Semantics-based generation of verification conditions via program specialization

Angelis, Emanuele De; Fioravanti, Fabio; Pettorossi, Alberto; Proietti, Maurizio

doi:10.1016/j.scico.2016.11.002

Cited by 26 publications

(23 citation statements)

References 53 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, proving the satisfiability of the clauses obtained by that translation is, in many cases, a much harder task. In a series of papers [5,7,8,9,10,16,19] it has been shown that by combining various transformation techniques, such as Specialization and Predicate Pairing, we can derive equisatisfiable sets of clauses where the efficacy of the CHC solvers is significantly improved. This approach avoids the burden of implementing very sophisticated solving strategies depending on the class of satisfiability problems to be solved.…”

Section: Discussionmentioning

confidence: 99%

Lemma Generation for Horn Clause Satisfiability: A Preliminary Study

Angelis

Fioravanti

Pettorossi

et al. 2019

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

It is known that the verification of imperative, functional, and logic programs can be reduced to the satisfiability of constrained Horn clauses (CHCs), and this satisfiability check can be performed by using CHC solvers, such as Eldarica and Z3. These solvers perform well when they act on simple constraint theories, such as Linear Integer Arithmetic and the theory of Booleans, but their efficacy is very much reduced when the clauses refer to constraints on inductively defined structures, such as lists or trees. Recently, we have presented a transformation technique for eliminating those inductively defined data structures, and hence avoiding the need for incorporating induction principles into CHC solvers. However, this technique may fail when the transformation requires the use of lemmata whose generation needs ingenuity. In this paper we show, through an example, how during the process of transforming CHCs for eliminating inductively defined structures one can introduce suitable predicates, called difference predicates, whose definitions correspond to the lemmata to be introduced. Through a second example, we show that, whenever difference predicates cannot be introduced, we can introduce, instead, auxiliary queries which also correspond to lemmata, and the proof of these lemmata can be done by showing the satisfiability of those queries.

show abstract

Section: Discussionmentioning

confidence: 99%

Lemma Generation for Horn Clause Satisfiability: A Preliminary Study

Angelis

Fioravanti

Pettorossi

et al. 2019

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

show abstract

“…Besides being useful on its own for bounded verification, the CLP interpreter for Erlang may be the basis for more sophisticated analysis techniques. In particular, by following an approach developed in the case of imperative languages, we intend to apply CLP transformation techniques to specialize the interpreter with respect to a given Erlang program and its symbolic input [6]. The specialized CLP clauses may enable more efficient bounded verification, and they can also be used as input to other tools for analysis and verification (such as constraint-based analyzers [3,11] and SMT solvers [8,14]), which have already been shown to be effective in other contexts [2,4,5].…”

Section: Discussionmentioning

confidence: 99%

Bounded Symbolic Execution for Runtime Error Detection of Erlang Programs

Angelis

Fioravanti

Palacios

et al. 2018

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Dynamically typed languages, like Erlang, allow developers to quickly write programs without explicitly providing any type information on expressions or function definitions. However, this feature makes those languages less reliable than statically typed languages, where many runtime errors can be detected at compile time. In this paper, we present a preliminary work on a tool that, by using the well-known techniques of metaprogramming and symbolic execution, can be used to perform bounded verification of Erlang programs. In particular, by using Constraint Logic Programming, we develop an interpreter that, given an Erlang program and a symbolic input for that program, returns answer constraints that represent sets of concrete data for which the Erlang program generates a runtime error. the Spanish Ayudas para contratos predoctorales para la formación de doctores and Ayudas a la movilidad predoctoral para la realización de estancias breves en centros de I+D, MINECO (SEIDI), under FPI grants BES-2014-069749 and EEBB-I-17-12101.

show abstract

“…Constraint logic programming, also named constrained Horn clauses, has been shown to be a powerful, flexible formalism to reason about the correctness of programs [13]. Constraint logic program is an artificial intelligence-based constraint satisfaction model with the ability of both logical programming and constraint solving.…”

Section: Introductionmentioning

confidence: 99%

Scenario Oriented Program Slicing for Large-Scale Software Through Constraint Logic Programming and Program Transformation

Ren

Jia

2019

IEEE Access

View full text Add to dashboard Cite

Program slicing, as a technique of program decomposition, is widely used in the field of program testing, model checking, software verification, symbolic execution, and other fields. However, the traditional approaches of program slicing tend to produce too large slices and the static program analyses are hard to be precise enough. Scenario-oriented program slicing, which considers the actual usage of software, gives a more precise perspective of program slicing. In this paper, we propose an approach of scenario-oriented program slicing, which combines constraint logic programming and program transformation. According to the observation that the output of a program transformation is a semantically equivalent program where the properties of interest are preserved, we can apply a sequence of transformations, more powerful than those needed for program specialization, refining the slicing to the desired degree of precision. And constraint logic programming has been shown to be a powerful, flexible formalism to reason about the correctness of programs. The novel contributions of this paper are as follows: 1) converting the problem of program slicing into program transformation and retrieval; 2) presenting a set of constraint handling rules for scenario-oriented program slicing in constraint logical programming programs; and 3) deriving a scenariooriented program slicing algorithm. The method of scenario-oriented program slicing has been implemented and we have demonstrated its effectiveness and efficiency on three open source software projects in GitHub. INDEX TERMS |Constraint logic programming, large-scale software, program slicing, program transformation, scenario.

show abstract

Semantics-based generation of verification conditions via program specialization

Cited by 26 publications

References 53 publications

Lemma Generation for Horn Clause Satisfiability: A Preliminary Study

Lemma Generation for Horn Clause Satisfiability: A Preliminary Study

Bounded Symbolic Execution for Runtime Error Detection of Erlang Programs

Scenario Oriented Program Slicing for Large-Scale Software Through Constraint Logic Programming and Program Transformation

Contact Info

Product

Resources

About