A Specialization Calculus for Pruning Disjunctive Predicates to Support Verification

Chin, Wei-Ngan; Gherghina, Cristian; Voicu, Răzvan; Le, Quang Loc; Craciun, Florin; Qin, Shengchao

doi:10.1007/978-3-642-22110-1_23

Cited by 10 publications

(5 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…HIP verification times are decent, but barrier calls are fairly computationally expensive to verify due to the need to check multiple entailments. We believe that performance can be further improved by adding optimizations to SLEEK in the style of [13]. Since barrier calls are fairly rare in actual code, we believe that the performance of HIP/SLEEK on larger examples will be acceptable.…”

Section: Figure 8: Separation Constraint Entailmentmentioning

confidence: 99%

“…Sleek One of the barrier definitions in barrier.slk is the example barrier given in Figure 1. It took 2,700 (highly tedious) lines of code and 48 seconds of verification time ( Figure 5) to convince Coq that the example barrier definition met the soundness requirements 13 . 13 Techniques such as those developed by Braibant et al [7], Nanevski et al [26], and Gonthier et al [18] can probably eliminate some (but not all) of the tedium of reasoning about the associativity and commutativity of * .…”

Section: Figure 8: Separation Constraint Entailmentmentioning

confidence: 99%

See 1 more Smart Citation

Barriers in Concurrent Separation Logic: Now With Tool Support!

Hobor

Gherghina

2012

Logical Methods in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. We develop and prove sound a concurrent separation logic for Pthreads-style barriers. Although Pthreads barriers are widely used in systems, and separation logic is widely used for verification, there has not been any effort to combine the two. Unlike locks and critical sections, Pthreads barriers enable simultaneous resource redistribution between multiple threads and are inherently stateful, leading to significant complications in the design of the logic and its soundness proof. We show how our logic can be applied to a specific example program in a modular way. Our proofs are machine-checked in Coq. We showcase a program verification toolset that automatically applies the logic rules and discharges the associated proof obligations.

show abstract

Section: Figure 8: Separation Constraint Entailmentmentioning

confidence: 99%

Section: Figure 8: Separation Constraint Entailmentmentioning

confidence: 99%

Barriers in Concurrent Separation Logic: Now With Tool Support!

Hobor

Gherghina

2012

Logical Methods in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…The formalism underlying the pruning process is as follows: given a context ∆ c with its overapproximation π c and a branch ∆ i with its over-approximation π b i , if π c ∧π b i is unsatisfiable, so is ∆ c * ∆ i . Similar to the specialization calculus [15], our unfolding mechanism also prunes infeasible disjuncts while unfolding user-defined predicates. However, the specialization calculus performs exhaustive pruning with multiple unfolding that may be highly costly and redundant compared with our one-step unfolding.…”

Section: Implementation Of Separation Logic Instantiationmentioning

confidence: 99%

Satisfiability Modulo Heap-Based Programs

Sun

Chin

2016

Computer Aided Verification

Self Cite

View full text Add to dashboard Cite

Abstract. In this work, we present a semi-decision procedure for a fragment of separation logic with user-defined predicates and Presburger arithmetic. To check the satisfiability of a formula, our procedure iteratively unfolds the formula and examines the derived disjuncts. In each iteration, it searches for a proof of either satisfiability or unsatisfiability. Our procedure is further enhanced with automatically inferred invariants as well as detection of cyclic proof. We also identify a syntactically restricted fragment of the logic for which our procedure is terminating and thus complete. This decidable fragment is relatively expressive as it can capture a range of sophisticated data structures with non-trivial pure properties, such as size, sortedness and near-balanced. We have implemented the proposed solver and a new system for verifying heap-based programs. We have evaluated our system on benchmark programs from a software verification competition.

show abstract

“…These results suggest that for large code bases, where disjunctive specifications are likely to be used, the verification times can easily become less than satisfactory. Techniques like the one described in [9], where disjunctive formulae are pruned when unfolding shape predicates, can be used to achieve better results. Another approach that can achieve better verification times is to divide the search space in disjoint parts and run the verification in parallel for each of them.…”

Section: Verification Statisticsmentioning

confidence: 99%

Automated verification of the FreeRTOS scheduler in Hip/Sleek

Ferreira

Gherghina

et al. 2014

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

Automated verification of operating system kernels is a challenging problem, partly due to the use of shared mutable data structures. In this paper, we show how we can automatically verify memory safety and functional correctness properties of the task sched-uler component of the FreeRTOS kernel using the verification system Hip/Sleek. We show how some of Hip/Sleek features like user-defined predicates and lemmas make the specifications highly expressive and the verification process viable. To the best of our knowledge , this is the first code-level verification of memory safety and functional correctness properties of the FreeRTOS scheduler. The outcome of our experiment confirms that Hip/Sleek can indeed be used to verify code that is used in production. Moreover, since the properties that we verify are quite general, we envisage that the same approach can be adopted to verify components of other operating systems.

show abstract

A Specialization Calculus for Pruning Disjunctive Predicates to Support Verification

Cited by 10 publications

References 22 publications

Barriers in Concurrent Separation Logic: Now With Tool Support!

Barriers in Concurrent Separation Logic: Now With Tool Support!

Satisfiability Modulo Heap-Based Programs

Automated verification of the FreeRTOS scheduler in Hip/Sleek

Contact Info

Product

Resources

About