Filters








2,195 Hits in 5.8 sec

Automatic Termination Proofs for Programs with Shape-Shifting Heaps [chapter]

Josh Berdine, Byron Cook, Dino Distefano, Peter W. O'Hearn
2006 Lecture Notes in Computer Science  
We describe a new program termination analysis designed to handle imperative programs whose termination depends on the mutation of the program's heap.  ...  Finally, we combine these two techniques to produce an automatic termination prover.  ...  referees for helpful comments.  ... 
doi:10.1007/11817963_35 fatcat:x7lu6n7m7ng4hks4fnvatrbvvm

Dependent types and multi-monadic effects in F*

Nikhil Swamy, Markulf Kohlweiss, Jean-Karim Zinzindohoue, Santiago Zanella-Béguelin, Cătălin Hriţcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, Karthikeyan Bhargavan, Cédric Fournet, Pierre-Yves Strub
2016 Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL 2016  
The DIV effect is for possibly divergent code; STATE for stateful computations; and EXN for programs that may raise exceptions. Each edge in the lattice corresponds to a monad morphism.  ...  For the modules we considered, we are able to prove more properties, with fewer annotations using F ⋆ than in a prior verified implementation of TLS-1.2.  ...  Pierce, Gordon Plotkin, and Jonathan Protzenko for interesting discussions. We also thank the anonymous reviewers for their helpful feedback.  ... 
doi:10.1145/2837614.2837655 dblp:conf/popl/SwamyHKRDFBFSKZ16 fatcat:shgx2ccn6bdori3fazftg4lazq

Dependent types and multi-monadic effects in F*

Nikhil Swamy, Markulf Kohlweiss, Jean-Karim Zinzindohoue, Santiago Zanella-Béguelin, Cătălin Hriţcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, Karthikeyan Bhargavan, Cédric Fournet, Pierre-Yves Strub
2016 SIGPLAN notices  
The DIV effect is for possibly divergent code; STATE for stateful computations; and EXN for programs that may raise exceptions. Each edge in the lattice corresponds to a monad morphism.  ...  For the modules we considered, we are able to prove more properties, with fewer annotations using F ⋆ than in a prior verified implementation of TLS-1.2.  ...  Pierce, Gordon Plotkin, and Jonathan Protzenko for interesting discussions. We also thank the anonymous reviewers for their helpful feedback.  ... 
doi:10.1145/2914770.2837655 fatcat:evpmdhcdcvgn5bqqr47wlavvna

Diagnosing Abstraction Failure for Separation Logic–Based Analyses [chapter]

Josh Berdine, Arlen Cox, Samin Ishtiaq, Christoph M. Wintersteiger
2012 Lecture Notes in Computer Science  
We propose a new method to diagnose proof failures to be used in a refinement scheme for Separation Logic-based shape analyses.  ...  Abstraction refinement is an effective verification technique for automatically proving safety properties of software.  ...  As a result, the proof attempt fails. Once analyze terminates with a failed proof attempt, feasible attempts to find a concrete counter-example in the abstract counter-example.  ... 
doi:10.1007/978-3-642-31424-7_16 fatcat:zmat27hfpje43mcpxpf35jkavm

Automated Termination Proofs for Java Programs with Cyclic Data [chapter]

Marc Brockschmidt, Richard Musiol, Carsten Otto, Jürgen Giesl
2012 Lecture Notes in Computer Science  
for a program where length is called with an arbitrary such input list, cf.  ...  In earlier work, we developed a technique to prove termination of Java programs automatically: first, Java programs are automatically transformed to term rewrite systems (TRSs) and then, existing methods  ...  Genaim for help with the experiments and A. Rybalchenko and the anonymous referees for helpful comments.  ... 
doi:10.1007/978-3-642-31424-7_13 fatcat:b6myal6hojfqlkwccpewcanl7m

Characteristic Formulae for Liveness Properties of Non-Terminating CakeML Programs

Johannes Åman Pohjola, Henrik Rostedt, Magnus O. Myreen, Michael Wagner
2019 International Conference on Interactive Theorem Proving  
There are useful programs that do not terminate, and yet standard Hoare logics are not able to prove liveness properties about non-terminating programs.  ...  This work has been developed in the HOL4 theorem prover and has been integrated into the ecosystem of proof tools surrounding the CakeML programming language.  ...  Acknowledgements We are grateful to Robert Sison and the anonymous reviewers for many constructive and insightful comments.  ... 
doi:10.4230/lipics.itp.2019.32 dblp:conf/itp/PohjolaRM19 fatcat:csu4bmj6nze7lpfxg6jsejl4pi

Amortised Resource Analysis with Separation Logic

Robert Atkey, Andrew Gordon
2011 Logical Methods in Computer Science  
---have been successful in providing concrete resource bounds for functional programs, with good support for inference.  ...  The Separation Logic component allows us to assert the presence and shape of mutable data structures on the heap, while the resource component allows us to state the consumable resources associated with  ...  This work was funded by EPSRC Follow-on Fund grant EP/G006032/1 "Resource Static Analysis" and EPSRC grant EP/G068917/1 "Categorical Foundations for Indexed Programming".  ... 
doi:10.2168/lmcs-7(2:17)2011 fatcat:flfqm4vjpfblhk2sp4c3uu5haa

Automatic loop invariant generation for data dependence analysis

Asmae Heydari Tabar, Richard Bubel, Reiner Hähnle
2022 Proceedings of the IEEE/ACM 10th International Conference on Formal Methods in Software Engineering  
Parallelization of programs relies on sound and precise analysis of data dependences in the code, specifically, when dealing with loops.  ...  We implemented our approach for Java on top of a deductive verification tool.  ...  The term ℎ𝑒𝑎𝑝 [𝑎[𝑖] := 𝑣] refers to the heap ℎ𝑒𝑎𝑝 that coincides with ℎ𝑒𝑎𝑝 except for the value at index 𝑖 of 𝑎, which has value 𝑣.  ... 
doi:10.1145/3524482.3527649 fatcat:3slf6cx6ebh57istqnsmykgqty

Multi-prover Verification of C Programs [chapter]

Jean-Christophe Filliâtre, Claude Marché
2004 Lecture Notes in Computer Science  
Our goal is the verification of C programs at the source code level using formal proof tools. Programs are specified using annotations such as preand postconditions and global invariants.  ...  We thank June Andronick from Axalto, Dillon Pariente and Emmanuel Ledinot from Dassault Aviation for their very useful feedback about the specification language and the Caduceus prototype.  ...  We seek for a method which guarantees soundness with the highest level of confidence, even if it is not fully automatic.  ... 
doi:10.1007/978-3-540-30482-1_10 fatcat:po3rqhmmc5bkdpqp5t2jy56axa

Proving program termination

Byron Cook, Andreas Podelski, Andrey Rybalchenko
2011 Communications of the ACM  
key insights for decades, the same method was used for proving termination.  ...  it allows for the modular construction of termination arguments.  ...  The common solution to these problems is to use shape analysis tools (which are designed to automatically discover the shapes of data-structures) and then to create new auxiliary variables in the program  ... 
doi:10.1145/1941487.1941509 fatcat:yp47pofcdvfotoz4mrpvtgnjaq

Abstraction Refinement for Termination [chapter]

Byron Cook, Andreas Podelski, Andrey Rybalchenko
2005 Lecture Notes in Computer Science  
key insights for decades, the same method was used for proving termination.  ...  it allows for the modular construction of termination arguments.  ...  The common solution to these problems is to use shape analysis tools (which are designed to automatically discover the shapes of data-structures) and then to create new auxiliary variables in the program  ... 
doi:10.1007/11547662_8 fatcat:pmsk5vc2hrff7fhmp5wo2omsti

Games and Decisions for Rigorous Systems Engineering (Dagstuhl Seminar 12461)

Nikolaj Bjorner, Krishnendu Chatterjee, Laura Kovacs, Rupak M. Majumdar, Marc Herbstritt
2013 Dagstuhl Reports  
This report documents the program and the outcomes of the Dagstuhl Seminar 12461 "Games and Decisions for Rigorous Systems Engineering".  ...  The seminar brought together researchers working in rigorous software engineering, with a special focus on the interaction between synthesis and automated deduction.  ...  We introduce a method for automated parameterized verification of fault-tolerant distributed algorithms.  ... 
doi:10.4230/dagrep.2.11.45 dblp:journals/dagstuhl-reports/BjornerCKM12 fatcat:gs36midqlvfhzky6v7ebawumtq

Termination proofs for systems code

Byron Cook, Andreas Podelski, Andrey Rybalchenko
2006 Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation - PLDI '06  
) together with support for programming language features such as arbitrarily nested loops, pointers, function-pointers, side-effects, etc.  ...  We describe a new program termination prover that performs a path-sensitive and context-sensitive program analysis and provides capacity for large program fragments (i.e. more than 20,000 lines of code  ...  Acknowledgments We would like to thank the following people and groups for useful discussions regarding this work: Wolfgang Ahrendt, Domagoj Babic, Tom Ball, Clark Barrett, Andreas Blass, Aaron Bradley  ... 
doi:10.1145/1133981.1134029 dblp:conf/pldi/CookPR06 fatcat:ipeuweq6tbch7awwtnjegpegwi

Termination proofs for systems code

Byron Cook, Andreas Podelski, Andrey Rybalchenko
2006 SIGPLAN notices  
) together with support for programming language features such as arbitrarily nested loops, pointers, function-pointers, side-effects, etc.  ...  We describe a new program termination prover that performs a path-sensitive and context-sensitive program analysis and provides capacity for large program fragments (i.e. more than 20,000 lines of code  ...  Acknowledgments We would like to thank the following people and groups for useful discussions regarding this work: Wolfgang Ahrendt, Domagoj Babic, Tom Ball, Clark Barrett, Andreas Blass, Aaron Bradley  ... 
doi:10.1145/1133255.1134029 fatcat:muh7dpggvfejhhp7sjtdpm6ofi

AutoProof meets some verification challenges

Julian Tschannen, Carlo A. Furia, Martin Nordio
2014 International Journal on Software Tools for Technology Transfer (STTT)  
the advantage of requiring little or no specification. 1 Verification Benchmarks Can Shape the Field For better or worse, benchmarks shape a field [16] .  ...  AutoProof AutoProof is an automatic verifier of functional properties working on Eiffel programs.  ... 
doi:10.1007/s10009-014-0300-y fatcat:re5smgmenrhv7bxrrubifx64mq
« Previous Showing results 1 — 15 out of 2,195 results