Learning Loop Invariants for Program Verification
Size: px
Start display at page:

Download "Learning Loop Invariants for Program Verification"

Transcription

1 Learning Loop Invariants for Program Verification Xujie Si*, Hanjun Dai*, Mukund Raghothaman, Mayur Naik, Le Song University of Pennsylvania Georgia Institute of Technology NeurIPS 2018 Code: * equal contribution

2 Program verification Prove whether your code is bug-free

3 Program verification Prove whether your code is bug-free -- Some of rules can be automated: sequence rule, conditional rule,...

4 Program verification Prove whether your code is bug-free -- Some of rules can be automated: -- Except while rule sequence rule, conditional rule,... Loop Invariant <> Halting Problem

5 What is loop invariant?

6 What is loop invariant? Program

7 What is loop invariant? Program Loop Invariant

8 What is loop invariant? Program Loop Invariant Requirement:

9 Loop Invariant Checker

10 Loop Invariant Checker

11 Loop Invariant Checker

12 Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward code

13 Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward Agent code

14 Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward Agent code

15 Difficulties of learning loop Invariant 1. Highly sparse and non-smooth reward Agent code 0 / 1 (Correct or not)

16 Difficulties of learning loop invariant 2. Generalization ability ( ) 2 ( - > 0! 1 % = 0 Agent Agent... Agent code1 0 / 1 (Correct or not) code2 0 / 1 (Correct or not) coden 0 / 1 (Correct or not)

17 Difficulties of learning loop invariant 2. Generalization ability ( ) 2 ( - > 0! 1 % = 0 Agent Agent... Agent code1 0 / 1 (Correct or not) code2 0 / 1 (Correct or not) coden 0 / 1 (Correct or not) New code => Agent

18 Solution to sparsity and non-smoothness Agent code 0 (not correct)

19 Solution to sparsity and non-smoothness Agent code 0 (not correct) Counter-example: why am I wrong?! = 1, % = 10

20 Solution to sparsity and non-smoothness Collection of counter-examples: Agent code 0 (not correct) Counter-example: why am I wrong?! = 1, % = 10

21 Solution to sparsity and non-smoothness Collection of counter-examples: Agent code 0 (not correct) Counter-example: why am I wrong?! = 3, % = 2! = 3, % = 1! = 3, % = 1! = 0, % = 2! = 2, % = 2! = 0, % = 1! = 2, % = 1! = 0, % = 4! = 1, % = 1! = 2, % = 1! = 0, % = 3 Pre Inv Post! = 1, % = 10

22 Solution to sparsity and non-smoothness Collection of counter-examples: Agent code 0 (not correct) Counter-example: why am I wrong?! = 1, % = 10! = 3, % = 2! = 3, % = 1! = 3, % = 1! = 0, % = 2! = 2, % = 2! = 0, % = 1! = 2, % = 1! = 0, % = 4! = 1, % = 1! = 2, % = 1! = 0, % = 3 Pre Inv Post Smoothed reward

23 Solution to sparsity and non-smoothness Collection of counter-examples: Agent code 0 (not correct) Counter-example: why am I wrong?! = 1, % = 10! = 3, % = 2! = 3, % = 1! = 3, % = 1! = 0, % = 2! = 2, % = 2! = 0, % = 1! = 2, % = 1! = 0, % = 4! = 1, % = 1! = 2, % = 1! = 0, % = 3 Pre Inv Post Smoothed reward Reduced Z3 calls

24 Solution to generalization Transferable graph representation of source code => SSA Transformation =>

25 Code2Inv: End-to-end learning framework...! 0 &&! < 4 ' 100

26 Experimental evaluation of Code2Inv We collect 133 benchmark programs OOPSLA 2013, Dillig et al POPL 2016, Garag et al

27 Experimental evaluation of Code2Inv We collect 133 benchmark programs OOPSLA 2013, Dillig et al POPL 2016, Garag et al

28 Code2Inv as an out-of-the-box solver Ours Solved more instances with same # Z3 calls

29 Generalize to new programs void main (int n) { int x = 0 int m = 0 while (x < n) { if (unknown()) { m = x x = x + 1 if (n > 0) { assert (m < n)

30 Generalize to new programs void main (int n) { int x = 0 int m = 0 while (x < n) { int w = 0 int z = 0 if (unknown()) { m = x x = x + 1 if (n > 0) { assert (m < n)

31 Generalize to new programs void main (int n) { int x = 0 int m = 0 while (x < n) { if (unknown()) { m = x x = x + 1 if (n > 0) { assert (m < n) int w = 0 int z = 0 z = z + 1 z = m + 1 w = m + x

32 Generalize to new programs void main (int n) { int x = 0 int m = 0 while (x < n) { if (unknown()) { m = x x = x + 1 if (n > 0) { assert (m < n) int w = 0 int z = 0 z = z + 1 z = m + 1 w = m + x void main (int n) { int x = 0 int w = 0 int m = 0 int z = 0 while (x < n) { z = z + 1 if (unknown()) { m = x z = m + 1 x = x + 1 w = m + x if (n > 0) { assert (m < n)

33 1 confounding variable 3 confounding variables 5 confounding variables Generalization ability of Code2Inv

34 Poster session: 05: :00 PM Room 210 & 230 AB #23

Similar documents

Combining the Logical and the Probabilistic in Program Analysis. Xin Zhang Xujie Si Mayur Naik University of Pennsylvania

Combining the Logical and the Probabilistic in Program Analysis. Xin Zhang Xujie Si Mayur Naik University of Pennsylvania Combining the Logical and the Probabilistic in Program Analysis Xin Zhang Xujie Si Mayur Naik University of Pennsylvania What is Program Analysis? int f(int i) {... } Program Analysis x may be null!...

More information

Model Checking Embedded C Software using k-induction and Invariants

Model Checking Embedded C Software using k-induction and Invariants FEDERAL UNIVERSITY OF RORAIMA and FEDERAL UNIVESITY OF AMAZONAS Model Checking Embedded C Software using k-induction and Invariants Herbert Rocha, Hussama Ismail, Lucas Cordeiro and Raimundo Barreto Agenda

More information

Interactive Alarm Ranking System using Bayesian Inference

Interactive Alarm Ranking System using Bayesian Inference Interactive Alarm Ranking System using Bayesian Inference Kihong Heo University of Pennsylvania (cowork with Sulekha Kulkarni, Mayur Naik, Mukund Raghothaman) Jan 4 2017 @ Korea University 1 Conventional

More information

Automatic Software Verification

Automatic Software Verification Automatic Software Verification Instructor: Mooly Sagiv TA: Oded Padon Slides from Eran Yahav and the Noun Project, Wikipedia Course Requirements Summarize one lecture 10% one lecture notes 45% homework

More information

Program Verification! Goals of this Lecture! Words from the Wise! Testing!

Program Verification! Goals of this Lecture! Words from the Wise! Testing! Words from the Wise Testing On two occasions I have been asked [by members of Parliament], Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out? I am not able rightly

More information

Testing! The material for this lecture is drawn, in part, from! The Practice of Programming (Kernighan & Pike) Chapter 6!

Testing! The material for this lecture is drawn, in part, from! The Practice of Programming (Kernighan & Pike) Chapter 6! Testing The material for this lecture is drawn, in part, from The Practice of Programming (Kernighan & Pike) Chapter 6 1 Goals of this Lecture Help you learn about: Internal testing External testing General

More information

Static and Dynamic Program Analysis: Synergies and Applications

Static and Dynamic Program Analysis: Synergies and Applications Static and Dynamic Program Analysis: Synergies and Applications Mayur Naik Intel Labs, Berkeley CS 243, Stanford University March 9, 2011 Today s Computing Platforms Trends: parallel cloud mobile Traits:

More information

Learning Loop Invariants for Program Verification

Learning Loop Invariants for Program Verification Learning Loop Invariants for Program Verification Xujie Si University of Pennsylvania xsi@cis.upenn.edu Hanjun Dai Georgia Tech hanjundai@gatech.edu Mukund Raghothaman University of Pennsylvania rmukund@cis.upenn.edu

More information

MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING

MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING FEDERAL UNIVERSITY OF AMAZONAS INSTITUTE OF COMPUTING GRADUATE PROGRAM IN COMPUTER SCIENCE MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING Herbert Rocha, Raimundo Barreto,

More information

BITCOIN MINING IN A SAT FRAMEWORK

BITCOIN MINING IN A SAT FRAMEWORK BITCOIN MINING IN A SAT FRAMEWORK Jonathan Heusser @jonathanheusser DISCLAIMER JUST TO BE CLEAR.. This is research! Not saying ASICs suck I am not a cryptographer, nor SAT solver guy WTF REALISED PHD RESEARCH

More information

PUG (Prover of User GPU Programs) v0.2

PUG (Prover of User GPU Programs) v0.2 PUG (Prover of User GPU Programs) v0.2 Guodong Li School of Computing, University of Utah 1 Installation For details on PUG, see our forthcoming FSE 2010 paper. This manual pertains to our tool for which

More information

Profile-Guided Program Simplification for Effective Testing and Analysis

Profile-Guided Program Simplification for Effective Testing and Analysis Profile-Guided Program Simplification for Effective Testing and Analysis Lingxiao Jiang Zhendong Su Program Execution Profiles A profile is a set of information about an execution, either succeeded or

More information

Verifying C & C++ with ESBMC

Verifying C & C++ with ESBMC Verifying C & C++ with ESBMC Denis A Nicole dan@ecs.soton.ac.uk CyberSecuritySoton.org [w] @CybSecSoton [fb & tw] ESBMC ESBMC, the Efficient SMT-Based Context-Bounded Model Checker was originally developed

More information

Cooperative Bug Isolation

Cooperative Bug Isolation Cooperative Bug Isolation Alex Aiken Mayur Naik Stanford University Alice Zheng Michael Jordan UC Berkeley Ben Liblit University of Wisconsin Build and Monitor Alex Aiken, Cooperative Bug Isolation 2 The

More information

Program Verification. Aarti Gupta

Program Verification. Aarti Gupta Program Verification Aarti Gupta 1 Agenda Famous bugs Common bugs Testing (from lecture 6) Reasoning about programs Techniques for program verification 2 Famous Bugs The first bug: A moth in a relay (1945)

More information

Testing! The material for this lecture is drawn, in part, from! The Practice of Programming (Kernighan & Pike) Chapter 6!

Testing! The material for this lecture is drawn, in part, from! The Practice of Programming (Kernighan & Pike) Chapter 6! Testing The material for this lecture is drawn, in part, from The Practice of Programming (Kernighan & Pike) Chapter 6 1 Words from the Wise On two occasions I have been asked [by members of Parliament],

More information

Areas related to SW verif. Trends in Software Validation. Your Expertise. Research Trends High level. Research Trends - Ex 2. Research Trends Ex 1

Areas related to SW verif. Trends in Software Validation. Your Expertise. Research Trends High level. Research Trends - Ex 2. Research Trends Ex 1 Areas related to SW verif. Trends in Software Validation Abhik Roychoudhury CS 6214 Formal Methods Model based techniques Proof construction techniques Program Analysis Static Analysis Abstract Interpretation

More information

Duet: Static Analysis for Unbounded Parallelism

Duet: Static Analysis for Unbounded Parallelism Duet: Static Analysis for Unbounded Parallelism Azadeh Farzan and Zachary Kincaid University of Toronto Abstract. Duet is a static analysis tool for concurrent programs in which the number of executing

More information

Rethinking Automated Theorem Provers?

Rethinking Automated Theorem Provers? Rethinking Automated Theorem Provers? David J. Pearce School of Engineering and Computer Science Victoria University of Wellington @WhileyDave http://whiley.org http://github.com/whiley Background Verification:

More information

Verifying Recursive Programs using Intra-procedural Analyzers

Verifying Recursive Programs using Intra-procedural Analyzers Verifying Recursive Programs using Intra-procedural Analyzers Yu-Fang Chen, Academia Sinica, Taiwan joint work with Chiao Hsieh, Ming-Hsien Tsai, Bow-Yaw Wang and Farn Wang First of all Thanks for the

More information

Verifying the Safety of Security-Critical Applications

Verifying the Safety of Security-Critical Applications Verifying the Safety of Security-Critical Applications Thomas Dillig Stanford University Thomas Dillig 1 of 31 Why Program Verification? Reliability and security of software is a huge problem. Thomas Dillig

More information

Handling Loops in Bounded Model Checking of C Programs via k-induction

Handling Loops in Bounded Model Checking of C Programs via k-induction Software Tools for Technology Transfer manuscript No. (will be inserted by the editor) Handling Loops in Bounded Model Checking of C Programs via k-induction Mikhail Y. R. Gadelha, Hussama I. Ismail, and

More information

Overview. Verification with Functions and Pointers. IMP with assertions and assumptions. Proof rules for Assert and Assume. IMP+: IMP with functions

Overview. Verification with Functions and Pointers. IMP with assertions and assumptions. Proof rules for Assert and Assume. IMP+: IMP with functions Overview Verification with Functions and Pointers Işıl Dillig The IMP language considered so far does not have many features of realistics PLs Our goal today: Enrich IMP with two features, namely functions

More information

Lightweight Verification of Array Indexing

Lightweight Verification of Array Indexing Lightweight Verification of Array Indexing Martin Kellogg*, Vlastimil Dort**, Suzanne Millstein*, Michael D. Ernst* * University of Washington, Seattle ** Charles University, Prague The problem: unsafe

More information

: A Bounded Model Checking Tool to Verify Qt Applications

: A Bounded Model Checking Tool to Verify Qt Applications 23 rd International SPIN symposium on Model Checking of Software : A Bounded Model Checking Tool to Verify Qt Applications Mário A. P. Garcia, Felipe R. Monteiro, Lucas C. Cordeiro, and Eddie B. de Lima

More information

ESC/Java 2. Checker for Java 2. Extended. Static. B y K ats man Andrey S oftware E ngineering S em inar

ESC/Java 2. Checker for Java 2. Extended. Static. B y K ats man Andrey S oftware E ngineering S em inar ESC/Java 2 Extended Static Checker for Java 2 B y K ats man Andrey S oftware E ngineering S em inar 2 0 0 8 Background ESC/Java - Original development by Compaq Systems Research Center (1997) as a successor

More information

DART: Directed Automated Random Testing. CUTE: Concolic Unit Testing Engine. Slide Source: Koushik Sen from Berkeley

DART: Directed Automated Random Testing. CUTE: Concolic Unit Testing Engine. Slide Source: Koushik Sen from Berkeley DAR: Directed Automated Random esting CUE: Concolic Unit esting Engine Slide Source: Koushik Sen from Berkeley Verification and esting We would like to prove programs correct Verification and esting We

More information

Cover Page. The handle holds various files of this Leiden University dissertation

Cover Page. The handle holds various files of this Leiden University dissertation Cover Page The handle http://hdl.handle.net/1887/22891 holds various files of this Leiden University dissertation Author: Gouw, Stijn de Title: Combining monitoring with run-time assertion checking Issue

More information

Static program checking and verification

Static program checking and verification Chair of Software Engineering Software Engineering Prof. Dr. Bertrand Meyer March 2007 June 2007 Slides: Based on KSE06 With kind permission of Peter Müller Static program checking and verification Correctness

More information

No model may be available. Software Abstractions. Recap on Model Checking. Model Checking for SW Verif. More on the big picture. Abst -> MC -> Refine

No model may be available. Software Abstractions. Recap on Model Checking. Model Checking for SW Verif. More on the big picture. Abst -> MC -> Refine No model may be available Programmer Software Abstractions Tests Coverage Code Abhik Roychoudhury CS 5219 National University of Singapore Testing Debug Today s lecture Abstract model (Boolean pgm.) Desirable

More information

Finding and Fixing Bugs in Liquid Haskell. Anish Tondwalkar

Finding and Fixing Bugs in Liquid Haskell. Anish Tondwalkar Finding and Fixing Bugs in Liquid Haskell Anish Tondwalkar Overview Motivation Liquid Haskell Fault Localization Fault Localization Evaluation Predicate Discovery Predicate Discovery Evaluation Conclusion

More information

Part II. Hoare Logic and Program Verification. Why specify programs? Specification and Verification. Code Verification. Why verify programs?

Part II. Hoare Logic and Program Verification. Why specify programs? Specification and Verification. Code Verification. Why verify programs? Part II. Hoare Logic and Program Verification Part II. Hoare Logic and Program Verification Dilian Gurov Props: Models: Specs: Method: Tool: safety of data manipulation source code logic assertions Hoare

More information

Model Checking and Its Applications

Model Checking and Its Applications Model Checking and Its Applications Orna Grumberg Technion, Israel Verification and Deduction Mentoring Workshop July 13, 2018 1 Personal data Ph.d. in (non-automated) verification Postdoc in Model Checking

More information

Statistical Debugging for Real-World Performance Problems

Statistical Debugging for Real-World Performance Problems Statistical Debugging for Real-World Performance Problems Linhai Song 1 and Shan Lu 2 1 University of Wisconsin-Madison 2 University of Chicago What are Performance Problems? Definition of Performance

More information

Bottom-up Context-Sensitive Pointer Analysis for Java

Bottom-up Context-Sensitive Pointer Analysis for Java Bottom-up Context-Sensitive Pointer Analysis for Java Yu Feng, Xinyu Wang, Isil Dillig and Thomas Dillig UT Austin 1 What is this talk about? Pointer analysis Given a program variable v, what are the heap

More information

Steps for project success. git status. Milestones. Deliverables. Homework 1 submitted Homework 2 will be posted October 26.

Steps for project success. git status. Milestones. Deliverables. Homework 1 submitted Homework 2 will be posted October 26. git status Steps for project success Homework 1 submitted Homework 2 will be posted October 26 due November 16, 9AM Projects underway project status check-in meetings November 9 System-building project

More information

Formal Methods for Program Analysis and Generation

Formal Methods for Program Analysis and Generation Formal Methods for Program Analysis and Generation Robert van Engelen 10/1/09 Research Seminar First, a little story Step 0: School We learned to program in school Step 1: College then told to forget what

More information

Advances in Programming Languages

Advances in Programming Languages O T Y H Advances in Programming Languages APL8: ESC/Java2 David Aspinall (including slides by Ian Stark and material adapted from ESC/Java2 tutorial by David Cok, Joe Kiniry and Erik Poll) School of Informatics

More information

CS Lecture 19: Loop invariants

CS Lecture 19: Loop invariants CS 1110 Lecture 19: Loop invariants Announcements Prelim 2 conflicts Today (April 2) is two weeks before the prelim, and the deadline for submitting prelim conflicts. Instructor travel This week and the

More information

Runtime Checking and Test Case Generation for Python

Runtime Checking and Test Case Generation for Python Runtime Checking and Test Case Generation for Python Anna Durrer Master Thesis Chair of Programming Methodology D-INFK ETH Supervisor: Marco Eilers, Prof. Peter Müller 24. Mai 2017 1 Introduction This

More information

Intermediate Programming, Spring 2017*

Intermediate Programming, Spring 2017* 600.120 Intermediate Programming, Spring 2017* Misha Kazhdan *Much of the code in these examples is not commented because it would otherwise not fit on the slides. This is bad coding practice in general

More information

Verification of Parameterized Concurrent Programs By Modular Reasoning about Data and Control

Verification of Parameterized Concurrent Programs By Modular Reasoning about Data and Control Verification of Parameterized Concurrent Programs By Modular Reasoning about Data and Control Zachary Kincaid Azadeh Farzan University of Toronto January 18, 2013 Z. Kincaid (U. Toronto) Modular Reasoning

More information

Correctness of specifications. Correctness. Correctness of specifications (2) Example of a Correctness Proof. Testing versus Correctness Proofs

Correctness of specifications. Correctness. Correctness of specifications (2) Example of a Correctness Proof. Testing versus Correctness Proofs CS 390 Lecture 17 Correctness A product is correct if it satisfies its output specifications when operated under permitted conditions Correctness of specifications Incorrect specification for a sort (Figure

More information

CS 520 Theory and Practice of Software Engineering Fall 2018

CS 520 Theory and Practice of Software Engineering Fall 2018 CS 520 Theory and Practice of Software Engineering Fall 2018 Nediyana Daskalova Monday, 4PM CS 151 Debugging October 30, 2018 Personalized Behavior-Powered Systems for Guiding Self-Experiments Help me

More information

Last time. Reasoning about programs. Coming up. Project Final Presentations. This Thursday, Nov 30: 4 th in-class exercise

Last time. Reasoning about programs. Coming up. Project Final Presentations. This Thursday, Nov 30: 4 th in-class exercise Last time Reasoning about programs Coming up This Thursday, Nov 30: 4 th in-class exercise sign up for group on moodle bring laptop to class Final projects: final project presentations: Tue Dec 12, in

More information

Reasoning about programs

Reasoning about programs Reasoning about programs Last time Coming up This Thursday, Nov 30: 4 th in-class exercise sign up for group on moodle bring laptop to class Final projects: final project presentations: Tue Dec 12, in

More information

CS 510/13. Predicate Abstraction

CS 510/13. Predicate Abstraction CS 50/3 Predicate Abstraction Predicate Abstraction Extract a finite state model from an infinite state system Used to prove assertions or safety properties Successfully applied for verification of C programs

More information

The Boogie Intermediate Language

The Boogie Intermediate Language The Boogie Intermediate Language What is BoogiePL? A simplified C-like language that s structured for verification tasks Has constructs that allow specification of assumptions and axioms, as well as assertions

More information

XFindBugs: extended FindBugs for AspectJ

XFindBugs: extended FindBugs for AspectJ XFindBugs: extended FindBugs for AspectJ Haihao Shen, Sai Zhang, Jianjun Zhao, Jianhong Fang, Shiyuan Yao Software Theory and Practice Group (STAP) Shanghai Jiao Tong University, China A code Is there

More information

LAG: Lazily Aggregated Gradient for Communication-Efficient Distributed Learning

LAG: Lazily Aggregated Gradient for Communication-Efficient Distributed Learning LAG: Lazily Aggregated Gradient for Communication-Efficient Distributed Learning Tianyi Chen Georgios Giannakis Tao Sun Wotao Yin UMN, ECE UCLA, Math NeurIPS 208 Overview M := {,...,M} aaacaxicbvdlssnafj3uv62vqbvbzwarxjssseerhiibn4uk9gfnkjpjpb06mqkze6geuvfx3lhqxk/4c6/cdpmoa0hlhzouzd77wksrpv2ng+rslk6tr5r3cxtbe/s7tn7b20luoljcwsmzddaijdksuttzug3kqtfasodyhqz9tsprcoq+l0ej8sp0ydtigkkjds3jzipiwybk6trl3mrhgufvpwgn+nbzafqzacxizutmsjr7ntfxihwghoumunk9vwn0x6gpkaykunjsxvjeb6haekzylfmlj/nppjau6oemblsfndwpv6eyfcsdgotgem9fatelpxp6+x6ujszyhpuk04ni+kugagnm4yeglwzqndufyunmrxemkedymtjijwv8ezm0z6uuu3xvauv6ly+jci7bctgdlrgadxalmqafmhgez+avvflpovbn3mwwtwpnmi/sd6/aeiejx9

More information

Computer Security Course. Midterm Review

Computer Security Course. Midterm Review Computer Security Course. Dawn Song Midterm Review In class: Logistics On time: 4:10-5:30pm Wed 1 8x11 page cheat sheet allowed Special requirements: see TA Part I, II, III Scope Software Security Secure

More information

Seminar in Software Engineering Presented by Dima Pavlov, November 2010

Seminar in Software Engineering Presented by Dima Pavlov, November 2010 Seminar in Software Engineering-236800 Presented by Dima Pavlov, November 2010 1. Introduction 2. Overview CBMC and SAT 3. CBMC Loop Unwinding 4. Running CBMC 5. Lets Compare 6. How does it work? 7. Conclusions

More information

CS504 4 th Quiz solved by MCS GROUP

CS504 4 th Quiz solved by MCS GROUP CS504 4 th Quiz solved by MCS GROUP All are solved 100% correct with pages # remember us in ur prayerssss. Quiz Start Time: 01:26 PM Time Left 90 Question # 1 of 10 ( Start time: 01:26:29 PM ) Total Marks:

More information

Model Checking with Automata An Overview

Model Checking with Automata An Overview Model Checking with Automata An Overview Vanessa D Carson Control and Dynamical Systems, Caltech Doyle Group Presentation, 05/02/2008 VC 1 Contents Motivation Overview Software Verification Techniques

More information

F-Soft: Software Verification Platform

F-Soft: Software Verification Platform F-Soft: Software Verification Platform F. Ivančić, Z. Yang, M.K. Ganai, A. Gupta, I. Shlyakhter, and P. Ashar NEC Laboratories America, 4 Independence Way, Suite 200, Princeton, NJ 08540 fsoft@nec-labs.com

More information

Hyperkernel: Push-Button Verification of an OS Kernel

Hyperkernel: Push-Button Verification of an OS Kernel Hyperkernel: Push-Button Verification of an OS Kernel Luke Nelson, Helgi Sigurbjarnarson, Kaiyuan Zhang, Dylan Johnson, James Bornholt, Emina Torlak, and Xi Wang The OS Kernel is a critical component Essential

More information

Software Testing. Software Testing

Software Testing. Software Testing Software Testing Software Testing Error: mistake made by the programmer/ developer Fault: a incorrect piece of code/document (i.e., bug) Failure: result of a fault Goal of software testing: Cause failures

More information

Menu Driven Systems. While loops, menus and the switch statement. Mairead Meagher Dr. Siobhán Drohan. Produced by:

Menu Driven Systems. While loops, menus and the switch statement. Mairead Meagher Dr. Siobhán Drohan. Produced by: Menu Driven Systems While loops, menus and the switch statement Produced by: Mairead Meagher Dr. Siobhán Drohan Department of Computing and Mathematics http://www.wit.ie/ Topics list while loops recap

More information

FAKULTÄT FÜR INFORMATIK

FAKULTÄT FÜR INFORMATIK FAKULTÄT FÜR INFORMATIK DER TECHNISCHEN UNIVERSITÄT MÜNCHEN Master-Seminar Software Verification Author: Lukas Erlacher Advisor: Prof. Andrey Rybalchenko, Dr. Corneliu Popeea Submission: April, 2013 Contents

More information

CS 101 Spring 2007 Midterm 2 Name: ID:

CS 101 Spring 2007 Midterm 2 Name: ID: You only need to write your name and e-mail ID on the first page. This exam is CLOSED text book, closed-notes, closed-calculator, closed-neighbor, etc. Questions are worth different amounts, so be sure

More information

Predicate Abstraction of Java Programs with Collections. Pavel Parízek, Ondřej Lhoták

Predicate Abstraction of Java Programs with Collections. Pavel Parízek, Ondřej Lhoták Predicate Abstraction of Java Programs with Collections Pavel Parízek, Ondřej Lhoták Predicate abstraction void main() { int i = 0; int x = 1; while (i < 1) { x += i; i++; assert(x > 0); Predicates P_xle0:

More information

Inductive Invariant Generation via Abductive Inference

Inductive Invariant Generation via Abductive Inference Inductive Invariant Generation via Abductive Inference Isil Dillig Department of Computer Science College of William & Mary idillig@cs.wm.edu Thomas Dillig Department of Computer Science College of William

More information

Speed: Precise and Efficient Static Estimation of Program Computational Complexity

Speed: Precise and Efficient Static Estimation of Program Computational Complexity Speed: Precise and Efficient Static Estimation of Program Computational Complexity Sumit Gulwani Krishna K. Mehra Trishul Chilimbi POPL 2009 Presented by Stefan Blumer Motivation Performance Bugs Motivation

More information

Syntax-Guided Synthesis. Rajeev Alur. University of Pennsylvania

Syntax-Guided Synthesis. Rajeev Alur. University of Pennsylvania Syntax-Guided Synthesis Rajeev Alur University of Pennsylvania 1 Program Verification Specification S Program P Verifier Proof of correctness or Witness of a bug 2 Classical Program Synthesis Specification

More information

Configurable Software Model Checking

Configurable Software Model Checking Configurable Software Model Checking CPAchecker Dirk Beyer Dirk Beyer 1 / 26 Software Verification C Program int main() { int a = foo(); int b = bar(a); } assert(a == b); Verification Tool TRUE i.e., specification

More information

Siloed Reference Analysis

Siloed Reference Analysis Siloed Reference Analysis Xing Zhou 1. Objectives: Traditional compiler optimizations must be conservative for multithreaded programs in order to ensure correctness, since the global variables or memory

More information

Integrating verification in programming languages

Integrating verification in programming languages Integrating verification in programming languages Thomas Jensen, INRIA Seminar INRIA Rennes, 04/11/2015 Collège de France Chaire Algorithmes, machines et langages x / y Types For division to make sense,

More information

What is Stencil Computation?

What is Stencil Computation? Model Checking Stencil Computations Written in a Partitioned Global Address Space Language Tatsuya Abe, Toshiyuki Maeda, and Mitsuhisa Sato RIKEN AICS HIPS 13 May 20, 2013 What is Stencil Computation?

More information

Assertions. Assertions - Example

Assertions. Assertions - Example References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 11/13/2003 1 Assertions Statements about input to a routine or state of a class Have two primary roles As documentation,

More information

Goal. Overflow Checking in Firefox. Sixgill. Sixgill (cont) Verifier Design Questions. Sixgill: Properties 4/8/2010

Goal. Overflow Checking in Firefox. Sixgill. Sixgill (cont) Verifier Design Questions. Sixgill: Properties 4/8/2010 Goal Overflow Checking in Firefox Brian Hackett Can we clean a code base of buffer overflows? Keep it clean? Must prove buffer accesses are in bounds Verification: prove a code base has a property Sixgill

More information

Escape Analysis. Applications to ML and Java TM

Escape Analysis. Applications to ML and Java TM Escape Analysis. Applications to ML and Java TM Bruno Blanchet INRIA Rocquencourt Bruno.Blanchet@inria.fr December 2000 Overview 1. Introduction: escape analysis and applications. 2. Escape analysis 2.a

More information

SpaceSearch: A Library for Building and Verifying Solver-Aided Tools

SpaceSearch: A Library for Building and Verifying Solver-Aided Tools SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S. Stefan Weitz Lyubomirsky Heule Emina Torlak Michael D. Ernst Zachary Tatlock Reduction Reduction SMT Reduction

More information

A Classification of Concurrency Bugs in Java Benchmarks by Developer Intent

A Classification of Concurrency Bugs in Java Benchmarks by Developer Intent A Classification of Concurrency Bugs in Java Benchmarks by Developer Intent M. Erkan Keremoglu, Serdar Tasiran, Tayfun Elmas Center for Advanced Design Technologies @ Koc University http://designtech.ku.edu.tr

More information

Warmup : Name that tune!

Warmup : Name that tune! Warmup : Name that tune! Write, using a loop, Java code to print the lyrics to the song 99 Bottles of Beer on the Wall 99 bottles of beer on the wall. 99 bottles of beer. Take one down, pass it around,

More information

Semantics-Based Program Verifiers for All Languages

Semantics-Based Program Verifiers for All Languages Language-independent Semantics-Based Program Verifiers for All Languages Andrei Stefanescu Daejun Park Shijiao Yuwen Yilong Li Grigore Rosu Nov 2, 2016 @ OOPSLA 16 Problems with state-of-the-art verifiers

More information

CS 267: Automated Verification. Lecture 13: Bounded Model Checking. Instructor: Tevfik Bultan

CS 267: Automated Verification. Lecture 13: Bounded Model Checking. Instructor: Tevfik Bultan CS 267: Automated Verification Lecture 13: Bounded Model Checking Instructor: Tevfik Bultan Remember Symbolic Model Checking Represent sets of states and the transition relation as Boolean logic formulas

More information

Proving Properties of non-array Programs

Proving Properties of non-array Programs Proving Properties of non-array Programs Thanks to Priyanka Darke Tata Research Development and Design Centre, Pune, India December 13, 2017 Copyright 2012 Tata Consultancy Services Limited 1 Background

More information

PRISM An overview. automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation,

PRISM An overview. automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation, PRISM An overview PRISM is a probabilistic model checker automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation, Construction/analysis of probabilistic

More information

An Eclipse Plug-in for Model Checking

An Eclipse Plug-in for Model Checking An Eclipse Plug-in for Model Checking Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala Electrical Engineering and Computer Sciences University of California, Berkeley, USA Rupak Majumdar Computer Science

More information

CSE507. Practical Applications of SAT. Computer-Aided Reasoning for Software. Emina Torlak

CSE507. Practical Applications of SAT. Computer-Aided Reasoning for Software. Emina Torlak Computer-Aided Reasoning for Software CSE507 Practical Applications of SAT courses.cs.washington.edu/courses/cse507/18sp/ Emina Torlak emina@cs.washington.edu Today Past 2 lectures The theory and mechanics

More information

Software Model Checking. Xiangyu Zhang

Software Model Checking. Xiangyu Zhang Software Model Checking Xiangyu Zhang Symbolic Software Model Checking CS510 S o f t w a r e E n g i n e e r i n g Symbolic analysis explicitly explores individual paths, encodes and resolves path conditions

More information

Our First Programs. Programs. Hello World 10/7/2013

Our First Programs. Programs. Hello World 10/7/2013 Our First Programs C# Programming Rob Miles Programs In the practical session last week we created a number of programs In this session we are going to look at each program and see how it works/what it

More information

Formal Methods for Java

Formal Methods for Java Formal Methods for Java Lecture 1: Introduction Jochen Hoenicke Software Engineering Albert-Ludwigs-University Freiburg October 26, 2011 Jochen Hoenicke (Software Engineering) Formal Methods for Java October

More information

CSE 331 Midterm Exam Sample Solution 2/13/12

CSE 331 Midterm Exam Sample Solution 2/13/12 Question 1. (14 points) (assertions) Using backwards reasoning, find the weakest precondition for each sequence of statements and postcondition below. Insert appropriate assertions in each blank line.

More information

Dynamic data integration and stochastic inversion of a two-dimensional confined aquifer

Dynamic data integration and stochastic inversion of a two-dimensional confined aquifer Hydrology Days 2013 Dynamic data integration and stochastic inversion of a two-dimensional confined aquifer Dongdong Wang 1 Ye Zhang 1 Juraj Irsa 1 Abstract. Much work has been done in developing and applying

More information

Data Structure Synthesis. Calvin Loncaric Emina Torlak Michael D. Ernst

Data Structure Synthesis. Calvin Loncaric Emina Torlak Michael D. Ernst Data Structure Synthesis Calvin Loncaric Emina Torlak Michael D. Ernst Data structures are everywhere 2 Data structures are everywhere 2 Data structures are everywhere 2 Data structures are everywhere

More information

Turning proof assistants into programming assistants

Turning proof assistants into programming assistants Turning proof assistants into programming assistants ST Winter Meeting, 3 Feb 2015 Magnus Myréen Why? Why combine proof- and programming assistants? Why proofs? Testing cannot show absence of bugs. Some

More information

GNATprove a Spark2014 verifying compiler Florian Schanda, Altran UK

GNATprove a Spark2014 verifying compiler Florian Schanda, Altran UK 1 GNATprove a Spark2014 verifying compiler Florian Schanda, Altran UK Tool architecture User view Source gnatprove Verdict 2 Tool architecture More detailed view... Source Encoding CVC4 gnat2why gnatwhy3

More information

Differential program verification

Differential program verification Differential program verification Shuvendu K. Lahiri Research in Software Engineering (RiSE), Microsoft Research Redmond, WA Involved in building static assertion checkers HAVOC [POPL 06, 08, 09, CAV 09,

More information

CalFuzzer: An Extensible Active Testing Framework for Concurrent Programs Pallavi Joshi 1, Mayur Naik 2, Chang-Seo Park 1, and Koushik Sen 1

CalFuzzer: An Extensible Active Testing Framework for Concurrent Programs Pallavi Joshi 1, Mayur Naik 2, Chang-Seo Park 1, and Koushik Sen 1 CalFuzzer: An Extensible Active Testing Framework for Concurrent Programs Pallavi Joshi 1, Mayur Naik 2, Chang-Seo Park 1, and Koushik Sen 1 1 University of California, Berkeley, USA {pallavi,parkcs,ksen}@eecs.berkeley.edu

More information

ESC/Java2 vs. JMLForge. Juan Pablo Galeotti, Alessandra Gorla, Andreas Rau Saarland University, Germany

ESC/Java2 vs. JMLForge. Juan Pablo Galeotti, Alessandra Gorla, Andreas Rau Saarland University, Germany ESC/Java2 vs. JMLForge Juan Pablo Galeotti, Alessandra Gorla, Andreas Rau Saarland University, Germany ESC/Java2: the formula is built using Dijsktra s Weakes precondition. Automatic theorem prover: Simplify

More information

ESC/Java extended static checking for Java Erik Poll, Joe Kiniry, David Cok University of Nijmegen; Eastman Kodak Company

ESC/Java extended static checking for Java Erik Poll, Joe Kiniry, David Cok University of Nijmegen; Eastman Kodak Company ESC/Java extended static checking for Java Erik Poll, Joe Kiniry, David Cok University of Nijmegen; Eastman Kodak Company Erik Poll - JML p.1/?? ESC/Java Extended static checker by Rustan Leino et.al.

More information

Lecture 22. While Loops

Lecture 22. While Loops Lecture 22 While Loops Announcements for This Lecture Assignments Prelim 2 A5 is now graded Will be returned in lab Mean: 52 Median: 53 Std Dev: 5.5 Passing Grade: 30 A6 due next Tuesday Dataset should

More information

MTV: METHODS & TOOLS 4 VERIFICATION MASTER COMPUTER SCIENCE MARIEKE HUISMAN: STUDY ADVISOR MY NAME: JACO VAN DE POL

MTV: METHODS & TOOLS 4 VERIFICATION MASTER COMPUTER SCIENCE MARIEKE HUISMAN: STUDY ADVISOR MY NAME: JACO VAN DE POL MTV: METHODS & TOOLS 4 VERIFICATION MASTER COMPUTER SCIENCE MARIEKE HUISMAN: STUDY ADVISOR MY NAME: JACO VAN DE POL OVERVIEW Motivation Program Tools and Techniques Why choose MTV? (or avoid it) MoTiVation:

More information

Types, Universes and Everything

Types, Universes and Everything Types, Universes and Everything Andres Löh Dept. of Information and Computing Sciences, Utrecht University P.O. Box 80.089, 3508 TB Utrecht, The Netherlands Web pages: http://www.cs.uu.nl/wiki/center May

More information

System Correctness. EEC 421/521: Software Engineering. System Correctness. The Problem at Hand. A system is correct when it meets its requirements

System Correctness. EEC 421/521: Software Engineering. System Correctness. The Problem at Hand. A system is correct when it meets its requirements System Correctness EEC 421/521: Software Engineering A Whirlwind Intro to Software Model Checking A system is correct when it meets its requirements a design without requirements cannot be right or wrong,

More information

Satisfiability Modulo Theories: ABsolver

Satisfiability Modulo Theories: ABsolver Satisfiability Modulo Theories: ABsolver Michael Tautschnig Joint work with: Andreas Bauer Martin Leucker Christian Schallhart Michael Tautschnig 1 Outline 1. Introduction Michael Tautschnig 2 Outline

More information

Introduction to CBMC. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Arie Gurfinkel December 5, 2011

Introduction to CBMC. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Arie Gurfinkel December 5, 2011 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 December 5, 2011 based on slides by Daniel Kroening Bug Catching with SAT-Solvers Main Idea: Given a program and a claim use

More information

Sliced Path Prefixes: An Effective Method to Enable Refinement Selection

Sliced Path Prefixes: An Effective Method to Enable Refinement Selection FORTE '15 Sliced Path Prefixes: An Effective Method to Enable Refinement Selection Dirk Beyer, Stefan Löwe, Philipp Wendler SoSy-Lab Software Systems We want Refinement Selection!!! Because straight-forward

More information

PKIND: A parallel k-induction based model checker

PKIND: A parallel k-induction based model checker PKIND: A parallel k-induction based model checker Temesghen Kahsai The University of Iowa temesghen-kahsaiazene@uiowa.edu Cesare Tinelli The University of Iowa cesare-tinelli@uiowa.edu PKIND is a novel

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback