Clemson University TigerPrints All Dissertations Dissertations 12-2018 Towards Automated Verification of Object-Based Software with Reference Behavior Yu-Shan Sun Clemson University, [email protected] Follow this and additional works at: https://tigerprints.clemson.edu/all_dissertations Recommended Citation Sun, Yu-Shan, "Towards Automated Verification of Object-Based Software with Reference Behavior" (2018). All Dissertations. 2280. https://tigerprints.clemson.edu/all_dissertations/2280 This Dissertation is brought to you for free and open access by the Dissertations at TigerPrints. It has been accepted for inclusion in All Dissertations by an authorized administrator of TigerPrints. For more information, please contact [email protected]. Towards Automated Verification of Object-Based Software with Reference Behavior A Dissertation Presented to the Graduate School of Clemson University In Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy Computer Science by Yu-Shan Sun December 2018 Accepted by: Dr. Murali Sitaraman, Committee Chair Dr. John D. McGregor Dr. Nigamanth Sridhar Dr. Pradip K. Srimani Abstract Automated verification is critical for ensuring that an implementation is correct and meets the specified behavior on every valid input. Verification should be modular to promote reuse and to scale up. However, for code that involves explicit reference behavior, there is the added complexity of reasoning that only the intended objects are being affected. This research focuses on simplifying automated verification and enabling modular verifica- tion using data abstractions that hide explicit reference behavior. While avoiding explicit reference behavior simplifies reasoning for a majority of software components, for capturing unavoidable ref- erence behavior, such as that needed to implement classes of lower-level \linked" realizations such as for lists and trees, the research introduces and uses automation-friendly abstractions to capture acyclic reference behavior. The overall research involves the development of specification and verification mechanisms for components where objects share a global state, along with a new prototype verification system that is designed to generate simplified verification conditions with automation in mind. Experimen- tation and evaluation involve a class of components with and without explicit reference behavior. ii Dedication To my parents and sister who supported me all throughout this process and for believing that I could finish. Also to entire Hiestand family who provided me with a home away from home. iii Acknowledgments First and foremost, I would like to thank my advisor, Murali Sitaraman, for his guidance, support and patience throughout this whole process. I would like to thank Joan Krone for acting as a co-advisor and for the countless meetings, revisions and feedback. Without both of them, none of this work would have been possible. Special thanks to my committee members: John D. McGregor, Nigamanth Sridhar and Pradip K. Srimani for providing feedback and encouraging me to improve this work. I would like to acknowledge members of the RESOLVE/Reusable Software Research Groups at Clemson and Ohio State. My special thanks to Bill Ogden, Bruce Weide and Joan Krone for their insights in developing the specifications given in this dissertation and suggestions for improvements. I gratefully acknowledge the numerous hours Charles \Chuck" Cook and Daniel Welch have spent helping me improve the implementations associated with this work. Also my thanks to all my friends from around the world, who listened to all my troubles and offered words of encouragement. This research is supported in part by U.S. National Science Foundation (NSF) grants CCF-1161916, DUE-1022941 and DUE-1611714. Any opinions, findings, conclusions, or recom- mendations expressed here are those of the authors and do not necessarily reflect the views of the NSF. On a personal note, I would like to thank my parents and sister for patiently waiting until I finished and offering unconditional support throughout this process. A special thanks to the Hiestand family for always being there for me when I needed it the most. iv Table of Contents Title Page ............................................ i Abstract ............................................. ii Dedication............................................ iii Acknowledgments ....................................... iv List of Tables ..........................................vii List of Figures..........................................viii List of Listings ......................................... ix 1 Introduction......................................... 1 1.1 Facilitating Direct Reasoning through Data Abstraction................ 4 1.2 Reasoning about Reference Behavior Explicitly..................... 9 1.3 Problem Statement..................................... 10 1.4 Research Approach and Evaluation............................ 11 1.5 Thesis Statement...................................... 14 1.6 Dissertation Organization................................. 14 2 Verification Background and Related Work ......................15 2.1 General Verification Background ............................. 15 2.2 Separation Logic ...................................... 16 2.3 Dynamic Frames ...................................... 19 2.4 Region Logic ........................................ 22 2.5 An Approach Using RESOLVE Principles........................ 23 2.6 Other Efforts........................................ 24 3 RESOLVE Background and Prior Work ........................25 3.1 Introduction to RESOLVE Specifications ........................ 25 3.2 Recent Work in Automated Verification of RESOLVE Components.......... 28 3.3 Previous Work in Formalizing Specifications to Capture Reference Behavior . 34 4 Generation of Simplified VCs and Sequents......................36 4.1 Reduced Sequents ..................................... 36 4.2 Forming Parsimonious VCs ................................ 38 4.3 Other VC Generator Updates............................... 44 5 Data Abstractions with Shared State..........................46 5.1 Communally Bounded List Template ........................ 48 v 5.2 Example Client Programs and Evaluation........................ 50 5.3 Enhancement for Searching a List and Evaluation.................... 55 6 A Concept to Capture Acyclic Reference Behavior .................59 6.1 An Informal Description.................................. 60 6.2 New Mathematical Theories Needed To Describe Reference Behavior......... 65 6.3 Formal Specification of Communal UVR Template................... 69 6.4 Formal Specification for CBUVRT Operations...................... 73 6.5 Alternative Versions of UVRT............................... 76 7 VC Generation and Evaluation for Concept Realizations..............78 7.1 Non-Sharing Implementations............................... 79 7.2 Interference-Free Sharing Implementations with Independent Correspondence . 88 7.3 Interference-Free Sharing Implementations with Independent Regional Correspondence 91 8 Conclusions and Future Research ............................98 Appendices ...........................................101 A Proof Rules......................................... 102 B Globally Bounded List Collection............................. 121 C Communally Bounded List Collection .......................... 152 D Bounded Stack Collection................................. 185 E Globally Bounded Stack Collection............................ 208 F Communally Bounded Stack Collection ......................... 212 G Communally Bounded UVRT Collection......................... 240 H Mathematical Theories................................... 247 Bibliography...........................................256 vi List of Tables 4.1 Reduction Rules ...................................... 37 7.1 Categories of Concept Realization ............................ 78 vii List of Figures 1.1 Contrasting When Reasoning About Reference Behavior Is Needed.......... 2 1.2 Illustration of Mathematical Abstraction for a List................... 4 1.3 Illustration of List Operations............................... 5 1.4 Illustration of Reverse List .............................. 5 1.5 Tracing of the Code in Listing 1.2 ............................ 7 1.6 Modular Reasoning Overview for the Recursive List Reversal in Listing 1.2..... 8 1.7 Reversing a List Using the Code in Listing 1.3 ..................... 10 3.1 Applying Prt_Btwn .................................... 28 3.2 Verification Pipeline Process of Listing 3.5........................ 30 3.3 Verification of Listing 3.8 Using an Automated Prover................. 33 4.1 Sample Sequent Reduction Tree Produced by VC Generator.............. 38 5.1 Comparing Reasoning Approaches (Reproduced from Chapter1)........... 46 5.2 Example of a Communal List Instantiation ....................... 47 6.1 Sample UVRT Chain.................................... 61 6.2 Illustration for Selected Operations............................ 62 6.3 Illustration of the Effects of Operation Calls in Insert_Front . 63 6.4 Reversing a singly-linked location............................. 64 6.5 Is Closed wrt and : Is Closed wrt with One Function ................. 66 6.6 Is Closed wrt and : Is Closed wrt with Multiple Functions .............. 67 6.7 Closure for ......................................... 67 6.8 Is Stable wrt ........................................ 68 6.9 Terminal Range....................................... 69 6.10 Global State Variables