Presentation is loading. Please wait.

Presentation is loading. Please wait.

Verification and Data Structures int kmp_search(char str[], char pat[]){ p = 0; s = 0; while (p<pat.length && s<str.length){ if (str[s] == pat[p]){s++;

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Verification and Data Structures int kmp_search(char str[], char pat[]){ p = 0; s = 0; while (p<pat.length && s<str.length){ if (str[s] == pat[p]){s++;"— Presentation transcript:

1

2 Verification and Data Structures int kmp_search(char str[], char pat[]){ p = 0; s = 0; while (p<pat.length && s<str.length){ if (str[s] == pat[p]){s++; p++;} else if (p == 0){s++;} else{p = table[p-1] + 1;} } if (p >= plen) {return (s-plen)}; return (-1); } Need Universally Quantified Invariants 8 i: 0≤ i<table.length ) -1 ≤ table[i] Every element of table exceeds -1 Prove Access Within Array Bounds

3 Logic Types Precise data invariants Generalization, instantiation hard Coarse data structure invariants Generalization, instantiation easy Good SMT solvers available

4 Refinement Types Factor Invariant Into Logic x Type 8 i: 0 ≤ i < table.length ) -1 ≤ table[i] Logic Type table :: {v:int|-1 ≤ v} array (Refinement)

5 How To Retain Precision And Inference

6 table :: {v:int|-1 ≤ v} array Atoms Liquid Types Set of quantifier-free predicates -1 ≤ v0 < v0 < v v < 20 Refinements are conjunctions of atoms index :: {v:int|-1 ≤ v ∧ v < 20}

7 OCaml + Asserts Liquid Types Error Dsolve Atoms

8 Dsolve 1.Liquid Type Inference 2.Results 3.Demo

9 Liquid Type Inference program ML Type Inference int ! int int ! {v:int| X } x>0 ⊢ {v:int | v=x} <:{v:int |X } int ! {v:int|0 ≤ v} x>0 ∧ v=x ) X Liquid Type Templates Subtyping Implication Constraints Liquid Types

10 let rec ffor l u f = if l < u then ( f l; ffor (l+1) u f ) Type of f int ! unit Template of f {v:int| X } ! unit Liquid Type of f {v:int|l≤v ∧ v<u} ! unit l Flows Into Input of f {v:int | v=l} <: {v:int |X } l<u ⊢ l<u ∧ v=l ) X Solution X = l≤v ∧ v<u Reduces to

11 mapreduce (nearest dist ctra) (centroid plus) xs |> List.iter (fun (i,(x,sz)) -> ctra.(i)<- div x sz) Type of mapreduce (’a ! ’b * ’c list) !... ! ’b * ’c list Template of mapreduce (’a ! { X 1 } * ’a * { X 2 } list) !... ! { X 1 } * ’a * { X 2 } list Type Instantiation ’a with ’a ’b with int ’c with ’a * int Template Instantiation ’a with ’a ’b with {v:int| X 1 } ’c with ’a * {v:int| X 2 } Liquid Type of (nearest dist ctra) ’a ! {0≤ v<len ctra} * ’a * {0<v} list <: ’a ! { X 1 } * ’a * { X 2 } list Solution X 1 = 0≤v<len ctra X 2 = 0<v Reduces To 0 ≤ v <len ctra ) X 1 0<v ) X 2 Liquid Type of mapreduce Output {0≤ v<len ctra} * ’a * {0 < v} list

12 Dsolve 1.Liquid Type Inference 2.Results 3.Demo

13 Finite Maps 5: ‘cat’ 3: ‘cow’ 8: ‘tic’ 1: ‘doc’ 4: ‘hog’ 7: ‘ant’ 9: ‘emu’ From OCaml Standard Library Implemented as AVL Trees Rotate/Rebalance on Insert/Delete Verified Invariants Binary Search Ordered Height Balanced Keys Implement Set

14 Binary Decision Diagrams X1X1 X2X2 X2X2 X3X3 X4X4 X4X4 1 X 1  X 2  X 3  X 4 Verified Invariant Variables Ordered Along Each Path

15 ProgramVerified Invariants List-Based SortingSorted, Outputs Permutation of Input Finite Map (AVL)Balance, BST, Implements a Set Red-Black TreesBalance, BST, Color StablesortSorted Extensible VectorsBalance, Bounds Checking, … Binary HeapsHeap, Returns Min, Implements Set Splay HeapsBST, Returns Min, Implements Set MallocUsed and Free Lists Are Accurate BDDsVariable Order Union FindAcyclicity Bitvector UnificationAcyclicity

16 Dsolve 1.Liquid Type Inference 2.Results 3.Demo http://pho.ucsd.edu/liquid/demo/

Download ppt "Verification and Data Structures int kmp_search(char str[], char pat[]){ p = 0; s = 0; while (p<pat.length && s<str.length){ if (str[s] == pat[p]){s++;"

Similar presentations

Automatic verification of summations K. Rustan M. Leino IFIP WG 2.3 meeting 46 Sydney, Australia 11 January 2007.

Automatic verification of summations K. Rustan M. Leino IFIP WG 2.3 meeting 46 Sydney, Australia 11 January 2007.
Transposing F to C Transposing F to C Andrew Kennedy & Don Syme Microsoft Research Cambridge, U.K.

Transposing F to C Transposing F to C Andrew Kennedy & Don Syme Microsoft Research Cambridge, U.K.
Logical Abstract Interpretation Sumit Gulwani Microsoft Research, Redmond.

Logical Abstract Interpretation Sumit Gulwani Microsoft Research, Redmond.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
1 Symbol Tables Chapter 12.1-12.3 Sedgewick. 2 Symbol Tables Searching Searching is a fundamental element of many computational tasks looking up a name.

1 Symbol Tables Chapter Sedgewick. 2 Symbol Tables Searching Searching is a fundamental element of many computational tasks looking up a name.
Satisfiability Modulo Computable Functions Philippe Suter, Ali Sinan Köksal, and Viktor Kuncak ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE, SWITZERLAND Photo:

Satisfiability Modulo Computable Functions Philippe Suter, Ali Sinan Köksal, and Viktor Kuncak ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE, SWITZERLAND Photo:
– Seminar in Software Engineering Cynthia Disenfeld

– Seminar in Software Engineering Cynthia Disenfeld
Automated Verification with HIP and SLEEK Asankhaya Sharma.

Automated Verification with HIP and SLEEK Asankhaya Sharma.
50.530: Software Engineering

50.530: Software Engineering
Type Checking, Inference, & Elaboration CS153: Compilers Greg Morrisett.

Type Checking, Inference, & Elaboration CS153: Compilers Greg Morrisett.
Finding bugs: Analysis Techniques & Tools Symbolic Execution & Constraint Solving CS161 Computer Security Cho, Chia Yuan.

Finding bugs: Analysis Techniques & Tools Symbolic Execution & Constraint Solving CS161 Computer Security Cho, Chia Yuan.
Gennaro Parlato (LIAFA, Paris, France) Joint work with P. Madhusudan Xiaokang Qie University of Illinois at Urbana-Champaign.

Gennaro Parlato (LIAFA, Paris, France) Joint work with P. Madhusudan Xiaokang Qie University of Illinois at Urbana-Champaign.
Satisfiability Modulo Theories (An introduction)

Satisfiability Modulo Theories (An introduction)
Verification of Functional Programs in Scala Philippe Suter (joint work w/ Ali Sinan Köksal and Viktor Kuncak) ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE,

Verification of Functional Programs in Scala Philippe Suter (joint work w/ Ali Sinan Köksal and Viktor Kuncak) ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE,
Inferring Disjunctive Postconditions Corneliu Popeea and Wei-Ngan Chin School of Computing National University of Singapore - ASIAN 2006 -

Inferring Disjunctive Postconditions Corneliu Popeea and Wei-Ngan Chin School of Computing National University of Singapore - ASIAN
Automating Relatively Complete Verification of Higher-Order Functional Programs Hiroshi Unno (University of Tsukuba) Tachio Terauchi (Nagoya University)

Automating Relatively Complete Verification of Higher-Order Functional Programs Hiroshi Unno (University of Tsukuba) Tachio Terauchi (Nagoya University)
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
Binary Decision Diagrams1 BINARY DECISION DIAGRAMS.

Binary Decision Diagrams1 BINARY DECISION DIAGRAMS.
1 Satisfiability Modulo Theories Sinan Hanay. 2 Boolean Satisfiability (SAT) Is there an assignment to the p 1, p 2, …, p n variables such that  evaluates.

1 Satisfiability Modulo Theories Sinan Hanay. 2 Boolean Satisfiability (SAT) Is there an assignment to the p 1, p 2, …, p n variables such that  evaluates.
ML: a quasi-functional language with strong typing Conventional syntax: - val x = 5; (*user input *) val x = 5: int (*system response*) - fun len lis =

ML: a quasi-functional language with strong typing Conventional syntax: - val x = 5; (*user input *) val x = 5: int (*system response*) - fun len lis =

Similar presentations

Ads by Google