25,319 research outputs found
Fifty years of Hoare's Logic
We present a history of Hoare's logic.Comment: 79 pages. To appear in Formal Aspects of Computin
Loop Analysis by Quantification over Iterations
We present a framework to analyze and verify programs containing loops by using a first-order language of so-called extended expressions. This language can express both functional and temporal properties of loops. We prove soundness and completeness of our framework and use our approach to automate the tasks of partial correctness verification, termination analysis and invariant generation. For doing so, we express the loop semantics as a set of first-order properties over extended expressions and use theorem provers and/or SMT solvers to reason about these properties. Our approach supports full first-order reasoning, including proving program properties with alternation of quantifiers. Our work is implemented in the tool QuIt and successfully evaluated on benchmarks coming from software verification
Some Challenges of Specifying Concurrent Program Components
The purpose of this paper is to address some of the challenges of formally
specifying components of shared-memory concurrent programs. The focus is to
provide an abstract specification of a component that is suitable for use both
by clients of the component and as a starting point for refinement to an
implementation of the component. We present some approaches to devising
specifications, investigating different forms suitable for different contexts.
We examine handling atomicity of access to data structures, blocking operations
and progress properties, and transactional operations that may fail and need to
be retried.Comment: In Proceedings Refine 2018, arXiv:1810.0873
Efficient CTL Verification via Horn Constraints Solving
The use of temporal logics has long been recognised as a fundamental approach
to the formal specification and verification of reactive systems. In this
paper, we take on the problem of automatically verifying a temporal property,
given by a CTL formula, for a given (possibly infinite-state) program. We
propose a method based on encoding the problem as a set of Horn constraints.
The method takes a program, modeled as a transition system, and a property
given by a CTL formula as input. It first generates a set of forall-exists
quantified Horn constraints and well-foundedness constraints by exploiting the
syntactic structure of the CTL formula. Then, the generated set of constraints
are solved by applying an off-the-shelf Horn constraints solving engine. The
program is said to satisfy the property if and only if the generated set of
constraints has a solution. We demonstrate the practical promises of the method
by applying it on a set of challenging examples. Although our method is based
on a generic Horn constraint solving engine, it is able to outperform
state-of-art methods specialised for CTL verification.Comment: In Proceedings HCVS2016, arXiv:1607.0403
The Meaning of Memory Safety
We give a rigorous characterization of what it means for a programming
language to be memory safe, capturing the intuition that memory safety supports
local reasoning about state. We formalize this principle in two ways. First, we
show how a small memory-safe language validates a noninterference property: a
program can neither affect nor be affected by unreachable parts of the state.
Second, we extend separation logic, a proof system for heap-manipulating
programs, with a memory-safe variant of its frame rule. The new rule is
stronger because it applies even when parts of the program are buggy or
malicious, but also weaker because it demands a stricter form of separation
between parts of the program state. We also consider a number of pragmatically
motivated variations on memory safety and the reasoning principles they
support. As an application of our characterization, we evaluate the security of
a previously proposed dynamic monitor for memory safety of heap-allocated data.Comment: POST'18 final versio
Computer-Assisted Program Reasoning Based on a Relational Semantics of Programs
We present an approach to program reasoning which inserts between a program
and its verification conditions an additional layer, the denotation of the
program expressed in a declarative form. The program is first translated into
its denotation from which subsequently the verification conditions are
generated. However, even before (and independently of) any verification
attempt, one may investigate the denotation itself to get insight into the
"semantic essence" of the program, in particular to see whether the denotation
indeed gives reason to believe that the program has the expected behavior.
Errors in the program and in the meta-information may thus be detected and
fixed prior to actually performing the formal verification. More concretely,
following the relational approach to program semantics, we model the effect of
a program as a binary relation on program states. A formal calculus is devised
to derive from a program a logic formula that describes this relation and is
subject for inspection and manipulation. We have implemented this idea in a
comprehensive form in the RISC ProgramExplorer, a new program reasoning
environment for educational purposes which encompasses the previously developed
RISC ProofNavigator as an interactive proving assistant.Comment: In Proceedings THedu'11, arXiv:1202.453
- …