ABSTRACT
In this paper, we propose a new algorithm for proving the validity or invalidity of a pre/postcondition pair for a program. The algorithm is motivated by the success of the algorithms for probabilistic inference developed in the machine learning community for reasoning in graphical models. The validity or invalidity proof consists of providing an invariant at each program point that can be locally verified. The algorithm works by iteratively randomly selecting a program point and updating the current abstract state representation to make it more locally consistent (with respect to the abstractions at the neighboring points). We show that this simple algorithm has some interesting aspects: (a) It brings together the complementary powers of forward and backward analyses; (b) The algorithm has the ability to recover itself from excessive under-approximation or over-approximation that it may make. (Because the algorithm does not distinguish between the forward and backward information, the information could get both under-approximated and over-approximated at any step.) (c) The randomness in the algorithm ensures that the correct choice of updates is eventually made as there is no single deterministic strategy that would provably work for any interesting class of programs. In our experiments we use this algorithm to produce the proof of correctness of a small (but non-trivial) example. In addition, we empirically illustrate several important properties of the algorithm.
- T. Ball and S. K. Rajamani. The slam project: debugging system software via static analysis. In POPL, pages 1--3, 2002. Google ScholarDigital Library
- S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular verification of software components in C. In ICSE, pages 385--395. IEEE Computer Society, May 2003. Google ScholarDigital Library
- P. Cousot and R. Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In 4th ACM Symposium on POPL, pages 234--252, 1977. Google ScholarDigital Library
- P. Cousot and R. Cousot. Abstract interpretation and application to logic programs. Journal of Logic Programming, 13(2--3):103--179, July 1992. Google ScholarDigital Library
- P. Cousot and R. Cousot. Refining model checking by abstract interpretation. Automated Software Engineering: An International Journal, 6(1):69--95, Jan. 1999. Google ScholarDigital Library
- P. Cousot and N. Halbwachs. Automatic discovery of linear restraints among variables of a program. In 5th ACM Symposium on POPL, pages 84--97, 1978. Google ScholarDigital Library
- W. Craig. Three uses of the Herbrand-Genzen theorem in relating model theory and proof theory. Journal of Symbolic Logic, 22:269--285, 1957.Google ScholarCross Ref
- Verification of real-time systems by successive over and under approximation. Lecture Notes in Computer Science, 939, 1995.Google Scholar
- B. J. Frey and N. Jojic. A comparison of algorithms for inference and learning in probabilistic graphical models. IEEE Trans. Pattern Analysis and Machine Intelligence, 27(9):1392--1416, 2005. Google ScholarDigital Library
- S. Graf and H. Saidi. Construction of abstract state graphs with PVS. In CAV, pages 72--83, 1997. Google ScholarDigital Library
- B. Gulavani and S. Rajamani. Counterexample driven refinement for abstract interpretaion. In TACAS, volume 3920 of LNCS, pages 474--488. Springer, Mar. 2006. Google ScholarDigital Library
- S. Gulwani and G. C. Necula. Discovering affine equalities using random interpretation. In 30th ACM Symposium on POPL, pages 74--84. ACM, Jan. 2003. Google ScholarDigital Library
- S. Gulwani and G. C. Necula. Global value numbering using random interpretation. In 31st ACM Symposium on POPL, pages 342--352, Jan. 2004. Google ScholarDigital Library
- S. Gulwani and G. C. Necula. Precise interprocedural analysis using random interpretation. In 32nd ACM Symposium on POPL, pages 324--337, Jan. 2005. Google ScholarDigital Library
- T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In POPL, pages 58--70, 2002. Google ScholarDigital Library
- R. Jhala and K. L. McMillan. A practical and complete approach to predicate refinement. In H. Hermanns and J. Palsberg, editors, TACAS, volume 3920, pages 459--473. Springer, 2006. Google ScholarDigital Library
- V. Jojic, S. Gulwani, and N. Jojic. Probabilistic inference of programs from input/output examples. (MSR-TR-2006-103), July 2006.Google Scholar
- F. R. Kschischang, B. J. Frey, and H.-A. Loeliger. Factor graphs and the sum-product algorithm. IEEE Trans. Information Theory, 47(2):7--47, 2001. Google ScholarDigital Library
- K. R. M. Leino and F. Logozzo. Loop invariants on demand. In APLAS, volume 3780 of Lecture Notes in Computer Science, pages 119--134. Springer, 2005. Google ScholarDigital Library
- R. Neal. Probabilistic inference using markov chain monte carlo methods. Technical Report CRG-TR-93-1, University of Toronto, Sept. 1993.Google Scholar
Index Terms
- Program verification as probabilistic inference
Recommendations
Program verification as probabilistic inference
Proceedings of the 2007 POPL ConferenceIn this paper, we propose a new algorithm for proving the validity or invalidity of a pre/postcondition pair for a program. The algorithm is motivated by the success of the algorithms for probabilistic inference developed in the machine learning ...
Formal Verification for C Program
Iterative abstraction refinement has emerged in the last few years as the leading approach to software model checking. We present an approach for automatically verifying C programs against safety specifications based on finite state machine. The ...
An Interface Theory for Program Verification
Leveraging Applications of Formal Methods, Verification and Validation: Verification PrinciplesAbstractProgram verification is the problem, for a given program and a specification , of constructing a proof of correctness for the statement “program satisfies specification ” () or a proof of violation ([inline-graphic not available: see fulltext]). ...
Comments