is useful for our tool Condition depends only on the trace of method calls between the affected and unaffected objects Condition doesn’t require the unaffected objects to be precisely tracked We are developing a tool which uses symbolic execution and approximation (not described here) Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 5 / 30

  7. Contributions Formal criterion for “preserve most of the behaviour” Useful sufficient condition for automated checking Automated proof of sufficiency of condition in Dafny Verifier Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 6 / 30

  8. Example StudentDb db = new StudentDb (); 1 Logger logger = new Logger (); 2 Prizes prizes = new Prizes (); 3 void main () { 4 List <Student > students = db. orderedByGrade (); 5 logger.considered(students); 6 prizes.awardTo(students); } 7 8 9 class Prizes { void awardTo(List <Student > students) { 10 award(students.get (0)); 11 award(students.get (1)); 12 award(students.get (2));} 13 void award(final Student student) { /* ... */ }} 14 15 16 class Logger { void considered (List <Student > students) { 17 18 for (Student s : students) { 19 println(" considered : " + s.name ()); }}} 20 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 7 / 30

  9. Example StudentDb db = new StudentDb (); 1 Logger logger = new Logger (); 2 Prizes prizes = new Prizes (); 3 void main () { 4 List <Student > students = db. orderedByGrade (); 5 logger.considered(students); 6 prizes.awardTo(students); } 7 8 9 class Prizes { void awardTo(List <Student > students) { 10 award(students.get (0)); 11 award(students.get (1)); 12 award(students.get (2));} 13 void award(final Student student) { /* ... */ }} 14 15 16 class Logger { void considered (List <Student > students) { 17 sort(students , compareStudentsByName ()); 18 for (Student s : students) { 19 println(" considered : " + s.name ()); }}} 20 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 8 / 30

  10. Modified Objects ⊆ Allegedly Affected Example StudentDb db = new StudentDb (); 1 Logger logger = new Logger (); 2 Prizes prizes = new Prizes (); 3 void main () { 4 List <Student > students = db. orderedByGrade (); 5 logger.considered(students); 6 prizes.awardTo(students); } 7 8 9 class Prizes { Allegedly Affected void awardTo(List <Student > students) { 10 award(students.get (0)); 11 award(students.get (1)); 12 award(students.get (2));} 13 void award(final Student student) { /* ... */ }} 14 15 16 class Logger { void considered (List <Student > students) { 17 sort(students , compareStudentsByName ()); 18 for (Student s : students) { 19 println(" considered : " + s.name ()); }}} 20 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 8 / 30

  11. Example StudentDb db = new StudentDb (); 1 Logger logger = new Logger (); 2 Prizes prizes = new Prizes (); 3 void main () { 4 List <Student > students = db. orderedByGrade (); 5 logger.considered(students); 6 prizes.awardTo(students); } 7 8 9 class Prizes { Actually Affected void awardTo(List <Student > students) { 10 award(students.get (0)); 11 award(students.get (1)); 12 award(students.get (2));} 13 void award(final Student student) { /* ... */ }} 14 15 16 class Logger { void considered (List <Student > students) { 17 sort(students , compareStudentsByName ()); 18 for (Student s : students) { 19 println(" considered : " + s.name ()); }}} 20 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 8 / 30

  12. Equivalence Criteria Equivalence criteria are expressed only in terms of the objects involved in the behaviour of interest to the programmer Programmer can be ignorant of the rest of the objects and their behaviour Programmer doesn’t have to read or understand those parts, our criteria takes care that they are not affected Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 9 / 30

  13. Equivalence Criteria Stack and Heap have the same shape when only the unaffected objects are considered. Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 10 / 30

  14. State Equivalence - Example U A U A fi fi 3 0 3 2 4 2 this this o2 o2 l o o 2 9 o1 o1 f f o o 2 9 this 0 5 this 4 7 n n o o 1 8 4 3 v1 v2 Stack and heap at a point in execution of a different example program. Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 11 / 30

  15. State Equivalence - Example U A U A fi fi 3 0 3 2 4 2 this this o2 o2 l o o 2 9 o1 o1 f f o o 2 9 this 0 5 this 4 7 n n o o 1 8 4 3 v1 v2 Unaffected objects and stack frames only Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 11 / 30

  16. Sufficient Condition Objective: Avoid comparing the whole heap at each execution step Solution: Compare only methods calls/returns between affected and unaffected objects Also allows us to over-approximate some or all of the unaffected objects Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 12 / 30

  17. Sufficient Condition - Illustration We want to establish that the unaffected objects correspond at each execution step . . . V1 . . . V2 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 13 / 30

  18. Sufficient Condition - Illustration Only need to consider states which are method calls or returns between affected and unaffected objects . . . V1 . . . V2 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 13 / 30

  19. Sufficient Condition - Illustration Only need to consider the topmost stack frame . . . V1 . . . V2 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 13 / 30

  20. Sufficient Condition - Illustration Intuition: the method calls and returns (and method parameters), between the affected and unaffected objects are enough information to uniquely deter- mine the unaffected objects V1 V2 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 14 / 30

  21. Trace Equivalence - Example t 1 (from v1) Method Params this: 3 Fifo return 3 this: 3 o: 1 add return this: 3 o: 2 add return remove this: 3 return 1 remove this: 3 return 2 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 15 / 30

  22. Trace Equivalence - Example t 1 (from v1) t 2 (from v2) Method Params Method Params this: 3 this:10 Fifo Fifo return 3 return 10 this: 3 o: 1 this:10 o: 8 add add return return this: 3 o: 2 this:10 o: 9 add add return return remove remove this: 3 this:10 return return 1 8 remove remove this: 3 this:10 return return 2 9 t 1 ∼ = t 2 using mapping (1,8),(3,10),(2,9) Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 15 / 30

  23. Trace Equivalence - Example t 1 (from v1) t 3 (imaginary) Method Params Method Params Fifo this: 3 Fifo this: 7 return return 3 7 this: 3 o: 1 this: 7 o: 4 add add return return this: 3 o: 2 this: 7 o: 6 add add return return remove remove this: 3 this: 7 return 1 return 6 remove remove this: 3 this: 7 return return 2 4 t 2 �∼ = t 3 Wood, Drossopoulou (Imperial College London) Program Equivalence October 2014 15 / 30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On CCZ-Equivalence, Extended-Affine Equivalence and Function Twisting Anne Canteaut, L eo

On CCZ-Equivalence, Extended-Affine Equivalence and Function Twisting Anne Canteaut, L eo

On CCZ-Equivalence, Extended-Affine Equivalence and Function Twisting Anne Canteaut, L eo Perrin June 3, 2019 Fq14, Vancouver Setting up the background Cryptographic properties Equivalence classes CCZ-equivalence Cryptographic

885 views • 63 slides
On CCZ-Equivalence, Extended-Affine Equivalence and Function Twisting Anne Canteaut, Lo Perrin

On CCZ-Equivalence, Extended-Affine Equivalence and Function Twisting Anne Canteaut, Lo Perrin

On CCZ-Equivalence, Extended-Affine Equivalence and Function Twisting Anne Canteaut, Lo Perrin June 18, 2018 BFA2018 Definition (EA-Equivalence; EA-mapping) F and G are E(xtented) A(ffine) equivalent if G x B F A x C x , where A B C

1.11k views • 98 slides
Equivalences 1 Equivalence Definition (Equivalence) Two formulas F and G are (semantically)

Equivalences 1 Equivalence Definition (Equivalence) Two formulas F and G are (semantically)

Propositional Logic Equivalences 1 Equivalence Definition (Equivalence) Two formulas F and G are (semantically) equivalent if A ( F ) = A ( G ) for every assignment A that is suitable for both F and G . We write F G to denote that F and G

276 views • 12 slides
Equivalence test for the trace iterated matrix multiplication polynomial Janaky Murthy M.Tech

Equivalence test for the trace iterated matrix multiplication polynomial Janaky Murthy M.Tech

Equivalence test for the trace iterated matrix multiplication polynomial Janaky Murthy M.Tech Research Advisor: Prof. Chandan Saha Department of Computer Science and Automation IISc Bangalore 1 Overview Introduction and Motivation

552 views • 52 slides
Todays Expedition TED highlights Equivalence Relations Equivalence Classes and

Todays Expedition TED highlights Equivalence Relations Equivalence Classes and

Todays Expedition TED highlights Equivalence Relations Equivalence Classes and Partitions Boolean Algebra Boolean functions Sum of Products expansion Logic gates and circuits Sections 8.5, 11.1-11.3 in the text

541 views • 15 slides
Reducing search space for trace equivalence checking FOSAD 2013 Lucca Hirschi LSV, ENS Cachan

Reducing search space for trace equivalence checking FOSAD 2013 Lucca Hirschi LSV, ENS Cachan

Reducing search space for trace equivalence checking FOSAD 2013 Lucca Hirschi LSV, ENS Cachan September 5, 2013 David Baelde Stphanie Delaune joint work with and LSV LSV Introduction Model Big Picture Differentiation Conclusion

891 views • 44 slides
Equivalence Relations {( a , b ) | a and b are from the the same state}. Observe that these

Equivalence Relations {( a , b ) | a and b are from the the same state}. Observe that these

Equivalence Relations http://localhost/~senning/courses/ma229/slides/equivalence-relations/slide01.html Equivalence Relations http://localhost/~senning/courses/ma229/slides/equivalence-relations/slide02.html Equivalence Relations prev | slides

235 views • 4 slides
Section 4.2: Equivalence Relations What is equality? What is equivalence? Equality is

Section 4.2: Equivalence Relations What is equality? What is equivalence? Equality is

Section 4.2: Equivalence Relations What is equality? What is equivalence? Equality is more basic, fundamental concept. Every element in a set is equal only to itself. The basic equality relation {(x,x) | x S} We tend to assume

893 views • 61 slides
Concurrency Theory Winter Semester 2019/20 Lecture 11: Trace Equivalence Joost-Pieter Katoen and

Concurrency Theory Winter Semester 2019/20 Lecture 11: Trace Equivalence Joost-Pieter Katoen and

Concurrency Theory Winter Semester 2019/20 Lecture 11: Trace Equivalence Joost-Pieter Katoen and Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ws-19-20/ct/ Introduction

795 views • 66 slides
7.5 EQUIVALENCE RELATIONS def: An equivalence relation is a binary rela- tion that is reflexive,

7.5 EQUIVALENCE RELATIONS def: An equivalence relation is a binary rela- tion that is reflexive,

7.5.1 Section 7.5 Equivalence Relations 7.5 EQUIVALENCE RELATIONS def: An equivalence relation is a binary rela- tion that is reflexive, symmetric, and transitive. Set S = { a, b, c, d, e, f } and Example 7.5.1: R = ( a, a ) , ( b, c )

312 views • 4 slides
Checking NFA Equivalence with Bisimulations up to Congruence Filippo Bonchi and Damien Pous

Checking NFA Equivalence with Bisimulations up to Congruence Filippo Bonchi and Damien Pous

Checking NFA Equivalence with Bisimulations up to Congruence Filippo Bonchi and Damien Pous CNRS, LIP, ENS Lyon POPL, Roma, 25.1.2o13 Language equivalence of finite automata Useful for model checking: check that a program refines its

1.36k views • 92 slides
Finite and infinite traces, inductively and coinductively Jurriaan Rot WAIT 2018 1/16 Overview

Finite and infinite traces, inductively and coinductively Jurriaan Rot WAIT 2018 1/16 Overview

Finite and infinite traces, inductively and coinductively Jurriaan Rot WAIT 2018 1/16 Overview Classic fact: if an LTS is image-finite, then finite trace equivalence coincides with infinite trace equivalence Standard proof:

628 views • 16 slides
A Logical Study of Program Equivalence Guilhem Jaber Ecole des Mines de Nantes LINA - Ascola

A Logical Study of Program Equivalence Guilhem Jaber Ecole des Mines de Nantes LINA - Ascola

A Logical Study of Program Equivalence Guilhem Jaber Ecole des Mines de Nantes LINA - Ascola PhD Defense Institut Henri Poincar e (Paris) July 11th 2014 1 / 38 Why study the Equivalence of Programs ? Specification of programs

1.09k views • 93 slides
Proving Equivalence of Imperative Programs via Constrained Rewriting Induction Carsten Fuhs

Proving Equivalence of Imperative Programs via Constrained Rewriting Induction Carsten Fuhs

Proving Equivalence of Imperative Programs via Constrained Rewriting Induction Carsten Fuhs Birkbeck, University of London joint work with Cynthia Kop (U Copenhagen) and Naoki Nishida (U Nagoya) Workshop on Program Equivalence, London, UK 11

2.1k views • 197 slides
Leveraging Program Equivalence for Adaptive Program Repair: Models and First Results Westley

Leveraging Program Equivalence for Adaptive Program Repair: Models and First Results Westley

Leveraging Program Equivalence for Adaptive Program Repair: Models and First Results Westley Weimer, UVA Zachary P . Fry, UVA Stephanie Forrest, UNM Automated Program Repair Given a program, a notion of correct behavior, and evidence

679 views • 30 slides
Proving Equivalence Between Imperative and MapReduce Implementations Using Program

Proving Equivalence Between Imperative and MapReduce Implementations Using Program

Proving Equivalence Between Imperative and MapReduce Implementations Using Program Transformations VPT 2018 Thessaloniki 20 April 2018 Bernhard Beckert, Timo Bingman, Moritz Kiefer, Peter Sanders, Mattias Ulbrich , Alexander Weigl www.kit.edu

968 views • 60 slides
Bayes' Nets Robert Platt Saber Shokat Fadaee Northeastern University The slides are

Bayes' Nets Robert Platt Saber Shokat Fadaee Northeastern University The slides are

Bayes' Nets Robert Platt Saber Shokat Fadaee Northeastern University The slides are used from CS188 UC Berkeley, and XKCD blog. CS 188: Artificial Intelligence Bayes Nets Instructors: Dan Klein and Pieter Abbeel --- University of

531 views • 34 slides
One Size Does Not Fit All: An Empirical Study of Containerized Continuous Deployment Workflows

One Size Does Not Fit All: An Empirical Study of Containerized Continuous Deployment Workflows

One Size Does Not Fit All: An Empirical Study of Containerized Continuous Deployment Workflows Yang Zhang, Bogdan Vasilescu, Huaimin Wang, Vladimir Filkov November 7, 2018 Continuous Delivery/Deployment It is the ability to release A software

513 views • 19 slides
How to convert more visitors to customers Joshua Porter, Co-founder The Big Problem Visit us:

How to convert more visitors to customers Joshua Porter, Co-founder The Big Problem Visit us:

TM How to convert more visitors to customers Joshua Porter, Co-founder The Big Problem Visit us: www.performable.com Call us: 1-888-268-6035 Customer Lifecycle Marketing Most Inbound/Outbound marketing software &amp; services focus on

457 views • 19 slides
RKD and Google RKD Media Welcome and thanks for joining us! Please submit your questions:

RKD and Google RKD Media Welcome and thanks for joining us! Please submit your questions:

Digital Breakfast with RKD and Google RKD Media Welcome and thanks for joining us! Please submit your questions: In Chat @RobbinsKersten digitalnetworks@rkdalphadog.com Presenters Todays Presenters Diana Talhelm Anjolie

643 views • 24 slides
Stickers, Straws, and Augmented Reality: the DIY approach to Prototyping AR experiences

Stickers, Straws, and Augmented Reality: the DIY approach to Prototyping AR experiences

Stickers, Straws, and Augmented Reality: the DIY approach to Prototyping AR experiences Caitlin Fisher | Andrew Roth Future Cinema Lab | Augmented Reality Lab at York University Saturday, 21 April, 12 The Augmented Reality Lab at York

759 views • 52 slides
PINNACLE COMMUNICATIONS INT'L, INC. 2016 BUSINESS OVERVIEW This pro forma is a conservative

PINNACLE COMMUNICATIONS INT'L, INC. 2016 BUSINESS OVERVIEW This pro forma is a conservative

PINNACLE COMMUNICATIONS INT'L, INC. 2016 BUSINESS OVERVIEW This pro forma is a conservative forward-looking statement of Pinnacles anticipated growth over the next twelve months. September October November December January February

989 views • 11 slides
Bitmap Indexing of Big Data EBISS 2019 - Berlin (Germany) - July 5, 2019 Lawan Subba

Bitmap Indexing of Big Data EBISS 2019 - Berlin (Germany) - July 5, 2019 Lawan Subba

Bitmap Indexing of Big Data EBISS 2019 - Berlin (Germany) - July 5, 2019 Lawan Subba Supervisors: Christian Thomsen and Torben Bach Pedersen Aalborg University, Denmark External Supervisor: Alberto Abello Polytechnic University of Catalonia,

627 views • 48 slides
M-OSRP: objectives, strategy and game-changing delivery Recent advances to on-shore, ocean

M-OSRP: objectives, strategy and game-changing delivery Recent advances to on-shore, ocean

M-OSRP: objectives, strategy and game-changing delivery Recent advances to on-shore, ocean bottom and towed streamer preprocessing for deghosting and ground roll removal Jing Wu and Arthur B. Weglein University of Houston February 7, 2017

1.46k views • 134 slides

More recommend