symbolic shape analysis
play

Symbolic Shape Analysis Thomas Wies University of Freiburg, Germany - PowerPoint PPT Presentation

Oct 06, 2022 •273 likes •939 views

Symbolic Shape Analysis Thomas Wies University of Freiburg, Germany Motivation class SortedList { private static Node f i r s t ; public static specvar content / : : : objset ; vardefs v = n u l l next " content ==

  1. Symbolic Shape Analysis Thomas Wies University of Freiburg, Germany

  2. Motivation class SortedList { private static Node f i r s t ; public static specvar content / ∗ : : : objset ; vardefs v � = n u l l ∧ next ∗ " content == { v . f i r s t v } " ; invariant " tree [ next ] " ; invariant " ∀ v . v ∈ content ∧ v . next � = n u l l − → v . . Node . data ≤ v . next . data " ; ∗ / public static void i n s e r t (Node n ) requires / ∗ : "n � = n u l l ∧ n / ∈ content " modifies content ensures " content = old content ∪ { n } " ∗ / { Node prev = n u l l ; Node curr = f i r s t ; while ( ( curr ! = n u l l ) && ( curr . data < n . data ) ) { prev = curr ; curr = curr . next ; } n . next = curr ; i f ( prev ! = n u l l ) prev . next = n ; else f i r s t = n ; } } Thomas Wies Symbolic Shape Analysis 2 / 34

  3. Motivation Bohne, Symbolic Shape Analysis Implementation Properties verified in previous example: • correctly inserts the element into the list (relates pre- and post states of procedure) • list remains sorted • data structure remains acyclic list • no null pointer dereferences Bohne • accepts annotated Java programs as input • annotations are user-specied formulae: • data structure invariants • procedure contracts (pre- and post conditions) • automatically computes quantified loop invariants • proves desired properties and absence of errors Thomas Wies Symbolic Shape Analysis 3 / 34

  4. Motivation Predicate Abstraction • take transition graph (nodes are states) • define partitioning of nodes through state predicates • abstract transition graph is graph of abstract nodes • abstract nodes are equivalence classes of concrete nodes infinite state space Thomas Wies Symbolic Shape Analysis 4 / 34

  5. Motivation Predicate Abstraction • take transition graph (nodes are states) • define partitioning of nodes through state predicates • abstract transition graph is graph of abstract nodes • abstract nodes are equivalence classes of concrete nodes P 1 ∧ ¬ P 2 ∧ P 3 infinite state space state predicates: P 1 , P 2 , P 3 Thomas Wies Symbolic Shape Analysis 4 / 34

  6. Motivation Shape Analysis à la Sagiv, Reps, and Wilhelm • states are graphs • define partitioning of nodes through predicates on nodes • abstract states are graphs of abstract nodes • abstract nodes are equivalence classes of concrete nodes next next next x next next next y Thomas Wies Symbolic Shape Analysis 5 / 34

  7. Motivation Shape Analysis à la Sagiv, Reps, and Wilhelm • states are graphs • define partitioning of nodes through predicates on nodes • abstract states are graphs of abstract nodes • abstract nodes are equivalence classes of concrete nodes next next next x next next next y Thomas Wies Symbolic Shape Analysis 5 / 34

  8. Motivation shape analysis = 2 predicate abstraction Thomas Wies Symbolic Shape Analysis 6 / 34

  9. Motivation Why go symbolic? Thomas Wies Symbolic Shape Analysis 7 / 34

  10. Motivation Apply not only idea, but also techniques of predicate abstraction. Thomas Wies Symbolic Shape Analysis 8 / 34

  11. Motivation Generic Benefits of Predicate Abstraction • use formulae to represent infinite sets of states • no need to define meaning of abstract values • abstract domain ⊆ concrete domain | • abstraction = entailment = Thomas Wies Symbolic Shape Analysis 9 / 34

  12. Motivation Generic Benefits of Predicate Abstraction • use formulae to represent infinite sets of states • no need to define meaning of abstract values • abstract domain ⊆ concrete domain | • abstraction = entailment = • use reasoning procedures • automation • separation of concerns (black-boxing) • soundness by construction, loss of precision identifiable • get leverage from theorem proving community ⊢ • abstraction = provable entailments Thomas Wies Symbolic Shape Analysis 9 / 34

  13. Motivation Generic Benefits of Predicate Abstraction • use formulae to represent infinite sets of states • no need to define meaning of abstract values • abstract domain ⊆ concrete domain | • abstraction = entailment = • use reasoning procedures • automation • separation of concerns (black-boxing) • soundness by construction, loss of precision identifiable • get leverage from theorem proving community ⊢ • abstraction = provable entailments • abstraction refinement • more automation • symbolic execution of counterexamples • abstract domain ⊂ refined abstract domain Thomas Wies Symbolic Shape Analysis 9 / 34

  14. Symbolic Shape Analysis Outline 1 Boolean heaps (abstract domain) 2 Cartesian post (abstract transformer) 3 Abstraction refinement Thomas Wies Symbolic Shape Analysis 10 / 34

  15. Boolean Heaps Boolean Heaps Partition heap according to finitely many predicates on heap objects. P 1 = { v | v = x } P 2 = { v | v = null } P 3 = { v | next ∗ ( x , v ) } P 1 ∧ ¬ P 2 ∧ P 3 ¬ P 1 ∧ ¬ P 2 ∧ P 3 ¬ P 1 ∧ P 2 ∧ P 3 next next next next x . . . null Describe partitioning as a universally quantified formula ∀ v . P 1 ∧ ¬ P 2 ∧ P 3 ∨ ¬ P 1 ∧ ¬ P 2 ∧ P 3 ∨ ¬ P 1 ∧ P 2 ∧ P 3 ➜ Boolean heaps Thomas Wies Symbolic Shape Analysis 11 / 34

  16. Boolean Heaps Abstract domain = {sets of Boolean heaps} Abstract element Boolean heap � � � � �� � ∀ v . P i , j , k ( v ) abstract node i j k � �� � abstract node ∨ � �� � Boolean heap � �� � ∨ set of Boolean heaps � �� � set of Boolean heaps Thomas Wies Symbolic Shape Analysis 12 / 34

  17. Boolean Heaps Symbolic shape analysis � � � ∀ v . P i , j , k ( v ) i j k ➜ sets of sets of bit-vectors � �� � abstract node (sets of BDDs) � �� � Boolean heap ∼ = abstract state � �� � set of Boolean heaps Predicate abstraction � � P i , j i j ➜ sets of bit-vectors (BDDs) � �� � abstract state � �� � sets of abstract states ➜ Boolean heaps provide extra precision needed for shape analysis. Thomas Wies Symbolic Shape Analysis 13 / 34

  18. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps How to compute abstract post on Boolean heaps? post # ( H ) = ? Thomas Wies Symbolic Shape Analysis 14 / 34

  19. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps How to compute abstract post on Boolean heaps? post # ( H ) = α ◦ post ◦ γ ( H ) post # is most precise abstract post, but it is also hard to compute. Thomas Wies Symbolic Shape Analysis 14 / 34

  20. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps How to compute abstract post on Boolean heaps? post # ( H ) = α ◦ post ◦ γ ( H ) post # is most precise abstract post, but it is also hard to compute. Bohne implements an abstraction of post # that can be computed efficiently. Next slides: Cartesian post. Thomas Wies Symbolic Shape Analysis 14 / 34

  21. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps P 1 = { v | v = x } P 2 = { v | next ∗ ( v , null ) } P 3 = { v | next ∗ ( x , v ) } P 1 ∧ P 2 ∧ P 3 ¬ P 1 ∧ P 2 ∧ P 3 next next next x null ∀ v . P 1 ∧ P 2 ∧ P 3 ∨ ¬ P 1 ∧ P 2 ∧ P 3 Thomas Wies Symbolic Shape Analysis 15 / 34

  22. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps P 1 = { v | v = x } P 2 = { v | next ∗ ( v , null ) } P 3 = { v | next ∗ ( x , v ) } P 1 ∧ P 2 ∧ P 3 ¬ P 1 ∧ P 2 ∧ P 3 next next next x null α ◦ post c ◦ γ ( ∀ v . P 1 ∧ P 2 ∧ P 3 ∨ ¬ P 1 ∧ P 2 ∧ P 3 ) for command c = ( x:=x.next ) Thomas Wies Symbolic Shape Analysis 15 / 34

  23. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps P 1 = { v | v = x } P 2 = { v | next ∗ ( v , null ) } P 3 = { v | next ∗ ( x , v ) } P 1 ∧ P 2 ∧ P 3 ¬ P 1 ∧ P 2 ∧ P 3 next next next x null α ◦ post c ◦ γ ( ∀ v . P 1 ∧ P 2 ∧ P 3 ∨ ¬ P 1 ∧ P 2 ∧ P 3 ) for command c = ( x:=x.next ) next next next x null Thomas Wies Symbolic Shape Analysis 15 / 34

  24. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps P 1 = { v | v = x } P 2 = { v | next ∗ ( v , null ) } P 3 = { v | next ∗ ( x , v ) } P 1 ∧ P 2 ∧ P 3 ¬ P 1 ∧ P 2 ∧ P 3 next next next x null α ◦ post c ◦ γ ( ∀ v . P 1 ∧ P 2 ∧ P 3 ∨ ¬ P 1 ∧ P 2 ∧ P 3 ) for command c = ( x:=x.next ) ¬ P 1 ∧ P 2 ∧ ¬ P 3 P 1 ∧ P 2 ∧ P 3 ¬ P 1 ∧ P 2 ∧ P 3 next next next x null ∀ v . ¬ P 1 ∧ P 2 ∧ ¬ P 3 ∨ P 1 ∧ P 2 ∧ P 3 ∨ ¬ P 1 ∧ P 2 ∧ P 3 Thomas Wies Symbolic Shape Analysis 15 / 34

  25. Abstract Transformer Cartesian Post Abstract Post on Boolean Heaps P 1 = { v | v = x } P 2 = { v | next ∗ ( v , null ) } P 3 = { v | next ∗ ( x , v ) } P 1 ∧ P 2 ∧ P 3 ¬ P 1 ∧ P 2 ∧ P 3 next next next x null CartesianPost c ( ∀ v . P 1 ∧ P 2 ∧ P 3 ∨ ¬ P 1 ∧ P 2 ∧ P 3 ) for command c = ( x:=x.next ) ¬ P 1 ∧ P 2 ∧ ¬ P 3 P 2 ∧ P 3 next next next x null ∀ v . ¬ P 1 ∧ P 2 ∧ ¬ P 3 ∨ P 2 ∧ P 3 Thomas Wies Symbolic Shape Analysis 15 / 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Shape Analysis via Symbolic Memory Graphs and Conversion from Pointers to Containers Kamil Dudka

Shape Analysis via Symbolic Memory Graphs and Conversion from Pointers to Containers Kamil Dudka

Shape Analysis via Symbolic Memory Graphs and Conversion from Pointers to Containers Kamil Dudka Luk a s Hol k Petr Peringer Marek Trt k Tom a s Vojnar Brno University of Technology, Czech Republic Dagstuhl, 2/11/2015

516 views • 50 slides
Computer Vision Statistical Shape Analysis Shape Shape is the geometric information that

Computer Vision Statistical Shape Analysis Shape Shape is the geometric information that

Computer Vision Statistical Shape Analysis Shape Shape is the geometric information that remains when translation, rotation, and scale are factored out. Landmark points. D'Arcy Thompson. David George Kendall Fred Bookstein.

248 views • 9 slides
Symbolic data analysis Symbolic data analysis Clustering of large data sets of mixed units

Symbolic data analysis Symbolic data analysis Clustering of large data sets of mixed units

Symbolic data analysis V. Batagelj Symbolic data analysis Symbolic data analysis Clustering of large data sets of mixed units Clustering and optimization Leaders method Vladimir Batagelj Agglomerative method Examples IMFM Ljubljana

871 views • 33 slides
Hierarchical Exact Symbolic Analysis y y of Large Analog Integrated Circuits By Symbolic Stamps

Hierarchical Exact Symbolic Analysis y y of Large Analog Integrated Circuits By Symbolic Stamps

Hierarchical Exact Symbolic Analysis y y of Large Analog Integrated Circuits By Symbolic Stamps Symbolic Stamps Hui Xu, Guoyong Shi and Xiaopeng Li School of Microelectronics, Shanghai Jiao Tong Univ. Shanghai, China Presentation at Asia

655 views • 36 slides
Transient Analysis Lightning Phenomena HV Transient Analysis Classes and shape of overvoltages

Transient Analysis Lightning Phenomena HV Transient Analysis Classes and shape of overvoltages

Chapter 8 Overvoltage Phenomenon &amp; HV Transient Analysis Lightning Phenomena HV Transient Analysis Classes and shape of overvoltages and standard voltage shape Analysis of overvoltages in power system includes a study of their:

1.04k views • 35 slides
Signatures in Shape Analysis Nikolas Tapia (WIAS/TU Berlin) joint with E. Celledoni &amp; P . E.

Signatures in Shape Analysis Nikolas Tapia (WIAS/TU Berlin) joint with E. Celledoni &amp; P . E.

Signatures in Shape Analysis Nikolas Tapia (WIAS/TU Berlin) joint with E. Celledoni &amp; P . E. Lystad FG6 (NTNU) Weierstra-Institut fr angewandte Analysis und Stochastik August 27, 2019 Shape Analysis: Practical Setup The problem is to

481 views • 20 slides
Shape Co-analysis and constrained clustering Daniel Cohen-Or Tel-Aviv University 1 High-level

Shape Co-analysis and constrained clustering Daniel Cohen-Or Tel-Aviv University 1 High-level

Shape Co-analysis and constrained clustering Daniel Cohen-Or Tel-Aviv University 1 High-level Shape analysis [Mehra et al. 08] [Fu et al. 08] [Kalograkis et al. 10] Shape abstraction Upright orientation Learning segmentation [Kim et al.

1.03k views • 81 slides
Lazy Heap Analysis with Symbolic Memory Graphs Alexander Driemeyer Outline 1. Motivation 2.

Lazy Heap Analysis with Symbolic Memory Graphs Alexander Driemeyer Outline 1. Motivation 2.

Lazy Heap Analysis with Symbolic Memory Graphs Alexander Driemeyer Outline 1. Motivation 2. CPAchecker and Symbolic Memory Graphs 3. Abstractions of Symbolic Memory Graphs 4. Using counterexample guided abstraction refinement with Symbolic

412 views • 24 slides
Pulse Shape Analysis A/E for GERDA experiment Outline : Motivation Pulse Shape

Pulse Shape Analysis A/E for GERDA experiment Outline : Motivation Pulse Shape

Pulse Shape Analysis A/E for GERDA experiment Outline : Motivation Pulse Shape Discrimination for GERDA BEGes Systematic uncertainty on PSA Outlook &amp; Summary Heng-Ye Liao photo o by *EvrWccn Wccn for the GERDA collaboration

188 views • 18 slides
CS711 Advanced Programming Languages Shape Analysis With Tracked Locations Radu Rugina 22 Sep

CS711 Advanced Programming Languages Shape Analysis With Tracked Locations Radu Rugina 22 Sep

CS711 Advanced Programming Languages Shape Analysis With Tracked Locations Radu Rugina 22 Sep 2005 Shape Analysis with Local Reasoning All previous abstractions: Describe the entire heap at once Makes inter-procedural analysis

544 views • 30 slides
Symbolic String Verification: Combining String Analysis and Size Analysis Fang Yu Tevfik Bultan

Symbolic String Verification: Combining String Analysis and Size Analysis Fang Yu Tevfik Bultan

Symbolic String Verification: Combining String Analysis and Size Analysis Symbolic String Verification: Combining String Analysis and Size Analysis Fang Yu Tevfik Bultan Oscar H. Ibarra Deptartment of Computer Science University of California

477 views • 36 slides
NEW ADVANCES IN SYMBOLIC DATA ANALYSIS and SPATIAL CLASSIFICATION. Edwin Diday Paris Dauphine

NEW ADVANCES IN SYMBOLIC DATA ANALYSIS and SPATIAL CLASSIFICATION. Edwin Diday Paris Dauphine

NEW ADVANCES IN SYMBOLIC DATA ANALYSIS and SPATIAL CLASSIFICATION. Edwin Diday Paris Dauphine University Remembering Suzanne WINSBERG This talk is dedicated to her OUTLINE PART 1: SYMBOLIC DATA ANALYSIS The two levels of

1.29k views • 89 slides
Symbolic local Fourier Analysis Veronika Pillwein RISC Challenges in 21st Century Experimental

Symbolic local Fourier Analysis Veronika Pillwein RISC Challenges in 21st Century Experimental

Symbolic local Fourier Analysis Veronika Pillwein RISC Challenges in 21st Century Experimental Mathematical Computation, July 2125, 2014, ICERM, Brown University Symbolic local Fourier Analysis (and some Special Functions Inequalities)

1.21k views • 82 slides
Isogeometric Shape Optimization: A brief introduction about shape sensitivity analysis and search

Isogeometric Shape Optimization: A brief introduction about shape sensitivity analysis and search

Isogeometric Shape Optimization: A brief introduction about shape sensitivity analysis and search direction normalization Wang Zhenpei NUS 2018 3 23 GAMES Webinar 2018 (37) on IGA Wang Zhenpei (NUS) Isogeometric Shape

566 views • 53 slides
Symbolic Data Analysis Tools Symbolic Data Analysis Tools for Recommendation Systems for

Symbolic Data Analysis Tools Symbolic Data Analysis Tools for Recommendation Systems for

Symbolic Data Analysis Tools Symbolic Data Analysis Tools for Recommendation Systems for Recommendation Systems Byron Leite Dantas Bezerra Byron Leite Dantas Bezerra bldb@dsc.upe.br bldb@dsc.upe.br Francisco Assis Tenrio Carvalho

708 views • 34 slides
Shape Analysis Tal Zelmanovich Seminar in automatic tools for analyzing programs with dynamic

Shape Analysis Tal Zelmanovich Seminar in automatic tools for analyzing programs with dynamic

Shape Analysis Tal Zelmanovich Seminar in automatic tools for analyzing programs with dynamic memory 2013/2014B Subjects Introducing shape analysis TVLA method Cutpoint-free method Separation logic method Conclusion &amp;

1.38k views • 70 slides
Main Idea Idea To study the discretizations of dynamical systems viewed as perturbations:

Main Idea Idea To study the discretizations of dynamical systems viewed as perturbations:

On the Discretization of Nonholonomic Dynamics in R n Fernando Jim enez (Joint work with J urgen Scheurle) Technische Universit at M unchen Nonholonomic Mechanics and Optimal Control Workshop Institut Henri Poincar e, Paris

958 views • 48 slides
Notes Linear Algebra Assignment 1 will be out later today Last class: (look on the web)

Notes Linear Algebra Assignment 1 will be out later today Last class: (look on the web)

Notes Linear Algebra Assignment 1 will be out later today Last class: (look on the web) we reduced the problem of optimally interpolating scattered data to solving a system of linear equations This week: start delving into

471 views • 3 slides
A quick introduction to Krylov solvers for the solution of linear systems L. Giraud (Inria)

A quick introduction to Krylov solvers for the solution of linear systems L. Giraud (Inria)

A quick introduction to Krylov solvers for the solution of linear systems L. Giraud (Inria) HiePACS project - Inria Bordeaux Sud-Ouest Inria School Nov. 5, 2019 Outline Reliability of the calculation Algorithm selection Why searching

1.09k views • 72 slides
CS 5220: Impact of Floating Point David Bindel 2017-11-16 1 Why this lecture? Isnt this

CS 5220: Impact of Floating Point David Bindel 2017-11-16 1 Why this lecture? Isnt this

CS 5220: Impact of Floating Point David Bindel 2017-11-16 1 Why this lecture? Isnt this really a lecture for the start of CS 42x0? Except you might have forgotten some things And might care about using single precision for speed

559 views • 29 slides
Parallel-in-time integrators for Hamiltonian systems Claude Le Bris ENPC and INRIA Visiting

Parallel-in-time integrators for Hamiltonian systems Claude Le Bris ENPC and INRIA Visiting

Parallel-in-time integrators for Hamiltonian systems Claude Le Bris ENPC and INRIA Visiting Professor, The University of Chicago joint work with X. Dai (Paris 6 and Chinese Academy of Sciences), F. Legoll (ENPC and INRIA) and Y. Maday (Paris 6

685 views • 43 slides
Summerschool in Aveiro (Sept. 2018), Ernst Hairer Part I. Geometric numerical integration

Summerschool in Aveiro (Sept. 2018), Ernst Hairer Part I. Geometric numerical integration

Summerschool in Aveiro (Sept. 2018), Ernst Hairer Part I. Geometric numerical integration Hamiltonian systems, symplectic mappings, geometric integrators, St ormerVerlet, composition and splitting, variational integrator Backward

799 views • 30 slides
g-2 Eigo Shintani (RIKEN-CCS) with Yoshinobu Kuramashi (Tsukuba) and PACS collaboration

g-2 Eigo Shintani (RIKEN-CCS) with Yoshinobu Kuramashi (Tsukuba) and PACS collaboration

Analysis of systematic error in hadronic vacuum polarization contribution to muon g-2 Eigo Shintani (RIKEN-CCS) with Yoshinobu Kuramashi (Tsukuba) and PACS collaboration LATTICE2018, 22-28 July 2018, Kellogg Hotel and Conference Center

326 views • 20 slides
Geometric numerical integration Robert McLachlan Professor of Applied Mathematics, Massey

Geometric numerical integration Robert McLachlan Professor of Applied Mathematics, Massey

Geometric numerical integration Robert McLachlan Professor of Applied Mathematics, Massey University VIC 2004 p.1/26 What is geometric integration? A numerical method for a differential equation which inherits some property of the equation

568 views • 44 slides

More recommend