Rahul Sharma, Eric Schkufza, Berkeley Churchill, Alex Aiken.

Slides:



Advertisements
Similar presentations
A Polynomial-Time Algorithm for Global Value Numbering SAS 2004 Sumit Gulwani George C. Necula.
Advertisements

Program Analysis using Random Interpretation Sumit Gulwani UC-Berkeley March 2005.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Termination Proofs from Tests
Automated Verification with HIP and SLEEK Asankhaya Sharma.
Satisfiability Modulo Theories (An introduction)
50.530: Software Engineering Sun Jun SUTD. Week 10: Invariant Generation.
1 Regression-Verification Benny Godlin Ofer Strichman Technion.
1 1 Regression Verification for Multi-Threaded Programs Sagar Chaki, SEI-Pittsburgh Arie Gurfinkel, SEI-Pittsburgh Ofer Strichman, Technion-Haifa Originally.
Software Engineering & Automated Deduction Willem Visser Stellenbosch University With Nikolaj Bjorner (Microsoft Research, Redmond) Natarajan Shankar (SRI.
1 Translation Validation: From Simulink to C Michael RyabtsevOfer Strichman Technion, Haifa, Israel Acknowledgement: sponsored by a grant from General.
SymDiff: Leveraging Program Verification for Comparing Programs Shuvendu Lahiri Research in Software Engineering (RiSE), Microsoft Research, Redmond Contributors:
Rahul Sharma, Saurabh Gupta, Bharath Hariharan, Alex Aiken, and Aditya Nori (Stanford, UC Berkeley, Microsoft Research India) Verification as Learning.
Linear Obfuscation to Combat Symbolic Execution Zhi Wang 1, Jiang Ming 2, Chunfu Jia 1 and Debin Gao 3 1 Nankai University 2 Pennsylvania State University.
Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.
Technology from seed Automatic Synthesis of Weakest Preconditions for Compiler Optimizations Nuno Lopes Advisor: José Monteiro.
Rahul Sharma Işil Dillig, Thomas Dillig, and Alex Aiken Stanford University Simplifying Loop Invariant Generation Using Splitter Predicates.
Discovering Affine Equalities Using Random Interpretation Sumit Gulwani George Necula EECS Department University of California, Berkeley.
1 Constraint Problems in Program Analysis from the sublime to the ridiculous Alex Aiken Stanford University.
CIS 101: Computer Programming and Problem Solving Lecture 8 Usman Roshan Department of Computer Science NJIT.
Precise Inter-procedural Analysis Sumit Gulwani George C. Necula using Random Interpretation presented by Kian Win Ong UC Berkeley.
Interpolants [Craig 1957] G(y,z) F(x,y)
Synergy: A New Algorithm for Property Checking
Using and Building an Automatic Program Verifier K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond Lecture 1 LASER.
Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.
Program Analysis Using Randomization Sumit Gulwani, George Necula (U.C. Berkeley)
VS 3 : Verification and Synthesis using SMT Solvers SMT Solvers for Program Verification Saurabh Srivastava * Sumit Gulwani ** Jeffrey S. Foster * * University.
Chair of Software Engineering Automatic Verification of Computer Programs.
Query Processing Presented by Aung S. Win.
Relational Verification to SIMD Loop Synthesis Mark Marron – IMDEA & Microsoft Research Sumit Gulwani – Microsoft Research Gilles Barthe, Juan M. Crespo,
Dr. Pedro Mejia Alvarez Software Testing Slide 1 Software Testing: Building Test Cases.
Rahul Sharma (Stanford) Michael Bauer (NVIDIA Research) Alex Aiken (Stanford) Verification of Producer-Consumer Synchronization in GPU Programs June 15,
Have Your Verified Compiler And Extend It Too Zachary Tatlock Sorin Lerner UC San Diego.
Mark Marron IMDEA-Software (Madrid, Spain) 1.
CMSC 345 Fall 2000 Unit Testing. The testing process.
Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Static program checking and verification Slides: Based.
1 Employing decision procedures for automatic analysis and verification of heap-manipulating programs Greta Yorsh under the supervision of Mooly Sagiv.
Rahul Sharma Joint work with Aditya Nori (MSR India) and Alex Aiken (Stanford)
Introduction to Satisfiability Modulo Theories
Type Systems CS Definitions Program analysis Discovering facts about programs. Dynamic analysis Program analysis by using program executions.
Development of Symbolic Debuggers Based on Refinement Calculus RK Shyamasundar Rohit Kundaji Tata Institute of Fundamental Research Mumbai India.
Unit Testing 101 Black Box v. White Box. Definition of V&V Verification - is the product correct Validation - is it the correct product.
Rahul Sharma, Eric Schkufza, Berkeley Churchill, Alex Aiken.
1 MVD 2010 University of Iowa New York University Comparing Proof Systems for Linear Real Arithmetic Using LFSC Andrew Reynolds September 17, 2010.
Analyzing relational logic Daniel Jackson, MIT WG 2.3 · Newcastle April 2000.
Integrating high-level constructs into programming languages Language extensions to make programming more productive Underspecified programs –give assertions,
Proving Non-Termination Gupta, Henzinger, Majumdar, Rybalchenko, Ru-Gang Xu presentation by erkan.
CSV 889: Concurrent Software Verification Subodh Sharma Indian Institute of Technology Delhi Scalable Symbolic Execution: KLEE.
Using Loop Invariants to Detect Transient Faults in the Data Caches Seung Woo Son, Sri Hari Krishna Narayanan and Mahmut T. Kandemir Microsystems Design.
Symbolic and Concolic Execution of Programs Information Security, CS 526 Omar Chowdhury 10/7/2015Information Security, CS 5261.
Random Interpretation Sumit Gulwani UC-Berkeley. 1 Program Analysis Applications in all aspects of software development, e.g. Program correctness Compiler.
Assembly - Arrays תרגול 7 מערכים.
Learning Universally Quantified Invariants of Linear Data Structures Pranav Garg 1, Christof Loding, 2 P. Madhusudan 1 and Daniel Neider 2 1 University.
Superoptimization Venkatesh Karthik Srinivasan Guest Lecture in CS 701, Nov. 10, 2015.
Introduction to Software Analysis CS Why Take This Course? Learn methods to improve software quality – reliability, security, performance, etc.
Translation Validation via Linear Recursion Schemes Master Seminar Tobias Tebbi.
1 Proving program termination Lecture 5 · February 4 th, 2008 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A.
Introduction to Hardware Verification ECE 598 SV Prof. Shobha Vasudevan.
Finding and Understanding Bugs in C Compilers Xuejun Yang Yang Chen Eric Eide John Regehr University of Utah.
Conditionally Correct Superoptimization Rahul Sharma, Eric Schkufza, Berkeley Churchill, Alex Aiken (Stanford University)
Verification vs. Validation Verification: "Are we building the product right?" The software should conform to its specification.The software should conform.
Formal Verification – Robust and Efficient Code Lecture 1
Rahul Sharma and Alex Aiken (Stanford University) 1.
Credible Compilation With Pointers Martin Rinard and Darko Marinov Laboratory for Computer Science Massachusetts Institute of Technology.
Stefan Heule, Eric Schkufza, Rahul Sharma, Alex Aiken
Software Testing.
Software Testing (Lecture 11-a)
Software Verification and Validation
Software Verification and Validation
Software Verification and Validation
Presentation transcript:

Rahul Sharma, Eric Schkufza, Berkeley Churchill, Alex Aiken

 Prove two programs are equivalent  Compiler optimizations  Validate refactorings  Cross checking different implementations  Old and well studied problem  Undecidable in general  Major challenge: prove equivalence of loops  Straight line programs relatively easy

 Prove equivalence of two binaries … while … … while … … Trustworthy Compiler CompCert, gcc –O0 Optimizing Compiler gcc –O3, icc –O3

Straight Line Code Straight Line Code Trustworthy Compiler CompCert, gcc –O0 STOKE (ASPLOS 13) Random mutations … while … … while … …

 Do not support “while” loops: [CHR00], [FH02], [FH05], [AEF + 05], [SBC + 05], [MSF06]  Do not reason about termination: [SDE + 08], [GS09], [RE11], [LHM + 12], [PY13], [LMS + 13]  Translation validation: [Nec00],[GZB05], …  Need information from the compiler

 Decompose proof movq 8(rsp), rdi #rdi != 0 movq 8(rsp), rdi decq rdi movq rdi, 8(rsp) retq movq 8(rsp), r9 #r9 != 0 decq r9retq a a’ bb’ cc’

 Given a simulation relation, proofs for loops reduce to proofs for loop free fragments  Use decision procedures  Main challenge: infer a simulation relation  Infer synchronization points  Infer invariants  We use compilers as black boxes  Mine relations from concrete executions

 Run some tests to get data  From executions, unit tests, random tests, etc.

B retq B’ retq 2nn B;B n

 Attempt to detect synchronization points  Number of times program points are executed  Values align movq 8(rsp), rdi #rdi != 0 movq 8(rsp), rdi decq rdi movq rdi, 8(rsp) retq movq 8(rsp), r9 #r9 != 0 decq r9retq n 1n n+1 n

 Invariants are restricted to equalities  Infer invariants from observed data values 8(rsp)rdi movq 8(rsp), rdi #rdi != 0 movq 8(rsp), rdi decq rdi movq rdi, 8(rsp) retq

 Invariants are restricted to equalities  Infer invariants from observed data values 8(rsp)rdir9’ movq 8(rsp), r9 #r9 != 0 decq r9retq

8(rsp)rdir9’

 The executions are synchronized  The invariants are maintained movq 8(rsp), rdi #rdi != 0 movq 8(rsp), rdi decq rdi movq rdi, 8(rsp) retq movq 8(rsp), r9 #r9 != 0 decq r9retq a a’ bb’ cc’ States equal Live outs equal

 The executions are synchronized  The invariants are maintained  Queries in quantifier free bitvector arithmetic  Complete SMT solvers!  Incorporate counter-examples in relations  Sound but not complete  If checking succeeds then equivalent  Can fail to infer a sound simulation relation

 Insufficient data to infer a sound relation  Expressiveness of invariants  Inequalities, quantifiers, etc.  Expressiveness of SMT solver  Floating point, multiply, divide, etc.

 Run tests and generate data   Nullspace computation  libIML: integer matrix library  SMT solver: Z3

 Compute kernel inside OpenSSL  Validating CompCert against gcc  Stochastic optimization for loops

 Multiplication kernel  Extensive performance tests  Run the kernel ~15 million times  Choose 16 random tests for inference  Compile with gcc –O0 and gcc –O3  Successfully prove equivalence

ProgramStoke vs gcc -O0Stoke vs gcc –O3 Bansal1.58X1.04X SAXPY9.22X1.48X

 Prove equivalence of loops in two stages  Infer simulation relation  Check the inferred relation using SMT solvers  Use runtime data for inference  No change required to the compilers  Better verifiers lead to better optimizers

 M. D. Ernst, J. H. Perkins, P. J. Guo, S. McCamant, C. Pacheco, M. S. Tschantz, and C. Xiao. The Daikon system for dynamic detection of likely invariants. Sci. Comput. Program., 69(1-3):35–45, 2007  T. Nguyen, D. Kapur, W. Weimer, and S. Forrest. Using dynamic analysis to discover polynomial and array invariants. ICSE 2012  P. Garg, C. Löding, P. Madhusudan, D. Neider: Learning Universally Quantified Invariants of Linear Data Structures. CAV 2013  R. Sharma, S. Gupta, B. Hariharan, A. Aiken, P. Liang, A. V. Nori: A Data Driven Approach for Algebraic Loop Invariants. ESOP 2013  R. Sharma, S. Gupta, B. Hariharan, A. Aiken, A. V. Nori: Verification as Learning Geometric Concepts. SAS 2013  A.V. Nori, R. Sharma: Termination proofs from tests. ESEC/SIGSOFT FSE 2013

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.