Selectively-Amortized Resource Bounding (Extended Version)

TL;DR

This paper introduces a framework for selectively applying amortized reasoning in resource-bound analysis, simplifying invariant inference and improving the feasibility of automatic proofs of resource bounds.

Contribution

It presents a novel framework that combines worst-case and amortized reasoning through property decomposition and program transformation for automatic resource-bound analysis.

Findings

Proves soundness of the selective amortization approach.

Provides an algorithm for choosing effective decompositions.

Demonstrates improved feasibility in invariant inference.

Abstract

We consider the problem of automatically proving resource bounds. That is, we study how to prove that an integer-valued resource variable is bounded by a given program expression. Automatic resource-bound analysis has recently received significant attention because of a number of important applications (e.g., detecting performance bugs, preventing algorithmic-complexity attacks, identifying side-channel vulnerabilities), where the focus has often been on developing precise amortized reasoning techniques to infer the most exact resource usage. While such innovations remain critical, we observe that fully precise amortization is not always necessary to prove a bound of interest. And in fact, by amortizing selectively, the needed supporting invariants can be simpler, making the invariant inference task more feasible and predictable. We present a framework for selectively-amortized analysis that mixes worst-case and amortized reasoning via a property decomposition and a program transformation. We show that proving bounds in any such decomposition yields a sound resource bound in the original program, and we give an algorithm for selecting a reasonable decomposition.