Gradual C0: Symbolic Execution for Efficient Gradual Verification

by   Jenna DiVincenzo, et al.

Current static verification techniques such as separation logic support a wide range of programs. However, such techniques only support complete and detailed specifications, which places an undue burden on users. To solve this problem, prior work proposed gradual verification, which handles complete, partial, or missing specifications by soundly combining static and dynamic checking. Gradual verification has also been extended to programs that manipulate recursive, mutable data structures on the heap. Unfortunately, this extension does not reward users with decreased dynamic checking as specifications are refined. In fact, all properties are checked dynamically regardless of any static guarantees. Additionally, no full-fledged implementation of gradual verification exists so far, which prevents studying its performance and applicability in practice. We present Gradual C0, the first practical gradual verifier for recursive heap data structures, which targets C0, a safe subset of C designed for education. To minimize insertion of dynamic checks and support efficiency, Gradual C0 adopts symbolic execution at its core, instead of the backwards reasoning of weakest liberal preconditions used in prior work. Our approach addresses technical challenges related to symbolic execution with imprecise specifications, heap ownership, and branching in both program statements and specification formulas. Finally, we provide the first empirical performance evaluation of a gradual verifier, and found that on average, Gradual C0 decreases run-time overhead between 50-90 approach used in prior work. Further, the worst-case scenarios for performance are predictable and avoidable. This work paves the way towards evaluating gradual verification at scale.


An Approach to Static Performance Guarantees for Programs with Run-time Checks

Instrumenting programs for performing run-time checking of properties, s...

Foundations for Entailment Checking in Quantitative Separation Logic (extended version)

Quantitative separation logic (QSL) is an extension of separation logic ...

Crowbar: Behavioral Symbolic Execution for Deductive Verification of Active Objects

We present the Crowbar tool, a deductive verification system for the ABS...

Exact Separation Logic

Over-approximating (OX) program logics, such as separation logic, are us...

A First Order Logic with Frames

We propose a novel logic, called Frame Logic (FL), that extends first-or...

Program Enhanced Fact Verification with Verbalization and Graph Attention Network

Performing fact verification based on structured data is important for m...

Proving and Disproving Programs with Shared Mutable Data

We present a tool for verification of deterministic programs with shared...

Please sign up or login with your details

Forgot password? Click here to reset