Presentation is loading. Please wait.

Presentation is loading. Please wait.

Matching Logic - A New Program Verification Approach -

Published byΕυγένεια Αβραμίδης Modified over 5 years ago

Similar presentations

Presentation on theme: "Matching Logic - A New Program Verification Approach -"— Presentation transcript:

1 Matching Logic - A New Program Verification Approach -
Grigore Rosu and Andrei Stefanescu University of Illinois at Urbana-Champaign

2 Question Floyd-Hoare logic
… could it be that, after 40 years of program verification, we still lack the right semantically grounded program verification foundation? Floyd-Hoare logic

3 ? Question Floyd-Hoare logic
… could it be that, after 40 years of program verification, we still lack the right semantically grounded program verification foundation? ? Floyd-Hoare logic

4 Limitations of Floyd-Hoare Logic
Requires encodings of structural program configuration properties as predicates Heap, stacks, input/output, etc. Framing is hard to deal with Not based on a formal executable semantics Thus, hard to test Semantic errors found by proving wrong properties Soundness rarely or never proved in practice Implementations of Floyd-Hoare verifiers for real languages still an art, who few master

5 Ideal Program Logic Based on a formal executable semantics
So we can test it by executing 1000’s of programs Sound “by construction” Allows us to state any structural properties about configurations Heap, stacks, input/output, etc. Framing would be straightforward; nothing special Leads to immediate implementations of program verifiers, based on the executable semantics

6 Matching Logic A logic for reasoning about configurations
Builds upon executable/operational semantics Provides ground configurations and transitions Matching Logic Formulae / Specifications FOL over configurations with variables, called patterns Models Ground configurations Satisfaction Matching for configurations, plus FOL for the rest

7 Formal Executable Semantics of KernelC

8 Formal Executable Semantics of KernelC
Syntax declared using annotated BNF

9 Formal Executable Semantics of KernelC
Configuration given as a nested cell structure. Leaves can be sets, multisets, lists, maps, or syntax

10 Formal Executable Semantics of KernelC
<k> X = V => V <_/k> <env_> X |-> (_ => V) <_/env> Semantic rules given contextually

11 Formal Executable Semantics of KernelC
K Framework Highlights: Modular, scales well (C, Scheme, Verilog, …) Easy to use: user by undergrads Multiple uses: interpreters, model checkers, …

12 Examples of Patterns  |A| >1
x points to sequence A with |A|>1, and the reversed sequence rev(A) has been output untrusted()can only be called from trusted()  |A| >1

13 Does it Really Work? We implemented a proof-of-concept matching logic verifier for a fragment of C Could verify all properties currently verifiable with existing separation logic based verifiers (for C-like languages) Could also verify properties that cannot be expressed in separation logic See Matching Logic poster tomorrow Demo possible

14 MatchC at Work – Heap and I/O

15 MatchC at Work – Heap and I/O
Reads integers from standard input and stores them in a list in the heap; then it deallocates the list, printing its elements to the standard output. Since nothing is requested, MatchC will simply run the semantics.

16 MatchC at Work – Heap and I/O

17 MatchC at Work – Heap and I/O

18 MatchC at Work – Heap and I/O

19 MatchC at Work – Heap and I/O

20 Conclusion Hoare Logic may not be the ultimate answer to the problem of program verification! In Matching Logic, we use an executable semantics of a language as is for verification As opposed to redefining it as a Hoare logic Executable semantics is testable and reusable Giving an executable semantics is not necessarily painful, it can be fun if one uses the right tools

Download ppt "Matching Logic - A New Program Verification Approach -"

Similar presentations

Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.

Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
1 Dependent Types for Termination Verification Hongwei Xi University of Cincinnati.

1 Dependent Types for Termination Verification Hongwei Xi University of Cincinnati.
1 Operational Semantics Mooly Sagiv Tel Aviv University 640-6706 Textbook: Semantics with Applications.

1 Operational Semantics Mooly Sagiv Tel Aviv University Textbook: Semantics with Applications.
Presentation for Proof Assistant course by Nadya Kalabishka

Presentation for Proof Assistant course by Nadya Kalabishka
Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space 03-640-760603-640-5358 html://www.cs.tau.ac.il/~msagiv/courses/sem03.html.

Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space html://
Semantics with Applications Mooly Sagiv Schrirber 317 03-640-7606 html://www.cs.tau.ac.il/~msagiv/courses/sem08.html Textbooks:Winskel The.

Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.
CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.

CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.
Formal Aspects of Computer Science – Week 12 RECAP Lee McCluskey, room 2/07

Formal Aspects of Computer Science – Week 12 RECAP Lee McCluskey, room 2/07
Formal Specification Thomas Alspaugh ICS 221 2002 Nov 7.

Formal Specification Thomas Alspaugh ICS Nov 7.
David Evans CS150: Computer Science University of Virginia Computer Science Lecture 28: Implementing Interpreters.

David Evans CS150: Computer Science University of Virginia Computer Science Lecture 28: Implementing Interpreters.
Computer Science 101 Introduction to Programming.

Computer Science 101 Introduction to Programming.
Matching Logic Grigore Rosu University of Illinois at Urbana-Champaign, USA 1.

Matching Logic Grigore Rosu University of Illinois at Urbana-Champaign, USA 1.
Crowfoot: a verifier for higher order store programs Billiejoe (Nathaniel) Charlton Ben Horsfall Bernhard Reus University of Sussex VMCAI 2012.

Crowfoot: a verifier for higher order store programs Billiejoe (Nathaniel) Charlton Ben Horsfall Bernhard Reus University of Sussex VMCAI 2012.
Created by, Author Name, School Name—State FLUENCY WITH INFORMATION TECNOLOGY Skills, Concepts, and Capabilities.

Created by, Author Name, School Name—State FLUENCY WITH INFORMATION TECNOLOGY Skills, Concepts, and Capabilities.
An Algebra for Composing Access Control Policies (2002) Author: PIERO BONATTI, SABRINA DE CAPITANI DI, PIERANGELA SAMARATI Presenter: Siqing Du Date: 09-22-05.

An Algebra for Composing Access Control Policies (2002) Author: PIERO BONATTI, SABRINA DE CAPITANI DI, PIERANGELA SAMARATI Presenter: Siqing Du Date:
Checking Reachability using Matching Logic Grigore Rosu and Andrei Stefanescu University of Illinois, USA.

Checking Reachability using Matching Logic Grigore Rosu and Andrei Stefanescu University of Illinois, USA.
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Similar presentations

Ads by Google