Gradual C0: Symbolic Execution for Gradual Verification
arxiv(2022)
摘要
Current static verification techniques support a wide range of programs.
However, such techniques only support complete and detailed specifications,
which places an undue burden on users. To solve this problem, prior work
proposed gradual verification, which handles complete, partial, or missing
specifications by soundly combining static and dynamic checking. Gradual
verification has also been extended to programs that manipulate recursive,
mutable data structures on the heap. Unfortunately, this extension does not
reward users with decreased dynamic checking as specifications are refined. In
fact, all properties are checked dynamically regardless of any static
guarantees. Additionally, no full-fledged implementation of gradual
verification exists so far, which prevents studying its performance and
applicability in practice.
We present Gradual C0, the first practicable gradual verifier for recursive
heap data structures, which targets C0, a safe subset of C designed for
education. Static verifiers supporting separation logic or implicit dynamic
frames use symbolic execution for reasoning; so Gradual C0, which extends one
such verifier, adopts symbolic execution at its core instead of the weakest
liberal precondition approach used in prior work. Our approach addresses
technical challenges related to symbolic execution with imprecise
specifications, heap ownership, and branching in both program statements and
specification formulas. We also deal with challenges related to minimizing
insertion of dynamic checks and extensibility to other programming languages
beyond C0. Finally, we provide the first empirical performance evaluation of a
gradual verifier, and found that on average, Gradual C0 decreases run-time
overhead between 11-34
work. Further, the worst-case scenarios for performance are predictable and
avoidable.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要