unification in assertion checking over logical lattices
play

Unification in Assertion Checking Over Logical Lattices Ashish - PowerPoint PPT Presentation

Sep 05, 2022 •304 likes •536 views

Unification in Assertion Checking Over Logical Lattices Ashish Tiwari Tiwari@csl.sri.com Computer Science Laboratory SRI International Menlo Park CA 94025 http://www.csl.sri.com/tiwari Joint work with Sumit Gulwani

  1. ✬ ✩ Unification in Assertion Checking Over Logical Lattices Ashish Tiwari Tiwari@csl.sri.com Computer Science Laboratory SRI International Menlo Park CA 94025 http://www.csl.sri.com/˜tiwari Joint work with Sumit Gulwani ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 1

  2. ✬ ✩ Assertion Checking Problem Given: P : Program φ An assertion over program variables at point π in P : Problem: Is φ an invariant at π ? In contrast, assertion generation problem seeks to synthesize all invariants at point π . ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 2

  3. ✬ ✩ Language and Theory Restrictions Assume the symbols used for specifying the program P and the assertion φ come from some Σ : signature Th : theory General programs are abstracted to the chosen language by abstracting each assignment and conditional in the program (preserving its control flow) Skipped Detail: How do we go from general program to such an abstraction. ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 3

  4. ✬ ✩ Example x :=0; y := 0; x := c; y := c; x :=0; y := 0; u := 0; v := 0; u := c; v := c; u := 0; v := 0; while (*) { while (*) { while (*) { x := u + 1; x := G(u, 1); x := u + 1; y := 1 + v; y := G(1, v); y := 1 + v; u := F(x); u := F(x); u := *; v := F(y); v := F(y); v := *; } } } assert( x = y ) assert( x = y ) assert( x = y ) Σ = Σ LA ∪ Σ UF S Σ = Σ UF S Σ = Σ LA Th = Th LA + Th UF S Th = Th UF S Th = Th LA ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 4

  5. ✬ ✩ Outline of this Talk • Abstract interpretation for assertion generation+checking over logical lattices • Link between unification and assertion checking • Two consequences: ◦ NP-hardness of assertion checking (for loop-free programs) over UFS+LA language ◦ decidability of assertion checking for UFS+LA language ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 5

  6. ✬ ✩ Abstract Interpretation • Fix a lattice • Map sets of state φ of the program onto lattice elements α ( φ ) • Compute transfer functions: { φ 1 } x := e { φ 2 } �→ α ( φ 1 ) → α ( φ 2 ) { φ 1 } if ( c ) then { φ 2 } else { φ 3 } �→ α ( φ 1 ) → α ( φ 1 ) ∧ α ( c ); α ( φ 1 ) → α ( φ 1 ) ∧ α ( ¬ c ); �→ conditionals meet in the lattice �→ merges join in the lattice �→ loop fixpoint in the lattice ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 6

  7. ✬ ✩ Logical Lattices Lattice defined over conjunction φ of atomic formulas in Th by �→ meet in the lattice logical and �→ { φ : Th | = ( φ 1 ∨ φ 2 ) ⇒ φ } join in the lattice Question 1. Is this a well-defined lattice? Answer. Depends on the theory. • Linear arithmetic with equality (Karr 1976) • Linear arithmetic with inequalities (Cousot and Halbwachs 1978) • Nonlinear (polynomial) equations (Rodriguez-Carbonell and Kapur 2004) • UFS + injectivity/acyclicity (Gulwani, T. and Necula 2004) . . ✫ ✪ . Ashish Tiwari, SRI Unification and Assertion Checking: 7

  8. ✬ ✩ UFS does not define a logical lattice The join of two finite sets of facts need not be finitely presented. [Gulwani, T. and Necula 2004] ≡ a = b φ 1 ≡ fa = a ∧ fb = b ∧ ga = gb φ 2 � gf i a = gf i b φ 1 ⊔ φ 2 ≡ i i gf i a = gf i b can not be represented by finite set of ground The formula � equations. Proof. It induces infinitely many congruence classes with more than one signature. Ex: Complete the proof. ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 8

  9. ✬ ✩ Example: Abstract Intprtn over acyclic UFS lattice With additional acyclicity restriction, UFS can be used to define a logical lattice. u := c; v := c; [ u = c ∧ v = c ] while (*) { u := F(u); v := F(v); [ ( u = F ( c ) ∧ v = F ( c )) ⊔ ( u = c ∧ v = c ) ] } [ u = v ] We generate the invariant u = v this way. ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 9

  10. ✬ ✩ Known Results Assertion checking over lattices defined by: • Acyclic UFS theory: Polynomial time [Gulwani and Necula 2004] • Linear arithmetic with equality. Polynomial time [Karr 1976] Question. What about the combination? ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 10

  11. ✬ ✩ Outline of this Talk • Abstract interpretation for assertion generation+checking over logical lattices • Link between unification and assertion checking • Two consequences for UFS+LA combination: ◦ NP-hardness of assertion checking (for loop-free programs) over above language ◦ decidability of assertion checking for above language ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 11

  12. ✬ ✩ Unification in Assertion Checking Assume that all assignments in program P are of the form x := e An assertion e 1 = e 2 holds at point π in P iff the assertion Unif ( e 1 = e 2 ) hold at π in P . This also extends to arbitrary assertion φ . If { σ 1 , . . . , σ k } is a complete set of Th -unifiers for e 1 = e 2 , then k � � Unif ( e 1 = e 2 ) = ( x = xσ i ) x i =1 ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 12

  13. ✬ ✩ Proof of Main Result First, if Th | = Unif ( e 1 = e 2 ) then Th | = e 1 = e 2 . Conversely, let θ : substitution that maps x to a symbolic value of x at point π (along some exectution path) (Symbolic value is in terms of input variables) If assertion e 1 = e 2 holds at π , then, Th | = θ ⇒ e 1 = e 2 , Th | = e 1 θ = e 2 θ i.e., Since { σ 1 , . . . , σ k } is a complete set of Th -unifiers, ∴ θ = T h σ j θ ′ for some j We will show Th | = θ ⇒ x = xσ j , Th | = xθ = xσ j θ i.e., But = ( xθ = xσ j θ ′ = xσ j σ j θ ′ = xσ j θ ) Th | ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 13

  14. ✬ ✩ coNP-hardness of Assertion Checking for Combination Key Idea: Disjunctive assertion can be encoded in the combination. x = a ∨ x = b ⇔ F ( a ) + F ( b ) = F ( x ) + F ( a + b − x ) Using this recursively, we can write an assertion (atomic formula) which holds iff x = 0 ∨ x = 1 ∨ · · · ∨ x = m − 1 holds. For e.g., encoding for x = 0 ∨ x = 1 ∨ x = 2 is obtained by encoding Fx = F 2 ∨ Fx = F 0 + F 1 − F (1 − x ) : F ( F 0+ F 1 − F (1 − x ))+ FF 2 = FFx + F ( F 0+ F 1+ F 2 − F (1 − x ) − Fx ) ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 14

  15. ✬ ✩ coNP-hardness of Assertion Checking ψ : boolean 3-SAT instance with m clauses x i := 0 , for i = 1 , 2 , . . . , m for i = 1 to k do if (*) then x j := 1 , ∀ j : variable i occurs positively in clause j else x j := 1 , ∀ j : variable i occurs negatively in clause j sum := x 1 + · · · + x m assert( sum = 0 ∨ · · · ∨ sum = m − 1 ) Assertion is valid IFF ψ is unsatisfiable ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 15

  16. ✬ ✩ coNP-hardness of Assertion Checking This procedure checks whether x ∈ { 0 , . . . , m − 1 } . h 0 := F ( x ) ; for j = 0 to m − 1 do h 0 ,j := F ( j ) ; for i = 1 to m − 1 do s i − 1 := h i − 1 , 0 + h i − 1 ,i ; h i := F ( h i − 1 ) + F ( s i − 1 − h i − 1 ) ; for j = 0 to m − 1 do h i,j := F ( h i − 1 ,j ) + F ( s i − 1 − h i − 1 ,j ) ; Assert( h m − 1 = h m − 1 , 0 ); The assertion holds iff x ∈ { 0 , . . . , m − 1 } . Assertion checking on combination lattice is coNP-hard. ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 16

  17. ✬ ✩ Assertion Checking Algorithm Backward analysis: • Starting with the assertion, use weakest precondition computation • At each step, replace the formula ψ computed at any program point by Unif ( ψ ) This method is both sound and complete due to • correctness of WP computation • main result of this talk Question. Does it terminate (reach fixpoint across loops)? ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 17

  18. ✬ ✩ Why it need not terminate? Forward analysis will not terminate since the lattice has infinite height: x := 0; while (*) do x := x + 1; Assert( x = 0 ∨ x = 1 ∨ · · · ∨ x = m ); But due to the unifier computations, backward analysis terminates ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 18

  19. ✬ ✩ Termination of Algorithm At each program point, the proof obligation formula is of the form m � � ( x = xσ l ) x l =1 In backward analysis across a loop, in each successive iteration, this formula will become stronger But this can not happen indefinitely: Assign the following measure to the abovw formula � { n − || ( x = xσ ) ||} x This measure decreases in the well-founded ordering > m . ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 19

  20. ✬ ✩ Assertion Checking and Unification UFS unitary PTime LA unitary PTime UFS+LA finitary* coNP-hard for loop-free, decidable in general *Skipped detail: Unification in Abelian Groups + free function symbols follows from general combination result • Schmidt-Schuass 1989 • Baader-Schulz 1992 ✫ ✪ Ashish Tiwari, SRI Unification and Assertion Checking: 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Unification on Subvarieties of Introduction Algebraic Unification Pseudocomplemented lattices

Unification on Subvarieties of Introduction Algebraic Unification Pseudocomplemented lattices

Unification on Subvarieties of Pseudocomple- mented lattices L.M. Cabrer Unification on Subvarieties of Introduction Algebraic Unification Pseudocomplemented lattices Fragments of Heyting algebras P-Lattices Definition Duality

570 views • 33 slides
Classifying Unification Problems in Preliminaries Algebraic Unifiers Distributive Lattices and

Classifying Unification Problems in Preliminaries Algebraic Unifiers Distributive Lattices and

Classifying Unification Problems in Distributive Lattices and Kleene Algebras L.M. Cabrer Classifying Unification Problems in Preliminaries Algebraic Unifiers Distributive Lattices and Kleene Algebras Unification types Unifiers through

866 views • 48 slides
assertion-driven analyses from compile-time checking to runtime error recovery sarfraz khurshid

assertion-driven analyses from compile-time checking to runtime error recovery sarfraz khurshid

assertion-driven analyses from compile-time checking to runtime error recovery sarfraz khurshid the university of texas at austin state of the art in software testing and analysis day, 2008 rutgers university overview programmers have long

648 views • 27 slides
Run-Time Assertion Checking and Monitoring Java Programs Envisage Bertinoro Summer School June

Run-Time Assertion Checking and Monitoring Java Programs Envisage Bertinoro Summer School June

Run-Time Assertion Checking and Monitoring Java Programs Envisage Bertinoro Summer School June 2014 June 19, 2014 Your Lecturers Today Frank en Stijn What This Talk Is All About Formal Methods in Practice: Theorie ist, wenn man alles weiss

764 views • 40 slides
8. Assertion Based Design and 8.1 Assertion-based design Assertion Languages Assertions

8. Assertion Based Design and 8.1 Assertion-based design Assertion Languages Assertions

Fachgebiet Rechnersysteme Technische Universitt Verification Technology Darmstadt 8. Assertion-Based Design and Assertion Languages 1 8. Assertion-Based Design and Assertion Languages 3 Fachgebiet Rechnersysteme 8. Assertion Based Design

815 views • 13 slides
Introduction Unification problem in a logical system L Given a formula ( x 1 , . . . , x n )

Introduction Unification problem in a logical system L Given a formula ( x 1 , . . . , x n )

Unification in modal logic Alt 1 Philippe Balbiani 1 and Tinko Tinchev 2 1 Institut de recherche en informatique de Toulouse CNRS Universit e de Toulouse 2 Department of Mathematical Logic and Applications Sofia University Introduction

491 views • 35 slides
Unification in modal logic Philippe Balbiani CNRS Toulouse University Institut de recherche

Unification in modal logic Philippe Balbiani CNRS Toulouse University Institut de recherche

Unification in modal logic Philippe Balbiani CNRS Toulouse University Institut de recherche en informatique de Toulouse ICLA 2019 Indian Institute of Technology Delhi Introduction Unification problem in a logical system L Given a

1.65k views • 106 slides
Logical agents 5 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 5 1 5 Logical Agents 5.1

Logical agents 5 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 5 1 5 Logical Agents 5.1

Logical agents 5 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 5 1 5 Logical Agents 5.1 Knowledge-based agents 5.2 Propositional logic 5.3 Theorem proving 5.4 Resolution 5.5 Model checking 5.6 SAT problem AI Slides (5e) c Lin

1.07k views • 90 slides
Unification in the Description Logic EL EL - unification Minimal unifiers Franz Baader and

Unification in the Description Logic EL EL - unification Minimal unifiers Franz Baader and

Unification in EL Baader & Morawska Introduction Unification in the Description Logic EL EL - unification Minimal unifiers Franz Baader and Barbara Morawska Decision Procedure Conclusion TU Dresden, Germany UNIF 2009 Unification in

359 views • 25 slides
unification 2016 unification strategic roadmap succession unification strategic roadmap

unification 2016 unification strategic roadmap succession unification strategic roadmap

unification 2016 unification strategic roadmap succession unification strategic roadmap succession Board rd CE CEO Committe ttees unification strategic roadmap succession Global Member Value Centre Advocacy & Education

347 views • 30 slides
An Integrated Framework for Margin-based Sequential Discriminative Training over Lattices using

An Integrated Framework for Margin-based Sequential Discriminative Training over Lattices using

Overview Background Unification of Margin-modified MPE and MMI An Integrated Framework for Margin-based Sequential Discriminative Training over Lattices using differenced Maximum Mutual Information (dMMI) Erik McDermott - Google Inc.

621 views • 31 slides
8. Assertion Based Design and Assertion Languages Verification Technology Content 8.1

8. Assertion Based Design and Assertion Languages Verification Technology Content 8.1

8. Assertion-Based Design and Assertion Languages 1 Fachgebiet Rechnersysteme 8. Assertion Based Design and Assertion Languages Verification Technology Content 8.1 Assertion-Based Design 8.2 Introduction to ITL 8.3 Introduction to SVA

856 views • 51 slides
A logical framework for incremental type-checking Matthias Puech 1 , 2 egis-Gianas 2 Yann R 1

A logical framework for incremental type-checking Matthias Puech 1 , 2 egis-Gianas 2 Yann R 1

A logical framework for incremental type-checking Matthias Puech 1 , 2 egis-Gianas 2 Yann R 1 Dept. of Computer Science, University of Bologna 2 University Paris 7, CNRS, and INRIA, PPS, team r 2 May 2011 CEA LIST 1 / 28 A paradoxical

1.03k views • 90 slides
Efficient Query Containment Checking Using Logical Reasoning Engines Sergey Paramonov Technical

Efficient Query Containment Checking Using Logical Reasoning Engines Sergey Paramonov Technical

Efficient Query Containment Checking Using Logical Reasoning Engines Sergey Paramonov Technical University of Vienna EMCL Workshop 2012 Vienna Historical perspective Query completeness problem has roots in the development of school system

397 views • 17 slides
Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is Model Checking? Model checking is an automated technique that, given a finite-state model of a system and a logical property , systematically

484 views • 36 slides
The unification type of Workshop on Admissible Rules and Unification

The unification type of Workshop on Admissible Rules and Unification

The unication type The unification type of Workshop on Admissible Rules and Unification http://logica.dmi.unisa.it/lucaspada University of Salerno Department of Mathematics Luca Spada Based on a joint work with V. Marra ukasiewicz logic

1.83k views • 145 slides
Features & Unification Ling 571 Deep Processing Techniques for NLP January 31, 2011 Roadmap

Features & Unification Ling 571 Deep Processing Techniques for NLP January 31, 2011 Roadmap

Features & Unification Ling 571 Deep Processing Techniques for NLP January 31, 2011 Roadmap Features: Motivation Constraint & compactness Features Definitions & representations Unification

1.06k views • 87 slides
61A Lecture 34 Monday, November 19 Logic Language Review Expressions begin with query or fact

61A Lecture 34 Monday, November 19 Logic Language Review Expressions begin with query or fact

61A Lecture 34 Monday, November 19 Logic Language Review Expressions begin with query or fact followed by relations. Expressions and their relations are Scheme lists. Simple fact (fact (append-to-form () ?x ?x)) Conclusion (fact

207 views • 10 slides
Unifjcation Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer

Unifjcation Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer

Introduction The Problem The Algorithm Use Cases Unifjcation Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer Science Introduction The Problem The Algorithm Use Cases Objectives You should be able to

535 views • 19 slides
A Formally Verified Quadratic Unification Algorithm J.-L. Ruiz-Reina, J.-A. Alonso, M.-J. Hidalgo

A Formally Verified Quadratic Unification Algorithm J.-L. Ruiz-Reina, J.-A. Alonso, M.-J. Hidalgo

A Formally Verified Quadratic Unification Algorithm J.-L. Ruiz-Reina, J.-A. Alonso, M.-J. Hidalgo and F .-J. Mart n-Mateos Computational Logic Group Dept. of Computer Science and Artificial Intelligence University of Seville A Formally

356 views • 32 slides
UNIFICATION, OBSERVABLE LANDSCAPES AND NEW PARTICLES AT THE LHC Raffaele Tito DAgnolo - IAS

UNIFICATION, OBSERVABLE LANDSCAPES AND NEW PARTICLES AT THE LHC Raffaele Tito DAgnolo - IAS

UNIFICATION, OBSERVABLE LANDSCAPES AND NEW PARTICLES AT THE LHC Raffaele Tito DAgnolo - IAS Princeton A First Glance Beyond the Energy Frontier 9/9/2016-ICTP THE MOST EXCITING LHC RESULT THE HIGGS IS LIGHT AND THERE IS NOTHING

470 views • 46 slides
Unification Algorithm Idea: eliminate disagreements Consider the set of expressions { P ( a

Unification Algorithm Idea: eliminate disagreements Consider the set of expressions { P ( a

Unification Algorithm Idea: eliminate disagreements Consider the set of expressions { P ( a ) , P ( x ) } The expressions disagree on a and x The disagreement set is { a, x } Since x is a variable, we can eliminate this

181 views • 7 slides
Damas-Milner Type Inference Christine Rizkallah CSE, UNSW Term 3 2020 1 Implicitly Typed MinHS

Damas-Milner Type Inference Christine Rizkallah CSE, UNSW Term 3 2020 1 Implicitly Typed MinHS

Implicitly Typed MinHS Inference Algorithm Unification Damas-Milner Type Inference Christine Rizkallah CSE, UNSW Term 3 2020 1 Implicitly Typed MinHS Inference Algorithm Unification Implicitly Typed MinHS Explicitly typed languages are

1.01k views • 42 slides
Unification of embedded CPU variants 1 HISAO MUNAKATA RENESAS SOLUTIONS CORP

Unification of embedded CPU variants 1 HISAO MUNAKATA RENESAS SOLUTIONS CORP

Unification of embedded CPU variants 1 HISAO MUNAKATA RENESAS SOLUTIONS CORP hisao.munakata.vt(at)renesas.com Unification of embedded CPU variant support Linux Con Japan 2010 : 2010 9 29 Disclaimer 2 2 Everything I say here is just my

521 views • 35 slides

More recommend