Rahul Sharma, Saurabh Gupta, Bharath Hariharan, Alex Aiken, and Aditya Nori (Stanford, UC Berkeley, Microsoft Research India) Verification as Learning.

Slides:



Advertisements
Similar presentations
Model Checking Base on Interoplation
Advertisements

Exploiting SAT solvers in unbounded model checking K. L. McMillan Cadence Berkeley Labs.
Demand-driven inference of loop invariants in a theorem prover
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Constraint-based Invariant Inference over Predicate Abstraction Sumit Gulwani Ramarathnam Venkatesan Microsoft Research, Redmond Saurabh Srivastava University.
Termination Proofs from Tests
Symbolic Execution with Mixed Concrete-Symbolic Solving
Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.
SAT Based Abstraction/Refinement in Model-Checking Based on work by E. Clarke, A. Gupta, J. Kukula, O. Strichman (CAV’02)
A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.
50.530: Software Engineering Sun Jun SUTD. Week 10: Invariant Generation.
Verifying Executable Object-Oriented Specifications with Separation Logic Stephan van Staden, Cristiano Calcagno, Bertrand Meyer.
Lecture #21 Software Model Checking: predicate abstraction Thomas Ball Testing, Verification and Measurement Microsoft Research.
© Anvesh Komuravelli Quantified Invariants in Rich Domains using Model Checking and Abstract Interpretation Anvesh Komuravelli, CMU Joint work with Ken.
Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.
Logic as the lingua franca of software verification Ken McMillan Microsoft Research TexPoint fonts used in EMF: A A A A A Joint work with Andrey Rybalchenko.
Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
August Moscow meeting1August Moscow meeting1August Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.
Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.
Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.
Revisiting Generalizations Ken McMillan Microsoft Research Aws Albarghouthi University of Toronto.
Rahul Sharma Işil Dillig, Thomas Dillig, and Alex Aiken Stanford University Simplifying Loop Invariant Generation Using Splitter Predicates.
Discovering Affine Equalities Using Random Interpretation Sumit Gulwani George Necula EECS Department University of California, Berkeley.
Using Statically Computed Invariants Inside the Predicate Abstraction and Refinement Loop Himanshu Jain Franjo Ivančić Aarti Gupta Ilya Shlyakhter Chao.
1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.
Precise Inter-procedural Analysis Sumit Gulwani George C. Necula using Random Interpretation presented by Kian Win Ong UC Berkeley.
1 Optimisation Although Constraint Logic Programming is somehow focussed in constraint satisfaction (closer to a “logical” view), constraint optimisation.
Thread-modular Abstraction Refinement Tom Henzinger Ranjit Jhala Rupak Majumdar [UC Berkeley] Shaz Qadeer [Microsoft Research]
Synergy: A New Algorithm for Property Checking
CS 267: Automated Verification Lectures 14: Predicate Abstraction, Counter- Example Guided Abstraction Refinement, Abstract Interpretation Instructor:
CS 330 Programming Languages 09 / 18 / 2007 Instructor: Michael Eckmann.
Introduction to Machine Learning course fall 2007 Lecturer: Amnon Shashua Teaching Assistant: Yevgeny Seldin School of Computer Science and Engineering.
VS 3 : Verification and Synthesis using SMT Solvers SMT Solvers for Program Verification Saurabh Srivastava * Sumit Gulwani ** Jeffrey S. Foster * * University.
Carnegie Mellon University Symbolic Approaches to Invariant Checking and Automatic Predicate Abstraction Randal E. Bryant.
Counterexample Guided Invariant Discovery for Parameterized Cache Coherence Verification Sudhindra Pandav Konrad Slind Ganesh Gopalakrishnan.
CS 267: Automated Verification Lecture 13: Bounded Model Checking Instructor: Tevfik Bultan.
Automated Extraction of Inductive Invariants to Aid Model Checking Mike Case DES/CHESS Seminar EECS Department, UC Berkeley April 10, 2007.
Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.
272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 4: SMT-based Bounded Model Checking of Concurrent Software.
CSC2108 Lazy Abstraction on Software Model Checking Wai Sum Mong.
Regular Model Checking Ahmed Bouajjani,Benget Jonsson, Marcus Nillson and Tayssir Touili Moran Ben Tulila
Constraint-based Invariant Inference. Invariants Dictionary Meaning: A function, quantity, or property which remains unchanged Property (in our context):
By: Pashootan Vaezipoor Path Invariant Simon Fraser University – Spring 09.
1 A Combination Method for Generating Interpolants Greta Yorsh Madan Musuvathi Tel Aviv University, Israel Microsoft Research, Redmond, US CAV’05.
1 Automatic Refinement and Vacuity Detection for Symbolic Trajectory Evaluation Orna Grumberg Technion Haifa, Israel Joint work with Rachel Tzoref.
Rahul Sharma Joint work with Aditya Nori (MSR India) and Alex Aiken (Stanford)
B. Fernández, D. Darvas, E. Blanco Formal methods appliedto PLC code verification Automation seminar CERN – IFAC (CEA) 02/06/2014.
Aditya V. Nori, Sriram K. Rajamani Microsoft Research India.
Race Checking by Context Inference Tom Henzinger Ranjit Jhala Rupak Majumdar UC Berkeley.
Rahul Sharma, Aditya V. Nori, Alex Aiken Stanford MSR India Stanford.
Rahul Sharma, Eric Schkufza, Berkeley Churchill, Alex Aiken.
Checking Reachability using Matching Logic Grigore Rosu and Andrei Stefanescu University of Illinois, USA.
Symbolic Execution with Abstract Subsumption Checking Saswat Anand College of Computing, Georgia Institute of Technology Corina Păsăreanu QSS, NASA Ames.
Proving Non-Termination Gupta, Henzinger, Majumdar, Rybalchenko, Ru-Gang Xu presentation by erkan.
Formal Verification of Synchronization Issues of SpecC Description with Automatic Abstraction Thanyapat Sakunkonchak Masahiro Fujita Department of Electronics.
Localization and Register Sharing for Predicate Abstraction Himanshu Jain Franjo Ivančić Aarti Gupta Malay Ganai.
Ukrprog Formal requirement language and its applications A.Letichevsky Glushkov Institute of Cybernetics.
CS 8751 ML & KDDComputational Learning Theory1 Notions of interest: efficiency, accuracy, complexity Probably, Approximately Correct (PAC) Learning Agnostic.
Synergy: A New Algorithm for Property Checking Bhargav S. Gulavani (IIT Bombay)‏ Yamini Kannan (Microsoft Research India)‏ Thomas A. Henzinger (EPFL)‏
CHARME’03 Predicate abstraction with Minimum Predicates Sagar Chaki*, Ed Clarke*, Alex Groce*, Ofer Strichman** * Carnegie Mellon University ** Technion.
Rahul Sharma, Eric Schkufza, Berkeley Churchill, Alex Aiken.
Conditionally Correct Superoptimization Rahul Sharma, Eric Schkufza, Berkeley Churchill, Alex Aiken (Stanford University)
© Anvesh Komuravelli Spacer Model Checking with Proofs and Counterexamples Anvesh Komuravelli Carnegie Mellon University Joint work with Arie Gurfinkel,
Abstraction and Abstract Interpretation. Abstraction (a simplified view) Abstraction is an effective tool in verification Given a transition system, we.
Presentation Title 2/4/2018 Software Verification using Predicate Abstraction and Iterative Refinement: Part Bug Catching: Automated Program Verification.
Learning Invariants using Decision Trees and Implication Counterexamples Pranav Garg Amazon India.
CS 9633 Machine Learning Concept Learning
Introduction to Software Verification
50.530: Software Engineering
SAT Based Abstraction/Refinement in Model-Checking
Presentation transcript:

Rahul Sharma, Saurabh Gupta, Bharath Hariharan, Alex Aiken, and Aditya Nori (Stanford, UC Berkeley, Microsoft Research India) Verification as Learning Geometric Concepts

Invariants assume x<0; while ( x<0 ) { x = x+y; y = y+1; } assert y>0;

Disjunctive invariants assume n > 0; x = 0 ; while ( x < n ) { x = x+1; } assert x = n;

Classification positive examples negative examples

From invariants to classifiers Safety properties define bad states Invariants separate reachable states from bad states Possible to obtain some examples of states Invariants -> classifiers Examples of reachable/good states -> positive examples Examples of bad states -> negative examples Use a classifier to separate ALL good and bad states

Sample, guess, and check Generate examples of good and bad concrete states Guess an invariant using learner Check if verification succeeds If yes, then done If no, then guess again with more examples Use counter-examples to verification task

Sample good states assume x<0; while ( x<0 ) { print(x,y); x = x+y; y = y+1; } assert y>0; Reachable states Run the program

Sample bad states assume P; while ( B ) { S } assert Q;

From program to data assume x<0; while ( x<0 ) { x = x+y; y = y+1; } assert y>0; x = -1, y = 0 x>=0 && y<= x y

Learner Bshouty, Goldman, Mathias, Suri, Tamaki in STOC’96 Learn arbitrary boolean combinations of inequalities Create a large enough candidate set of planes Intelligently select from candidates Separate given examples of good and bad states Use only a few planes

Candidate planes x y

Example x y x y

Guarantees

From planes to predicates x y

Efficiency?

Small candidate sets

Guarantees on generalization Programs have unbounded behaviors Analyze some finite behaviors and generalize SLAM/BLAST: Ask for predicates to discard spurious cexs Impact: Unwind loops and interpolate Abstract interpretation: iterate and widen Need a formal definition of generalization Need generalization guarantees for useful tools

A step: PAC

Summary of results Given sufficient good and bad samples, with high probability, the learner generates a predicate, that has high accuracy for unseen samples The generated classifier is expressive Arbitrary boolean combinations of linear inequalities #Planes in classifier independent of samples Worst case only logarithmically more than invariant

Non-linear invariants

Implementation

Experiments

Related work Invariant inference Abstract interpretation – disjunctive completion Constraint based (Sting, InvGen, GSV’ 08) Use tests to help static analysis: Yogi, InvGen, … Guess and check: Daikon, SAN’ 12, SGHALN’ 13

Conclusion Connections between verification and learning Generalization is a fundamental problem for both Possible to obtain invariant generators with guarantees Handling disjunctions and non-linearities is easy Difficult for symbolic approaches Need data, which is available Future work, beyond numerical