Diffy: Inductive Reasoning of Array Programs Using Difference Invariants

Chakraborty, Supratik; Gupta, Ashutosh; Unadkat, Divyesh

doi:10.1007/978-3-030-81688-9_42

Cited by 11 publications

(10 citation statements)

References 50 publications

(62 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Yet another approach uses mathematical induction-based techniques to reason about array-manipulating programs with loops. [16] verify the validity of a given parameterized Hoare triple where the length of array N is used as a parameter of the pre-and post-condition.…”

Section: Related Workmentioning

confidence: 99%

SMT-Based Translation Validation for Machine Learning Compiler

Bang

SeungHyeon

Chun

et al. 2022

Computer Aided Verification

View full text Add to dashboard Cite

Machine learning compilers are large software containing complex transformations for deep learning models, and any buggy transformation may cause a crash or silently bring a regression to the prediction accuracy and performance. This paper proposes an SMT-based translation validation framework for Multi-Level IR (MLIR), a compiler framework used by many deep learning compilers. It proposes an SMT encoding tailored for translation validation that is an over-approximation of the FP arithmetic and reduction operations. It performs abstraction refinement if validation fails. We also propose a new approach for encoding arithmetic properties of reductions in SMT. We found mismatches between the specification and implementation of MLIR, and validated high-level transformations for , , and with proper splitting.

show abstract

Section: Related Workmentioning

confidence: 99%

SMT-Based Translation Validation for Machine Learning Compiler

Bang

SeungHyeon

Chun

et al. 2022

Computer Aided Verification

View full text Add to dashboard Cite

show abstract

“…Most notably, we analyze programs with only non-nested loops. We have designed a variant of the full-program induction technique [39] that can verify a class of programs with nested loops. The technique greatly simplifies the computation of difference programs.…”

Section: Limitationsmentioning

confidence: 99%

“…It infers and uses relations between two slightly different versions of the program during the inductive step. We refer the interested reader to [39].…”

Section: Limitationsmentioning

confidence: 99%

Full-program induction: verifying array programs sans loop invariants

Chakraborty

Gupta²,

Unadkat³

2022

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

Arrays are commonly used in a variety of software to store and process data in loops. Automatically proving safety properties of such programs that manipulate arrays is challenging. We present a novel verification technique, called full-program induction, for proving (a sub-class of) quantified as well as quantifier-free properties of programs manipulating arrays of parametric size N . Instead of inducting over individual loops, our technique inducts over the entire program (possibly containing multiple loops) directly via the program parameter N . The technique performs non-trivial transformations of the given program and pre-conditions during the inductive step. The transformations assist in effectively reducing the assertion checking problem by transforming a program with multiple loops to a program which has fewer and simpler loops or is loop-free. Significantly, full-program induction does not require generation or use of loop-specific invariants.To assess the efficacy of our technique, we have developed a prototype tool called Vajra. We demonstrate the performance of Vajra vis-a-vis several state-of-the-art tools on a large set of array manipulating benchmarks from the international software verification competition (SV-COMP) and on several programs inspired by algebraic functions that perform polynomial computations.

show abstract

“…Note that these restrictions still allow a large class of programs with nested loops to be analyzed using our technique that simply cannot be analyzed using stateof-the-art tools. Refer to [13] for further generalization of nested loops supported by our technique. The peel of such a generic loop is shown in Fig.…”

Section: A3: Generation Of the Difference Invariantmentioning

confidence: 99%

“…We use the SMT solver Z3(v4.8.7) [39] for proving Hoare triples of loop-free programs. Diffy and the supporting data to replicate the experiments are openly available at [14].…”

Section: Experimental Evaluationmentioning

confidence: 99%

Diffy: Inductive Reasoning of Array Programs using Difference Invariants

Chakraborty¹,

Gupta²,

Unadkat³

2021

Preprint

Self Cite

View full text Add to dashboard Cite

We present a novel verification technique to prove interesting properties of a class of array programs with a symbolic parameter N denoting the size of the array. The technique relies on constructing two slightly different versions of the program. It infers difference relations between the corresponding variables at key control points of the joint control-flow graph of the two program versions. The inferred difference invaraints are agnostic of the post-condition to be proved and are typically much simpler than the inductive invariants needed for proving the post-condition directly. We formulate a new technique to prove the desired post-condition by inducting on the program parameter N , in which the difference invariants are crucially used in the key inductive step. This contrasts with classical techniques that rely on finding potentially complex loop invaraints for each loop in the program. Our synergistic combination of inductive reasoning and finding simple difference invariants helps prove properties of programs that cannot be proved even by the winner of Arrays sub-category from SV-COMP 2021. We have implemented a prototype tool called Diffy to demonstrate these ideas. We show the results on a set of benchmarks and compare its performance vis-a-vis state-of-the-art tools for verifying array programs.

show abstract

Diffy: Inductive Reasoning of Array Programs Using Difference Invariants

Cited by 11 publications

References 50 publications

SMT-Based Translation Validation for Machine Learning Compiler

SMT-Based Translation Validation for Machine Learning Compiler

Full-program induction: verifying array programs sans loop invariants

Diffy: Inductive Reasoning of Array Programs using Difference Invariants

Contact Info

Product

Resources

About