A Deductive Reasoning Approach for Database Applications using Verification Conditions
I. Alam, R. Halder, and J. S. Pinto. Journal of Systems and Software, 175:110903, 2021. Elsevier
This paper proposes a comprehensive set of Verification Condition (VCs) generation techniques from database programs, adapting Symbolic Execution, Conditional Normal Form, and Weakest Precondition. The validity checking of the generated VCs for a database program determines its correctness w.r.t. the annotated database properties. The developed prototype DBverify based on our theoretical foundation allows us to instantiate VC generation from PL/SQL codes, yielding a detailed performance analysis of the three approaches under different circumstances. With respect to the literature, the proposed approach shows its ability to support crucial SQL features (aggregate functions, nested queries, NULL values, and set operations) and the embedding of SQL codes within a host imperative language. For the chosen set of benchmark PL/SQL codes annotated with relevant properties of interest, our experiment shows that only 38% of procedures are correct, while 62% violate either all or part of the annotated properties. The latter is mostly due to the acceptance of runtime inputs in SQL statements without proper checking.