verification of imperative programs through
play

Verification of Imperative Programs through Transformation of - PowerPoint PPT Presentation

Feb 28, 2024 •140 likes •671 views

Verification of Imperative Programs through Transformation of Constraint Logic Programs Emanuele De Angelis 1 , Fabio Fioravanti 1 , Alberto Pettorossi 2 , and Maurizio Proietti 3 1 University of Chieti-Pescara G. dAnnunzio, Italy 2

  1. Verification of Imperative Programs through Transformation of Constraint Logic Programs Emanuele De Angelis 1 , Fabio Fioravanti 1 , Alberto Pettorossi 2 , and Maurizio Proietti 3 1 University of Chieti-Pescara ‘G. d’Annunzio’, Italy 2 University of Rome ‘Tor Vergata’, Italy 3 CNR - Istituto di Analisi dei Sistemi ed Informatica, Rome, Italy Milano, 25 Settembre 2014

  2. Program Verification Specification: {  } prog {  } in PL VC generator PL independent Verification Conditions Verifier ? correct incorrect unknown • The VC generator has to be rewritten when PL is changed • The work done is lost if the answer is “ unknown ”

  3. Transformation-based Verification Specification: Semantics of PL: {  } prog {  } Sem in PL Specialization of parametric VC generator wrt Sem PL independent Verification Conditions Satisfiability preserving Verifier transformation ? unknown correct incorrect • The VC generator is parametric wrt semantics of PL • The work done is kept even if the answer is “ unknown ”

  4. Parametric verification via CLP transformations Constraint Logic Programming (CLP) as a metalanguage for representing the semantics of PL The verification method based on CLP transformation is parametric with respect to: programming language and its operational semantics properties and proof rules theory of data structures. The input and the output of transformation are semantically equivalent CLP programs. This allows: composition of verification tasks iteration for refining verification interoperation with other verifiers that use CLP (Horn clause) format.

  5. Outline of the Talk CLP representation of the imperative program the semantics of the imperative language ( interpreter ) the property to be verified Verification method based on CLP program transformation Transformation rules and strategies that preserve the semantics of CLP VC generation by specialization of the interpreter VC transformation by propagation of the property to be verified Improving precision via iterated VC transformation Experimental evaluation: The VeriMAP system

  6. CLP as a metalanguage for imperative programs

  7. CLP with integer constraints ∧ G → H , written as: A CLP clause is an implication c ∧ H :- c, G. where H is an atom, c is a constraint, and G is a conjunction of atoms A constraint is a conjunction of linear equalities/inequalities over integers ( p 1 = p 2 , p 1 ≥ p 2 , p 1 > p 2 ) A CLP program is a set of CLP clauses Semantics: least model of the program with the fixed interpretation of constraints.

  8. Imperative Programs over Integers We consider an imperative language with integer variables, assignment, if-else, while-loop, and goto. Program increase : while(x < n){ x=x+1; y=x+y; } Partial Correctness Specification { x = 0 ∧ y = 0 } increase { x ≤ y }

  9. Encoding of an Imperative Program into CLP A program is represented as a set of atoms at ( label , command ). CLP encoding of increase : Program increase : at ( ℓ 0 , ite ( less ( int ( x ) , int ( n )) , ℓ 1 , ℓ h )). ℓ 0 : while(x < n){ at ( ℓ 1 , asgn ( int ( x ) , plus ( int ( x ) , int ( 1 )))). ℓ 1 : x=x+1; at ( ℓ 2 , asgn ( int ( y ) , plus ( int ( x ) , int ( y )))). ℓ 2 : y=x+y; at ( ℓ 3 , goto ( ℓ 0 )). ℓ 3 : } at ( ℓ h , halt ).

  10. CLP encoding of the operational semantics (1) A transition semantics is defined by: a set of configurations , i.e., a CLP term: cf ( C , S ) where: C is a labeled command S is a store , i.e., a list of [variable identifier, value] pairs: [[ int ( x ) , 2 ] , [ int ( y ) , 3 ]] a transition relation : tr ( cf ( C , S ) , cf ( C1 , S1 ))

  11. CLP encoding of the operational semantics (2) L: Id = Expr tr( cf(cmd(L,asgn(Id,Expr)),S), cf(cmd(L1,C1),S1)) :- aeval(Expr,S,V), evaluate expression update store update(Id,V,S,S1), next label nextlabel(L,L1), next command at(L1,C1). L: if (Expr) { tr( cf(cmd(L,ite(Expr,L1,L2)),S), cf(C,S)) :- beval(Expr,S), expression is true goto L1: at(L1,C). next command } else tr( cf(cmd(L,ite(Expr,L1,L2)),S), cf(C,S)) :- beval(not(Expr),S), expression is false goto L2 at(L2,C). next command } L: goto L1 tr( cf(cmd(L,goto(L1)),S), cf(C,S)) :- at(L1,C). at(L1,C). next command

  12. CLP encoding of (in)correctness Given the specification { ϕ init } prog { ψ } define ϕ error ≡ ¬ ψ Definition (Program Incorrectness) A program prog is incorrect w.r.t. ϕ init and ϕ error if from an initial configuration satisfying ϕ init it is possible to reach a final configuration satisfying ϕ error . Otherwise, program prog is correct . Definition (CLP encoding of incorrectness: The interpreter Int ) incorrect :- initConf(X), reach(X). reach(X) :- tr(X,Y), reach(Y). | reachability | reach(X) :- errorConf(X). initConf(X) ≡ X is a configuration satisfying ϕ init errorConf(X) ≡ X is a configuration satisfying ϕ error Theorem (Correctness of Encoding) prog is correct iff incorrect �∈ M ( Int ) (the least model of Int)

  13. Running Example: increase (Cont’d) Partial Correctness Specification { x = 0 ∧ y = 0 } ϕ init increase { x ≤ y } ψ { x > y } ϕ error ≡ ¬ ψ Initial and Error Configurations initConf(cf(cmd(0,ite(...)), [[int(x),X],[int(y),Y],[int(n),N]])) :- X=0, Y=0 . ϕ init errorConf(cf(cmd(h,halt), [[int(x),X],[int(y),Y],[int(n),N]])) :- X>Y . ϕ error

  14. Transformation of CLP

  15. Unfold/Fold Program Transformation [Burstall-Darlington 77,Tamaki-Sato 84, Etalle-Gabbrielli 96] P R • transformation rules : R ∈ { Definition, P 1 Unfolding, Folding, R Clause Removal } P 2 • the transformation rules preserve the least model : R incorrect ∈ M ( P ) iff incorrect ∈ M ( TransfP ) • the rules must be guided by a strategy . R TransfP

  16. Rules for Transforming CLP Programs R1. Definition. Introducing a new predicate newp ( X ) :- c , A

  17. Rules for Transforming CLP Programs R1. Definition. Introducing a new predicate newp ( X ) :- c , A R2. Unfolding. A symbolic evaluation step (resolution) given H :- c, A, G A :- d 1 , G 1 , . . . , A :- d m , G m derive H :- c , d 1 , G 1 , G , . . . , H :- c , d m , G m , G

  18. Rules for Transforming CLP Programs R1. Definition. Introducing a new predicate newp ( X ) :- c , A R2. Unfolding. A symbolic evaluation step (resolution) given H :- c, A, G A :- d 1 , G 1 , . . . , A :- d m , G m derive H :- c , d 1 , G 1 , G , . . . , H :- c , d m , G m , G R3. Folding. Matching the body of a predicate definition given H :- d , A , G newp ( X ) :- c , A and d → c derive H :- d , newp ( X ) , G

  19. Rules for Transforming CLP Programs R1. Definition. Introducing a new predicate newp ( X ) :- c , A R2. Unfolding. A symbolic evaluation step (resolution) given H :- c, A, G A :- d 1 , G 1 , . . . , A :- d m , G m derive H :- c , d 1 , G 1 , G , . . . , H :- c , d m , G m , G R3. Folding. Matching the body of a predicate definition given H :- d , A , G newp ( X ) :- c , A and d → c derive H :- d , newp ( X ) , G R4. Clause Removal. Removal of clauses with unsatisfiable constraint or subsumed by others

  20. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N.

  21. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N. definition: newp(N,X) :- X>0, reach(N,X).

  22. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N. definition: newp(N,X) :- X>0, reach(N,X). folding: % X=1 –> X>0 incorrect :- X=1, newp(N,X).

  23. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N. definition: newp(N,X) :- X>0, reach(N,X). folding: % X=1 –> X>0 incorrect :- X=1, newp(N,X). unfolding: newp(N,X) :- X>0, reach(N,X).

  24. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N. definition: newp(N,X) :- X>0, reach(N,X). folding: % X=1 –> X>0 incorrect :- X=1, newp(N,X). unfolding: newp(N,X) :- X>0, X<N, X’=X+1, reach(N,X’).

  25. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N. definition: newp(N,X) :- X>0, reach(N,X). folding: % X=1 –> X>0 incorrect :- X=1, newp(N,X). unfolding: newp(N,X) :- X>0, X<N, X’=X+1, reach(N,X’). newp(N,X) :- X>0, reach(N,X).

  26. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N. definition: newp(N,X) :- X>0, reach(N,X). folding: % X=1 –> X>0 incorrect :- X=1, newp(N,X). unfolding: newp(N,X) :- X>0, X<N, X’=X+1, reach(N,X’). newp(N,X) :- X>0, reach(N,X).

  27. An Example of Transformation Initial program P : incorrect :- X=1, reach(N,X). reach(N,X) :- X<N, X’=X+1, reach(N,X’). reach(N,X) :- X<0, X>=N. definition: newp(N,X) :- X>0, reach(N,X). folding: % X=1 –> X>0 incorrect :- X=1, newp(N,X). unfolding: newp(N,X) :- X>0, X<N, X’=X+1, reach(N,X’). newp(N,X) :- X>0, X<0, X>=N.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Separation Logics for Pointer Programs James Brotherston Lorentz Center Workshop on Effective

Separation Logics for Pointer Programs James Brotherston Lorentz Center Workshop on Effective

Separation Logics for Pointer Programs James Brotherston Lorentz Center Workshop on Effective Verification of Pointer Programs Monday 13th May, 2019 1/ 28 Part I Introduction to separation logic 2/ 28 Introduction Verification of imperative

758 views • 28 slides
On Formal Verification in Imperative Multivalued Programming over Continuous Data Types Gyesik

On Formal Verification in Imperative Multivalued Programming over Continuous Data Types Gyesik

On Formal Verification in Imperative Multivalued Programming over Continuous Data Types Gyesik Lee, Norbert M uller, Eike Neumann, Sewon Park, Norbert Preining, Martin Ziegler November 29, 2017 1 1. Motivation Recursive Analysis

693 views • 34 slides
Bound Analysis of Imperative Programs with the Size change Abstraction Florian Zuleger, TU

Bound Analysis of Imperative Programs with the Size change Abstraction Florian Zuleger, TU

Bound Analysis of Imperative Programs with the Size change Abstraction Florian Zuleger, TU Vienna SAS, Venice, 16.09.2011 Joint work with Sumit Gulwani, Microsoft Research Moritz Sinn, Helmut Veith, TU Vienna Resource Bounds Programs consume a

1.05k views • 48 slides
Formal verification of numerical programs: from C annotated programs to Coq proofs Sylvie Boldo

Formal verification of numerical programs: from C annotated programs to Coq proofs Sylvie Boldo

Third International Workshop on Numerical Software Verification Formal verification of numerical programs: from C annotated programs to Coq proofs Sylvie Boldo INRIA Saclay - Ile-de-France July 15th, 2010 Thanks to the organizers !

1.72k views • 136 slides
Difference Constraints: An adequate Abstraction for Complexity Analysis of Imperative Programs

Difference Constraints: An adequate Abstraction for Complexity Analysis of Imperative Programs

Difference Constraints: An adequate Abstraction for Complexity Analysis of Imperative Programs Florian Zuleger Technische Universitt Wien FMCAD, 28.09.2015 Joint work with Moritz Sinn, Helmut Veith Bounds and Complexity foo(uint n) Local

437 views • 26 slides
Direct Manipulation For Imperative Programs Hu 1 , Roopsha Samanta 2 , Rishabh Singh 3 , Loris

Direct Manipulation For Imperative Programs Hu 1 , Roopsha Samanta 2 , Rishabh Singh 3 , Loris

Direct Manipulation For Imperative Programs Hu 1 , Roopsha Samanta 2 , Rishabh Singh 3 , Loris DAntoni 1 Qin Qinhepin ing Hu 1 Universitve of Wisconsin-Madison 2 Purdue University 3 Google 5 Variable values Call stack code 6 Python

1.04k views • 90 slides
Customised Induction Rules for Proving Correctness of Imperative Programs Angela Wallenburg

Customised Induction Rules for Proving Correctness of Imperative Programs Angela Wallenburg

Customised Induction Rules for Proving Correctness of Imperative Programs Angela Wallenburg angelaw@cs.chalmers.se 4th International Symposium June 9, 2005, L okeberg Outline 1. Problem: Induction and Loops 2. First approach: Use idea

821 views • 34 slides
Imperative vs. object- oriented paradigms 1 11/14/17 Imperative vs. object-oriented u

Imperative vs. object- oriented paradigms 1 11/14/17 Imperative vs. object-oriented u

11/14/17 CSCI-2320 Object-Oriented Paradigm: Ruby Mohammad T . Irfan Imperative vs. object- oriented paradigms 1 11/14/17 Imperative vs. object-oriented u Imperative u Procedural decomposition u Procedures are all powerful u Data is

582 views • 45 slides
Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric

Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric

Introduction SMT/Max-SMT solving Invariant generation Termination analysis Further work Proving Termination of Imperative Programs using Max-SMT Daniel Larraz, Albert Oliveras, Enric Rodr guez-Carbonell and Albert Rubio Universitat

1.18k views • 73 slides
Proving Equivalence of Imperative Programs via Constrained Rewriting Induction Carsten Fuhs

Proving Equivalence of Imperative Programs via Constrained Rewriting Induction Carsten Fuhs

Proving Equivalence of Imperative Programs via Constrained Rewriting Induction Carsten Fuhs Birkbeck, University of London joint work with Cynthia Kop (U Copenhagen) and Naoki Nishida (U Nagoya) Workshop on Program Equivalence, London, UK 11

2.1k views • 197 slides
Imperative vs. object- oriented paradigms 1 11/17/14 Imperative vs. object-oriented

Imperative vs. object- oriented paradigms 1 11/17/14 Imperative vs. object-oriented

11/17/14 CSCI-2325 Object-Oriented Paradigm: Ruby Mohammad T . Irfan Imperative vs. object- oriented paradigms 1 11/17/14 Imperative vs. object-oriented u Imperative u Procedural decomposition u Procedures are all

867 views • 33 slides
Imperative vs. object- oriented paradigms 1 11/11/14 Imperative vs. object-oriented

Imperative vs. object- oriented paradigms 1 11/11/14 Imperative vs. object-oriented

11/11/14 CSCI-2325 Object-Oriented Paradigm: Ruby Mohammad T . Irfan Imperative vs. object- oriented paradigms 1 11/11/14 Imperative vs. object-oriented u Imperative u Procedural decomposition u Procedures are all

577 views • 31 slides
The KeY Platform for Verification and Analysis of Java Programs Reiner H ahnle Technische

The KeY Platform for Verification and Analysis of Java Programs Reiner H ahnle Technische

The KeY Platform for Verification and Analysis of Java Programs Reiner H ahnle Technische Universit at Darmstadt Department of Computer Science, Software Engineering Group Dagstuhl Seminar 16131: Language Based Verification Tools for

1.01k views • 68 slides
Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

CS6202: Advanced Topics in Programming Hoare Logic Hoare Logic Languages and Systems Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview Notation : {P} code {Q} Assertion Logic {P}

557 views • 19 slides
Polyhedral Domains and Widening for Verification of Numerical Programs Goran Frehse Verimag

Polyhedral Domains and Widening for Verification of Numerical Programs Goran Frehse Verimag

Polyhedral Domains and Widening for Verification of Numerical Programs Goran Frehse Verimag Hitashyam Maka and Bruce H. Krogh Carnegie Mellon University 1 Verification of numerical programs Problem definition Polyhedral domains

390 views • 26 slides
Lecture 31: Declarative Programming Imperative vs. Declarative So far, our programs are

Lecture 31: Declarative Programming Imperative vs. Declarative So far, our programs are

Lecture 31: Declarative Programming Imperative vs. Declarative So far, our programs are explicit directions for solving a problem; the problem itself is implicit in the program. Declarative programming turns this around: A program

249 views • 3 slides
CS675: Convex and Combinatorial Optimization Spring 2018 Duality of Convex Sets and Functions

CS675: Convex and Combinatorial Optimization Spring 2018 Duality of Convex Sets and Functions

CS675: Convex and Combinatorial Optimization Spring 2018 Duality of Convex Sets and Functions Instructor: Shaddin Dughmi Outline Convexity and Duality 1 Duality of Convex Sets 2 Duality of Convex Functions 3 Duality Correspondances There

537 views • 34 slides
Embeddings into Thompsons group V and coCF groups Francesco Matucci (joint with C. Bleak, M.

Embeddings into Thompsons group V and coCF groups Francesco Matucci (joint with C. Bleak, M.

Embeddings into Thompsons group V and coCF groups Francesco Matucci (joint with C. Bleak, M. Neunh offer) Groups St. Andrews 2013 St. Andrews August 7, 2013 Finite state automaton Finite state automaton Mathematical model of

1.52k views • 107 slides
Regular Languages Mark Greenstreet, CpSc 421, Term 1, 2006/07 8 September 2008 p.1/14

Regular Languages Mark Greenstreet, CpSc 421, Term 1, 2006/07 8 September 2008 p.1/14

Regular Languages Mark Greenstreet, CpSc 421, Term 1, 2006/07 8 September 2008 p.1/14 Lecture Outline Regular Languages Definition of regular languages Closure properties 8 September 2008 p.2/14 Lecture Outline Regular

303 views • 19 slides
CSC 473 Automata, Grammars &amp; Languages 9/29/10 Automata, Grammars and Languages Discourse 03

CSC 473 Automata, Grammars &amp; Languages 9/29/10 Automata, Grammars and Languages Discourse 03

CSC 473 Automata, Grammars &amp; Languages 9/29/10 Automata, Grammars and Languages Discourse 03 Finite Automata C SC 473 Automata, Grammars &amp; Languages Finite Automata / Switching Theory (CS) / (CE) Boolean operators / Gates

519 views • 32 slides
Description and Evaluation of a Generic Design to Integrate CLP and Tabled Execution Joaqun

Description and Evaluation of a Generic Design to Integrate CLP and Tabled Execution Joaqun

www.software.imdea.org Description and Evaluation of a Generic Design to Integrate CLP and Tabled Execution Joaqun Arias 1 , 2 Manuel Carro 1 , 2 1 IMDEA Software Institute, 2 Technical University of Madrid 1 / 23 www.software.imdea.org

777 views • 32 slides
Typing Linear Constraints Types for Moding CLP( R ) Programs Syntax Semantics Checking type

Typing Linear Constraints Types for Moding CLP( R ) Programs Syntax Semantics Checking type

Typing Linear Constraints Salvatore RUGGIERI and Fred MESNARD Introduction Typing Linear Constraints Types for Moding CLP( R ) Programs Syntax Semantics Checking type assertions A linear programming Salvatore RUGGIERI and Fred MESNARD

476 views • 26 slides
Symbolic Verification in Synchronous Constraint Programming (Work in progress) Synchronous

Symbolic Verification in Synchronous Constraint Programming (Work in progress) Synchronous

Symbolic Verification in Synchronous Constraint Programming (Work in progress) Synchronous workshop 2003 Christophe Mauras Christophe.Mauras@univ-nantes.fr Irin/Universit e de Nantes Overview From Symbolic Simulation to Constraint

388 views • 19 slides
Relation Algebra, Allegories, and Logic Programming Emilio Jess Gallego Arias [joint work with

Relation Algebra, Allegories, and Logic Programming Emilio Jess Gallego Arias [joint work with

Relation Algebra, Allegories, and Logic Programming Emilio Jess Gallego Arias [joint work with J. Lipton, J. Mario] CRI-Mines ParisTech Deducteam Seminar 17/10/2014 Paris EJGA (CRI-Mines) Allegories and CLP 09/22/2013 1 / 35

1.22k views • 106 slides

More recommend