43,862 research outputs found
Verification of Imperative Programs by Constraint Logic Program Transformation
We present a method for verifying partial correctness properties of
imperative programs that manipulate integers and arrays by using techniques
based on the transformation of constraint logic programs (CLP). We use CLP as a
metalanguage for representing imperative programs, their executions, and their
properties. First, we encode the correctness of an imperative program, say
prog, as the negation of a predicate 'incorrect' defined by a CLP program T. By
construction, 'incorrect' holds in the least model of T if and only if the
execution of prog from an initial configuration eventually halts in an error
configuration. Then, we apply to program T a sequence of transformations that
preserve its least model semantics. These transformations are based on
well-known transformation rules, such as unfolding and folding, guided by
suitable transformation strategies, such as specialization and generalization.
The objective of the transformations is to derive a new CLP program TransfT
where the predicate 'incorrect' is defined either by (i) the fact 'incorrect.'
(and in this case prog is not correct), or by (ii) the empty set of clauses
(and in this case prog is correct). In the case where we derive a CLP program
such that neither (i) nor (ii) holds, we iterate the transformation. Since the
problem is undecidable, this process may not terminate. We show through
examples that our method can be applied in a rather systematic way, and is
amenable to automation by transferring to the field of program verification
many techniques developed in the field of program transformation.Comment: In Proceedings Festschrift for Dave Schmidt, arXiv:1309.455
Enhancing Predicate Pairing with Abstraction for Relational Verification
Relational verification is a technique that aims at proving properties that
relate two different program fragments, or two different program runs. It has
been shown that constrained Horn clauses (CHCs) can effectively be used for
relational verification by applying a CHC transformation, called predicate
pairing, which allows the CHC solver to infer relations among arguments of
different predicates. In this paper we study how the effects of the predicate
pairing transformation can be enhanced by using various abstract domains based
on linear arithmetic (i.e., the domain of convex polyhedra and some of its
subdomains) during the transformation. After presenting an algorithm for
predicate pairing with abstraction, we report on the experiments we have
performed on over a hundred relational verification problems by using various
abstract domains. The experiments have been performed by using the VeriMAP
transformation and verification system, together with the Parma Polyhedra
Library (PPL) and the Z3 solver for CHCs.Comment: Pre-proceedings paper presented at the 27th International Symposium
on Logic-Based Program Synthesis and Transformation (LOPSTR 2017), Namur,
Belgium, 10-12 October 2017 (arXiv:1708.07854
Test Case Generation for Object-Oriented Imperative Languages in CLP
Testing is a vital part of the software development process. Test Case
Generation (TCG) is the process of automatically generating a collection of
test cases which are applied to a system under test. White-box TCG is usually
performed by means of symbolic execution, i.e., instead of executing the
program on normal values (e.g., numbers), the program is executed on symbolic
values representing arbitrary values. When dealing with an object-oriented (OO)
imperative language, symbolic execution becomes challenging as, among other
things, it must be able to backtrack, complex heap-allocated data structures
should be created during the TCG process and features like inheritance, virtual
invocations and exceptions have to be taken into account. Due to its inherent
symbolic execution mechanism, we pursue in this paper that Constraint Logic
Programming (CLP) has a promising unexploited application field in TCG. We will
support our claim by developing a fully CLP-based framework to TCG of an OO
imperative language, and by assessing it on a corresponding implementation on a
set of challenging Java programs. A unique characteristic of our approach is
that it handles all language features using only CLP and without the need of
developing specific constraint operators (e.g., to model the heap)
Optimal Union-Find in Constraint Handling Rules
Constraint Handling Rules (CHR) is a committed-choice rule-based language
that was originally intended for writing constraint solvers. In this paper we
show that it is also possible to write the classic union-find algorithm and
variants in CHR. The programs neither compromise in declarativeness nor
efficiency. We study the time complexity of our programs: they match the
almost-linear complexity of the best known imperative implementations. This
fact is illustrated with experimental results.Comment: 12 pages, 3 figures, to appear in Theory and Practice of Logic
Programming (TPLP
Proving Correctness of Imperative Programs by Linearizing Constrained Horn Clauses
We present a method for verifying the correctness of imperative programs
which is based on the automated transformation of their specifications. Given a
program prog, we consider a partial correctness specification of the form
prog , where the assertions and are
predicates defined by a set Spec of possibly recursive Horn clauses with linear
arithmetic (LA) constraints in their premise (also called constrained Horn
clauses). The verification method consists in constructing a set PC of
constrained Horn clauses whose satisfiability implies that prog
is valid. We highlight some limitations of state-of-the-art
constrained Horn clause solving methods, here called LA-solving methods, which
prove the satisfiability of the clauses by looking for linear arithmetic
interpretations of the predicates. In particular, we prove that there exist
some specifications that cannot be proved valid by any of those LA-solving
methods. These specifications require the proof of satisfiability of a set PC
of constrained Horn clauses that contain nonlinear clauses (that is, clauses
with more than one atom in their premise). Then, we present a transformation,
called linearization, that converts PC into a set of linear clauses (that is,
clauses with at most one atom in their premise). We show that several
specifications that could not be proved valid by LA-solving methods, can be
proved valid after linearization. We also present a strategy for performing
linearization in an automatic way and we report on some experimental results
obtained by using a preliminary implementation of our method.Comment: To appear in Theory and Practice of Logic Programming (TPLP),
Proceedings of ICLP 201
A Symbolic Execution Algorithm for Constraint-Based Testing of Database Programs
In so-called constraint-based testing, symbolic execution is a common
technique used as a part of the process to generate test data for imperative
programs. Databases are ubiquitous in software and testing of programs
manipulating databases is thus essential to enhance the reliability of
software. This work proposes and evaluates experimentally a symbolic ex-
ecution algorithm for constraint-based testing of database programs. First, we
describe SimpleDB, a formal language which offers a minimal and well-defined
syntax and seman- tics, to model common interaction scenarios between pro-
grams and databases. Secondly, we detail the proposed al- gorithm for symbolic
execution of SimpleDB models. This algorithm considers a SimpleDB program as a
sequence of operations over a set of relational variables, modeling both the
database tables and the program variables. By inte- grating this relational
model of the program with classical static symbolic execution, the algorithm
can generate a set of path constraints for any finite path to test in the
control- flow graph of the program. Solutions of these constraints are test
inputs for the program, including an initial content for the database. When the
program is executed with respect to these inputs, it is guaranteed to follow
the path with re- spect to which the constraints were generated. Finally, the
algorithm is evaluated experimentally using representative SimpleDB models.Comment: 12 pages - preliminary wor
Test Data Generation of Bytecode by CLP Partial Evaluation
We employ existing partial evaluation (PE) techniques developed for Constraint Logic Programming (CLP) in order to automatically generate test-case generators for glass-box testing of bytecode. Our approach consists of two independent CLP PE phases. (1) First, the bytecode is transformed into an equivalent (decompiled) CLP program. This is already a well studied transformation which can be done either by using an ad-hoc decompiler or by specialising a bytecode interpreter by means of existing PE techniques. (2) A second PE is performed in order to supervise the generation of test-cases by execution of the CLP decompiled program. Interestingly, we employ control strategies previously defined in the context of CLP PE in order to capture coverage criteria for glass-box testing of bytecode. A unique feature of our approach is that, this second PE phase allows generating not only test-cases but also test-case generators. To the best of our knowledge, this is the first time that (CLP) PE techniques are applied for test-case generation as well as to generate test-case generators
- …