Small Witnesses for Abstract Interpretation-Based Proofs

Besson, Frédéric; Jensen, Thomas; Turpin, Tiphaine

doi:10.1007/978-3-540-71316-6_19

Cited by 10 publications

(8 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While this paper was being reviewed, Besson et al [2007] have independently considered the problem of weakening abstraction interpretation results and developed an approach similar to our abstract value slicer. However, the focus of their work is slightly different from ours.…”

Section: Resultsmentioning

confidence: 99%

Goal-directed weakening of abstract interpretation results

Seo

Yang

et al. 2007

ACM Trans. Program. Lang. Syst.

View full text Add to dashboard Cite

One proposal for automatic construction of proofs about programs is to combine Hoare logic and abstract interpretation. Constructing proofs is in Hoare logic. Discovering programs' invariants is done by abstract interpreters.One problem of this approach is that abstract interpreters often compute invariants that are not needed for the proof goal. The reason is that the abstract interpreter does not know what the proof goal is, so it simply tries to find as strong invariants as possible. These unnecessary invariants increase the size of the constructed proofs. Unless the proof-construction phase is notified which invariants are not needed, it blindly proves all the computed invariants.In this article, we present a framework for designing algorithms, called abstract-value slicers, that slice out unnecessary invariants from the results of forward abstract interpretation. The framework provides a generic abstract-value slicer that can be instantiated into a slicer for a particular abstract interpretation. Such an instantiated abstract-value slicer works as a postprocessor to an abstract interpretation in the whole proof-construction process, and notifies to the Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or direct commercial advantage and that copies show this notice on the first page or initial screen of a display along with the full citation. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, to redistribute to lists, or to use any component of this work in other works requires prior specific permission and/or a fee. Permissions may be requested from Publications Dept., ACM, Inc., 2 Penn Plaza, Suite 701, New York, NY 10121-0701 USA, fax +1 ( next proof-construction phase which invariants it does not have to prove. Using the framework, we designed an abstract-value slicer for an existing relational analysis and applied it on programs. In this experiment, the slicer identified 62%-81% of the computed invariants as unnecessary, and resulted in 52%-84% reduction in the size of constructed proofs.

show abstract

Section: Resultsmentioning

confidence: 99%

Goal-directed weakening of abstract interpretation results

Seo

Yang

et al. 2007

ACM Trans. Program. Lang. Syst.

View full text Add to dashboard Cite

show abstract

“…Significant infrastructure is needed to support PCC, including inference rules for reasoning about code, a formal language for expressing safety properties and proofs, and an algorithm for checking a program and its safety proof. Most research on PCC focuses on reducing the size of proofs [4] and generalizing the kinds of properties that can be proved [1,19]. In contrast, SCC-based certification can be implemented by making modest changes to existing modelchecking technologies.…”

Section: Related Workmentioning

confidence: 97%

Search-carrying code

Taleghani

Atlee

2010

Proceedings of the IEEE/ACM International Conference on Automated Software Engineering

View full text Add to dashboard Cite

In this paper, we introduce a model-checking-based certification technique called search-carrying code (SCC). SCC is an adaptation of the principles of proof-carrying code, in which program certification is reduced to checking a provided safety proof. In SCC, program certification is an efficient re-examination of a program's state space. A code producer, who offers a program for use, provides a search script that encodes a search of the program's state space. A code consumer, who wants to certify that the program fits her needs, uses the search script to direct how a model checker searches the program's state space.Basic SCC achieves slight reductions in certification time, but it can be optimized in two important ways. (1) When a program comes from a trusted source, SCC certification can forgo authenticating the provided search script and instead optimize for speed of certification.(2) The search script can be partitioned into multiple partial certification tasks of roughly equal size, which can be performed in parallel. Using parallel model checking, we reduce the certification times by a factor of up to n, for n processors. When certifying a program from a trusted source, we reduce the certification times by a factor of up to 5n, for n processors.

show abstract

“…The advantages are twofold: invariants to check are smaller and their verification cheaper. We have applied the technique described in [5] for pruning constraint-based invariants, with some adaptations to deal with the interprocedural aspects of our polyhedral analysis. The algorithm is not described here for space reasons but can be found in the companion report [4].…”

Section: Implementation and Experimentsmentioning

confidence: 99%

Certified Result Checking for Polyhedral Analysis of Bytecode Programs

Besson

Jensen

Pichardie

et al. 2010

Trustworthly Global Computing

Self Cite

View full text Add to dashboard Cite

Abstract. Static analysers are becoming so complex that it is crucial to ascertain the soundness of their results in a provable way. In this paper we develop a certified checker in Coq that is able to certify the results of a polyhedral array-bound analysis for an imperative, stack-oriented bytecode language with procedures, arrays and global variables. The checker uses, in addition to the analysis result, certificates which at the same time improve efficiency and make correctness proofs much easier. In particular, our result certifier avoids complex polyhedral computations such as convex hulls and is using easily checkable inclusion certificates based on Farkas lemma. Benchmarks demonstrate that our approach is effective and produces certificates that can be efficiently checked not only by an extracted Caml checker but also directly in Coq.

show abstract

Small Witnesses for Abstract Interpretation-Based Proofs

Cited by 10 publications

References 16 publications

Goal-directed weakening of abstract interpretation results

Goal-directed weakening of abstract interpretation results

Search-carrying code

Certified Result Checking for Polyhedral Analysis of Bytecode Programs

Contact Info

Product

Resources

About