176 research outputs found
Amortised resource analysis for object-oriented programs
As software systems rise in size and complexity, the need for verifying some of their properties
increases. One important property to be verified is the resource usage, i.e. how many resources the program will need for its execution, where resources include execution time, memory,
power, etc. Resource usage analysis is important in many areas, in particular embedded systems
and cloud computing. Thus, resource analysis has been widely researched and some different
approaches to this have been proposed based in particular on recurrence solving, abstract
interpretation and amortised analysis.
In the amortised analysis technique, a nonnegative number, called potential, is assigned to a data structure. The amortised cost of operations is then defined by its actual cost plus the difference in potential of the data structure before and after performing the operation.
Amortised analysis has been used for automatic resource analysis of functional and object-oriented programs. The potentials are defined using refined types and typing rules then ensure that potential and actual resource usage is accounted for correctly. The automatic inference of the potential functions can then be achieved by type inference.
In the case of functional programs, the structure of the types is known. Thus, type inference can be
reduced to solving linear arithmetic constraints. For object-oriented programs, however, the refined
types are more complicated because of the general nature of objects: they can be used to define any
data structure. Thus, the type inference must discover not only the potential functions for the data structure but also the data structures themselves. Other features of object-oriented programs that complicate the analysis are aliasing and imperative update. Hofmann and Jost presented in 2006 a type system for amortised heap-space analysis of object-oriented programs, called Resource Aware JAva (RAJA). However, they left the problem of type inference open.
In this thesis we present a type inference algorithm for the RAJA system. We were able to reduce the type inference problem to the novel problem of satisfiability of arithmetic constraints over infinite trees and we developed a heuristic algorithm for satisfiability of these constraints. We proved the soundness of the type inference algorithm and developed an OCaml implementation and experimental evaluation that shows that we can compute linear upper-bounds to the heap-space requirements of many programs, including sorting algorithms for lists such as insertion sort and merge sort and also programs that contain different interacting objects that describe real-life scenarios like a bank account.
Another contribution of this thesis is a type checking algorithm for the RAJA system that is useful for verifying the types discovered by the type inference by using the \emph{proof carrying code} technology
Memory usage verification using Hip/Sleek.
Embedded systems often come with constrained memory footprints. It is therefore essential to ensure that software running on such platforms fulfils memory usage specifications at compile-time, to prevent memory-related software failure after deployment. Previous proposals on memory usage verification are not satisfactory as they usually can only handle restricted subsets of programs, especially when shared mutable data structures are involved. In this paper, we propose a simple but novel solution. We instrument programs with explicit memory operations so that memory usage verification can be done along with the verification of other properties, using an automated verification system Hip/Sleek developed recently by Chin et al.[10,19]. The instrumentation can be done automatically and is proven sound with respect to an underlying semantics. One immediate benefit is that we do not need to develop from scratch a specific system for memory usage verification. Another benefit is that we can verify more programs, especially those involving shared mutable data structures, which previous systems failed to handle, as evidenced by our experimental results
Amortised resource analysis with separation logic
Type-based amortised resource analysis following Hofmann and Jost—where resources are associated with individual elements of data structures and doled out to the programmer under a linear typing discipline—have been successful in providing concrete resource bounds for functional programs, with good support for inference. In this work we translate the idea of amortised resource analysis to imperative languages by embedding a logic of resources, based on Bunched Implications, within Separation Logic. The Separation Logic component allows us to assert the presence and shape of mutable data structures on the heap, while the resource component allows us to state the resources associated with each member of the structure. We present the logic on a small imperative language with procedures and mutable heap, based on Java bytecode. We have formalised the logic within the Coq proof assistant and extracted a certified verification condition generator. We demonstrate the logic on some examples, including proving termination of in-place list reversal on lists with cyclic tails
Polynomial Size Analysis of First-Order Shapely Functions
We present a size-aware type system for first-order shapely function
definitions. Here, a function definition is called shapely when the size of the
result is determined exactly by a polynomial in the sizes of the arguments.
Examples of shapely function definitions may be implementations of matrix
multiplication and the Cartesian product of two lists. The type system is
proved to be sound w.r.t. the operational semantics of the language. The type
checking problem is shown to be undecidable in general. We define a natural
syntactic restriction such that the type checking becomes decidable, even
though size polynomials are not necessarily linear or monotonic. Furthermore,
we have shown that the type-inference problem is at least semi-decidable (under
this restriction). We have implemented a procedure that combines run-time
testing and type-checking to automatically obtain size dependencies. It
terminates on total typable function definitions.Comment: 35 pages, 1 figur
Automated Amortised Analysis
Steffen Jost researched a novel static program analysis that automatically infers formally guaranteed upper bounds on the use of compositional quantitative resources. The technique is based on the manual amortised complexity analysis. Inference is achieved through a type system
annotated with linear constraints. Any solution to the collected constraints yields the coefficients of a formula, that expresses an upper bound on the resource consumption of a program through the sizes of its various inputs.
The main result is the formal soundness proof of the proposed analysis for a functional language. The strictly evaluated language features higher-order types, full mutual recursion, nested data types, suspension of evaluation, and can deal with aliased data. The presentation focuses on heap space bounds. Extensions allowing the inference of bounds on stack space usage and worst-case execution time
are demonstrated for several realistic program examples. These bounds were inferred by the created generic implementation of the technique. The implementation is highly efficient, and solves even large examples within seconds.Steffen Jost stellt eine neuartige statische Programmanalyse vor, welche vollautomatisch Schranken an den Verbrauch quantitativer Ressourcen berechnet. Die Grundidee basiert auf der Technik der Amortisierten Komplexitätsanalyse, deren nicht-triviale Automatisierung durch ein erweitertes Typsystem erreicht wird. Das Typsystem berechnet als Nebenprodukt ein lineares Gleichungssystem, dessen Lösungen Koeffizienten für lineare Formeln liefern. Diese Formeln stellen garantierte obere Schranken an den Speicher- oder Zeitverbrauch des analysierten Programms dar, in Abhängigkeit von den verschiedenen Eingabegrößen des Programms. Die Relevanz der einzelnen Eingabegrößen auf den Ressourcenverbrauch
wird so deutlich beziffert.
Die formale Korrektheit der Analyse wird für eine funktionale Programmiersprache bewiesen. Die strikte Sprache erlaubt: Typen höherer Ordnung, volle Rekursion, verschachtelte Datentypen, explizites Aufschieben der Auswertung und Aliasing. Die formale Beschreibung der Analyse befasst sich primär mit dem Verbrauch von dynamischen Speicherplatz. Für eine Reihe von realistischen Programmbeispielen wird demonstriert, dass die angefertigte generische Implementation auch gute Schranken an den Verbrauch von Stapelspeicher und der maximalen Ausführungszeit ermitteln kann. Die Analyse ist sehr effizient implementierbar, und behandelt auch größere Beispielprogramme vollständig in wenigen Sekunden
On Verifying Resource Contracts using Code Contracts
In this paper we present an approach to check resource consumption contracts
using an off-the-shelf static analyzer.
We propose a set of annotations to support resource usage specifications, in
particular, dynamic memory consumption constraints. Since dynamic memory may be
recycled by a memory manager, the consumption of this resource is not monotone.
The specification language can express both memory consumption and lifetime
properties in a modular fashion.
We develop a proof-of-concept implementation by extending Code Contracts'
specification language. To verify the correctness of these annotations we rely
on the Code Contracts static verifier and a points-to analysis. We also briefly
discuss possible extensions of our approach to deal with non-linear
expressions.Comment: In Proceedings LAFM 2013, arXiv:1401.056
Arrays and References in Resource Aware ML
This article introduces a technique to accurately perform static prediction of resource usage for ML-like functional programs with references and arrays. Previous research successfully integrated the potential method of amortized analysis with a standard type system to automatically derive parametric resource bounds. The analysis is naturally compositional and the resource consumption of functions can be abstracted using potential-annotated types. The soundness theorem of the analysis guarantees that the derived bounds are correct with respect to the resource usage defined by a cost semantics. Type inference can be efficiently automated using off-the-shelf LP solvers, even if the derived bounds are polynomials. However, side effects and aliasing of heap references make it notoriously difficult to derive bounds that depend on mutable structures, such as arrays and references. As a result, existing automatic amortized analysis systems for ML-like programs cannot derive bounds for programs whose resource consumption depends on data in such structures. This article extends the potential method to handle mutable structures with minimal changes to the type rules while preserving the stated advantages of amortized analysis. To do so, we introduce a swap operation for references and arrays that users can use to make programs suitable for automatic analysis. We prove the soundness of the analysis introducing a potential-annotated memory typing, which gathers all unique locations reachable from a reference. Apart from the design of the system, the main contribution is the proof of soundness for the extended analysis system
Type-Based Analysis of Logarithmic Amortised Complexity
We introduce a novel amortised resource analysis couched in a type-and-effect
system. Our analysis is formulated in terms of the physicist's method of
amortised analysis, and is potential-based. The type system makes use of
logarithmic potential functions and is the first such system to exhibit
*logarithmic amortised complexity*. With our approach we target the automated
analysis of self-adjusting data structures, like splay trees, which so far have
only manually been analysed in the literature. In particular, we have
implemented a semi-automated prototype, which successfully analyses the zig-zig
case of *splaying*, once the type annotations are fixed.Comment: 35 pages. arXiv admin note: text overlap with arXiv:1807.0824
- …