Thomas Genet - Academia.edu (original) (raw)
Papers by Thomas Genet
Electronic Notes in Theoretical Computer Science, May 1, 2003
irisa.fr
We aim at defining regular over-approximation of sets of reachable terms for term rewriting syste... more We aim at defining regular over-approximation of sets of reachable terms for term rewriting systems applied with a strategy. In this ongoing work, we focus on innermost strategies which are the evaluation strategy of most functional programming languages. Having an accurate over-approximation of reachable terms for functional programming languages would permit to prove richer unreachability properties, i.e. safety properties on such programs.
Si l'on decrit , par une grammaire, l'ensemble des entrees possibles d'un programme f... more Si l'on decrit , par une grammaire, l'ensemble des entrees possibles d'un programme fonc-tionnel, peut-on connaˆtre la grammaire des sorties de celui-ci ? Il existe des outils en reecriture a meme de repondre a cette question, pour certaines fonctions. On peut utiliser ce genre de cal-cul pour detecter des bugs ou, ` a l'inverse, pour prouver des proprietes sur ces fonctions. Dans cet article, nous presentons un travail en cours visant a concevoir un outil de verification for-melle leg ere pour OCaml. Si l'essentiel des resultats theoriques et outils de reecriture existent dej a, leur application a la verification de programmes OCaml realistes necessite de resoudre un certains nombre deprobi emes. Nous donnerons l'architecture d'un interpr ete abstrait pour OCaml, bases sur ces principes et outils, et nous verrons quelles sont les briques manquantes pour finaliser son developpement. 1 Une verification aussi automatique que l' inference de type Certain...
We consider rewriting of a regular language with a left-linear term rewriting system. We show a c... more We consider rewriting of a regular language with a left-linear term rewriting system. We show a completeness theorem on equational tree automata completion stating that, if there exists a regular over-approximation of the set of reachable terms, then equational completion can compute it (or safely under-approximate it). A nice corollary of this theorem is that, if the set of reachable terms is regular, then equational completion can also compute it. This was known to be true for some term rewriting system classes preserving regularity, but was still an open question in the general case. The proof is not constructive because it depends on the regularity of the set of reachable terms, which is undecidable. To carry out those proofs we generalize and improve two results of completion: the Termination and the Upper-Bound theorems. Those theoretical results provide an algorithmic way to safely explore regular approximations with completion. This has been implemented in Timbuk and used to...
L'avenement des telephones et tablettes ces dernieres annees a favorise le de-veloppement d&#... more L'avenement des telephones et tablettes ces dernieres annees a favorise le de-veloppement d'un nouveau modele economique qui repose sur la livraison d'un telephone nu sur lequel l'utilisateur peut installer des applications via des maga-sins d'applications ou marches. Ces marches sont aussi bien officiels car approu-ves par les entreprises developpant les systemes d'exploitations de ces telephones comme Google Play ou AppStore ou non officiels. Dans ce qui suit, nous nous consacrons aux telephones et tablettes utilisant le systeme d'exploitation Android sur lesquelles un utilisateur peut installer des applications via Google Play. Sur ce marche, nous trouvons beaucoup d'applications (plus de un million d'applica-tions) telechargees par beaucoup d'utilisateurs. Une meme application peut etre telechargee plus de 100 millions de fois. Les developpeurs de ces applications sont d'origines tres variees puisque pour la modique somme de 25 USD n&#...
Artifact Digital Object Group, 2020
Proceedings of the 17th International Joint Conference on e-Business and Telecommunications, 2020
The objective of this (very) short tutorial is to help any functional programmer to quickly put i... more The objective of this (very) short tutorial is to help any functional programmer to quickly put its hand on Isabelle/HOL and catch a glimpse of its power. Then, if you want some more, you should refer to the extensive Isabelle/HOL tutorial and documentation available in the tool.
When rewriting a regular language with a left-linear term rewriting system, if the set of reachab... more When rewriting a regular language with a left-linear term rewriting system, if the set of reachable terms is regular, we show that equational tree automata completion can compute it. This was known to be true for some known TRS classes preserving regularity, but was still an open question in the general case. The proof is not constructive: it assumes that the set of reachable terms is regular, which is undecidable. Despite being non constructive, the proof of this result has a strong practical impact: it shows how to tune completion to get the best possible precision w.r.t. sets of reachable terms. In particular, to carry out the proof, it was necessary to generalize and improve two results of completion: the termination and the precision theorems. 1998 ACM Subject Classification I.2.3 Deduction and Theorem Proving, F.4.2 Grammars and Other Rewriting Systems
Lecture Notes in Computer Science, 2018
This paper describes a fully automatic technique for verifying safety properties of higher-order ... more This paper describes a fully automatic technique for verifying safety properties of higher-order functional programs. Tree automata are used to represent sets of reachable states and functional programs are modeled using term rewriting systems. From a tree automaton representing the initial state, a completion algorithm iteratively computes an automaton which over-approximates the output set of the program to verify. We identify a subclass of higher-order functional programs for which the completion is guaranteed to terminate. Precision and termination are obtained conjointly by a careful choice of equations between terms. The verification objective can be used to generate sets of equations automatically. Our experiments show that tree automata are sufficiently expressive to prove intricate safety properties and sufficiently simple for the verification result to be certified in Coq.
This paper presents the first step of a wider research effort to apply tree automata completion t... more This paper presents the first step of a wider research effort to apply tree automata completion to the static analysis of functional programs. Tree Automata Completion is a family of techniques for computing or approximating the set of terms reachable by a rewriting relation. The completion algorithm we focus on is parameterized by a set E of equations controlling the precision of the approximation and influencing its termination. For completion to be used as a static analysis, the first step is to guarantee its termination. In this work, we thus give a sufficient condition on E and T(F) for completion algorithm to always terminate. In the particular setting of functional programs, this condition can be relaxed into a condition on E and T(C) (terms built on the set of constructors) that is closer to what is done in the field of static analysis, where abstractions are performed on data.
The tree automaton completion is an algorithm used for proving safety properties of systems that ... more The tree automaton completion is an algorithm used for proving safety properties of systems that can be modeled by a term rewriting system. This representation and verification technique works well for proving properties of infinite systems like cryptographic protocols or more recently on Java Bytecode programs. This algorithm computes a tree automaton which represents a (regular) over approximation of the set of reachable terms by rewriting initial terms. This approach is limited by the lack of information about rewriting relation between terms. Actually, terms in relation by rewriting are in the same equivalence class: there are recognized by the same state in the tree automaton. Our objective is to produce an automaton embedding an abstraction of the rewriting relation sufficient to prove temporal properties of the term rewriting system. We propose to extend the algorithm to produce an automaton having more equivalence classes to distinguish a term or a subterm from its successor...
HAL is a multi-disciplinary open access archive for the deposit and dissemination of sci-entific ... more HAL is a multi-disciplinary open access archive for the deposit and dissemination of sci-entific research documents, whether they are pub-lished or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L’archive ouverte pluridisciplinaire HAL, est destinée au dépôt et a ̀ la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d’enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.
Rewriting Logic and Its Applications, 2018
We present here an algorithm for proving termination of term rewriting systems by gpo ordering co... more We present here an algorithm for proving termination of term rewriting systems by gpo ordering constraint solving. Constraint solving is done eeciently thanks to an original shared term data structure based on SOUR graphs. We show how the algorithm works for proving termination of self-embedding rules like ffx ! fgfx. For particular cases of gpo like lpo, the algorithm is fully automatic. We give here execution examples of an implementation we made for lpo case.
The objective of this short tutorial is to show how to use SPAN to understand and debug HLPSL spe... more The objective of this short tutorial is to show how to use SPAN to understand and debug HLPSL specifications used in the AVISPA cryptographic protocol verification tool. The reader is supposed to be familiar with the HLPSL language, if not please read the HLPSL tutorial first.
Tree Automata Completion is a family of techniques for computing or approximating the set of term... more Tree Automata Completion is a family of techniques for computing or approximating the set of terms reachable by a rewriting relation. For functional programs translated into TRS, we give a sufficient condition for completion to terminate. Second, in order to take into account the evaluation strategy of functional programs, we show how to refine completion to approximate reachable terms for a rewriting relation controlled by a strategy. In this paper, we focus on innermost strategy which represents the call-by-value evaluation strategy.
Electronic Notes in Theoretical Computer Science, May 1, 2003
irisa.fr
We aim at defining regular over-approximation of sets of reachable terms for term rewriting syste... more We aim at defining regular over-approximation of sets of reachable terms for term rewriting systems applied with a strategy. In this ongoing work, we focus on innermost strategies which are the evaluation strategy of most functional programming languages. Having an accurate over-approximation of reachable terms for functional programming languages would permit to prove richer unreachability properties, i.e. safety properties on such programs.
Si l'on decrit , par une grammaire, l'ensemble des entrees possibles d'un programme f... more Si l'on decrit , par une grammaire, l'ensemble des entrees possibles d'un programme fonc-tionnel, peut-on connaˆtre la grammaire des sorties de celui-ci ? Il existe des outils en reecriture a meme de repondre a cette question, pour certaines fonctions. On peut utiliser ce genre de cal-cul pour detecter des bugs ou, ` a l'inverse, pour prouver des proprietes sur ces fonctions. Dans cet article, nous presentons un travail en cours visant a concevoir un outil de verification for-melle leg ere pour OCaml. Si l'essentiel des resultats theoriques et outils de reecriture existent dej a, leur application a la verification de programmes OCaml realistes necessite de resoudre un certains nombre deprobi emes. Nous donnerons l'architecture d'un interpr ete abstrait pour OCaml, bases sur ces principes et outils, et nous verrons quelles sont les briques manquantes pour finaliser son developpement. 1 Une verification aussi automatique que l' inference de type Certain...
We consider rewriting of a regular language with a left-linear term rewriting system. We show a c... more We consider rewriting of a regular language with a left-linear term rewriting system. We show a completeness theorem on equational tree automata completion stating that, if there exists a regular over-approximation of the set of reachable terms, then equational completion can compute it (or safely under-approximate it). A nice corollary of this theorem is that, if the set of reachable terms is regular, then equational completion can also compute it. This was known to be true for some term rewriting system classes preserving regularity, but was still an open question in the general case. The proof is not constructive because it depends on the regularity of the set of reachable terms, which is undecidable. To carry out those proofs we generalize and improve two results of completion: the Termination and the Upper-Bound theorems. Those theoretical results provide an algorithmic way to safely explore regular approximations with completion. This has been implemented in Timbuk and used to...
L'avenement des telephones et tablettes ces dernieres annees a favorise le de-veloppement d&#... more L'avenement des telephones et tablettes ces dernieres annees a favorise le de-veloppement d'un nouveau modele economique qui repose sur la livraison d'un telephone nu sur lequel l'utilisateur peut installer des applications via des maga-sins d'applications ou marches. Ces marches sont aussi bien officiels car approu-ves par les entreprises developpant les systemes d'exploitations de ces telephones comme Google Play ou AppStore ou non officiels. Dans ce qui suit, nous nous consacrons aux telephones et tablettes utilisant le systeme d'exploitation Android sur lesquelles un utilisateur peut installer des applications via Google Play. Sur ce marche, nous trouvons beaucoup d'applications (plus de un million d'applica-tions) telechargees par beaucoup d'utilisateurs. Une meme application peut etre telechargee plus de 100 millions de fois. Les developpeurs de ces applications sont d'origines tres variees puisque pour la modique somme de 25 USD n&#...
Artifact Digital Object Group, 2020
Proceedings of the 17th International Joint Conference on e-Business and Telecommunications, 2020
The objective of this (very) short tutorial is to help any functional programmer to quickly put i... more The objective of this (very) short tutorial is to help any functional programmer to quickly put its hand on Isabelle/HOL and catch a glimpse of its power. Then, if you want some more, you should refer to the extensive Isabelle/HOL tutorial and documentation available in the tool.
When rewriting a regular language with a left-linear term rewriting system, if the set of reachab... more When rewriting a regular language with a left-linear term rewriting system, if the set of reachable terms is regular, we show that equational tree automata completion can compute it. This was known to be true for some known TRS classes preserving regularity, but was still an open question in the general case. The proof is not constructive: it assumes that the set of reachable terms is regular, which is undecidable. Despite being non constructive, the proof of this result has a strong practical impact: it shows how to tune completion to get the best possible precision w.r.t. sets of reachable terms. In particular, to carry out the proof, it was necessary to generalize and improve two results of completion: the termination and the precision theorems. 1998 ACM Subject Classification I.2.3 Deduction and Theorem Proving, F.4.2 Grammars and Other Rewriting Systems
Lecture Notes in Computer Science, 2018
This paper describes a fully automatic technique for verifying safety properties of higher-order ... more This paper describes a fully automatic technique for verifying safety properties of higher-order functional programs. Tree automata are used to represent sets of reachable states and functional programs are modeled using term rewriting systems. From a tree automaton representing the initial state, a completion algorithm iteratively computes an automaton which over-approximates the output set of the program to verify. We identify a subclass of higher-order functional programs for which the completion is guaranteed to terminate. Precision and termination are obtained conjointly by a careful choice of equations between terms. The verification objective can be used to generate sets of equations automatically. Our experiments show that tree automata are sufficiently expressive to prove intricate safety properties and sufficiently simple for the verification result to be certified in Coq.
This paper presents the first step of a wider research effort to apply tree automata completion t... more This paper presents the first step of a wider research effort to apply tree automata completion to the static analysis of functional programs. Tree Automata Completion is a family of techniques for computing or approximating the set of terms reachable by a rewriting relation. The completion algorithm we focus on is parameterized by a set E of equations controlling the precision of the approximation and influencing its termination. For completion to be used as a static analysis, the first step is to guarantee its termination. In this work, we thus give a sufficient condition on E and T(F) for completion algorithm to always terminate. In the particular setting of functional programs, this condition can be relaxed into a condition on E and T(C) (terms built on the set of constructors) that is closer to what is done in the field of static analysis, where abstractions are performed on data.
The tree automaton completion is an algorithm used for proving safety properties of systems that ... more The tree automaton completion is an algorithm used for proving safety properties of systems that can be modeled by a term rewriting system. This representation and verification technique works well for proving properties of infinite systems like cryptographic protocols or more recently on Java Bytecode programs. This algorithm computes a tree automaton which represents a (regular) over approximation of the set of reachable terms by rewriting initial terms. This approach is limited by the lack of information about rewriting relation between terms. Actually, terms in relation by rewriting are in the same equivalence class: there are recognized by the same state in the tree automaton. Our objective is to produce an automaton embedding an abstraction of the rewriting relation sufficient to prove temporal properties of the term rewriting system. We propose to extend the algorithm to produce an automaton having more equivalence classes to distinguish a term or a subterm from its successor...
HAL is a multi-disciplinary open access archive for the deposit and dissemination of sci-entific ... more HAL is a multi-disciplinary open access archive for the deposit and dissemination of sci-entific research documents, whether they are pub-lished or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L’archive ouverte pluridisciplinaire HAL, est destinée au dépôt et a ̀ la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d’enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.
Rewriting Logic and Its Applications, 2018
We present here an algorithm for proving termination of term rewriting systems by gpo ordering co... more We present here an algorithm for proving termination of term rewriting systems by gpo ordering constraint solving. Constraint solving is done eeciently thanks to an original shared term data structure based on SOUR graphs. We show how the algorithm works for proving termination of self-embedding rules like ffx ! fgfx. For particular cases of gpo like lpo, the algorithm is fully automatic. We give here execution examples of an implementation we made for lpo case.
The objective of this short tutorial is to show how to use SPAN to understand and debug HLPSL spe... more The objective of this short tutorial is to show how to use SPAN to understand and debug HLPSL specifications used in the AVISPA cryptographic protocol verification tool. The reader is supposed to be familiar with the HLPSL language, if not please read the HLPSL tutorial first.
Tree Automata Completion is a family of techniques for computing or approximating the set of term... more Tree Automata Completion is a family of techniques for computing or approximating the set of terms reachable by a rewriting relation. For functional programs translated into TRS, we give a sufficient condition for completion to terminate. Second, in order to take into account the evaluation strategy of functional programs, we show how to refine completion to approximate reachable terms for a rewriting relation controlled by a strategy. In this paper, we focus on innermost strategy which represents the call-by-value evaluation strategy.