Filters








729 Hits in 10.7 sec

Towards imperative modules: Reasoning about invariants and sharing of mutable state

David A. Naumann, Mike Barnett
2006 Theoretical Computer Science  
Imperative and object-oriented programs make ubiquitous use of shared mutable objects.  ...  This paper shows how auxiliary fields can be used to express two state-dependent encapsulation disciplines: ownership, a kind of separation, and friendship, a kind of sharing.  ...  Conversations with these authors, Anindya Banerjee, and Frank de Boer have been very helpful. A number of corrections and improvements were provided by thorough and thoughtful anonymous reviewers.  ... 
doi:10.1016/j.tcs.2006.07.035 fatcat:v7ih3kg7kvek5b6vogr6hkyabe

Towards imperative modules: reasoning about invariants and sharing of mutable state

D.A. Naumann, M. Barnett
2004 Proceedings of the 19th Annual IEEE Symposium on Logic in Computer Science, 2004.  
and sharing of objects across encapsulation boundaries. Can use with standard logics.  ...  What about outcalls in£ ¥ ¦ § , i.e. method invocations on other objects? How to express absence of interference, with heap sharing?  ...  Last auxiliary field for ownership discipline: Last auxiliary field for ownership discipline: Last auxiliary field for ownership discipline: Absence of interference, as a precondition: Absence of interference  ... 
doi:10.1109/lics.2004.1319626 dblp:conf/lics/NaumannB04 fatcat:qwgi3b7mkjezhizvdvgwwxavu4

Author index

2006 Theoretical Computer Science  
Cheung (1-2) 83-108 Naumann, D.A. and M. Barnett, Towards imperative modules: Reasoning about invariants and sharing of mutable state (1-2) 143-168 Oliveira, J.N., see L.S.  ...  Li and Z. Liu, rCOS: A refinement calculus of object systems (1-2) 109-142 Johnsen, E.B., O. Owe and I.C.  ... 
doi:10.1016/s0304-3975(06)00728-6 fatcat:gaanmoj2bnh45jcotujgcx3bfi

Linear types for large-scale systems verification

Jialin Li, Andrea Lattuada, Yi Zhou, Jonathan Cameron, Jon Howell, Bryan Parno, Chris Hawblitzel
2022 Proceedings of the ACM on Programming Languages (PACMPL)  
Memory reasoning in SMT verification typically requires a nontrivial amount of manual effort to specify heap invariants, as well as extensive alias reasoning from the SMT solver.  ...  We evaluate our approach by converting the implementation of a verified storage system (about 24K lines of code and proof) written in Dafny, to use our extended Dafny.  ...  Sloan Foundation, and the Intel Corporation. Andrea Lattuada is supported by a Google PhD Fellowship.  ... 
doi:10.1145/3527313 fatcat:7c4ju2tpcbcyvkyim2bhloscsq

SC-Haskell

Michael Vollmer, Ryan G. Scott, Madanlal Musuvathi, Ryan R. Newton
2017 Proceedings of the 22nd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming - PPoPP '17  
The efficiency of SC arises primarily due to the isolation provided by the Haskell type system between purely functional and thread-local imperative computations on the one hand, and imperative computations  ...  In particular, we modify the Glasgow Haskell Compiler to insert fences on all writes to shared mutable memory accessed in nonfunctional parts of the program.  ...  Moreover, the language type system provides a clean separation between pure or thread-local computation and shared-mutable state.  ... 
doi:10.1145/3018743.3018746 fatcat:x3uuczq5fzek3od6jrb6mewnia

Fast and Reliable Formal Verification of Smart Contracts with the Move Prover [article]

David Dill, Wolfgang Grieskamp, Junkil Park, Shaz Qadeer, Meng Xu, Emma Zhong
2022 arXiv   pre-print
Besides the simplicity of smart contracts and the Move language, three transformations are responsible for the practicality of MVP: (1) an alias-free memory model, (2) fine-grained invariant checking,  ...  The entirety of the Move code for the Diem blockchain has been extensively specified and can be completely verified by MVP in a few minutes.  ...  Acknowledgements This work would not have been possible without the many contributions of the Move platform team and collaborators.  ... 
arXiv:2110.08362v3 fatcat:wxnwri766rbupfu3gekrbdg2cq

Modular Reasoning in Object-Oriented Programming [chapter]

David A. Naumann
2008 Lecture Notes in Computer Science  
Section 2, explains the approach, accomplishments, and challenges in terms of invariants for shared mutable objects.  ...  Difficulties in reasoning about functional correctness and relational properties of object-oriented programs are reviewed.  ...  Perhaps the highest cost is the ubiquity of aliasing in the sense of shared references to mutable objects in the heap.  ... 
doi:10.1007/978-3-540-69149-5_13 fatcat:qmqmqiqbg5hebhlfr6zozp4hhu

Relational Parametricity and Separation Logic

Lars Birkedal, Hongseok Yang, Helmut Seidl
2008 Logical Methods in Computer Science  
Separation logic is a recent extension of Hoare logic for reasoning about programs with references to shared mutable data structures.  ...  Our interpretation is based on Reynolds's relational parametricity, and it provides a formal connection between separation logic and data abstraction.  ...  Thus the methodology allows us to formally reason about mutable abstract data types, aka. imperative modules.  ... 
doi:10.2168/lmcs-4(2:6)2008 fatcat:p5acuff7ozdfxbow7y2riepx6m

Hierarchical memory management for mutable state

Adrien Guatto, Sam Westrick, Ram Raghunathan, Umut Acar, Matthew Fluet
2018 Proceedings of the 23rd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming - PPoPP '18  
Perhaps the most important reason for this is their lack of support for efficient in-place updates, i.e., mutation, which is important for the implementation of both parallel algorithms and the run-time  ...  system services (e.g., schedulers and synchronization primitives) used to execute them.  ...  Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author and do not necessarily reflect the views of the National Science Foundation.  ... 
doi:10.1145/3178487.3178494 dblp:conf/ppopp/GuattoWRAF18 fatcat:ixssob3x7bdvnnnj4j2ng2pf2m

It's Only Illegal If You Get Caught

Raphaël Proust, Alan Mycroft
2014 Proceedings of the 2014 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming & Software - Onward! '14  
Programming languages and coding standards provide invariants to ease reasoning about the correctness of code.  ...  It is important that intermediate states of these operations are not observable by the rest of the program.  ...  This helps every Haskell programmer to reason about their and others' programs: by merely inspecting the type of a function they know whether it can have effects within the state monad or not.  ... 
doi:10.1145/2661136.2661142 dblp:conf/oopsla/ProustM14 fatcat:qhfebqcdhzcitam2iubj4k5xka

Aeneas: Rust Verification by Functional Translation [article]

Son Ho, Jonathan Protzenko
2022 arXiv   pre-print
This allows the user to reason about the original Rust program through the theorem prover of their choice.  ...  We leverage Rust's rich region-based type system to eliminate memory reasoning for many Rust programs, as long as they do not rely on interior mutability or unsafe code.  ...  We are very grateful to Xavier Denis and Jacques-Henri Jourdan for countless discussions and many pieces of useful advice throughout the design of A .  ... 
arXiv:2206.07185v1 fatcat:b5igomiipjc7jiffgwmrkr6xry

Aeneas: Rust verification by functional translation

Son Ho, Jonathan Protzenko
2022 Proceedings of the ACM on Programming Languages (PACMPL)  
This allows the user to reason about the original Rust program through the theorem prover of their choice, and fulfills our promise of enabling lightweight verification of Rust programs.  ...  We leverage Rust's rich region-based type system to eliminate memory reasoning for a large class of Rust programs, as long as they do not rely on interior mutability or unsafe code.  ...  We warmly thank Xavier Denis and Jacques-Henri Jourdan for insightful discussions and useful advice throughout the design of Aeneas.  ... 
doi:10.1145/3547647 fatcat:xpok6ld3d5gsvaioe45ezj47ti

Verifying stateful programs with substructural state and hoare types

Johannes Borgstrom, Juan Chen, Nikhil Swamy
2011 Proceedings of the 5th ACM workshop on Programming languages meets program verification - PLPV '11  
The core idea of the translation is the division of a stateful object into a pure value and an affine token whose type mentions the current state of the object.  ...  Our technique is based on verification by translation, starting from FX, an imperative object-based surface language with specifications including object invariants and Hoare triple computation types,  ...  Mutable objects and invariants.  ... 
doi:10.1145/1929529.1929532 dblp:conf/plpv/BorgstromCS11 fatcat:ne7l5avglzfbjkr77jrdj7inoi

Reasoning about Programs With Effects

Carolyn Talcott
1998 Electronical Notes in Theoretical Computer Science  
The work has had two major sub-themes: reasoning about functional programs extended with imperative features and reasoning about components of open distributed systems.  ...  This work has focused on operationally based semantics and formalisms for specifying and reasoning about such programs.  ...  Secondly, the equality and sharing of cells (aliasing) is easily expressed and reasoned about.  ... 
doi:10.1016/s1571-0661(05)80243-9 fatcat:b6mazjhf2rao3erdapa3qcwoti

Verifying Invariants of Lock-Free Data Structures with Rely-Guarantee and Refinement Types

Colin S. Gordon, Michael D. Ernst, Dan Grossman, Matthew J. Parkinson
2017 ACM Transactions on Programming Languages and Systems  
We propose a new way of proving invariants of fine-grained concurrent data structures: applying rely-guarantee reasoning to references in the concurrent setting.  ...  First, it provides a new approach to preserving invariants and restricting usage of concurrent data structures.  ...  in operations of a sealed module, and they are well-suited to specifying invariants of FCDs.  ... 
doi:10.1145/3064850 fatcat:bs2qkwegfjci7da3xq7eq5ixc4
« Previous Showing results 1 — 15 out of 729 results