Symbolic Composition

Projet OSCARThe deforestation of a functional program is a transformation which gets rid ofintermediate data structures constructions that appear when two functions are composed. The descriptional composition, initially introduced by Ganzinger and Giegerich, is a deforestation method dedicated to the composition of two attribute grammars. This article presents a new functional deforestation technique, called symbolic composition, based on the descriptional composition mechanism, but extending it. An automatic translation from a functional program into an equivalent attribute grammar allows symbolic composition to be applied, and then the result can be translated back into a functional program. This yields a sourceto source functional program transformation. The resulting deforestation method provides a better deforestation than other existing functional techniques. Symbolic composition, that uses the declarative and descriptional features of attribute grammars is intrinsically more powerful than categorical-flavored transformations, whose recursion schemes are set by functors. These results tend to show that attribute grammars are a simple intermediate representation, particularly well-suited for program transformations

How to Deforest in Accumulative Parameters?

Projet OSCARSoftware engineering has to reconcile modularity with efficiency. One way to grapple with this dilemma is to automatically transform a modular-speci- fied program into an efficient-implementable one. This is the aim of deforesta- tion transformations which get rid of intermediate data structures constructio- ns that appear when two functions are composed. Nevertheless, existing functional methods cannot deforest non-trivial intermediate constructions that are processed by symbolic composition. This new deforestation technique is based on the descriptional composition dedicated to attribute grammars. In this paper, we present the symbolic composition, we outline its counterpart in terms of classical deforestation methods and we sketch a way to embed it in a functional framework

Spreading Static Analysis with Frama-C in Industrial Contexts

International audienceThis article deals with the usage of Frama-C to detect runtime-errors. As static analysis for runtime-error detection is not a novelty, we will present significant new usages in industrial contexts, which represent a change in the ways this kind of tool is employed. The main goal is to have a scalable methodology for using static analysis through the development process and by a development team. This goal is achieved by performing analysis on partial pieces of code, by using the ACSL language for interface definitions, by choosing a bottom-up strategy to process the code, and by enabling a well-balanced definition of actors and skills. The methodology, designed during the research project U3CAT, has been applied in industrial contexts with good results as for the quality of verifications and for the performance in the industrial process

Equational Semantics

Attribute grammars are well-designed to construct complex algorithms by composing several ones together. Actually, there exists a powerful transformation called descriptional composition which highly simplifies the composition of two attribute grammars by removing useless intermediate constructions. However, most of non-linear algorithms can not be expressed with attribute grammars. Thus, many compositions can not be simplified by the descriptional composition. In this paper, we present Equational Semantics, a formalism largely inspired by attribute grammars but where nonlinear algorithms can be encoded. More precisely, instead of being restricted to one input static tree as it is the case for attribute grammars, an algorithm encoded with Equational Semantics may use dynamically constructed trees. This formalism consists in an very poor abstract syntax. We present its semantics and some of its transformations such as partial evaluation and descriptional composition (also called defores..

Packaging proofs with Why3find

National audienceWith the increasing maturity of proof assistants, diving into the development of large theories is appealing, but existing toolchains might not scale. Although standard software engineering methods can be applied to mechanized proof development, specific issues shall be addressed. In this article, we focus on the Why3 platform. We present why3find, an independent tool for supporting the development of large, trustworthy Why3 packages. Why3find is designed to address common issues encountered in real world industrial developments based on formal methods. It proposes Why3-based solutions for configuring projects, managing dependencies, proving and checking proofs, tracking axioms and possible inconsistencies, extracting code, generating documentation and distributing packages

Combining Analyses for C Program Verification

International audienceStatic analyzers usually return partial results. They can assert that some properties are valid during all possible executions of a program, but generally leave some other properties to be verified by other means. In practice, it is common to combine results from several methods manually to achieve the full verification of a program. In this context, Frama-C is a platform for analyzing C source programs with multiple analyzers. Hence, one analyzer might conclude about properties assumed by another one, in the same environment. We present here the semantical foundations of validity of program properties in such a context. We propose a correct and complete algorithm for combining several partial results into a fully consolidated validity status for each program property. We illustrate how such a framework provides meaningful feedback on partial results

Automate where Automation Fails: Proof Strategies for Frama-C/WP

International audienceAbstract Modern deductive verification tools succeed in automatically proving the great majority of program annotations thanks in particular to constantly evolving SMT solvers they rely on. The remaining proof goals still require interactively created proof scripts. This tool demo paper presents a new solution for an automatic creation of proof scripts in /, a popular deductive verifier for C programs. The verification engineer defines a proof strategy describing several initial proof steps, from which proof scripts are automatically generated and applied. Our experiments on a large real-life industrial project confirm that the new proof strategy engine strongly facilitates the verification process by automating the creation of proof scripts, thus increasing the potential of industrial applications of deductive verification on large code bases

Automate where Automation Fails: Proof Strategies for Frama-C/WP. Companion Artifact for the Paper Submitted to TACAS 2024.

<p>This artifact aims to demonstrate the new extension for Frama-C/WP for automatic <br>proof script generation based on proof strategies, presented in the tool demo paper</p><p>Loïc Correnson, Allan Blanchard, Adel Djoudi and Nikolai Kosmatov.<br>"Automate where Automation Fails: Proof Strategies for Frama-C/WP"</p><p>submitted to TACAS 2024. <br><br>The artifact contains:</p><p>- the new version of the (open-source) Frama-C tool and its deductive<br>verification plugin WP, contaning the new extension for automatic proof<br>script generation based on proof strategies,</p><p>- documentation of the WP plug-in containing a section on the new features,</p><p>- illustrative examples of applications of the new features presented<br>in the paper. </p&gt