trace abstraction
play

Trace Abstraction Monday, December 14, 2011 Example Our Model of a - PowerPoint PPT Presentation

Dec 16, 2023 •336 likes •634 views

Trace Abstraction Monday, December 14, 2011 Example Our Model of a Verification Problem 0 x:=0 x:=0 0 : y:=0 1 : 1 while(nondet) { x++ } 2 : y:=0 assert x!= -1 2 x++ assert y!= -1 Example program P y==-1 x==-1

  1. Trace Abstraction Monday, December 14, 2011

  2. Example – Our Model of a Verification Problem ℓ 0 x:=0 x:=0 ℓ 0 : y:=0 ℓ 1 : ℓ 1 while(nondet) { x++ } ℓ 2 : y:=0 assert x!= -1 ℓ 2 x++ assert y!= -1 Example program P y==-1 x==-1 ℓ err Control flow graph of P

  3. Statements Statement Letter of our alphabet. No further meaning. ℓ 0 In our example: x:=0 � � Σ = x:=0 , y:=0 , x++ , x==-1 , y==-1 ℓ 1 y:=0 ℓ 2 x++ y==-1 x==-1 ℓ err Control flow graph of P

  4. Statements Statement Letter of our alphabet. No further meaning. ℓ 0 In our example: x:=0 � � Σ = x:=0 , y:=0 , x++ , x==-1 , y==-1 ℓ 1 y:=0 ℓ 2 x++ Trace Word over the alphabet of statements. y==-1 x==-1 Example: ℓ err π = y==-1 . x++ . x++ . x:=0 . x==-1 Control flow graph of P

  5. Error Traces Control Automaton A P ℓ 0 Automaton over the set of statements. x:=0 Encodes a verification problem. A P = � LOC , δ, { ℓ init } , { ℓ err }� ℓ 1 y:=0 Error Trace of P ℓ 2 x++ Trace accepted by A P y==-1 x==-1 In our example ℓ err π = x:=0 . y:=0 . x++ . x==-1 is an error trace. Control automaton A P

  6. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  7. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  8. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  9. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  10. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  11. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  12. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  13. Set Theoretic View of Trace Abstraction set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1 x:=0 . x++ . y==-1

  14. Trace Abstraction Definition (Trace Abstraction) A trace abstraction is given by a tuple of automata ( A 1 , . . . , A n ) such that each A i recognizes a subset of infeasible traces, for i = 1 , . . . , n . We say that the trace abstraction ( A 1 , . . . , A n ) does not admit an error trace if A P ∩ A 1 ∩ . . . ∩ A n is empty.

  15. Trace Abstraction Definition (Trace Abstraction) A trace abstraction is given by a tuple of automata ( A 1 , . . . , A n ) such that each A i recognizes a subset of infeasible traces, for i = 1 , . . . , n . We say that the trace abstraction ( A 1 , . . . , A n ) does not admit an error trace if A P ∩ A 1 ∩ . . . ∩ A n is empty. Theorem (Soundness) L ( A P ∩ A 1 ∩ . . . ∩ A n ) = ∅ ⇒ P is correct Theorem (Completeness) If P is correct, there is a trace abstraction ( A 1 , . . . , A n ) such that L ( A P ∩ A 1 ∩ . . . ∩ A n ) = ∅

  16. Example – Exclude an Infeasible Trace A 1 : x:=0 y:=0 x++ x==-1 A P : q 0 q 1 q 2 q 3 q 4 ℓ 0 x:=0 ℓ 1 y:=0 ℓ 2 x++ y==-1 x==-1 ℓ err

  17. Example – Exclude an Infeasible Trace A 1 : x:=0 y:=0 x++ x==-1 A P : q 0 q 1 q 2 q 3 q 4 ℓ 0 . . . . . . . . . q s . . . . . . x:=0 ℓ 1 y:=0 ℓ 2 x++ y==-1 x==-1 ℓ err

  18. Example – Exclude an Infeasible Trace A 1 : x:=0 y:=0 x++ x==-1 A P : q 0 q 1 q 2 q 3 q 4 ℓ 0 . . . . . . . . . q s . . . . . . x:=0 A P ∩ A 1 : ℓ 1 ℓ 0 q 0 x:=0 y:=0 ℓ err q 4 ℓ 1 q 1 ℓ 2 x++ x==-1 y:=0 x++ x++ ℓ 2 q 2 ℓ 2 q 3 ℓ 2 qs x++ y==-1 x==-1 y==-1 , x==-1 y==-1 ℓ err y==-1 , x==-1 ℓ err qs

  19. Control flow as finite automaton ℓ 0 ℓ 0 : x:=0 x:=0 ℓ 1 ℓ 1 : y:=0 y:=0 ℓ 2 : while(nondet) { x++ } ℓ 2 x++ assert x!= -1 y==-1 x==-1 assert y!= -1 ℓ err Example program P Control flow graph of P

  20. Floyd-Hoare proof as finite automaton true {⊤} ℓ 0 : x:=0 x:=0 { x ≥ 0 } x ≥ 0 ℓ 1 : y:=0 y:=0 { x ≥ 0 ∧ y = 0 } ℓ 2 : while(nondet) { x++ } x ≥ 0 ∧ y =0 x++ assert x!= -1 y==-1 x==-1 assert y!= -1 false Example program P Control flow graph of P

  21. Floyd-Hoare proof as finite automaton true ℓ 0 : x:=0 x:=0 x ≥ 0 ℓ 1 : y:=0 y:=0 ℓ 2 : while(nondet) { x++ } x ≥ 0 ∧ y =0 x++ assert x!= -1 y==-1 x==-1 assert y!= -1 false Example program P Control flow graph of P Observation: Every transition is related to a Hoare triple! , y:=0 , ) ∈ δ post ( x ≥ 0 , y:=0 ) ⊆ x ≥ 0 ∧ y =0 e.g. (

  22. Interpolant Automata Given: Sequence of predicates I = I 0 , I 1 , . . . , I n Definition (Interpolant Automaton A I ) A I = � Q I , δ I , Q init I , Q fin I � Q I = { q 0 , . . . , q n } ( q i , st , q j ) ∈ δ I implies post ( st , I i ) ⊆ I j q i ∈ Q init implies I i = true q i ∈ Q fin implies I i = false

  23. Interpolant Automata Given: Sequence of predicates I = I 0 , I 1 , . . . , I n Definition (Interpolant Automaton A I ) A I = � Q I , δ I , Q init I , Q fin I � Q I = { q 0 , . . . , q n } ( q i , st , q j ) ∈ δ I implies post ( st , I i ) ⊆ I j q i ∈ Q init implies I i = true q i ∈ Q fin implies I i = false Theorem An interpolant automaton A I recognizes a subset of infeasible traces. L ( A I ) ⊆ Infeasible

  24. Example – Refinement Using Interpolant Automata set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces x:=0 . y:=0 . x++ . x==-1

  25. Example – Refinement Using Interpolant Automata set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces L ( A 1 ) y:=0 A 1 x:=0 . y:=0 . x++ . x==-1 q 0 q 1 q 2 x:=0 x==-1 x++

  26. Example – Refinement Using Interpolant Automata set of all traces Σ ∗ traces respecting the control flow of P L ( A P ) Feasible Traces Error Traces L ( A 1 ) x:=0 . y:=0 . x++ . y==-1

  27. Example – Refinement Using Interpolant Automata set of all traces Σ ∗ traces respecting the control flow of P L ( A 2 ) L ( A P ) Feasible Traces Error Traces L ( A 1 ) A 2 x:=0 . y:=0 . x++ . y==-1 q 0 q 1 q 2 y:=0 x==-1 x:=0 x++

  28. CEGAR for Trace Abstraction annotated program P return trace automaton A n +1 such that n := 0 π ∈ L ( A n +1 ) and L ( A n +1 ) ⊆ I NFEASIBLE n := n + 1 yes L ( A P ∩ A 1 ∩ . . . ∩ A n ) = ∅ ? π ∈ I NFEASIBLE ? no yes no return error trace π such that π ∈ L ( A P ∩ A 1 ∩ . . . ∩ A n ) P is correct P is incorrect

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Trace Abstraction (Recap) Andreas Podelski University of Freiburg, Germany Tuesday, December 15,

Trace Abstraction (Recap) Andreas Podelski University of Freiburg, Germany Tuesday, December 15,

Trace Abstraction (Recap) Andreas Podelski University of Freiburg, Germany Tuesday, December 15, 2011 Preliminaries: Programs program = graph if (x==0) 0 : 0 x==0 x!=0 y:=1 1 : 2 : 1 3 else y:=1 y:=2 3 : y:=2

323 views • 29 slides
Refinement of Trace Abstraction for Real-Time Programs September 9, 2017 Franck Cassez 2 , Peter

Refinement of Trace Abstraction for Real-Time Programs September 9, 2017 Franck Cassez 2 , Peter

Refinement of Trace Abstraction for Real-Time Programs September 9, 2017 Franck Cassez 2 , Peter G. Jensen 1 , 2 and Kim G. Larsen 1 pgj@cs.aau.dk Department of Computer Science, Aalborg University Department of Computing, Macquarie University

293 views • 28 slides
Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a

Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a

Point, Line, & Plane 1 Abstraction Abstraction is the act of considering something as a general quality or characteristic, apart from concrete realities, specific objects, or actual instances. 2 Abstraction Abstraction is

478 views • 21 slides
Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Outline Introduction Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software Counterexample-Guided Abstraction Refinement Computing Existential Abstractions of Programs Version 1.0, 2010 Checking the

429 views • 12 slides
Data Abstraction Announcements Data Abstraction Data Abstraction Programmers Compound

Data Abstraction Announcements Data Abstraction Data Abstraction Programmers Compound

Data Abstraction Announcements Data Abstraction Data Abstraction Programmers Compound values combine other values together All A date: a year, a month, and a day A geographic position: latitude and longitude Data abstraction

430 views • 19 slides
Trace Caches and optimizations therein CSE 240C - Rushi Chakrabarti - Winter 2009 Trace Caches

Trace Caches and optimizations therein CSE 240C - Rushi Chakrabarti - Winter 2009 Trace Caches

Trace Caches and optimizations therein CSE 240C - Rushi Chakrabarti - Winter 2009 Trace Caches [Rotenberg96] Trace Caches For those not in the know: I$ that captures dynamic instruction sequences trace n instructions (cache

432 views • 41 slides
Assessing the Performance of MPI Applications Through Time-Independent Trace Replay . Desprez 1

Assessing the Performance of MPI Applications Through Time-Independent Trace Replay . Desprez 1

Introduction and motivation Time-Independent Trace Format Trace Acquisition Process Trace Replay with SimGrid Experimental Evaluation Conclusion and Assessing the Performance of MPI Applications Through Time-Independent Trace Replay .

370 views • 24 slides
What is abstraction? What is abstraction? Workable answer a blurring of details Idea:

What is abstraction? What is abstraction? Workable answer a blurring of details Idea:

What is abstraction? What is abstraction? Workable answer a blurring of details Idea: agree to ignore certain details ( for now ) e.g., with procedural abstraction idea is to convert original problem to a series of simpler

229 views • 12 slides
DIV 26000 AND HEAT TRACE FOR MECHANICAL SYSTEMS ACE/ASM DOS AND DONTS OF HEAT TRACE IN

DIV 26000 AND HEAT TRACE FOR MECHANICAL SYSTEMS ACE/ASM DOS AND DONTS OF HEAT TRACE IN

DIV 26000 AND HEAT TRACE FOR MECHANICAL SYSTEMS ACE/ASM DOS AND DONTS OF HEAT TRACE IN CHAPTER 149 FROM A DIV 26000 ELECTRICAL CONTRACTOR PROSPECTIVE Dos: Donts: Give us a heat trace spec in DIV26 Double spec it with

492 views • 4 slides
Lecture 11: Abstraction I ntro. to Programming, lecture 11: Abstraction 2 Topics for today

Lecture 11: Abstraction I ntro. to Programming, lecture 11: Abstraction 2 Topics for today

Chair of Softw are Engineering Einfhrung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 11: Abstraction I ntro. to Programming, lecture 11: Abstraction 2 Topics for today Abstraction, especially

167 views • 12 slides
On Visual Abstraction Ivan Viola Visual Abstraction Fundamental concept in visualization and

On Visual Abstraction Ivan Viola Visual Abstraction Fundamental concept in visualization and

On Visual Abstraction Ivan Viola Visual Abstraction Fundamental concept in visualization and visual arts Somewhat intuitively understood A formal definition not available VAD textbook refers to task and data abstraction Map generalization:

387 views • 11 slides
TRACE Why Opensource Lets A Broadcaster Sleep At Night Emmanuel ALDEGUER, January The

TRACE Why Opensource Lets A Broadcaster Sleep At Night Emmanuel ALDEGUER, January The

TRACE Why Opensource Lets A Broadcaster Sleep At Night Emmanuel ALDEGUER, January The 31st, Brussels, ealdeguer@trace.tv October 2013 1 What is TRACE 4 Pay TV linear Music 1 sports entertainment channels channel 1 FM radio station

293 views • 10 slides
Announcements Data Abstraction Data Abstraction Compound values combine other values together

Announcements Data Abstraction Data Abstraction Compound values combine other values together

Announcements Data Abstraction Data Abstraction Compound values combine other values together Programmers A date: a year, a month, and a day All A geographic position: latitude and longitude Data abstraction lets us manipulate

383 views • 3 slides
Trace Elements in igneous petrology Abundances of trace elements are used to test petrogenetic

Trace Elements in igneous petrology Abundances of trace elements are used to test petrogenetic

Trace Elements in igneous petrology Abundances of trace elements are used to test petrogenetic hypotheses No universal definition of TE: Concentration usually less than 100 ppm, often < 10 ppm Useful trace elements: a)First

650 views • 8 slides
Data Abstraction Announcements Data Abstraction Data Abstraction 4 Data Abstraction

Data Abstraction Announcements Data Abstraction Data Abstraction 4 Data Abstraction

Data Abstraction Announcements Data Abstraction Data Abstraction 4 Data Abstraction Compound values combine other values together 4 Data Abstraction Compound values combine other values together A date: a year, a month, and

1.38k views • 124 slides
www.webinos.org Use existing standards where ever possible Functional abstraction vs

www.webinos.org Use existing standards where ever possible Functional abstraction vs

www.webinos.org Use existing standards where ever possible Functional abstraction vs Data abstraction Functional abstraction better for legacy and performance (JavaScript: Geolocation example) Connectivity: URI naming

212 views • 3 slides
What is the kernel upto? Powerful tracing techniques Joel Fernandes

What is the kernel upto? Powerful tracing techniques Joel Fernandes

What is the kernel upto? Powerful tracing techniques Joel Fernandes <joel@linuxinternals.org> Concepts: Tracing: Static vs Dynamic tracepoints Static: Tracepoint events Dynamic: kprobes Static tracepoints: Methodology Define

380 views • 33 slides
Eligibility Traces Chapter 12 Eligibility traces are Another way of interpolating between MC and

Eligibility Traces Chapter 12 Eligibility traces are Another way of interpolating between MC and

Eligibility Traces Chapter 12 Eligibility traces are Another way of interpolating between MC and TD methods A way of implementing compound -return targets A basic mechanistic idea a short-term, fading memory A new style of algorithm

881 views • 31 slides
Spark RDD Operations Transformations and Actions 1 RDD Processing Model RDD can be modeled

Spark RDD Operations Transformations and Actions 1 RDD Processing Model RDD can be modeled

Spark RDD Operations Transformations and Actions 1 RDD Processing Model RDD can be modeled using the Bulk Synchronous Parallel (BSP) model Communication Independent Local Independent Local Processor 1 Processing Processing Independent

561 views • 31 slides
Math 211 Math 211 Lecture #19 Nullspaces and Subspaces October 9, 2002 2 Homogeneous Systems

Math 211 Math 211 Lecture #19 Nullspaces and Subspaces October 9, 2002 2 Homogeneous Systems

1 Math 211 Math 211 Lecture #19 Nullspaces and Subspaces October 9, 2002 2 Homogeneous Systems Homogeneous Systems A homogeneous system has the form A x = 0 . The augmented matrix M = [ A, 0 ] has all zeros in the last column.

270 views • 8 slides
Outline DMP204 SCHEDULING, TIMETABLING AND ROUTING 1. Job Shop Lecture 15 Modelling Flow

Outline DMP204 SCHEDULING, TIMETABLING AND ROUTING 1. Job Shop Lecture 15 Modelling Flow

Job Shop Outline DMP204 SCHEDULING, TIMETABLING AND ROUTING 1. Job Shop Lecture 15 Modelling Flow Shop and Job Shop Models Exact Methods Local Search Methods Shifting Bottleneck Heuristic Marco Chiarandini 2 Modelling Modelling Exact

304 views • 6 slides
Bidirectional Flow Export using IPFIX draft-ietf-ipfix-biflow-00

Bidirectional Flow Export using IPFIX draft-ietf-ipfix-biflow-00

Bidirectional Flow Export using IPFIX draft-ietf-ipfix-biflow-00 http://www.ietf.org/internet-drafts/draft-ietf-ipfix-biflow-00.txt Brian Trammell <bht@cert.org> Elisa Boschi <elisa.boschi@hitachi-eu.com> Thursday, November 9, 2006

140 views • 12 slides
1 2 http://www.webperformancetoday.com/2011/11/23/case-study-slow-page-load-

1 2 http://www.webperformancetoday.com/2011/11/23/case-study-slow-page-load-

1 2 http://www.webperformancetoday.com/2011/11/23/case-study-slow-page-load- mobile-business-metrics/ 4 http://www.webperformancetoday.com/2012/02/28/4-awesome-slides-showing- how-page-speed-correlates-to-business-metrics-at-walmart-com/ 5 6

981 views • 41 slides
Infrastructure Geolocation & Openness vs. Security Robert Kisteleki | CAIDA AIMS 2019 Part

Infrastructure Geolocation & Openness vs. Security Robert Kisteleki | CAIDA AIMS 2019 Part

Infrastructure Geolocation & Openness vs. Security Robert Kisteleki | CAIDA AIMS 2019 Part I RIPE IPmap RIPE IPmap We now have a first production version of our infrastructure geolocation service https://ipmap.ripe.net/ Its

238 views • 13 slides

More recommend