Towards trustworthy refactoring in Erlang

Slides:

Advertisements

Similar presentations

1 Decision Procedures An algorithmic point of view Equality Logic and Uninterpreted Functions.

Advertisements

Computer Science CPSC 322 Lecture 25 Top Down Proof Procedure (Ch 5.2.2)

An Abstract Interpretation Framework for Refactoring P. Cousot, NYU, ENS, CNRS, INRIA R. Cousot, ENS, CNRS, INRIA F. Logozzo, M. Barnett, Microsoft Research.

PZ03D Programming Language design and Implementation -4th Edition Copyright©Prentice Hall, PZ03D - Program verification Programming Language Design.

ICE1341 Programming Languages Spring 2005 Lecture #6 Lecture #6 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

Constraint Semantics for Abstract Read Permissions 28 th July 2014, FTfJP, Uppsala John Tang Boyland (UW-Milwaukee/ETH Zurich) Peter Müller, Malte Schwerhoff,

1 How to transform an analyzer into a verifier. 2 OUTLINE OF THE LECTURE a verification technique which combines abstract interpretation and Park’s fixpoint.

This Week Finish relational semantics Hoare logic Interlude on one-point rule Building formulas from programs.

A survey of techniques for precise program slicing Komondoor V. Raghavan Indian Institute of Science, Bangalore.

August Moscow meeting1August Moscow meeting1August Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.

Background information Formal verification methods based on theorem proving techniques and modelchecking –to prove the absence of errors (in the formal.

Copyright © 2006 Addison-Wesley. All rights reserved. 3.5 Dynamic Semantics Meanings of expressions, statements, and program units Static semantics – type.

Program Proving Notes Ellen L. Walker.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

Automated Soundness Proofs for Dataflow Analyses and Transformations via Local Rules Sorin Lerner* Todd Millstein** Erika Rice* Craig Chambers* * University.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.

1 Static Analysis Methods CSSE 376 Software Quality Assurance Rose-Hulman Institute of Technology March 20, 2007.

1 Scheme Scheme is a functional language. Scheme is based on lambda calculus. lambda abstraction = function definition In Scheme, a function is defined.

Principles of Object-Oriented Software Development Behavioral refinement.

White Box Testing and Symbolic Execution Written by Michael Beder.

PSUCS322 HM 1 Languages and Compiler Design II Formal Semantics Material provided by Prof. Jingke Li Stolen with pride and modified by Herb Mayer PSU Spring.

Describing Syntax and Semantics

MCA –Software Engineering Kantipur City College. Topics include  Formal Methods Concept  Formal Specification Language Test plan creation Test-case.

Spectra Software Defined Radio Products Applying Model Driven Design, Generative Programming, and Agile Software Techniques to the SDR Domain OOPSLA '05.

Sequence Control Chapter 6. 2 l Control structures: the basic framework within which operations and data are combined into programs. Sequence control.

Ontology Development Kenneth Baclawski Northeastern University Harvard Medical School.

A Generative and Model Driven Framework for Automated Software Product Generation Wei Zhao Advisor: Dr. Barrett Bryant Computer and Information Sciences.

An Algebra for Composing Access Control Policies (2002) Author: PIERO BONATTI, SABRINA DE CAPITANI DI, PIERANGELA SAMARATI Presenter: Siqing Du Date:

ISBN Chapter 3 Describing Semantics -Attribute Grammars -Dynamic Semantics.

Checking Reachability using Matching Logic Grigore Rosu and Andrei Stefanescu University of Illinois, USA.

Refinements to techniques for verifying shape analysis invariants in Coq Kenneth Roe GBO Presentation 9/30/2013 The Johns Hopkins University.

Formal Specification of Intrusion Signatures and Detection Rules By Jean-Philippe Pouzol and Mireille Ducassé 15 th IEEE Computer Security Foundations.

ISBN Chapter 3 Describing Semantics.

Chapter 3 Part II Describing Syntax and Semantics.

Programming Languages and Design Lecture 3 Semantic Specifications of Programming Languages Instructor: Li Ma Department of Computer Science Texas Southern.

Logical Agents Chapter 7. Outline Knowledge-based agents Logic in general Propositional (Boolean) logic Equivalence, validity, satisfiability.

Lecture 5 1 CSP tools for verification of Sec Prot Overview of the lecture The Casper interface Refinement checking and FDR Model checking Theorem proving.

From Hoare Logic to Matching Logic Reachability Grigore Rosu and Andrei Stefanescu University of Illinois, USA.

Computer Science CPSC 322 Lecture 22 Logical Consequences, Proof Procedures (Ch 5.2.2)

Ukrprog Formal requirement language and its applications A.Letichevsky Glushkov Institute of Cybernetics.

Types and Programming Languages Lecture 11 Simon Gay Department of Computing Science University of Glasgow 2006/07.

All-Path Reachability Logic Andrei Stefanescu 1, Stefan Ciobaca 2, Radu Mereuta 1,2, Brandon Moore 1, Traian Serbanuta 3, Grigore Rosu 1 1 University of.

Static Techniques for V&V. Hierarchy of V&V techniques Static Analysis V&V Dynamic Techniques Model Checking Simulation Symbolic Execution Testing Informal.

Formal Verification. Background Information Formal verification methods based on theorem proving techniques and modelchecking –To prove the absence of.

A Mechanized Model of the Theory of Objects 1.Functional  -calculus in Isabelle 2.Confluence Proof in Isabelle 3.Ongoing Work, Applications, Conclusion.

CSC3315 (Spring 2009)1 CSC 3315 Languages & Compilers Hamid Harroud School of Science and Engineering, Akhawayn University

Operational Semantics Mooly Sagiv Tel Aviv University Sunday Scrieber 8 Monday Schrieber.

Model Checking Early Requirements Specifications in Tropos Presented by Chin-Yi Tsai.

Operational Semantics of Scheme

Functional Programming

Describing Syntax and Semantics

SEAA 2014 Automatic Production of Transformation Chains Using Structural Constraints on Output Models Cuauhtémoc Castellanos Etienne Borde Thomas Vergnaud.

SysML v2 Formalism: Requirements & Benefits

Matching Logic An Alternative to Hoare/Floyd Logic

(One-Path) Reachability Logic

Jared Davis The University of Texas at Austin April 6, 2006

Syntax Questions 6. Define a left recursive grammar rule.

Matching Logic - A New Program Verification Approach -

Logical architecture refinement

The Metacircular Evaluator

Semantics In Text: Chapter 3.

A Brief Summary for Exam 1

Predicate Transformers

Towards a Unified Theory of Operational and Axiomatic Semantics

Language-Independent Verification Framework

This Lecture Substitution model

topics interpreters meta-linguistic abstraction eval and apply

Programming Languages and Compilers (CS 421)

Representations & Reasoning Systems (RRS) (2.2)

Presentation transcript:

Towards trustworthy refactoring in Erlang Dániel Horpácsi, Judit Kőszegi, Simon Thompson

„Could we design a refactoring formalism in which any definition is inherently correct?”

Refactoring language: design goals Executable Verifiable Applicable Intuitive Representation-independent All at once

Execution Formalism: high-level DSL Mostly declarative Partly Erlang-specific Concrete term rewriting with simple strategies Interpreted in the existing refactoring framework Static analysis Transformation Pretty-printing

Verification Correctness of the refactoring definition: for any program, the refactoring transformation results in a semantically equivalent program Correctness of a refactoring application: the original and the resulting program are semantically equivalent Consequently, the refactoring correctness is relative to The language semantics The language metatheory (The existing framework is not subject to this verification)

Types of refactoring definitions The smaller the better Local a single conditional rewrite rule Extensive combination of rules Composite combination of refactorings Refactoring Prime Local Extensive Scheme instance Composite

A local example [ X*Y || X <- Numbers1, Y <- Numbers2, List = [{X, Y} || X <- Numbers1, Y <- Numbers2, X>Y], Fun = fun({X, Y}) -> X*Y end, lists:map(Fun, List) REFACTORING listcomp2map() [ Head || GeneratorsFilters.. ] ----------------------------------------------- List = [ { Vars.. } || GeneratorsFilters.. ], Fun = fun ({ Vars.. }) -> Head end, lists:map(Fun, List) WHEN Vars.. = intersect(bound_vars(GeneratorsFilters..), vars(Head))) AND fresh(List) AND fresh(Fun)

Proving correctness Correctness of refactoring Equivalence of program patterns Validity in reachability logic

Proving equivalence Operational semantics (+metatheory) defined in reachability logic Special sort: configuration Special predicate: basic pattern Pairs of pure patterns Equivalence property expressed in reachability logic Pairs of pure patterns with configuration pairs Symbolic circular coinduction to derive formula validity Sound but not complete Tactic and implementation for automatic proofs

An extensive example REFACTORING rename_function(NewName) ON function_definition(THIS) Name(Args..) -> Body.. ------------------------- NewName(Args..) -> Body.. WHEN NOT function_exists(module(THIS), NewName, length(Args..)) THEN ON function_calls(THIS) Name(Args..) --------------- NewName(Args..) THEN ON ...

Schemes Scheme Guarantee consistent changes Hide the complexity of extensive refactorings Simplify definition and verification by splitting into two parts Contract on the parameters ensures correctness Scheme Skeleton w.r.t. contract Rewrite rules Parameters

Function signature refactoring Skeleton Applying the signature rewrite (name + args) on the function definition and every function reference (calls, directives, etc.) Parameter A „function head” rewrite rule specifying how the signature is changed Contract Formal and generality requirements on the arguments

Examples FUNCTION SIGNATURE REFACTORING rename_function(NewName) Name(Args..) --------------- NewName(Args..) FUNCTION SIGNATURE REFACTORING tuple_function_arguments() Name(Args..) -------------- Name({Args..})

Forward dataflow refactoring Skeleton Applying any of the „definition” rules on the selected data source and applying any of the „reference” rules on each element of the dataflow path Parameters At least one „definition” transformation rule and at least one „reference” trasformation rule Contract Each pair of „definition” and „reference” rules are consistent

Example FORWARD DATAFLOW REFACTORING fun2value() DEFINITION fun() -> E end ---------------- WHEN pure(E) E REFERENCE F F() ----- F X = fun() -> 123 end, some_code(), Y = X() + 1, X() - 5 X = 123, some_code(), Y = X + 1, X - 5

Correctness of scheme instances Pre-proved skeleton Valid rewrite rules Refactoring

Towards trustworthy refactoring Simple, executable formalism for defining refactorings Local, extensive and composite definitions High-level refactoring schemes for extensive transformations A method for turning any refactoring definition into a formally verifiable logic formula