Automated Formal Static Analysis and Retrieval of Source Code - JKU

More documents

Recommendations

Info

2.4. IMPLEMENTATION AND EXAMPLES 23 ( ∀ a,b a≥0,b≥0 ⎧ ∧ ⎪⎨ ⎪⎩ a = 0 ⇒ π[a, b] (a ≠ 0 ∧ b ≠ 0 ∧ a > b ∧ π[a − b, b]) ⇒ π[a, b] (a ≠ 0 ∧ b ≠ 0 ∧ a ≠> b ∧ π[a, b − a]) ⇒ π[a, b] (a ≠ 0 ∧ b = 0) ⇒ π[a, b] ) =⇒ ( ∀ a,b a≥0,b≥0 ) π[a, b] Description. The previously verification conditions were generated by analyzing each path of the program and applying the notions of program syntax, semantics, partial correctness and termination introduced previously. Before the program starts to be analyzed, the substitution {a → a 0 , b → b 0 } and the formula representing the accumulated assumptions a 0 ≥ 0 ∧ b 0 ≥ 0 are created. After the program is completely analyzed, the input variables are universally quantified thus the reverting substitution is done. On the path 10, 1, 2, 3, 4, 11, the verification conditions were generated as follows: we add to the formula a 0 ≥ 0 ∧ b 0 ≥ 0 the conjunct a = 0, corresponding to the T rue evaluation of the If conditional. The Return statement determines the generation of the functional verification condition 2.2, where the value of y from the postcondition was replaced by the value returned by the program on this branch, namely b. On the path 10, 1, 2, 5, 6, 7, 9, 11, the assignment from the line 7 requires a term decomposition from the innermost to the outermost function symbol. The assumptions collected before the term analysis is the formula a ≥ 0 ∧ b ≥ 0 ∧ a ≠ 0 ∧ b ≠ 0. The specification of the functions composing the term GCD[a-b, b] has to be fulfilled. First the function ,,-” is analyzed, generating the safety condition 2.3, insuring the respective precondition. The assumptions on this path are updated with the specification of the function ,,-”, namely a ≥ 0 ∧ b ≥ 0) ∧ a ≠ 0 ∧ b ≠ 0 ∧ a > b ∧ a ≥ b. The analysis of the function GCD is done similarly: the precondition has to hold for the arguments of the recursive call, the output value as well. The functional verification condition (2.5) is generated, where all the occurrences of the function GCD are replaced by the new constant y1. The path 10, 1, 2, 5, 8, 9, 11 is analyzed similar to the path 10, 1, 2, 5, 6, 7, 9, 11 and the path 10, 1, 2, 9, 11, similar to the path 10, 1, 2, 3, 4, 11. The termination condition is obtained similarly to the verification conditions. It is an implication of two first order logical formulae (we consider that the predicate π is fixed), both universally quantified upon the input variables. The right hand side is always the predicate π with the input variables as arguments and the left hand side is a conjunction of formulae, each conjunct (having the shape of an implication) corresponding to the analysis of a single path. If on the path there exists a recursive call then the new introduced predicate symbol π occurs in the both sides of the implication within the conjunct (the second and the third conjunct corresponding to the second and the third path of the program). The π occurring on the left hand side has the arguments of the recursive call on the respective branch. If there is not a recursive call then the π occurs only on the right hand side (the first and the forth conjunct).
24CHAPTER 2. PROGRAM VERIFICATION BY SYMBOLIC EXECUTION IN THEOREMA The simplified list of verification conditions is: ((a = 0) ∧ b ≥ 0 ∧ a ≥ 0 =⇒ (a = k1 ∗ 0 ∗ b)) ∧ ((a = 0) ∧ b ≥ 0 ∧ a ≥ 0 =⇒ (b = k2 ∗ 0 ∗ b)) T rue (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ a − b > 0 =⇒ b ≥ 0) ∧ (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ a − b > 0 =⇒ a − b ≥ 0) (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ (b = k2 0 ∗ t2) ∧ a − b > 0 ∧ (a − b = k1 0 ∗ t2) =⇒ (a = k1 ∗ 1 ∗ t2)) ∧ (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ (b = k2 0 ∗ t2) ∧ a − b > 0 ∧ (a − b = k1 0 ∗ t2) =⇒ (b = k2 ∗ 1 ∗ t2)) T rue (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ −(a − b) ≥ 0 =⇒ a ≥ 0) ∧ (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ −(a − b) ≥ 0 =⇒ b − a ≥ 0) (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ (a = k1 1 ∗ t4) ∧ b − a ≥ 0 ∧ (b − a = k2 1 ∗ t4) ∧ −(a − b) ≥ 0 =⇒ (a = k1 ∗ 2 ∗ t4)) ∧ (a > 0 ∧ b ≠ 0 ∧ b ≥ 0 ∧ (a = k1 1 ∗ t4) ∧ b − a ≥ 0 ∧ (b − a = k2 1 ∗ t4)∧ −(a − b) ≥ 0 =⇒ (b = k2 ∗ 2 ∗ t4)) (a > 0 ∧ b ≥ 0 =⇒ (0 = k2 ∗ 3 ∗ a)) ∧ (a > 0 ∧ b ≥ 0 =⇒ (a = k1 ∗ 3 ∗ a)) 2.4.2 Solving First Degree Equations 1. Program[”FirstDegreeSolver”, FDS[↓ a, ↓ b]], 2. Module[{}], 3. If[a = 0, 4. If[b = 0, 5. Return[R]; 6. Return[∅]; 7. Return[{-(b/a)}]]; 8. Pre → T rue, 9. Post→ ∀((x ∈ y) ⇐⇒ (a ∗ x + b = 0)) x The verification conditions generated are: ) T rue ∧ (a = 0) ∧ (b = 0) ⇒ ∀ (x ∈ R ⇔ (a ∗ x + b = 0) x ) T rue ∧ (a = 0) ∧ (b ≠ 0) ⇒ ∀ (x ∈ {} ⇔ (a ∗ x + b = 0) x T rue ∧ a ≠ 0 ⇒ ∀ x (x ∈ The termination condition generated is: ⎧ ( ∧ ⎨ T rue ∧ (a = 0) ∧ (b = 0) ⇒ π[a, b] ) ∀ T rue ∧ (a = 0) ∧ (b ≠ 0) ⇒ π[a, b] a,b ⎩ T rue ∧ (a ≠ 0) ⇒ π[a, b] { − b } ) ⇔ (a ∗ x + b = 0) a =⇒ ∀ a,b π[a, b]
Page 1: J O H A N N E S K E P L E R U N I V
Page 5: Abstract In this thesis two approac
Page 8 and 9: viii
Page 10 and 11: Chapter 1 Introduction From the han
Page 12 and 13: 3 Contributions of the Thesis The s
Page 14 and 15: Next section starts by describing t
Page 16 and 17: Chapter 2 Program Verification by S
Page 18 and 19: 2.1. BACKGROUND 9 From the practica
Page 20 and 21: 2.1. BACKGROUND 11 A program is see
Page 22 and 23: 2.2. FORWARD SYMBOLIC EXECUTION IN
Page 28 and 29: 2.3. THE SIMPLIFICATION OF THE VERI
Page 30 and 31: 2.4. IMPLEMENTATION AND EXAMPLES 21
Page 34 and 35: 2.4. IMPLEMENTATION AND EXAMPLES 25
Page 36 and 37: Chapter 3 Code Search Integration F
Page 38 and 39: 3.1. BACKGROUND 29 Figure 3.1: Sour
Page 40 and 41: 3.1. BACKGROUND 31 The programming
Page 42 and 43: 3.2. INTEGRATION OF MINDBREEZE CODE
Page 62 and 63: Chapter 4 Conclusions In this thesi
Page 64 and 65: 55 How the database is used. For ea
Page 66 and 67: Bibliography [***] ***. Mindbreeze
Page 68 and 69: BIBLIOGRAPHY 59 [Hoa69] [How73] [KF
Page 70 and 71: BIBLIOGRAPHY 61 [VHBP00] [Wil94] W.
Page 72: Eidesstattliche Erklärung Ich erkl

Automated Formal Static Analysis and Retrieval of Source Code - JKU

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?