152,776 research outputs found
A Family Of Syntactic Logical Relations For The Semantics Of Haskell-Like Languages
Logical relations are a fundamental and powerful tool for reasoning about programs in languages with parametric polymorphism. Logical relations suitable for reasoning about observational behavior in polymorphic calculi supporting various programming language features have been introduced in recent years. Unfortunately, the calculi studied are typically idealized, and the results obtained for them over only partial insight into the impact of such features on observational behavior in implemented languages. In this paper we show how to bring reasoning via logical relations closer to bear on real languages by deriving results that are more pertinent to an intermediate language for the (mostly) lazy functional language Haskell like GHC Core. To provide a more ?ne-grained analysis of program behavior than is possible by reasoning about program equivalence alone, we work with an abstract notion of relating observational behavior of computations which has among its specializations both observational equivalence and observational approximation. We take selective strictness into account, and we consider the impact of different kinds of computational failure, e.g., divergence versus failed pattern matching, because such distinctions are significant in practice. Once distinguished, the relative de?nedness of different failure causes needs to be considered, because different orders here induce different observational relations on programs (including the choice between equivalence and approximation). Our main contribution is the construction of an entire family of logical relations, parameterized over a definedness order on failure causes, each member of which characterizes the corresponding observational relation. Although we deal with properties very much tied to types, we base our results on a type-erasing semantics since this is more faithful to actual implementations
Trusting Computations: a Mechanized Proof from Partial Differential Equations to Actual Program
Computer programs may go wrong due to exceptional behaviors, out-of-bound
array accesses, or simply coding errors. Thus, they cannot be blindly trusted.
Scientific computing programs make no exception in that respect, and even bring
specific accuracy issues due to their massive use of floating-point
computations. Yet, it is uncommon to guarantee their correctness. Indeed, we
had to extend existing methods and tools for proving the correct behavior of
programs to verify an existing numerical analysis program. This C program
implements the second-order centered finite difference explicit scheme for
solving the 1D wave equation. In fact, we have gone much further as we have
mechanically verified the convergence of the numerical scheme in order to get a
complete formal proof covering all aspects from partial differential equations
to actual numerical results. To the best of our knowledge, this is the first
time such a comprehensive proof is achieved.Comment: N° RR-8197 (2012). arXiv admin note: text overlap with
arXiv:1112.179
Generalized Strong Preservation by Abstract Interpretation
Standard abstract model checking relies on abstract Kripke structures which
approximate concrete models by gluing together indistinguishable states, namely
by a partition of the concrete state space. Strong preservation for a
specification language L encodes the equivalence of concrete and abstract model
checking of formulas in L. We show how abstract interpretation can be used to
design abstract models that are more general than abstract Kripke structures.
Accordingly, strong preservation is generalized to abstract
interpretation-based models and precisely related to the concept of
completeness in abstract interpretation. The problem of minimally refining an
abstract model in order to make it strongly preserving for some language L can
be formulated as a minimal domain refinement in abstract interpretation in
order to get completeness w.r.t. the logical/temporal operators of L. It turns
out that this refined strongly preserving abstract model always exists and can
be characterized as a greatest fixed point. As a consequence, some well-known
behavioural equivalences, like bisimulation, simulation and stuttering, and
their corresponding partition refinement algorithms can be elegantly
characterized in abstract interpretation as completeness properties and
refinements
Certifying floating-point implementations using Gappa
High confidence in floating-point programs requires proving numerical
properties of final and intermediate values. One may need to guarantee that a
value stays within some range, or that the error relative to some ideal value
is well bounded. Such work may require several lines of proof for each line of
code, and will usually be broken by the smallest change to the code (e.g. for
maintenance or optimization purpose). Certifying these programs by hand is
therefore very tedious and error-prone. This article discusses the use of the
Gappa proof assistant in this context. Gappa has two main advantages over
previous approaches: Its input format is very close to the actual C code to
validate, and it automates error evaluation and propagation using interval
arithmetic. Besides, it can be used to incrementally prove complex mathematical
properties pertaining to the C code. Yet it does not require any specific
knowledge about automatic theorem proving, and thus is accessible to a wide
community. Moreover, Gappa may generate a formal proof of the results that can
be checked independently by a lower-level proof assistant like Coq, hence
providing an even higher confidence in the certification of the numerical code.
The article demonstrates the use of this tool on a real-size example, an
elementary function with correctly rounded output
- …