Skip to Main content Skip to Navigation
Theses

Differential program semantics

Abstract : Computer programs are rarely written in one fell swoop. Instead, they are written in a series of incremental changes.It is also frequent for software to get updated after its initial release. Such changes can occur for various reasons, such as adding features, fixing bugs, or improving performances for instance. It is therefore important to be able to represent and reason about those changes, making sure that they indeed implement the intended modifications.In practice, program differences are very commonly represented as textual differences between a pair of source files, listing text lines that have been deleted, inserted or modified. This representation, while exact, does not address the semantic implications of those textual changes. Therefore, there is a need for better representations of the semantics of program differences.Our first contribution is an algorithm for the construction of a correlating program, that is, a program interleaving the instructions of two input programs in such a way that it simulates theirsemantics. Further static analysis can be performed on such correlating programs to compute an over-approximation of the semantic differences between the two input programs. This work draws direct inspiration from an article by Partush and Yahav, that describes a correlating program construction algorithm which we show to be unsound on loops that include `break` or `continue`statements. To guarantee its soundness, our alternative algorithm is formalized and mechanically checked within the Coq proof assistant.Our second and most important contribution is a formal framework allowing to precisely describe and formally verify semantic changes.This framework, fully formalized in Coq, represents the difference between two programs by a third program called an oracle.Unlike a correlating program, such an oracle is not required to interleave instructions of the programs under comparison, and may “skip” intermediate computation steps. In fact, such an oracle is typically written in a different programming language than the programs it relates, which allows designing correlating oracle languages specific to certain classes of program differences, andcapable of relating crashing programs with non-crashing ones.We design such oracle languages to cover a wide range of program differences on a toy imperative language. We also prove that our framework is at least as expressive as Relational Hoare Logic by encoding several variants as correlating oracle languages, proving their soundness in the process.
Document type :
Theses
Complete list of metadata

Cited literature [37 references]  Display  Hide  Download

https://hal.inria.fr/tel-01890508
Contributor : Abes Star :  Contact
Submitted on : Tuesday, January 14, 2020 - 3:08:09 PM
Last modification on : Tuesday, March 16, 2021 - 3:08:35 AM
Long-term archiving on: : Wednesday, April 15, 2020 - 8:24:09 PM

File

GIRKA_Thibaut_2_complete_20180...
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01890508, version 2

Citation

Thibaut Girka. Differential program semantics. Programming Languages [cs.PL]. Université Sorbonne Paris Cité, 2018. English. ⟨NNT : 2018USPCC147⟩. ⟨tel-01890508v2⟩

Share

Metrics

Record views

118

Files downloads

671