Backing up Slicing: Verifying the Interprocedural Two-Phase Horwitz-Reps-Binkley Slicer

Slicing is a widely-used technique with applications in e.g. compiler technology and software security. Thus verification of algorithms in these areas is often based on the correctness of slicing, which should ideally be proven independent of concrete programming languages and with the help of well-known verifying techniques such as proof assistants. After verifying static intraprocedural and dynamic slicing [3], we focus now on the sophisticated interprocedural two-phase Horwitz-RepsBinkley slicer [1], including summary edges which were added in [2]. Again, abstracting from concrete syntax we base our work on a graph representation of the program fulfilling certain structural and well-formedness properties. The framework is instantiated with a simple While language with procedures, showing its validity. 0.1 Auxiliary lemmas theory AuxLemmas imports Main begin Lemma concerning maps and @ lemma map-append-append-maps: assumes map:map f xs = ys@zs obtains xs ′ xs ′′ where map f xs ′ = ys and map f xs ′′ = zs and xs=xs ′@xs ′′ by (metis append-eq-conv-conj append-take-drop-id assms drop-map take-map that) Lemma concerning splitting of lists lemma path-split-general : assumes all :∀ zs. xs 6= ys@zs obtains j zs where xs = (take j ys)@zs and j < length ys and ∀ k > j . ∀ zs ′. xs 6= (take k ys)@zs ′ proof(atomize-elim) from 〈∀ zs. xs 6= ys@zs〉 show ∃ j zs. xs = take j ys @ zs ∧ j < length ys ∧ (∀ k>j . ∀ zs ′. xs 6= take k ys @ zs ′)