testing abstraction theorem proving better together
play

Testing, Abstraction, Theorem Proving: Better Together Authors: - PowerPoint PPT Presentation

Apr 02, 2023 •210 likes •1.12k views

Testing, Abstraction, Theorem Proving: Better Together Authors: Greta Yorsh Thomas Ball Mooly Sagiv Presenter: Michael Rudolph Seminar Program Analysis and Software Testing University of Freiburg 2016 Motivation Program No Proof no error

  1. Testing, Abstraction, Theorem Proving: Better Together Authors: Greta Yorsh Thomas Ball Mooly Sagiv Presenter: Michael Rudolph Seminar Program Analysis and Software Testing University of Freiburg 2016

  2. Motivation Program No Proof no error Execute tests error Test set Real error Dynamic Analysis

  3. Motivation Proof no error Program Analysis Abstraction error Potential error Static Analysis

  4. False error Unreachable concrete states Reachable concrete states false error Abstract state = +

  5. Motivation Dynamic Analysis Static Analysis No Proof Real error Proof Potential error

  6. Motivation Dynamic Analysis Static Analysis No Proof Real error Proof Potential error solved by

  7. Motivation Dynamic Analysis Static Analysis No Proof Real error Proof Potential error solved by solved by

  8. Motivation ⇓ Idea: Combine both approaches.

  9. Table of Contents 1 Motivation 2 Overview method 3 Real error 4 Proof 5 False error 6 Conclusion

  10. Example Algorithm: foo(int x, int y) I int ∗ px = NULL ; A x = x + 1; B if x < 4 then px = & x ; C D if px == & y then x = x + 1; E F if x < 5 then ∗ px = ∗ px + 1; G (foo algorithm, G. Yorsh , T. Ball, and M. Sagiv , 2006.)

  11. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL)

  12. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL)

  13. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C

  14. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C D if px == & y // (pc=D, x=4, y=0, px=NULL) then x = x + 1; // Dead code E

  15. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C D if px == & y // (pc=D, x=4, y=0, px=NULL) then x = x + 1; // Dead code E F if x < 5 // (pc=F, x=4, y=0, px=NULL) then ∗ px = ∗ px + 1; // (pc=G, x=4, y=0, px=NULL) G

  16. Example Algorithm: foo(3, 0) I int ∗ px = NULL ; // (pc=I, x=3, y=0, px=NULL) A x = x + 1; // (pc=A, x=3, y=0, px=NULL) B if x < 4 // (pc=B, x=4, y=0, px=NULL) then px = & x ; C D if px == & y // (pc=D, x=4, y=0, px=NULL) then x = x + 1; // Dead code E F if x < 5 // (pc=F, x=4, y=0, px=NULL) then ∗ px = ∗ px + 1; // (pc=G, x=4, y=0, px=NULL) G ⇒ Null pointer dereference error =

  17. Execute program P test set T potential error Execute (Figure 1, G. Yorsh , T. Ball, and M. Sagiv , 2006.)

  18. Execute program P test set T potential error Execute (Figure 1, G. Yorsh , T. Ball, and M. Sagiv , 2006.)

  19. Execute Program P Test set foo(2,0) = foo (pc=I, x=2, y=0, px=NULL) An example input.

  20. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL)

  21. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL)

  22. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL) B if x < 4 // (pc=B, x=3, y=0, px=NULL) then px = & x ; // (pc=C, x=3, y=0, px=NULL) C

  23. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL) B if x < 4 // (pc=B, x=3, y=0, px=NULL) then px = & x ; // (pc=C, x=3, y=0, px=NULL) C D if px == & y // (pc=D, x=3, y=0, px= ¬ NULL) then x = x + 1; E

  24. Execute Algorithm: foo(2, 0) I int ∗ px = NULL ; // (pc=I, x=2, y=0, px=NULL) A x = x + 1; // (pc=A, x=2, y=0, px=NULL) B if x < 4 // (pc=B, x=3, y=0, px=NULL) then px = & x ; // (pc=C, x=3, y=0, px=NULL) C D if px == & y // (pc=D, x=3, y=0, px= ¬ NULL) then x = x + 1; E F if x < 5 // (pc=F, x=3, y=0, px= ¬ NULL) then ∗ px = ∗ px + 1; // (pc=G, x=3, y=0, px= ¬ NULL) G

  25. Execute Execute test set ⇒ No Error. but Execute foo(3,0) ⇒ Error ⇓ Execute phase gives no proof.

  26. Abstract test set T program P potential error Execute C T Abstract

  27. Abstract Unreachable concrete states Reachable concrete states Abstract state = +

  28. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) I int ∗ px = NULL ;

  29. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1;

  30. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C

  31. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t

  32. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t D if px == & y then x = x + 1; E pc=D, x=3, y=0, px= ¬ NULL D, t, f

  33. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t D if px == & y then x = x + 1; E pc=D, x=3, y=0, px= ¬ NULL D, t, f F if x < 5 then ∗ px = ∗ px +1; G pc=F, x=3, y=0, px= ¬ NULL F, t, f

  34. Abstract α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } C T A T pc=I, x=2, y=0, px=NULL I, t, t Algorithm: foo(2,0) pc=A, x=2, y=0, px=NULL A, t, t I int ∗ px = NULL ; A x = x + 1; pc=B, x=3, y=0, px=NULL B, t, t B if x < 4 then px = & x ; C pc=C, x=3, y=0, px=NULL C, t, t D if px == & y then x = x + 1; E pc=D, x=3, y=0, px= ¬ NULL D, t, f F if x < 5 then ∗ px = ∗ px +1; G pc=F, x=3, y=0, px= ¬ NULL F, t, f pc=G, x=3, y=0, px= ¬ NULL G, t, f

  35. Check adequacy test set T program P potential error Execute C T Abstract A T Check adequacy

  36. Check adequacy What are successor states ? Let’s look at our example. Algorithm: part of foo(int x, int y) A x = x + 1; B if x < 4 then px = & x ; // If B is true. C D if px == & y // If B is false. then x = x + 1; E F if x < 5 then ∗ px = ∗ px + 1; G Successor states of B

  37. Check adequacy A set of tests T is adequate under a given abstraction ⇔ for all concrete states which are represented by A T it holds that their successor states are covered by A T , too. � A T : abstract states covered by T concrete state c successor states of c

  38. Check adequacy A set of tests T is adequate under a given abstraction ⇔ for all concrete states which are represented by A T it holds that their successor states are covered by A T , too. A T : abstract states covered by T concrete state c successor states of c

  39. Check adequacy α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } A T I, t, t Algorithm: foo(int x, int y) A, t, t I int ∗ px = NULL ; A x = x + 1; B, t, t B if x < 4 then px = & x ; // (pc=C, x<4, px=Null) C C, t, t D if px == & y then D, t, f x = x + 1; E F if x < 5 then F, t, f ∗ px = ∗ px + 1; G G, t, f

  40. Check adequacy α ( C ) = { ( pc , x < 5 , px = NULL ) | ( pc , x , y , px ) ∈ C } A T I, t, t Algorithm: foo(int x, int y) A, t, t I int ∗ px = NULL ; A x = x + 1; B, t, t B if x < 4 then px = & x ; C C, t, t D if px == & y // (pc=D, x>=4, px=NULL) then D, t, f x = x + 1; E F if x < 5 then F, t, f ∗ px = ∗ px + 1; G G, t, f

  41. Check adequacy The successor state (D,4,0,NULL) is not covered by A T ⇓ adequacy check fails.

  42. Fabricate test test set T program P potential error Execute C T Abstract ′ A T T Check adequacy Fabricate test failed

  43. Fabricate test The successor state (D,4,0,NULL) is not covered by A T ⇓ adequacy check fails. ⇓ model generator fabricates a pair of concrete states, e.g. (B,4,0,NULL), (D,4,0,NULL) concrete states need not to be reachable. ⇓ extend test set T by the generated concrete states.

  44. Check safety property program P test set T potential error C T Execute Abstract ′ A T T Check adequacy Fabricate test failed adequate potential error Check safety verified properties

Recommend

On Theorem Proving for Program Checking Historical perspective and recent developments Maria

On Theorem Proving for Program Checking Historical perspective and recent developments Maria

Outline Introduction Where is theorem proving in program checking Inside theorem proving Big and little engines together: a new theorem proving style Decision procedures with speculative inferences Current and future challenges On Theorem

944 views • 69 slides
Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without

Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without

Interactive Theorem Proving, Nancy August 22, 2016 Joachim Breitner Karlsruhe Institute of Technology University of Pennsylvania, Philadelphia Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without Syntax

579 views • 43 slides
Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht

Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht

Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht Course Program Semantics and Verfication 2020, Utrecht University September 21, 2020 Lecture Notes Automated Reasoning by Gerard A.W. Vreeswijk.

609 views • 40 slides
Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program Semantics and Verfication 2020, Utrecht University September 23, 2020 Lecture Notes Automated Reasoning by Gerard A.W. Vreeswijk. Available for

1.03k views • 54 slides
Theorem-Proving Environments Nathan Ng CSC2547: Learning to Search Theorem Proving What is a

Theorem-Proving Environments Nathan Ng CSC2547: Learning to Search Theorem Proving What is a

Theorem-Proving Environments Nathan Ng CSC2547: Learning to Search Theorem Proving What is a theorem? Statement proven based on basis of previously established statements Premise: If I attend UofT, I am a student Premise: I attend

375 views • 25 slides
Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA Overview Last Lecture theorem

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA Overview Last Lecture theorem

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA Overview Last Lecture theorem proving problems premise selection deep learning for theorem proving state estimation Today automated reasoning learning in classical ATPs

1.18k views • 97 slides
Theorem Proving and Testing for Autonomous Systems Kerstin Eder University of Bristol and

Theorem Proving and Testing for Autonomous Systems Kerstin Eder University of Bristol and

Theorem Proving and Testing for Autonomous Systems Kerstin Eder University of Bristol and Bristol Robotics Laboratory Verification and Validation for Safety in Robots To develop techniques and methodologies that can be used to design

476 views • 45 slides
Health Warning Principles, Techniques, Applications Theorem Proving is addictive Gerwin Klein

Health Warning Principles, Techniques, Applications Theorem Proving is addictive Gerwin Klein

W HAT YOU WILL LEARN how to use a theorem prover background, how it works how to prove and specify NICTA Advanced Course Slide 1 Slide 3 Theorem Proving Health Warning Principles, Techniques, Applications Theorem Proving is

262 views • 9 slides
Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA 2019 Computer Theorem Proving

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA 2019 Computer Theorem Proving

Artificial Intelligence in Theorem Proving Cezary Kaliszyk VTSA 2019 Computer Theorem Proving Computer used to automate reasoning in a logic Traditionally part of artificial intelligence (not machine learning) Field of research since the

1.25k views • 101 slides
Formal Verification Methods 4: Theorem Proving John Harrison Intel Corporation Need for

Formal Verification Methods 4: Theorem Proving John Harrison Intel Corporation Need for

Formal Verification Methods 4: Theorem Proving Formal Verification Methods 4: Theorem Proving John Harrison Intel Corporation Need for general theorem proving Set theory vs. higher-order logic Herbrand-based approaches

475 views • 18 slides
Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

CPSC 310 Software Engineering Testing Overview Introduction (Proving and Testing) Types of Testing Unit, Integration, Regression, System, Acceptance Testing Tactics Functional (Black Box), Structural (White Box)

982 views • 61 slides
Learning theorem proving through self-play Stanisaw Purga Overview AlphaZero Proving

Learning theorem proving through self-play Stanisaw Purga Overview AlphaZero Proving

Learning theorem proving through self-play Stanisaw Purga Overview AlphaZero Proving game adjusting MCTS for proving game some results 2019-10 1 Neural black box game state S move policy expected outcome R n v

455 views • 45 slides
Saturation-based Theorem Proving and ML Course Machine Learning and Reasoning 2020 MLR 2020 1 1

Saturation-based Theorem Proving and ML Course Machine Learning and Reasoning 2020 MLR 2020 1 1

First-order Logic and Theorem Proving Saturation-based Proving Further Tuning and the Role of Strategies Summary Saturation-based Theorem Proving and ML Course Machine Learning and Reasoning 2020 MLR 2020 1 1 Czech Technical Univeristy in

913 views • 64 slides
Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo

Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo

Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo Herbelin LIX, INRIA Futurs, Ecole Polytechnique 31/08/2006, Pontevedra, Spain Outline 1 Interactive proof / Automated theorem proving 2

1.1k views • 73 slides
Proving In fi nite Satis fi ability Peter Baumgartner Joshua Bax Goal Theorem Proving in

Proving In fi nite Satis fi ability Peter Baumgartner Joshua Bax Goal Theorem Proving in

Proving In fi nite Satis fi ability Peter Baumgartner Joshua Bax Goal Theorem Proving in Hierarchic Combinations of Speci fi cations Dis Background theory linear integer arithmetic Data structures ? Conjecture list axioms/arrays

443 views • 15 slides
Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1.

Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1.

Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1. Interactive Theorem Proving A partial, biased history A UTOMATH L. S. van Benthem Jutting, Checking Landaus Grundlagen in the A UTOMATH

920 views • 37 slides
Planning and Theorem Proving Slides by Svetlana Lazebnik, 9/2016 with modifications by Mark

Planning and Theorem Proving Slides by Svetlana Lazebnik, 9/2016 with modifications by Mark

Planning and Theorem Proving Slides by Svetlana Lazebnik, 9/2016 with modifications by Mark Hasegawa-Johnson, 1/2019 CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=18656684 Planning and Theorem Proving Examples Automatic

539 views • 41 slides
Planning and Theorem Proving Slides by Svetlana Lazebnik, 9/2016 with modifications by Mark

Planning and Theorem Proving Slides by Svetlana Lazebnik, 9/2016 with modifications by Mark

Planning and Theorem Proving Slides by Svetlana Lazebnik, 9/2016 with modifications by Mark Hasegawa-Johnson, 2/2020 CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=18656684 Planning and Theorem Proving Examples Automatic

666 views • 40 slides
Symbolic Computation and Theorem Proving in Program Analysis Laura Kov acs Chalmers

Symbolic Computation and Theorem Proving in Program Analysis Laura Kov acs Chalmers

Symbolic Computation and Theorem Proving in Program Analysis Laura Kov acs Chalmers Specification Program Loop Assertions Verification Conditions Proving Proving Specification Program Loop Assertions Theorem Proving Computer Algebra

916 views • 90 slides
Formal Theorem Proving and Sum-of-Squares Techniques John Harrison Intel Corporation LIDS

Formal Theorem Proving and Sum-of-Squares Techniques John Harrison Intel Corporation LIDS

Formal Theorem Proving and Sum-of-Squares Techniques John Harrison Intel Corporation LIDS Seminar, MIT Fri 16th April 2010 (15:00-16:00) 0 Orientation Can divide theorem proving research into the following streams: Fully automated

1.01k views • 47 slides
Large Scale Deep Learning for Theorem Proving in HOList: First Results and Future Directions

Large Scale Deep Learning for Theorem Proving in HOList: First Results and Future Directions

Large Scale Deep Learning for Theorem Proving in HOList: First Results and Future Directions Sarah Loos HOList An Environment for Machine Learning of Higher-Order Theorem Proving HOList provides a simple API for ML researchers and theorem

307 views • 28 slides
SMTtoTPTP - A Converter for Theorem Proving Formats Peter Baumgartner Introduction TPTP

SMTtoTPTP - A Converter for Theorem Proving Formats Peter Baumgartner Introduction TPTP

SMTtoTPTP - A Converter for Theorem Proving Formats Peter Baumgartner Introduction TPTP (Thousands of Problems for Theorem Proving) Languages : clause logic, [typed]FOL[+arithmetics], HOL Problem library : &gt; 20k problems Infrastructure :

391 views • 38 slides
Instantiation-Based Automated Theorem Proving for First-Order Logic Konstantin Korovin The

Instantiation-Based Automated Theorem Proving for First-Order Logic Konstantin Korovin The

Instantiation-Based Automated Theorem Proving for First-Order Logic Konstantin Korovin The University of Manchester UK korovin@cs.man.ac.uk Theorem proving for first-order logic Theorem proving: Show that a given first-order formula is a

2.35k views • 193 slides
Real numbers in the real world Industrial applications of theorem proving John Harrison Intel

Real numbers in the real world Industrial applications of theorem proving John Harrison Intel

Real numbers in the real world Industrial applications of theorem proving John Harrison Intel Corporation 30th May 2006 0 Overview Famous computer arithmetic failures Formal verification and theorem proving Floating-point

627 views • 34 slides

More recommend