èŠ‚ç‚¹æ–‡çŒ®

å¾ªçŽ¯ä¸å˜å¼ç”Ÿæˆæ–¹æ³•ç ”ç©¶ä¸Žæ”¹è¿›

Research on Generation of Loop Invariants

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ åˆ˜è‡ªæ’ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ å—äº¬å¤§å¦ ï¼Œ è®¡ç®—æœºè½¯ä»¶ä¸Žç†è®ºï¼Œ 2012ï¼Œ ç¡•å£«

ã€æ‘˜è¦ã€‘ è½¯ä»¶ä½œä¸ºä¿¡æ¯ç³»ç»Ÿçš„å®žçŽ°è½½ä½“,å¹¿æ³›åº”ç”¨åœ¨å„ä¸ªé¢†åŸŸ,è½¯ä»¶ä¸çš„ä»»ä½•å®‰å…¨æ¼æ´žæˆ–é”™è¯¯çš„å®žçŽ°éƒ½å¯èƒ½å¯¼è‡´éžå¸¸ä¸¥é‡çš„åŽæžœã€‚é€šè¿‡å¤§é‡çš„æµ‹è¯•å¯ä»¥æé«˜è½¯ä»¶çš„å¯é æ€§,ä½†æˆæœ¬è¾ƒé«˜,ä¹Ÿä¸èƒ½å®Œå…¨ä¿è¯è½¯ä»¶çš„å¯é ã€‚å½¢å¼åŒ–è¯æ˜Žæ–¹æ³•åŸºäºŽä¸¥å¯†çš„æ•°å¦å’Œé€»è¾‘åŸºç¡€,ç»è¿‡æ£ç¡®æ€§è¯æ˜Žçš„ç¨‹åºå¯ä»¥ä¿è¯è½¯ä»¶ç¬¦åˆæŒ‡å®šçš„ç¨‹åºè§„èŒƒ,ä»Žè€Œå¤§å¤§æé«˜è½¯ä»¶å¯é æ€§ã€‚ç¨‹åºæ£ç¡®æ€§è¯æ˜Žçš„ä¸€ä¸ªå…³é”®é—®é¢˜æ˜¯å‘çŽ°å……åˆ†çš„å¾ªçŽ¯ä¸å˜å¼ä¿¡æ¯æ¥è¾…åŠ©ã€æ”¯æ’‘è¯æ˜Žè¿‡ç¨‹çš„å®Œæˆã€‚ç”±äººå·¥å¯»æ‰¾å¾ªçŽ¯ä¸å˜å¼å·¥ä½œç¹ç,å®¹æ˜“å‡ºé”™ã€‚å› æ¤,ç ”ç©¶å¦‚ä½•è‡ªåŠ¨åœ°æœ‰æ•ˆåˆ†æžå’Œç”Ÿæˆå¾ªçŽ¯ä¸å˜å¼,ä½¿å¾—è½¯ä»¶è¯æ˜Žè¿‡ç¨‹é¡ºåˆ©å®Œæˆ,æˆä¸ºå½¢å¼åŒ–æ–¹æ³•ç ”ç©¶é¢†åŸŸçš„ä¸€ä¸ªé‡è¦ç ”ç©¶è¯¾é¢˜ã€‚æœ¬æ–‡ä¸»è¦é’ˆå¯¹è½¯ä»¶éªŒè¯æŠ€æœ¯ä¸çš„å¾ªçŽ¯ä¸å˜å¼ç”ŸæˆæŠ€æœ¯è¿›è¡Œç ”ç©¶å’Œå®žçŽ°ï¼š(1)å¯¹å½¢å¼åŒ–ç¨‹åºåˆ†æžæ–¹æ³•ä¸»è¦ç†è®ºè¿›è¡Œæ€»ç»“ã€‚æœ¬æ–‡æ ¹æ®å½¢å¼åŒ–åˆ†æžä¸ç”¨åˆ°çš„ä¸»è¦ç†è®ºçš„ä¸åŒå¯¹å½¢å¼åŒ–åˆ†æžæŠ€æœ¯è¿›è¡Œæ€»ç»“ã€‚å¯¹å„è‡ªçš„ç†è®ºæ ¸å¿ƒã€ä¸»è¦è§£å†³çš„é—®é¢˜ã€å…¸åž‹å·¥å…·è¿›è¡Œäº†é˜è¿°ã€‚åœ¨æ¤åŸºç¡€ä¸Š,æŒ‡å‡ºå½¢å¼åŒ–è¯æ˜Žè¿‡ç¨‹çš„éš¾ç‚¹,å¹¶æ€»ç»“äº†å½“å‰å…‹æœè¿™äº›éš¾ç‚¹æ‰€é‡‡ç”¨çš„æ–¹æ³•ã€‚(2)ä»‹ç»å’Œæ€»ç»“äº†ç›®å‰æ±‚è§£å¾ªçŽ¯ä¸å˜å¼çš„ä¸»è¦ç ”ç©¶çŠ¶å†µå’ŒçŽ°æœ‰æ–¹æ³•ã€‚æ ¹æ®ä»–ä»¬ä¸»è¦ç†è®ºå’Œé€‚ç”¨èŒƒå›´çš„ä¸åŒè¿›è¡Œé˜è¿°,æŒ‡å‡ºäº†ç›®å‰å·¥ä½œå˜åœ¨çš„ä¸è¶³ã€‚(3)æœ¬æ–‡æå‡ºäº†ä¸€ç§åŸºäºŽæ¡ä»¶èµ‹å€¼è½¬æ¢å’Œè‡ªé€‚åº”æ¨¡æ¿æŠ€æœ¯çš„å¾ªçŽ¯ä¸å˜å¼ç”Ÿæˆæ–¹æ³•ã€‚æ ¹æ®ç¨‹åºæŽ§åˆ¶æµç»“æž„ã€ä¾èµ–åˆ†æžç»“æžœå’Œå€¼åˆ†æžç»“æžœ,ç”Ÿæˆå¯èƒ½çš„å¾ªçŽ¯ä¸å˜å¼,ç„¶åŽç”±å®šç†è¯æ˜Žå™¨æ±‚è§£ã€‚è¯¥æ–¹æ³•å¯ä»¥è‡ªåŠ¨åœ°è¿è¡Œ,å¹¶å°†ç»“æžœä»¥ACSLæ³¨é‡Šçš„å½¢å¼æ·»åŠ åˆ°ç¨‹åºä¸,è¾…åŠ©å®Œæˆç¨‹åºå±žæ€§çš„è¯æ˜Žè¿‡ç¨‹ã€‚(4)åŸºäºŽä¸Šè¿°æ–¹æ³•,åœ¨Frama-Cå¹³å°å’ŒAPRONåº“çš„åŸºç¡€ä¸Š,å®žçŽ°äº†ä¸€ä¸ªåˆ†æžæ’ä»¶loopInvã€‚é€‰å–äº†ä¸€äº›ç¨‹åºä½œä¸ºåˆ†æžå¯¹è±¡,ä¸Žå…¶ä»–æ–¹æ³•ä½œäº†æ¯”è¾ƒ,ç»“æžœè¡¨æ˜Žå¯ä»¥å‘çŽ°æ›´å¤šçš„ä¸å˜å¼,ä½¿ä¸€äº›ç¨‹åºè§„èŒƒé¡ºåˆ©å¾—åˆ°è¯æ˜Žã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ Software has been used widely in various areas as the carrier of information systems. Any vulnerability or incorrect development in software will cause highly serious failures. It can increase the confidence with enough testing which will be very expensive. Unfortunately, it still cannot guarantee that the software to be tested is fully reliability even with lots of testing. Formal methods are based on strict mathematically and logically basis. It can ensure that the software meets its given specifications through proving of correctness, which greatly improves the reliability of software.A key issue in program proving is finding sufficient loop invariants to assist the automatic process. However, writing loop invariants manually is boring and error-prone. Thus, the research on how to analysis and generate loop invariants automatically becomes an important issue in the area of formal methods. This dissertation focused on the generation of loop invariants and mainly covers the subjects of theory of formal methods and generation technologies for invariants.(1)We summarized the main theories of formal methods to analysis programs. It is focused on the core theory, the main problem to resolve and classical tools. Then we point out the difficulty of formal proof.(2) We summarized recent research and common technologies for generating loop invariants. They are described and compared from many aspects, including the kinds of programs to be analyzed, the way how they work and their shortcomings.(3) Based on conditional assignment and adaptive template an approach to generate invariants is proposed in this dissertation. Many semantic factors are considiered here, not only loop itself but also specifications, asserts etc.. It infers potential loop invariants according to CFG, PDG and value analysis which are then resolved by theory prover. It can run automatically and insert invariants as ACSL comments into C codes as output.(4)Based on the method above, a plugin named looplnv is designed and implemented with the platform Frama-C and APRON. According to the experiments on some selected programs, it can generate more invariants comparing with other tools and most of the programs can be proved successfully.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ éªŒè¯ï¼› ç¨‹åºè§„èŒƒï¼› å¾ªçŽ¯ä¸å˜å¼ï¼› è‡ªåŠ¨åŒ–ï¼› æ’ä»¶ï¼›
ã€Key wordsã€‘ verifyï¼› program specificationï¼› loop invariantï¼› valueanalysisï¼› pluginï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ å—äº¬å¤§å¦

ã€åˆ†ç±»å·ã€‘TP309
ã€ä¸‹è½½é¢‘æ¬¡ã€‘101
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

å¾ªçŽ¯ä¸å˜å¼ç”Ÿæˆæ–¹æ³•ç ”ç©¶ä¸Žæ”¹è¿›

Research on Generation of Loop Invariants

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

å¾ªçŽ¯ä¸å˜å¼ç”Ÿæˆæ–¹æ³•ç ”ç©¶ä¸Žæ”¹è¿›