63 research outputs found
A Transformational Approach to Resource Analysis with Typed-Norms
In order to automatically infer the resource consumption of programs, analyzers track how data sizes change along a program s execution. Typically, analyzers measure the sizes of data by applying norms which are mappings from data to natural numbers that represent the sizes of the corresponding data. When norms are defined by taking type information into account, they are named typed-norms. The main contribution of this paper is a transformational approach to resource analysis with typed-norms. The analysis is based on a transformation of the program into an intermediate abstract program in which each variable is abstracted with respect to all considered norms which are valid for its type. We also sketch a simple analysis that can be used to automatically infer the required, useful, typed-norms from programs.This work was funded partially by the EU project FP7-ICT-610582 ENVISAGE: Engineering Virtualized Services (http://www.envisage-project.eu) and by the Spanish projects TIN2008-05624 and TIN2012-38137. Raúl Gutiérrez is also partially supported by a Juan de la Cierva Fellowship from the Spanish MINECO, ref. JCI-2012-13528.Albert Albiol, EM.; Genaim, S.; Gutiérrez Gil, R. (2014). A Transformational Approach to Resource Analysis with Typed-Norms. Lecture Notes in Computer Science. 8901:38-53. https://doi.org/10.1007/978-3-319-14125-1_3S38538901Albert, E., Arenas, P., Genaim, S., Gómez-Zamalloa, M., Puebla, G.: Cost Analysis of Concurrent OO Programs. In: Yang, H. (ed.) APLAS 2011. LNCS, vol. 7078, pp. 238–254. Springer, Heidelberg (2011)Albert, E., Arenas, P., Genaim, S., Puebla, G., Zanardini, D.: Cost Analysis of Java Bytecode. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 157–172. Springer, Heidelberg (2007)Albert, E., Arenas, P., Genaim, S., Puebla, G., Zanardini, D.: Removing Useless Variables in Cost Analysis of Java Bytecode. In: Proc. of SAC 2008, pp. 368–375. ACM (2008)Alonso, D., Arenas, P., Genaim, S.: Handling Non-linear Operations in the Value Analysis of COSTA. In: Proc. of BYTECODE 2011. ENTCS, vol. 279, pp. 3–17. Elsevier (2011)Bossi, A., Cocco, N., Fabris, M.: Proving Termination of Logic Programs by Exploiting Term Properties. In: Proc. of TAPSOFT 1991. LNCS, vol. 494, pp. 153–180. Springer (1991)Bruynooghe, M., Codish, M., Gallagher, J., Genaim, S., Vanhoof, W.: Termination Analysis of Logic Programs through Combination of Type-Based norms. TOPLAS 29(2), Art. 10 (2007)Claessen, K., Hughes, J.: QuickCheck: A Lightweight Tool for Random Testing of Haskell Programs. In: Proc. of ICFP 2000, pp. 268–279. ACM (2000)Fähndrich, M.: Static Verification for Code Contracts. In: Cousot, R., Martel, M. (eds.) SAS 2010. LNCS, vol. 6337, pp. 2–5. Springer, Heidelberg (2010)Genaim, S., Codish, M., Gallagher, J.P., Lagoon, V.: Combining Norms to Prove Termination. In: Cortesi, A. (ed.) VMCAI 2002. LNCS, vol. 2294, pp. 123–138. Springer, Heidelberg (2002)Johnsen, E.B., Hähnle, R., Schäfer, J., Schlatte, R., Steffen, M.: ABS: A Core Language for Abstract Behavioral Specification. In: Aichernig, B.K., de Boer, F.S., Bonsangue, M.M. (eds.) Formal Methods for Components and Objects. LNCS, vol. 6957, pp. 142–164. Springer, Heidelberg (2011)King, A., Shen, K., Benoy, F.: Lower-bound Time-complexity Analysis of Logic Programs. In: Proc. of ILPS 1997, pp. 261–275. MIT Press (1997)Serrano, A., Lopez-Garcia, P., Bueno, F., Hermenegildo, M.: Sized Type Analysis for Logic Programs. In: Tech. Comms. of ICLP 2013. Cambridge U. Press (2013) (to appear)Spoto, F., Mesnard, F., Payet, É.: A Termination Analyser for Java Bytecode based on Path-Length. TOPLAS 32(3), Art. 8 (2010)Vallée-Rai, R., Hendren, L., Sundaresan, V., Lam, P., Gagnon, E., Co, P.: Soot - a Java Optimization Framework. In: Proc. of CASCON 1999. pp. 125–135. IBM (1999)Vasconcelos, P.: Space Cost Analysis using Sized Types. Ph.D. thesis, School of CS, University of St. Andrews (2008)Vasconcelos, P.B., Hammond, K.: Inferring Cost Equations for Recursive, Polymorphic and Higher-Order Functional Programs. In: Trinder, P., Michaelson, G.J., Peña, R. (eds.) IFL 2003. LNCS, vol. 3145, pp. 86–101. Springer, Heidelberg (2004)Wegbreit, B.: Mechanical Program Analysis. Commun. ACM 18(9), 528–539 (1975
Scaling Bounded Model Checking By Transforming Programs With Arrays
Bounded Model Checking is one the most successful techniques for finding bugs
in program. However, model checkers are resource hungry and are often unable to
verify programs with loops iterating over large arrays.We present a
transformation that enables bounded model checkers to verify a certain class of
array properties. Our technique transforms an array-manipulating (ANSI-C)
program to an array-free and loop-free (ANSI-C) program thereby reducing the
resource requirements of a model checker significantly. Model checking of the
transformed program using an off-the-shelf bounded model checker simulates the
loop iterations efficiently. Thus, our transformed program is a sound
abstraction of the original program and is also precise in a large number of
cases - we formally characterize the class of programs for which it is
guaranteed to be precise. We demonstrate the applicability and usefulness of
our technique on both industry code as well as academic benchmarks
Exploiting Term Hiding to Reduce Run-time Checking Overhead
One of the most attractive features of untyped languages is the flexibility
in term creation and manipulation. However, with such power comes the
responsibility of ensuring the correctness of these operations. A solution is
adding run-time checks to the program via assertions, but this can introduce
overheads that are in many cases impractical. While static analysis can greatly
reduce such overheads, the gains depend strongly on the quality of the
information inferred. Reusable libraries, i.e., library modules that are
pre-compiled independently of the client, pose special challenges in this
context. We propose a technique which takes advantage of module systems which
can hide a selected set of functor symbols to significantly enrich the shape
information that can be inferred for reusable libraries, as well as an improved
run-time checking approach that leverages the proposed mechanisms to achieve
large reductions in overhead, closer to those of static languages, even in the
reusable-library context. While the approach is general and system-independent,
we present it for concreteness in the context of the Ciao assertion language
and combined static/dynamic checking framework. Our method maintains the full
expressiveness of the assertion language in this context. In contrast to other
approaches it does not introduce the need to switch the language to a (static)
type system, which is known to change the semantics in languages like Prolog.
We also study the approach experimentally and evaluate the overhead reduction
achieved in the run-time checks.Comment: 26 pages, 10 figures, 2 tables; an extension of the paper version
accepted to PADL'18 (includes proofs, extra figures and examples omitted due
to space reasons
Combining Static and Dynamic Contract Checking for Curry
Static type systems are usually not sufficient to express all requirements on
function calls. Hence, contracts with pre- and postconditions can be used to
express more complex constraints on operations. Contracts can be checked at run
time to ensure that operations are only invoked with reasonable arguments and
return intended results. Although such dynamic contract checking provides more
reliable program execution, it requires execution time and could lead to
program crashes that might be detected with more advanced methods at compile
time. To improve this situation for declarative languages, we present an
approach to combine static and dynamic contract checking for the functional
logic language Curry. Based on a formal model of contract checking for
functional logic programming, we propose an automatic method to verify
contracts at compile time. If a contract is successfully verified, dynamic
checking of it can be omitted. This method decreases execution time without
degrading reliable program execution. In the best case, when all contracts are
statically verified, it provides trust in the software since crashes due to
contract violations cannot occur during program execution.Comment: Pre-proceedings paper presented at the 27th International Symposium
on Logic-Based Program Synthesis and Transformation (LOPSTR 2017), Namur,
Belgium, 10-12 October 2017 (arXiv:1708.07854
Guiding Dynamic Symbolic Execution Toward Unverified Program Executions
Most techniques to detect program errors, such as testing, code reviews, and static program analysis, do not fully verify all possible executions of a program. They leave executions unverified when they do not check certain properties, fail to verify properties, or check properties under certain unsound assumptions such as the absence of arithmetic overflow.
In this paper, we present a technique to complement partial verification results by automatic test case generation. In contrast to existing work, our technique supports the common case that the verification results are based on unsound assumptions. We annotate programs to reflect which executions have been verified, and under which assumptions. These annotations are then used to guide dynamic symbolic execution toward unverified program executions. Our main technical contribution is a code instrumentation that causes dynamic symbolic execution to abort tests that lead to verified executions, to prune parts of the search space, and to prioritize tests that cover more properties that are not fully verified. We have implemented our technique for the .NET static analyzer Clousot and the dynamic symbolic execution tool Pex. It produces smaller test suites (by up to 19.2%), covers more unverified executions (by up to 7.1%), and reduces testing time (by up to 52.4%) compared to combining Clousot and Pex without our technique
Channels as Objects in Concurrent Object-Oriented Programming
There is often a sort of a protocol associated to each class, stating when
and how certain methods should be called. Given that this protocol is, if at
all, described in the documentation accompanying the class, current mainstream
object-oriented languages cannot provide for the verification of client code
adherence against the sought class behaviour. We have defined a class-based
concurrent object-oriented language that formalises such protocols in the form
of usage types. Usage types are attached to class definitions, allowing for the
specification of (1) the available methods, (2) the tests clients must perform
on the result of methods, and (3) the object status - linear or shared - all of
which depend on the object's state. Our work extends the recent approach on
modular session types by eliminating channel operations, and defining the
method call as the single communication primitive in both sequential and
concurrent settings. In contrast to previous works, we define a single category
for objects, instead of distinct categories for linear and for shared objects,
and let linear objects evolve into shared ones. We introduce a standard sync
qualifier to prevent thread interference in certain operations on shared
objects. We formalise the language syntax, the operational semantics, and a
type system that enforces by static typing that methods are called only when
available, and by a single client if so specified in the usage type. We
illustrate the language via a complete example.Comment: In Proceedings PLACES 2010, arXiv:1110.385
- …