scholarly journals On incorrectness logic and Kleene algebra with top and tests

2022 ◽  
Vol 6 (POPL) ◽  
pp. 1-30
Author(s):  
Cheng Zhang ◽  
Arthur Azevedo de Amorim ◽  
Marco Gaboardi
Keyword(s):  
Equational Theory ◽  
Program Transformations ◽  
Hoare Logic ◽  
Compiler Optimizations ◽  
Partial Correctness ◽  
Seminal Work ◽  
Kleene Algebra

Kleene algebra with tests (KAT) is a foundational equational framework for reasoning about programs, which has found applications in program transformations, networking and compiler optimizations, among many other areas. In his seminal work, Kozen proved that KAT subsumes propositional Hoare logic, showing that one can reason about the (partial) correctness of while programs by means of the equational theory of KAT. In this work, we investigate the support that KAT provides for reasoning about incorrectness, instead, as embodied by O'Hearn's recently proposed incorrectness logic. We show that KAT cannot directly express incorrectness logic. The main reason for this limitation can be traced to the fact that KAT cannot express explicitly the notion of codomain, which is essential to express incorrectness triples. To address this issue, we study Kleene Algebra with Top and Tests (TopKAT), an extension of KAT with a top element. We show that TopKAT is powerful enough to express a codomain operation, to express incorrectness triples, and to prove all the rules of incorrectness logic sound. This shows that one can reason about the incorrectness of while-like programs by means of the equational theory of TopKAT.

scholarly journals A call-by-need lambda calculus with locally bottom-avoiding choice: context lemma and correctness of transformations

2008 ◽  
Vol 18 (3) ◽  
pp. 501-553 ◽  
Author(s):  
DAVID SABEL ◽  
MANFRED SCHMIDT-SCHAUSS
Keyword(s):  
Operational Semantics ◽  
Lambda Calculus ◽  
Equational Theory ◽  
Order Reduction ◽  
Single Step ◽  
Program Transformations ◽  
Normal Order ◽  
Choice Context ◽  
Contextual Equivalence ◽  
Fairness Condition

We present a higher-order call-by-need lambda calculus enriched with constructors, case expressions, recursive letrec expressions, a seq operator for sequential evaluation and a non-deterministic operator amb that is locally bottom-avoiding. We use a small-step operational semantics in the form of a single-step rewriting system that defines a (non-deterministic) normal-order reduction. This strategy can be made fair by adding resources for book-keeping. As equational theory, we use contextual equivalence (that is, terms are equal if, when plugged into any program context, their termination behaviour is the same), in which we use a combination of may- and must-convergence, which is appropriate for non-deterministic computations. We show that we can drop the fairness condition for equational reasoning, since the valid equations with respect to normal-order reduction are the same as for fair normal-order reduction. We develop a number of proof tools for proving correctness of program transformations. In particular, we prove a context lemma for both may- and must- convergence that restricts the number of contexts that need to be examined for proving contextual equivalence. Combining this with so-called complete sets of commuting and forking diagrams, we show that all the deterministic reduction rules and some additional transformations preserve contextual equivalence. We also prove a standardisation theorem for fair normal-order reduction. The structure of the ordering ≤c is also analysed, and we show that Ω is not a least element and ≤c already implies contextual equivalence with respect to may-convergence.

scholarly journals Partial Correctness of a Fibonacci Algorithm

2020 ◽  
Vol 28 (2) ◽  
pp. 187-196
Author(s):  
Artur Korniłowicz
Keyword(s):  
Fibonacci Number ◽  
Iterative Algorithms ◽  
Hoare Logic ◽  
Inference System ◽  
Partial Correctness ◽  
Complex Valued

Summary In this paper we introduce some notions to facilitate formulating and proving properties of iterative algorithms encoded in nominative data language [19] in the Mizar system [3], [1]. It is tested on verification of the partial correctness of an algorithm computing n-th Fibonacci number: i := 0 s := 0 b := 1 c := 0 while (i <> n)   c := s   s := b   b := c + s   i := i + 1 return s This paper continues verification of algorithms [10], [13], [12] written in terms of simple-named complex-valued nominative data [6], [8], [17], [11], [14], [15]. The validity of the algorithm is presented in terms of semantic Floyd-Hoare triples over such data [9]. Proofs of the correctness are based on an inference system for an extended Floyd-Hoare logic [2], [4] with partial pre- and post-conditions [16], [18], [7], [5].

scholarly journals Partial Correctness of GCD Algorithm

2018 ◽  
Vol 26 (2) ◽  
pp. 165-173
Author(s):  
Ievgen Ivanov ◽  
Artur Korniłowicz ◽  
Mykola Nikitchenko
Keyword(s):  
Greatest Common Divisor ◽  
Hoare Logic ◽  
Natural Numbers ◽  
Inference System ◽  
Partial Correctness ◽  
Euclid’S Algorithm ◽  
System 2 ◽  
Euclid's Algorithm ◽  
Complex Valued

Summary In this paper we present a formalization in the Mizar system [2, 1] of the correctness of the subtraction-based version of Euclid’s algorithm computing the greatest common divisor of natural numbers. The algorithm is written in terms of simple-named complex-valued nominative data [11, 4]. The validity of the algorithm is presented in terms of semantic Floyd-Hoare triples over such data [7]. Proofs of the correctness are based on an inference system for an extended Floyd-Hoare logic with partial pre- and post-conditions [8, 10, 5, 3].

scholarly journals Partial Correctness of a Power Algorithm

2019 ◽  
Vol 27 (2) ◽  
pp. 189-195
Author(s):  
Adrian Jaszczak
Keyword(s):  
Formal Verification ◽  
Complex Number ◽  
Hoare Logic ◽  
Inference System ◽  
Partial Correctness ◽  
Complex Valued

Summary This work continues a formal verification of algorithms written in terms of simple-named complex-valued nominative data [6],[8],[15],[11],[12],[13]. In this paper we present a formalization in the Mizar system [3],[1] of the partial correctness of the algorithm: i := val.1 j := val.2 b := val.3 n := val.4 s := val.5 while (i <> n) i := i + j s := s * b return s computing the natural n power of given complex number b, where variables i, b, n, s are located as values of a V-valued Function, loc, as: loc/.1 = i, loc/.3 = b, loc/.4 = n and loc/.5 = s, and the constant 1 is located in the location loc/.2 = j (set V represents simple names of considered nominative data [17]). The validity of the algorithm is presented in terms of semantic Floyd-Hoare triples over such data [9]. Proofs of the correctness are based on an inference system for an extended Floyd-Hoare logic [2],[4] with partial pre- and post-conditions [14],[16],[7],[5].

scholarly journals Reasoning about Partial Correctness Assertions in Isabelle/HOL

2020 ◽  
Vol 27 (3) ◽  
pp. 84-101
Author(s):  
Alfio Ricardo Martini
Keyword(s):  
Formal Verification ◽  
Broad Class ◽  
Object Oriented ◽  
Concurrent Programs ◽  
Proof Assistant ◽  
Hoare Logic ◽  
Partial Correctness ◽  
Human Understanding ◽  
Isabelle Proof Assistant

Hoare Logic has a long tradition in formal verification and has been continuously developed and used to verify a broad class of programs, including sequential, object-oriented and concurrent programs. The purpose of this work is to provide a detailed and accessible exposition of the several ways the user can conduct, explore and write proofs of correctness of sequential imperative programs with Hoare logic and the ISABELLE proof assistant. With the proof language Isar, it is possible to write structured, readable proofs that are suitable for human understanding and communication.

scholarly journals KAT and PHL in Coq

2008 ◽  
Vol 5 (2) ◽  
pp. 137-160 ◽  
Author(s):  
David Pereira ◽  
Nelma Moreira
Keyword(s):  
Program Verification ◽  
Theorem Prover ◽  
Hoare Logic ◽  
Automatic Production ◽  
Kleene Algebra ◽  
Source Level ◽  
Deduction Rules

In this article we describe an implementation of Kleene algebra with tests (KAT) in the Coq theorem prover. KAT is an equational system that has been successfully applied in program verification and, in particular, it subsumes the propositional Hoare logic (PHL). We also present an PHL encoding in KAT, by deriving its deduction rules as theorems of KAT. Some examples of simple program's formal correctness are given. This work is part of a study of the feasibility of using KAT in the automatic production of certificates in the context of (source-level) Proof-Carrying-Code (PCC). .

scholarly journals Simuliris: a separation logic framework for verifying concurrent program optimizations

2022 ◽  
Vol 6 (POPL) ◽  
pp. 1-31
Author(s):  
Lennard Gäher ◽  
Michael Sammler ◽  
Simon Spies ◽  
Ralf Jung ◽  
Hoang-Hai Dang ◽  
...  
Keyword(s):  
Separation Logic ◽  
Program Transformations ◽  
Data Race ◽  
Compiler Optimizations ◽  
Concurrent Program ◽  
Source Language ◽  
Program Termination ◽  
Source Program ◽  
Data Races ◽  
Fair Scheduler

Today’s compilers employ a variety of non-trivial optimizations to achieve good performance. One key trick compilers use to justify transformations of concurrent programs is to assume that the source program has no data races : if it does, they cause the program to have undefined behavior (UB) and give the compiler free rein. However, verifying correctness of optimizations that exploit this assumption is a non-trivial problem. In particular, prior work either has not proven that such optimizations preserve program termination (particularly non-obvious when considering optimizations that move instructions out of loop bodies), or has treated all synchronization operations as external functions (losing the ability to reorder instructions around them). In this work we present Simuliris , the first simulation technique to establish termination preservation (under a fair scheduler) for a range of concurrent program transformations that exploit UB in the source language. Simuliris is based on the idea of using ownership to reason modularly about the assumptions the compiler makes about programs with well-defined behavior. This brings the benefits of concurrent separation logics to the space of verifying program transformations: we can combine powerful reasoning techniques such as framing and coinduction to perform thread-local proofs of non-trivial concurrent program optimizations. Simuliris is built on a (non-step-indexed) variant of the Coq-based Iris framework, and is thus not tied to a particular language. In addition to demonstrating the effectiveness of Simuliris on standard compiler optimizations involving data race UB, we also instantiate it with Jung et al.’s Stacked Borrows semantics for Rust and generalize their proofs of interesting type-based aliasing optimizations to account for concurrency.

Sign in / Sign up

Export Citation Format

Share Document