CN116383088B - Source code form verification method, device, equipment and storage medium - Google Patents

Source code form verification method, device, equipment and storage medium Download PDF

Info

Publication number
CN116383088B
CN116383088B CN202310501283.7A CN202310501283A CN116383088B CN 116383088 B CN116383088 B CN 116383088B CN 202310501283 A CN202310501283 A CN 202310501283A CN 116383088 B CN116383088 B CN 116383088B
Authority
CN
China
Prior art keywords
tree
assignment
version
assignment tree
history
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310501283.7A
Other languages
Chinese (zh)
Other versions
CN116383088A (en
Inventor
黄文超
付贵禄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Science and Technology of China USTC
Original Assignee
University of Science and Technology of China USTC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Science and Technology of China USTC filed Critical University of Science and Technology of China USTC
Priority to CN202310501283.7A priority Critical patent/CN116383088B/en
Publication of CN116383088A publication Critical patent/CN116383088A/en
Application granted granted Critical
Publication of CN116383088B publication Critical patent/CN116383088B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3604Software analysis for verifying properties of programs
    • G06F11/3608Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Artificial Intelligence (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Debugging And Monitoring (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The application provides a source code form verification method, a device, equipment and a storage medium, which are suitable for the technical field of computers, and the method comprises the following steps: constructing a history version assignment tree according to a history version source code and a preset state transition model; constructing a current version assignment tree according to a current version source code and a preset state transition model; constructing an increment tree according to the history version assignment tree, the current version assignment tree and the matching relation between the history version assignment tree and the current version assignment tree; based on the increment tree, the formal verification is performed on the source code of the current version, and based on the increment tree, the intermediate variable in the source code can be greatly reduced, and the state space required for the formal verification is reduced, so that the resources occupied during the formal verification are reduced, and the result of the formal verification can be obtained more quickly.

Description

Source code form verification method, device, equipment and storage medium
Technical Field
The present application relates to the field of computers, and in particular, to a source code form verification method, device, apparatus and storage medium.
Background
Along with the continuous development of hardware systems, the scale of chip designs is also increased, so that the cost of manually verifying the chip designs is greatly increased, and the development of formal modeling and verification technology of the chip designs is promoted.
In the prior art, when formal verification is performed on a digital chip design, source codes of new and old versions of the digital chip design expressed by a hardware description language are converted into state transition models, and the attribute of hardware is verified according to the state transition models of the new and old versions. When the verification result of the digital chip design is not passed, a counter example can be provided so as to be convenient for a designer to modify.
However, when the conventional source code form verification method is used for verification, all states are traversed, so that more resources are occupied during verification, the time consumption is long, and the method is not suitable for verification of a large-scale hardware system.
Disclosure of Invention
In view of the above, the embodiment of the application provides a source code form verification method, a source code form verification device and terminal equipment, which can solve the problem that the form verification method in the prior art occupies more resources during verification.
A first aspect of an embodiment of the present application provides a source code form verification method, including:
Constructing a history version assignment tree according to a history version source code and a preset state transition model;
constructing a current version assignment tree according to a current version source code and a preset state transition model;
constructing an increment tree according to the history version assignment tree, the current version assignment tree and the matching relation between the history version assignment tree and the current version assignment tree;
based on the increment tree, formalized verification is performed on the source code of the current version.
A second aspect of an embodiment of the present application provides a source code form verification apparatus comprising:
the history assignment tree construction module is used for constructing an assignment tree of a history version according to a source code of the history version and a preset state transition model;
the current assignment tree construction module is used for constructing a current version assignment tree according to the current version source code and a preset state transition model;
the incremental tree construction module is used for constructing an incremental tree according to the historical version of the assignment tree, the current version of the assignment tree and the matching relationship between the historical version of the assignment tree and the current version of the assignment tree; the method comprises the steps of,
And the formal verification module is used for formalizing verification of the source code of the current version based on the increment tree.
A third aspect of an embodiment of the present application provides a terminal device, the terminal device comprising a memory, a processor, the memory having stored thereon a computer program executable on the processor, the processor executing the computer program to perform the steps of the source code form verification method as described in the first aspect above.
A fourth aspect of embodiments of the present application provides a computer-readable storage medium comprising: a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the source code form verification method as described in the first aspect above.
Compared with the prior art, the embodiment of the application has the beneficial effects that:
based on a preset state transition model, converting a source code of a historical version and a source code of a current version into corresponding assignment trees respectively, merging the assignment trees of the historical version and the assignment trees of the current version into increment trees capable of describing areas where the source code changes during version transition according to matching relations among the assignment trees of the historical version, the assignment trees of the current version and the assignment trees of the current version, and performing formal verification based on the increment trees, so that intermediate variables in the source code can be greatly reduced, the state space required for formal verification is reduced, resources occupied during formal verification is reduced, and the result of the formal verification can be obtained more quickly.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a diagram of an application environment for a source code form verification method provided by an embodiment of the present application;
FIG. 2 is a schematic diagram of an implementation flow of a source code form verification method according to an embodiment of the present application;
FIG. 3 is a schematic implementation flow chart of an assignment tree construction method according to an embodiment of the present application;
FIG. 4 is a schematic flow chart of another implementation of the assignment tree construction method according to an embodiment of the present application;
FIG. 5 is a schematic implementation flow chart of a method for determining matching relation of assignment tree according to an embodiment of the present application;
FIG. 6 is a schematic diagram of an implementation flow of another source code form verification method provided by an embodiment of the present application;
FIG. 7 is a schematic flow chart of an implementation of another source code form verification method according to an embodiment of the present application;
FIG. 8 is a schematic diagram of an implementation flow of a source code form verification method according to an embodiment of the present application;
FIG. 9 is an overall flow diagram of a method for constructing assignment tree according to an embodiment of the present application;
FIG. 10 is a schematic diagram of a source code version of a verification device according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
In order to illustrate the technical scheme of the application, the following description is made by specific examples.
Fig. 1 is an application environment diagram of a patent document searching method according to an embodiment of the present application, as shown in fig. 1, in the application environment, the application environment includes a terminal 110 and a computer device 120.
The computer device 120 may be an independent physical server or terminal, or may be a server cluster formed by a plurality of physical servers, or may be a cloud server that provides basic cloud computing services such as a cloud server, a cloud database, cloud storage, and CDN.
The terminal 110 device may be a Station (ST) in a WLAN, may be a personal digital assistant (Personal Digital Assistant, PDA) device, a handheld device with wireless communication capabilities, a computing device or other processing device connected to a wireless modem, an in-vehicle device, a car networking terminal, a computer, a laptop computer, a handheld communication device, a handheld computing device, a satellite radio, a customer premise equipment (customerpremise equipment, CPE) and/or other devices for communicating over a radio system, as well as a next generation communication system, e.g. a mobile terminal in a 5G network or a mobile terminal in a future evolved public land mobile network (Public Land Mobile Network, PLMN) network, etc. The terminal 110 and the computer device 120 may be connected through a network, and the present invention is not limited herein.
As shown in fig. 2, in one embodiment, a source code form verification method is proposed, and this embodiment is mainly exemplified by the application of the method to the above-mentioned computer device 120, and the patent document retrieval method includes:
Step S202: and constructing a history version assignment tree according to the history version source code and a preset state transition model.
The preset state transition model formally describes a state transition system and represents all possible running paths of the system and marking relations in all states. The application is not limited to the specific structure of the state transition model, and a person skilled in the art can determine which state transition model to use according to his own experience. Then, according to the source code and the state transition model of the history version, transition expressions of all state variables and mark expressions of all mark variables in the source code of the history version can be obtained, and assignment trees corresponding to all variables of the history version can be obtained based on the variables and the corresponding expressions.
The process can greatly reduce the number of variables in the state transition system, such as some intermediate variables, repeated variables and the like, through an abstract strategy, so that the state space of the model is reduced. Notably, the process need not specify the attributes to be verified.
Step S204: and constructing a current version assignment tree according to the current version source code and a preset state transition model.
The process of constructing the assignment tree of the current version according to the source code of the current version and the preset state transition model is similar to the process of step S202, except that step S202 is based on the source code of the history version, and the current step is based on the source code of the current version, so that it is not repeated here.
Step S206: and constructing an increment tree according to the history version assignment tree, the current version assignment tree and the matching relation between the history version assignment tree and the current version assignment tree.
After the history version assignment tree and the current version assignment tree are obtained, according to the history version source code and the current version source code, the corresponding relation between each variable in the history version and each variable in the current version, namely, the corresponding relation between the history version assignment tree and the current version assignment tree, can be obtained, so that an increment tree of the variable can be constructed based on the variable history version assignment tree and the variable current version assignment tree, the increment tree can reflect the change of the corresponding variable when the version changes, and therefore, the formalization verification based on the increment tree can concentrate more on the change area when the version changes, resources occupied during the formalization verification can be reduced, and verification results can be obtained more quickly.
Step S208: based on the increment tree, formalized verification is performed on the source code of the current version.
The application carries out incremental-based formalized modeling and verification aiming at two versions of the same design, carries out local modeling on the design by an incremental tree model, greatly reduces the state space through the local optimization and reduction process, and can solve the problem of state space explosion to a certain extent through the method of local modeling and integral verification by diverging to the surface by the point, thereby completing formal verification work aiming at the ultra-large-scale hardware design in a limited time.
In one embodiment, as depicted in fig. 3, step S202 includes:
step S302: and determining variable expressions corresponding to various variables in the preset state transition model of the historical version according to the source code of the historical version and the preset state transition model.
The state transition model is used for representing all possible running paths of the system and marking relations in all states, so that variable expressions corresponding to all variables in the source code of the historical version can be obtained from the state transition model.
Step S304: and for each variable, determining each sub-expression corresponding to the variable expression according to the variable expression corresponding to the variable.
The application specifically describes the construction of the assignment tree of a single variable because the processes of constructing the assignment tree of each variable are the same.
Because the variable expression corresponding to the variable (hereinafter referred to as a parent expression) is an operation on the N child expressions, the parent expression is divided into N child expressions, then N child assignment trees corresponding to the N child expressions are recursively constructed respectively, and then the parent assignment tree corresponding to the parent expression is constructed according to the N child assignment trees.
Step S306: and determining a sub-assignment tree corresponding to the sub-expression according to the sub-expression.
If the sub-expression is a non-Boolean variable, the sub-assignment tree corresponding to the sub-expression is a non-Boolean variable node; if the sub-expression is a Boolean variable q, the sub-assignment tree corresponding to the sub-expression is q (1, 0), i.e. q is taken as a root node, the left subtree is 1, and the right subtree is 0.
Step S308: and determining assignment trees corresponding to all variables in a preset state transition model of the historical version according to all sub-assignment trees corresponding to all sub-expressions.
The method for determining the corresponding parent assignment tree according to the N child assignment trees is shown in fig. 4 and the content of the corresponding embodiment.
In this embodiment, a process of obtaining the assignment tree of the variable according to the single variable and the corresponding variable expression in the history version is provided, and the construction processes of the assignment trees of all the variables are the same, so that each assignment tree corresponding to each variable in the history version can be obtained by repeating the above steps.
In one embodiment, as shown in fig. 4, step S308 includes:
step S402: judging whether a minimum Boolean variable exists in a root node of each sub assignment tree corresponding to each sub expression; if yes, go to step S404; if not, go to step S406.
Step S402: and adjusting each sub-assignment tree corresponding to each sub-expression to take the minimum Boolean variable as a root node, and determining left and right subtrees of assignment trees corresponding to each variable in a preset state transition model of the history version according to the left and right subtrees of each sub-assignment tree corresponding to each sub-expression.
Step S406: and determining assignment trees corresponding to all variables in a preset state transition model of the historical version according to all sub-assignment trees corresponding to all sub-expressions.
And if the child assignment tree with the minimum depth is the root node, the N child assignment trees are rewritten into a form taking the Boolean variable s as a root. If the root node corresponding to the child assignment tree is not the Boolean variable s, the root node is rewritten into a form of taking the Boolean variable s as the root node and taking the left subtree and the right subtree as the own forms. Then, judging whether the root of the left subtree of the N assignment trees is a Boolean variable d or not in sequence, and if the root of the left subtree is not the Boolean variable d, returning to a non-Boolean node, namely the left subtree; if the root of the left subtree is the Boolean variable d, d (1, 0) is returned, namely the Boolean variable d is taken as the root node, the left subtree is 1, the right subtree is 0, and the returned left assignment tree T is recorded. Sequentially judging whether the root of the right subtree of the N assignment trees is a Boolean variable f, and if the root of the right subtree is not the Boolean variable f, returning to a non-Boolean node, namely the right subtree; if the root of the right subtree is Boolean variable f, f (1, 0) is returned, and the returned right assignment tree S is recorded. And finally, determining S (T, S) as a parent assignment tree corresponding to the parent expression, namely taking the Boolean variable S as a root and taking T and S as assignment trees of left and right subtrees respectively. Preferably, each time a new boolean variable is generated, the intelligent perception process of the machine learning algorithm is invoked, and the boolean variables/boolean expressions are dynamically ordered according to the current assignment tree structure.
The parent assignment tree obtained through the steps has the following characteristics:
1) The tree is a binary tree, and any internal node has left and right subtrees.
2) The internal nodes are all boolean variables/boolean expressions: on any path of the tree, from the root node, except for the leaf nodes, the tree is a boolean variable or boolean expression. The Boolean variables and the Boolean expressions are ordered, and the sequences of the Boolean variables and the Boolean expressions on any path of the assignment tree increase with the increase of depth, but are not necessarily continuous.
3) Leaf nodes are unconditional expressions of non-boolean variables: that is, the leaf node expression is a non-conditional expression, and is a non-boolean expression, and its constituent variables are non-boolean variables.
4) Any path inside, the path leaf node is the assignment expression of the variable, and the path inside node forms a group of constraint relations, which indicates the value expression of the variable under the group of constraint relations. The left subtree of one of the internal nodes constrains the node to take true and the right subtree constrains the node to take false.
The assignment tree model strictly separates the Boolean variable/Boolean expression from the unconditional expression of the non-Boolean variable, and completes assignment condition slicing and refinement processes in transfer relations and mark relations. When the assignment tree model is constructed recursively, the Boolean variable/Boolean expression is dynamically ordered through the intelligent perception process of the machine learning algorithm, and then the assignment tree which is already constructed is dynamically adjusted, so that the finally generated assignment tree model is smaller in scale, state space explosion is prevented, and the time cost of the subsequent verification process is reduced.
In one embodiment, as shown in fig. 5, before step S206, it includes:
step S502: and determining a pre-matching relation between the assignment tree of the historical version and the assignment tree of the current version according to the interface information of the source code of the historical version and the interface information of the source code of the current version.
And starting from a top-level module of the source code of the historical version and the source code of the current version, judging whether the interfaces of the historical version and the interfaces corresponding to the current version are the same according to the parameter types and the parameter numbers of the calling interfaces, if so, establishing a pre-matching relationship between the interface parameter variables in the historical version and the interface parameter variables corresponding to the current version according to the parameter information of the interfaces, so as to obtain the pre-matching relationship between the assignment tree of the historical version and the assignment tree of the current version.
Step S504: judging whether the assignment tree of the history version with the pre-matching relation is substantially matched with the assignment tree of the corresponding current version aiming at each assignment tree of the history version with the pre-matching relation; if yes, go to step S506; if not, go to step S508.
Step S506: and determining the corresponding assignment tree of the current version as a matching object of the assignment tree of the history version with the pre-matching relation.
Step S508: and determining the assignment tree of the history version with the pre-matching relation as an unmatched assignment tree.
And marking all variables in one interface in the history version according to the pre-matching relation. Then, formalized reasoning is carried out on the value tree of the variable and the value tree of the variable corresponding to the variable in the current version for the variable with the mark, namely the variable with the pre-matching relation, so as to obtain the conclusion that the binary matching degree is correct/wrong, and if the binary matching degree is correct, the value tree of the historical version of the variable and the value tree of the current version are established with a matching relation; if the binary matching degree is wrong, the label of the variable is canceled, the variable is regarded as a non-label variable, namely a non-matched variable, and the corresponding assignment tree is regarded as a non-matched assignment tree.
The formalized reasoning process of the above steps is as follows, and equivalence verification is carried out on paths from the root to the leaf nodes of each of the two assignment trees for formalized reasoning, namely whether the two paths are consistent is judged. After all branch paths are finished, the proportion of the paths which are consistent with each other is counted, the binary matching degree is correct when the proportion is higher than a preset threshold value, the binary matching degree is wrong when the proportion is lower than the preset threshold value, and the specific setting of the threshold value can be determined by a person skilled in the art, so that the application is not limited.
Step S510: judging whether the unmatched assignment tree is substantially matched with the most similar assignment tree in the assignment tree of the current version or not according to each unmatched assignment tree; if yes, go to step S512; if not, go to step S514.
Step S512: and determining the most similar assignment tree in the assignment tree of the current version as a matching object of the unmatched assignment tree.
Step S514: and determining the unmatched assignment tree as a unmatched assignment tree.
And comparing the assignment tree corresponding to each unmarked variable in the historical version with the assignment tree corresponding to the variable without the matching relation of the same interface in the current version, and calculating the similarity of the two variables. The similarity calculation method of the two assignment trees, namely the binary tree, can be that the similarity is calculated according to the depth of the two trees and the node type, or the similarity of the two trees is calculated by converting the two trees into a graph, wherein the similarity calculation method of the two assignment trees is not limited, and can be obtained according to own experience by a person skilled in the art. After similarity calculation is carried out, formalized reasoning is carried out on the assignment tree of the unmarked variable and the assignment tree with highest similarity in the current version, a conclusion that the binary matching degree is correct/incorrect is obtained, and if the binary matching degree is correct, a matching relationship is established between the assignment tree of the history version of the unmarked variable and the assignment tree of the current version; if the binary matching degree is wrong, the variable is marked as a variable which does not correspond to the current version, and the corresponding assignment tree is regarded as an unmatched assignment tree.
If the interface calls other interfaces, namely, the sub-model corresponding to the interface is connected with other sub-models, the matching relation obtained from the sub-model corresponding to the interface is transferred to the connected sub-model to be used as the pre-matching relation of the sub-model connected with the interface, and then the steps are carried out.
Two versions of the same hardware design, although there is an iterative update of the version as the functionality increases/modifies, the interfaces of the top-level modules of the design remain substantially (or partially) identical, so that the top-level modules begin to find the pre-match relationship, resulting in a partial pre-match relationship, without comparing one assignment tree in the historical version with each of the assignment trees of the current version, thereby reducing its operational overhead. In addition, due to the fact that some variables are added/deleted, the variables are not matched in another version, whether two variables with the pre-matching relationship are the same or not can be determined through formalized reasoning, and therefore accuracy of subsequent formalized verification is improved.
In one embodiment, as shown in fig. 6, step S206 includes:
step S602: judging whether a minimum Boolean variable exists in a root node of the assignment tree of the historical version and a root node of the assignment tree of the corresponding current version; if yes, go to step S604; if not, go to step S606.
Step S604: and adjusting the history version assignment tree and the corresponding current version assignment tree to take the minimum Boolean variable as a root node, and determining left and right subtrees of the increment tree according to the history version assignment tree and the corresponding current version assignment tree.
Step S606: and determining the increment tree and the type corresponding to the increment tree according to the equivalent relation between the expression represented by the history version assignment tree and the expression represented by the corresponding current version assignment tree.
According to the matching relation between the history version assignment tree and the current version assignment tree, the names of the corresponding variables in the current version assignment tree are replaced, so that the names of the same variable in the history version assignment tree are consistent with the names of the same variable in the current version assignment tree. Of course, it is also possible to choose to change the names of the variables of the history version to the names of the corresponding variables in the current version so that the names of the two are identical.
Then, the following operations are sequentially performed on the assignment tree of the historical version with the matching relation and the assignment tree of the corresponding current version: judging whether a minimum Boolean variable t exists in a root node of a history version assignment tree with a matching relationship and a root node of a corresponding current version assignment tree, if not, carrying out equivalence relation solving on unconditional expressions represented by the two assignment trees, if the unconditional expressions are completely equivalent to each other, returning to an A/A zero increment leaf node, otherwise, returning to an A/B positive increment leaf node, and marking the corresponding increment tree as a positive increment tree; if yes, the two assignment trees are rewritten into a form taking the minimum Boolean variable t as a root, if not, the assignment trees are adjusted into a form taking t as a root, and the left subtree and the right subtree are both in the form of self, and then the following steps are executed for the left subtree of the two assignment trees:
1. Finding out the minimum Boolean variable y in the two root nodes of the two assignment trees, and executing 2 if no minimum Boolean variable y exists at the moment, namely the two assignment trees are leaf nodes A, B; if there is a minimum boolean variable y at this time, then 3 is executed.
2. Constraint solving is carried out on the current path, and if the current path cannot be met, namely the current path cannot be reached, the branch is directly cut off; otherwise, carrying out equivalence relation solving on unconditional expressions represented by the two leaf nodes, returning to the A/A zero increment leaf node if the unconditional expressions are completely equivalent, otherwise, returning to the A/B positive increment leaf node, and marking the corresponding increment tree as a positive increment tree.
3. Constraint solving is carried out on the current path, and if the current path cannot be met, namely the current path cannot be reached, the branch is directly cut off; otherwise, extracting two left subtrees and two right subtrees which take y as roots for the two assignment trees respectively (if the roots of the assignment trees are not y, the left subtree and the right subtree are respectively self); then perform 1 on both left subtrees, record the returned left subtree L. Executing 1 on the two right subtrees, recording the returned right subtree R, and then returning the assignment tree y (L, R).
After the left subtree of the two assignment trees is operated as above, a returned left increment tree T is recorded, the right subtree of the two assignment trees is operated as above, a returned right increment tree S is recorded, and then the increment tree T (T, S) is returned.
When the incremental tree is constructed, unreachable branches are deleted, the incremental tree can be simplified, resources required to be occupied during follow-up formal verification can be reduced, the area which changes during version transition is recorded through the positive incremental leaf node, and the formal verification can be performed based on the area without performing full disk verification during follow-up formal verification, so that the system overhead is reduced, and the verification speed is increased.
In one embodiment, as shown in fig. 7, before step S602, it includes:
s702: and carrying out constraint solving on the path of the history version assignment tree and the path of the corresponding current version assignment tree, and deleting the assignment tree corresponding to the unreachable path when the path of the history version assignment tree or the path of the corresponding current version assignment tree is unreachable.
Because one path leaf node of the assignment tree is the assignment expression of the variable, and the path internal nodes form a group of constraint relations, the value expression of the variable under the group of constraint relations is indicated, so that the corresponding constraint relation can be obtained according to the path where the assignment tree is located, the constraint relation is solved, if the constraint relation is found to be unsatisfied, namely, the path is not reachable, the assignment tree corresponding to the path is deleted, the increment tree can be simplified, and resources required to be occupied in the follow-up formal verification process are reduced.
In one embodiment, as shown in fig. 8, step S208 includes:
step S802: judging whether the positive increment tree accords with a preset safety constraint or not according to each positive increment tree in the increment trees; if yes, go to step S804; if not, go to step S806.
Step S804: and determining an updating path of the increment tree according to the positive increment tree.
Step S806: and determining a counterexample path of the increment tree according to the positive increment tree.
Wherein after the incremental tree is obtained, a security verification module is required to perform security verification on the positive incremental leaf nodes in the positive incremental tree, where the security verification includes, but is not limited to: information flow leakage, unauthorized access, controller configuration errors, component address range coverage, privileged and non-privileged mode transition errors, and the like.
The security verification module can intelligently judge possible security risks according to the context of the incremental tree path, so that corresponding security attributes are set. For example, in multiple paths of the increment tree, all values of the addr variable are formed by multiple boolean variables, then addr can be judged as a selection signal, and accordingly, the attribute related to the coverage of the component address range can be set; in addition, if the state variable is assigned in the increment tree, namely the write operation of the corresponding register, and keywords such as Privilege and the like are arranged in the path of the state variable, the attribute related to the register Privilege and non-Privilege can be set; for example, the information flow leakage attribute can be set by analyzing the propagation relationship of state variables and output mark variables in the increment tree among a plurality of modules.
After the security verification module generates corresponding security attributes according to the context of the increment tree, converting path conditions and security attributes of positive increment nodes in the increment tree into a group of constraint relations, solving an SMT problem through a constraint solving algorithm, further obtaining a conclusion whether the paths violate the security attributes, and providing a counterexample path by the security verification module if the positive increment leaf nodes violate the security attributes; otherwise, the positive delta leaf node is illustrated as a regular functional update, while providing an update path that can be provided to upper layers/users to confirm such an update. Zero delta leaf nodes, which represent that the two versions are consistent in nature, can provide a proof of correctness.
The security attribute is automatically generated through the security verification module, so that manual assignment by a worker is not needed, the burden of the worker can be reduced on one hand, and the use threshold of the worker can be reduced by another scheme, so that formal verification of the source code can be well completed by non-professional personnel. The security verification is carried out on the positive increment leaf node, so that the time required by the security verification and the occupied resources can be greatly reduced, and the large-scale hardware design can be automatically verified, so that the flow of the hardware design is quickened.
Preferably, before step S802, it includes:
and determining a minimum irreducible incremental tree according to the incremental tree, the intelligent propagation module and the reachability analysis module.
The intelligent propagation module is trained based on a machine learning algorithm (including but not limited to a deep learning algorithm such as DQN or a reinforcement learning algorithm), and when the intelligent propagation module propagates, variables and sub-modules needing to be propagated are intelligently selected through multiple dimensions such as comprehensive increment tree depth, the number of positive increment leaf nodes in the increment tree, the number of variable propagation modules and the like. The intelligent propagation module has the following propagation process: starting execution from the top-level module, the variables with small incremental tree depth, small number of positive incremental leaf nodes in the incremental tree and small number of variable propagation modules are preferentially selected, and after the intelligent propagation module selects the positive incremental leaf nodes of the variables to be propagated, intelligent propagation is started. After the training process of machine learning, the intelligent propagation module can find out one of the optimal sub-modules (or other variables in the module) to which the variable can be propagated, and then call the reachability analysis module to perform reachability calculation. The intelligent propagation module is used for intelligent propagation, so that the propagation process can be optimized, and the time complexity of searching is greatly reduced.
The reachability analysis module calculates the reachability of the joint path when a new positive increment node is transmitted to the current module (or when a new positive increment node is transmitted to other variables of the same module), and when the joint path is not reachable, the reachability analysis module can reversely prune, delete the positive increment path from the current node to the transmission starting point, and then start a new round of intelligent transmission process from the variables, namely the intelligent transmission module selects other positive increment nodes of the variables to transmit; and when the joint path is reachable, calling the intelligent propagation module to increase the propagation depth, and continuing to search other variables of the next connection sub-module/the module until the output variable of the top-level module is propagated. It should be noted that the reachability analysis process is on demand. When the positive increment node propagates to some connected sub-modules/other variables of the module, the joint reachability of the variable and the connected module/other variable increment trees of the module needs to be calculated, so that the calculation and memory overhead of reachability analysis are reduced.
After the increment tree is processed by the intelligent propagation module and the reachability analysis module, a minimum irreducible increment tree is obtained, and then the safety verification module is used for carrying out safety verification on the minimum irreducible increment tree, so that resources required by verification are reduced, and a verification result can be obtained more quickly.
In one embodiment, a source code form verification device is provided, as shown in fig. 10, comprising:
the history assignment tree construction module 1010 is configured to construct a history version assignment tree according to a history version source code and a preset state transition model;
the current assignment tree construction module 1020 is configured to construct a current version of assignment tree according to a current version of source code and a preset state transition model;
the incremental tree construction module 1030 is configured to construct an incremental tree according to the historical version of the assignment tree, the current version of the assignment tree, and a matching relationship between the historical version of the assignment tree and the current version of the assignment tree; the method comprises the steps of,
the formal verification module 1040 is configured to perform formal verification on the current version of source code based on the incremental tree.
The process of implementing the respective functions by each module of the source code form verification device may refer to the description of the foregoing embodiment, and will not be repeated herein.
In one embodiment, as shown in fig. 11, there is provided a terminal device, including a memory, and a processor, where the memory stores a computer program that can be executed on the processor, and the processor implements the following steps when executing the computer program:
Constructing a history version assignment tree according to a history version source code and a preset state transition model;
constructing a current version assignment tree according to a current version source code and a preset state transition model;
constructing an increment tree according to the history version assignment tree, the current version assignment tree and the matching relation between the history version assignment tree and the current version assignment tree;
based on the increment tree, formalized verification is performed on the source code of the current version.
In one embodiment, a computer readable storage medium is provided, having a computer program stored thereon, which when executed by a processor causes the processor to perform the steps of:
constructing a history version assignment tree according to a history version source code and a preset state transition model;
constructing a current version assignment tree according to a current version source code and a preset state transition model;
constructing an increment tree according to the history version assignment tree, the current version assignment tree and the matching relation between the history version assignment tree and the current version assignment tree;
Based on the increment tree, formalized verification is performed on the source code of the current version.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present application.
It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in the present description and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
Furthermore, the terms "first," "second," "third," and the like in the description of the present specification and in the appended claims, are used for distinguishing between descriptions and not necessarily for indicating or implying a relative importance. It will also be understood that, although the terms "first," "second," etc. may be used herein in some embodiments of the application to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another element. For example, a first table may be named a second table, and similarly, a second table may be named a first table without departing from the scope of the various described embodiments. The first table and the second table are both tables, but they are not the same table.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
The present application may be implemented by implementing all or part of the procedures in the methods of the embodiments described above, or by instructing the relevant hardware by a computer program, which may be stored in a computer readable storage medium, and which when executed by a processor, may implement the steps of the embodiments of the methods described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a Read-only memory (ROM), a random access memory (Random Access Memory, RAM), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.

Claims (7)

1. A method of source code form verification comprising:
constructing a history version assignment tree according to a history version source code and a preset state transition model;
constructing a current version assignment tree according to a current version source code and a preset state transition model;
Constructing an increment tree according to the history version assignment tree, the current version assignment tree and the matching relation between the history version assignment tree and the current version assignment tree;
formal verification is carried out on the source code of the current version based on the increment tree;
before constructing an incremental tree according to the history version assignment tree, the current version assignment tree and the matching relationship between the history version assignment tree and the current version assignment tree, the incremental tree comprises:
determining a pre-matching relation between a history version assignment tree and a current version assignment tree according to the interface information of the source code of the history version and the interface information of the source code of the current version;
judging whether the assignment tree of the history version with the pre-matching relation is substantially matched with the assignment tree of the corresponding current version aiming at each assignment tree of the history version with the pre-matching relation; if so, determining the corresponding assignment tree of the current version as a matching object of the assignment tree of the history version with the pre-matching relation; if not, determining the assignment tree of the history version with the pre-matching relationship as an unmatched assignment tree;
Judging whether the unmatched assignment tree is substantially matched with the most similar assignment tree in the assignment tree of the current version or not according to each unmatched assignment tree; if yes, determining the most similar assignment tree in the assignment tree of the current version as a matching object of the unmatched assignment tree; if not, determining the unmatched assignment tree as a unmatched assignment tree;
the constructing an incremental tree according to the history version assignment tree, the current version assignment tree, and the matching relationship between the history version assignment tree and the current version assignment tree, includes:
judging whether a minimum Boolean variable exists in a root node of the assignment tree of the historical version and a root node of the assignment tree of the corresponding current version;
if yes, adjusting the history version assignment tree and the corresponding current version assignment tree to take the minimum Boolean variable as a root node, and determining a left subtree and a right subtree of the increment tree according to the history version assignment tree and the corresponding current version assignment tree respectively;
if not, determining the increment tree and the type corresponding to the increment tree according to the equivalent relation between the expression represented by the history version assignment tree and the expression represented by the corresponding current version assignment tree;
The type of the increment tree comprises a positive increment tree;
based on the increment tree, formalizing verification is performed on the source code of the current version, and the formalizing verification comprises the following steps:
judging whether the positive increment tree accords with a preset safety constraint or not according to each positive increment tree in the increment trees;
if yes, determining an updating path of the increment tree according to the positive increment tree;
if not, determining a counterexample path of the increment tree according to the positive increment tree.
2. The source code form verification method of claim 1, wherein constructing a history version assignment tree based on the history version source code and a preset state transition model comprises:
determining variable expressions corresponding to various variables in a preset state transition model of the historical version according to the source code of the historical version and the preset state transition model;
for each variable, determining each sub-expression corresponding to the variable expression according to the variable expression corresponding to the variable;
determining a sub-assignment tree corresponding to the sub-expression according to the sub-expression;
and determining assignment trees corresponding to all variables in a preset state transition model of the historical version according to all sub-assignment trees corresponding to all sub-expressions.
3. The source code formal verification method of claim 2, wherein determining, according to each sub-assignment tree corresponding to each sub-expression, an assignment tree corresponding to each variable in a preset state transition model of the history version comprises:
judging whether a minimum Boolean variable exists in a root node of each sub assignment tree corresponding to each sub expression;
if yes, adjusting each sub-assignment tree corresponding to each sub-expression to take the minimum Boolean variable as a root node, and determining left and right subtrees of assignment trees corresponding to each variable in a preset state transition model of the history version according to left and right subtrees of each sub-assignment tree corresponding to each sub-expression;
and if not, determining the assignment tree corresponding to each variable in the preset state transition model of the history version according to each sub-assignment tree corresponding to each sub-expression.
4. The source code formal verification method of claim 1, wherein prior to said determining whether a minimum boolean variable exists in a root node of said history version assignment tree and a corresponding current version of assignment tree root node, comprises:
And carrying out constraint solving on the path of the history version assignment tree and the path of the corresponding current version assignment tree, and deleting the assignment tree corresponding to the unreachable path when the path of the history version assignment tree or the path of the corresponding current version assignment tree is unreachable.
5. A source code form verification device, comprising:
the history assignment tree construction module is used for constructing an assignment tree of a history version according to a source code of the history version and a preset state transition model;
the current assignment tree construction module is used for constructing a current version assignment tree according to the current version source code and a preset state transition model;
the incremental tree construction module is used for constructing an incremental tree according to the historical version of the assignment tree, the current version of the assignment tree and the matching relationship between the historical version of the assignment tree and the current version of the assignment tree; the method comprises the steps of,
the formal verification module is used for formalizing verification of the current version of source code based on the increment tree;
before constructing an incremental tree according to the history version assignment tree, the current version assignment tree and the matching relationship between the history version assignment tree and the current version assignment tree, the incremental tree comprises:
Determining a pre-matching relation between a history version assignment tree and a current version assignment tree according to the interface information of the source code of the history version and the interface information of the source code of the current version;
judging whether the assignment tree of the history version with the pre-matching relation is substantially matched with the assignment tree of the corresponding current version aiming at each assignment tree of the history version with the pre-matching relation; if so, determining the corresponding assignment tree of the current version as a matching object of the assignment tree of the history version with the pre-matching relation; if not, determining the assignment tree of the history version with the pre-matching relationship as an unmatched assignment tree;
judging whether the unmatched assignment tree is substantially matched with the most similar assignment tree in the assignment tree of the current version or not according to each unmatched assignment tree; if yes, determining the most similar assignment tree in the assignment tree of the current version as a matching object of the unmatched assignment tree; if not, determining the unmatched assignment tree as a unmatched assignment tree;
the constructing an incremental tree according to the history version assignment tree, the current version assignment tree, and the matching relationship between the history version assignment tree and the current version assignment tree, includes:
Judging whether a minimum Boolean variable exists in a root node of the assignment tree of the historical version and a root node of the assignment tree of the corresponding current version;
if yes, adjusting the history version assignment tree and the corresponding current version assignment tree to take the minimum Boolean variable as a root node, and determining a left subtree and a right subtree of the increment tree according to the history version assignment tree and the corresponding current version assignment tree respectively;
if not, determining the increment tree and the type corresponding to the increment tree according to the equivalent relation between the expression represented by the history version assignment tree and the expression represented by the corresponding current version assignment tree;
the type of the increment tree comprises a positive increment tree;
based on the increment tree, formalizing verification is performed on the source code of the current version, and the formalizing verification comprises the following steps:
judging whether the positive increment tree accords with a preset safety constraint or not according to each positive increment tree in the increment trees;
if yes, determining an updating path of the increment tree according to the positive increment tree;
if not, determining a counterexample path of the increment tree according to the positive increment tree.
6. A terminal device, characterized in that it comprises a memory, a processor, on which a computer program is stored which is executable on the processor, the processor executing the computer program to carry out the steps of the method according to any one of claims 1 to 4.
7. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method according to any one of claims 1 to 4.
CN202310501283.7A 2023-05-06 2023-05-06 Source code form verification method, device, equipment and storage medium Active CN116383088B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310501283.7A CN116383088B (en) 2023-05-06 2023-05-06 Source code form verification method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310501283.7A CN116383088B (en) 2023-05-06 2023-05-06 Source code form verification method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN116383088A CN116383088A (en) 2023-07-04
CN116383088B true CN116383088B (en) 2023-09-05

Family

ID=86980827

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310501283.7A Active CN116383088B (en) 2023-05-06 2023-05-06 Source code form verification method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116383088B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9471304B1 (en) * 2015-06-18 2016-10-18 Sap Se Tree-based versioning and merging
CN108345467A (en) * 2017-03-14 2018-07-31 平安科技(深圳)有限公司 The update method and device of edition tree file
CN110245085A (en) * 2019-04-08 2019-09-17 华东师范大学 The embedded real-time operating system verification method and system examined using on-time model
CN111382070A (en) * 2020-03-03 2020-07-07 腾讯科技(深圳)有限公司 Compatibility testing method and device, storage medium and computer equipment
EP4170504A1 (en) * 2021-10-22 2023-04-26 Tata Consultancy Services Limited Method and system for identifying static analysis alarms based on semantics of changed source code

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9471304B1 (en) * 2015-06-18 2016-10-18 Sap Se Tree-based versioning and merging
CN108345467A (en) * 2017-03-14 2018-07-31 平安科技(深圳)有限公司 The update method and device of edition tree file
CN110245085A (en) * 2019-04-08 2019-09-17 华东师范大学 The embedded real-time operating system verification method and system examined using on-time model
CN111382070A (en) * 2020-03-03 2020-07-07 腾讯科技(深圳)有限公司 Compatibility testing method and device, storage medium and computer equipment
EP4170504A1 (en) * 2021-10-22 2023-04-26 Tata Consultancy Services Limited Method and system for identifying static analysis alarms based on semantics of changed source code

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于强化学习的安全协议形式化验证优化研究;黄文超等;《计算机工程》;141-146 *

Also Published As

Publication number Publication date
CN116383088A (en) 2023-07-04

Similar Documents

Publication Publication Date Title
CN109284363A (en) A kind of answering method, device, electronic equipment and storage medium
CN108038183A (en) Architectural entities recording method, device, server and storage medium
CN107145481A (en) Electronic equipment, storage medium, web form fill method and device
CN111309822A (en) User identity identification method and device
CN110866029A (en) sql statement construction method, device, server and readable storage medium
CN117077791A (en) Model reasoning method, device, equipment and medium based on graph data structure
CN115238062A (en) Technical property right matching method and system
CN114462582A (en) Data processing method, device and equipment based on convolutional neural network model
CN114218265A (en) Processing method and device of offline model, storage medium and processor
CN116383088B (en) Source code form verification method, device, equipment and storage medium
CN116703682B (en) Government affair data platform based on deep learning
CN112001483A (en) Method and device for pruning neural network model
CN116992880A (en) Building name identification method, device, electronic equipment and storage medium
CN114693220B (en) Algorithm warehouse management method and system based on digital twin DaaS platform
CN115587111A (en) Radix estimation method and device for database query optimization
CN115577119A (en) Knowledge graph inference model training method, device and storage medium
CN115146022A (en) Computer-implemented method for keyword search in knowledge graph
CN110990426B (en) RDF query method based on tree search
CN113313419A (en) Information system window change risk obtaining method and device
CN112162745B (en) API (application program interface) -based program synthesis method using probability model
CN110209829A (en) Information processing method and device
CN117078270B (en) Intelligent interaction method and device for network product marketing
CN110619047B (en) Method and device for constructing natural language model and readable storage medium
CN105654389A (en) Node similarity-based directed network simplification method
CN116431774A (en) Question answering method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CB03 Change of inventor or designer information

Inventor after: Huang Wenchao

Inventor after: Fu Guilu

Inventor after: Miao Fuyou

Inventor after: Zhang Qian

Inventor after: Wang Wansen

Inventor after: Fang Xianjin

Inventor after: Xiong Feng

Inventor after: Xiong Yan

Inventor before: Huang Wenchao

Inventor before: Fu Guilu

CB03 Change of inventor or designer information