Contract-Based Resource Verification for Higher-Order Functions with Memoization

We present a new approach for specifying and verifying resource utilization of higher-order functional programs that use lazy evaluation and memoization. In our approach, users can specify the desired resource bound as templates with numerical holes e.g. as steps <= ? not asymptotic to size(l) + ? in the contracts of functions. They can also express invariants necessary for establishing the bounds that may depend on the state of memoization. Our approach operates in two phases: first generating an instrumented first-order program that accurately models the higher-order control flow and the effects of memoization on resources using sets, algebraic datatypes and mutual recursion, and then verifying the contracts of the first-order program by producing verification conditions of the form there exists for all using an extended assume/guarantee reasoning. We use our approach to verify precise bounds on resources such as evaluation steps and number of heap-allocated objects on 17 challenging data structures and algorithms. Our benchmarks, comprising of 5K lines of functional Scala code, include lazy mergesort, Okasaki's real-time queue and deque data structures that rely on aliasing of references to first-class functions; lazy data structures based on numerical representations such as the conqueue data structure of Scala's data-parallel library, cyclic streams, as well as dynamic programming algorithms such as knapsack and Viterbi. Our evaluations show that when averaged over all benchmarks the actual runtime resource consumption is 80% of the value inferred by our tool when estimating the number of evaluation steps, and is 88% for the number of heap-allocated objects

Verifying Resource Bounds of Programs with Lazy Evaluation and Memoization

We present a new approach for specifying and verifying resource utilization of higher-order functional programs that use lazy eval- uation and memoization. In our approach, users can specify the desired resource bound as templates with numerical holes e.g. as steps ≤ ? ∗ size(l) + ? in the contracts of functions. They can also express invariants necessary for establishing the bounds that may depend on the state of memoization. Our approach operates in two phases: first generating an instrumented first-order program that ac- curately models the higher-order control flow and the effects of memoization on resources using sets, algebraic datatypes and mu- tual recursion, and then verifying the contracts of the first-order program by producing verification conditions of the form ∃∀ using an extended assume/guarantee reasoning. We use our approach to verify precise bounds on resources such as evaluation steps and number of heap-allocated objects on 17 challenging data struc- tures and algorithms. Our benchmarks, comprising of 5K lines of functional Scala code, include lazy mergesort, Okasaki’s real-time queue and deque data structures that rely on aliasing of references to first-class functions; lazy data structures based on numerical rep- resentations such as the conqueue data structure of Scala’s data- parallel library, cyclic streams, as well as dynamic programming algorithms such as knapsack and Viterbi. Our evaluations show that when averaged over all benchmarks the actual runtime resource consumption is 80% of the value inferred by our tool when esti- mating the number of evaluation steps, and is 88% for the number of heap-allocated objects

Algorithmic Resource Verification

Static estimation of resource utilisation of programs is a challenging and important problem with numerous applications. In this thesis, I present new algorithms that enable users to specify and verify their desired bounds on resource usage of functional programs. The resources considered are algorithmic resources such as the number of steps needed to evaluate a program (steps) and the number of objects allocated in the memory (alloc). These resources are agnostic to the runtimes on which the programs are executed yet provide a concrete estimate of the resource usage of an implementation. Our system is designed to handle sophisticated functional programs that use recursive functions, datatypes, closures, memoization and lazy evaluation. In our approach, users can specify in the contracts of functions an upper bound they expect to hold on the resource usages of the functions. The upper bounds can be expressed as templates with numerical holes. For example, a bound steps †?*size(inp)+? denotes that the number of evaluation steps is linear in the size of the input. The templates can be seamlessly combined with correctness invariants or preconditions necessary for establishing the bounds. Furthermore, the resource templates and invariants are allowed to use recursive and first-class functions as well as other features of the language. Our approach for verifying such resource templates operates in two phases. It first reduces the problem of resource inference to invariant inference by synthesizing an instrumented first-order program that accurately models the resource usage of the program components, the higher-order control flow and the effects of memoization, using algebraic datatypes, sets and mutual recursion. The approach solves the synthesized first-order program by producing verification conditions of the form exists-forall using a modular assume/guarantee reasoning. The verification conditions are solved using a novel counterexample-driven algorithm capable of discovering strongest resource bounds belonging to the given template. I present the results of using our system to verify upper bounds on the usage of algorithmic resources that correspond to sequential and parallel execution times, as well as heap and stack memory usage. The system was evaluated on several benchmarks that include advanced functional data structures and algorithms such as balanced trees, meldable heaps, Okasakiâs lazy data structures, dynamic programming algorithms, and also compiler phases like optimizers and parsers. The evaluations show that the system is able to infer hard, nonlinear resource bounds that are beyond the capability of the existing approaches. Furthermore, the evaluations presented in this dissertation show that, when averaged over many benchmarks, the resource consumption measured at runtime is 80% of the value inferred by the system statically when estimating the number of evaluation steps and is 88% when estimating the number of heap allocations

gbeta - a Language with Virtual Attributes, Block Structure, and Propagating, Dynamic Inheritance

A language design development process is presented which leads to a language, gbeta, with a tight integration of virtual classes, general block structure, and a multiple inheritance mechanism based on coarse-grained structural type equivalence. From this emerges the concept of propagating specialization. The power lies in the fact that a simple expression can have far-reaching but well-organized consequences, e.g., in one step causing the combination of families of classes, then by propagation the members of those families, and finally by propagation the methods of the members. Moreover, classes are first class values which can be constructed at run-time, and it is possible to inherit from classes whether or not they are compile-time constants, and whether or not they were created dynamically. It is also possible to change the class and structure of an existing object at run-time, preserving object identity. Even though such dynamism is normally not seen in statically type-checked languages, these constructs have been integrated without compromising the static type safety of the language