1 / 30

A specialization calculus for program verification

A specialization calculus for program verification. Cristian Gherghina Joint work with: Wei- Ngan Chin, Razvan Voicu , Quang Loc Le Florin Craciun , Shengchao Qin. TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A. Focus.

corin
Download Presentation

A specialization calculus for program verification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A specialization calculus for program verification CristianGherghina Joint work with: Wei-NganChin, RazvanVoicu, Quang LocLe Florin Craciun, ShengchaoQin TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AA

  2. Focus • Logics with inductive predicates provide an expressive abstraction mechanism • Becoming popular in the field of program analysis • Tricky to efficiently reason with

  3. Folding/Unfolding • Given a predicate definition • Unfolding performance loss • Unfolded states are costlier due to disjunctions Unfolding Folding

  4. Proposal • We introduce a sound and complete calculus to support pruning of infeasible disjuncts • Use predicate specialization. • Benefits: • eagerly discards unsatisfiabledisjuncts • state in abstractedform

  5. Overview • Motivating example • Informal description of the calculus • Predicate Specialization • Annotation inference • Experiments

  6. Motivating Example

  7. Motivation • Consider the entailment: • The LHS unfolds to:

  8. Performance penalties • Unfold operations are followed by costly satisfiabilitychecks • The remaining satisfiabledisjuncts expose considerable information • Detailed information not always needed • Reasoning with larger formulas is inherently costly

  9. Overview • Motivating example • Informal description of the calculus • Predicate Specialization • Correctness • Experiments

  10. Predicate definition changes • Invariant family • Pruning conditions

  11. Entailment - revisited The previous entailment with annotations • Predicate specialization, for list x • Pruning • Invariant enrichment

  12. Entailment - revisited • Predicate specialization, for list y • Pruning • Invariant enrichment

  13. Overview • Motivating example • Informal description of the calculus • Predicate Specialization • Annotation inference • Experiments

  14. Predicate Specialization • Convention: • We will use the term context ( C ) to denote the pure part of the formula • The rationale is that C will be the context in which predicate specialization takes place

  15. Predicate Specialization • Predicate specialization • Aims for • fewer viable branches : L2L1 • fewer possible pruning conditions : R2R1 • stronger context : C1 C2

  16. Predicate Specialization • Given • Pick a pruning condition • Drop the infeasible branches from L • Enrich the context • Drop irrelevant pruning conditions

  17. L={1,2} ; C : ; • From pick: • Contradicts with C : -> such checks can be syntactic • Drop infeasible branches : • Add the invariant of to C C1 : • Drop irrelevant pruning conditions

  18. Irrelevant pruning conditions • Given: • C : • L : {1} • Result:

  19. Predicate specialization gains • Simple implication checks (mostly syntactic) • Considerable drop in formula size after an unfold • Increase in formula information without an unfold

  20. Overview • Motivating example • Informal description of the calculus • Predicate Specialization • Annotation inference • Experiments

  21. Annotation inference • We need a mechanism for computing • Invariant family • Pruning conditions

  22. Inferring the invariant family • Given a predicate definition • Compute fixpoint for the predicate definition • For each possible set of branches compute a conjunctive invariant

  23. Inferring the invariant family (for dll) • Replace recursive points with, the fixpoint of • For each possible subset of the branches:

  24. Inferring the pruning conditions • Given a predicate definition and the invariant families • Compute an approximation of the closure of branch invariants • For each atomic constraint in all closures construct the list of branches in which it appears (by which it is implied)

  25. Inferring the pruning conditions • Compute an approximation of the transitive closure of each branch invariant • Group all branches that imply an atomic constraint

  26. Overview • Motivating example • Informal description of the calculus • Predicate Specialization • Annotation inference • Experiments

  27. Experiments • Added the calculus to a program verifier (HIP) • Verified functional correctness for small and medium-sized programs with moderate complexity. • A benchmark of 17 small programs (7% faster) Singly, doubly, sorted and circular linked lists, selection-sort, insertion- sort, methods for handling heaps an perfect trees • Complex shapes and invariants (12-90% faster) • Red black trees, balanced binary trees, quick sort, merge sort

  28. Conclusions • Presented an effective, sound and complete calculus for predicate specialization • Application of the calculus benefits in two ways: • Keep abstraction, where possible • Improve verification performance by • Pruning unsatisfiabledisjuncts • Propagate invariant constraints • Various optimization techniques (details in paper).

  29. Questions?Thank you!

More Related