Semi-automatic Proofs about Object Graphs in Separation Logic

Published correctness proofs of garbage collectors in separationlogic to date depend on extensive manual, interactive formulamanipulations. This paper shows that the approach of symbolicexecution in separation logic, as first developed by Smallfoot,also encompasses reasoning about object graphs given by the reachabilityof objects. This approach yields semi-automatic proofs oftwo central garbage collection algorithms: Schorr-Waite graph marking and Cheney's collector. Our framework is developed as a conservativeextension of Isabelle/HOL. Our verification environment re-uses theSimpl framework for classical Hoare logic

Derivation of data intensive algorithms by formal transformation: the Schorr-Waite graph marking algorithm

Dated September 19, 1996In this paper we consider a particular class of algorithms which present certain difficulties to formal verification. These are algorithms which use a single data structure for two or more purposes, which combine program control information with other data structures or which are developed as a combination of a basic idea with an implementation technique. Our approach is based on applying proven semantics-preserving transformation rules in a wide spectrum language. Starting with a set theoretical specification of “reachability” we are able to derive iterative and recursive graph marking algorithms using the “pointer switching” idea of Schorr and Waite. There have been several proofs of correctness of the Schorr-Waite algorithm, and a small number of transformational developments of the algorithm. The great advantage of our approach is that we can derive the algorithm from its specification using only general-purpose transformational rules: without the need for complicated induction arguments. Our approach applies equally well to several more complex algorithms which make use of the pointer switching strategy, including a hybrid algorithm which uses a fixed length stack, switching to the pointer switching strategy when the stack runs out

Ramasse-miettes générationnel et incémental gérant les cycles et les gros objets en utilisant des frames délimités

Ces dernières années, des recherches ont été menées sur plusieurs techniques reliées à la collection des déchets. Plusieurs découvertes centrales pour le ramassage de miettes par copie ont été réalisées. Cependant, des améliorations sont encore possibles. Dans ce mémoire, nous introduisons des nouvelles techniques et de nouveaux algorithmes pour améliorer le ramassage de miettes. En particulier, nous introduisons une technique utilisant des cadres délimités pour marquer et retracer les pointeurs racines. Cette technique permet un calcul efficace de l'ensemble des racines. Elle réutilise des concepts de deux techniques existantes, card marking et remembered sets, et utilise une configuration bidirectionelle des objets pour améliorer ces concepts en stabilisant le surplus de mémoire utilisée et en réduisant la charge de travail lors du parcours des pointeurs. Nous présentons aussi un algorithme pour marquer récursivement les objets rejoignables sans utiliser de pile (éliminant le gaspillage de mémoire habituel). Nous adaptons cet algorithme pour implémenter un ramasse-miettes copiant en profondeur et améliorer la localité du heap. Nous améliorons l'algorithme de collection des miettes older-first et sa version générationnelle en ajoutant une phase de marquage garantissant la collection de toutes les miettes, incluant les structures cycliques réparties sur plusieurs fenêtres. Finalement, nous introduisons une technique pour gérer les gros objets. Pour tester nos idées, nous avons conçu et implémenté, dans la machine virtuelle libre Java SableVM, un cadre de développement portable et extensible pour la collection des miettes. Dans ce cadre, nous avons implémenté des algorithmes de collection semi-space, older-first et generational. Nos expérimentations montrent que la technique du cadre délimité procure des performances compétitives pour plusieurs benchmarks. Elles montrent aussi que, pour la plupart des benchmarks, notre algorithme de parcours en profondeur améliore la localité et augmente ainsi la performance. Nos mesures de la performance générale montrent que, utilisant nos techniques, un ramasse-miettes peut délivrer une performance compétitive et surpasser celle des ramasses-miettes existants pour plusieurs benchmarks. ______________________________________________________________________________ MOTS-CLÉS DE L’AUTEUR : Ramasse-Miettes, Machine Virtuelle, Java, SableVM

A functional specification of effects

This dissertation is about effects and type theory. Functional programming languages such as Haskell illustrate how to encapsulate side effects using monads. Haskell compilers provide a handful of primitive effectful functions. Programmers can construct larger computations using the monadic return and bind operations. These primitive effectful functions, however, have no associated definition. At best, their semantics are specified separately on paper. This can make it difficult to test, debug, verify, or even predict the behaviour of effectful computations. This dissertation provides pure, functional specifications in Haskell of several different effects. Using these specifications, programmers can test and debug effectful programs. This is particularly useful in tandem with automatic testing tools such as QuickCheck. The specifications in Haskell are not total. This makes them unsuitable for the formal verification of effectful functions. This dissertation overcomes this limitation, by presenting total functional specifications in Agda, a programming language with dependent types. There have been alternative approaches to incorporating effects in a dependently typed programming language. Most notably, recent work on Hoare Type Theory proposes to extend type theory with axioms that postulate the existence of primitive effectful functions. This dissertation shows how the functional specifications implement these axioms, unifying the two approaches. The results presented in this dissertation may be used to write and verify effectful programs in the framework of type theory

Data re-engineering using formal transformations

This thesis presents and analyses a solution to the problem of formally re- engineering program data structures, allowing new representations of a program to be developed. The work is based around Ward's theory of program transformations which uses a Wide Spectrum Language, WSL, whose semantics were specially developed for use in proof of program transformations. The re-engineered code exhibits equivalent functionality to the original but differs in the degree of data abstraction and representation. Previous transformational re-engineering work has concentrated upon control flow restructuring, which has highlighted a lack of support for data restructuring in the maintainer's tool-set. Problems have been encountered during program transformation due to the lack of support for data re-engineering. A lack of strict data semantics and manipulation capabilities has left the maintainer unable to produce optimally re-engineered solutions. It has also hindered the migration of programs into other languages because it has not been possible to convert data structures into an appropriate form in the target language. The main contribution of the thesis is the Data Re-Engineering and Abstraction Mechanism (DREAM) which allows theories about type equivalence to be represented and used in a re-engineering environment. DREAM is based around the technique of "ghosting", a way of introducing different representations of data, which provides the theoretical underpinning of the changes applied to the program. A second major contribution is the introduction of data typing into the WSL language. This allows DREAM to be integrated into the existing transformation theories within WSL. These theoretical extensions of the original work have been shown to be practically viable by implementation within a prototype transformation tool, the Maintainer's Assistant. The extended tool has been used to re-engineer heavily modified, commercial legacy code. The results of this have shown that useful re-engineering work can be performed and that DREAM integrates well with existing control flow transformations

A functional specification of effects

This dissertation is about effects and type theory. Functional programming languages such as Haskell illustrate how to encapsulate side effects using monads. Haskell compilers provide a handful of primitive effectful functions. Programmers can construct larger computations using the monadic return and bind operations. These primitive effectful functions, however, have no associated definition. At best, their semantics are specified separately on paper. This can make it difficult to test, debug, verify, or even predict the behaviour of effectful computations. This dissertation provides pure, functional specifications in Haskell of several different effects. Using these specifications, programmers can test and debug effectful programs. This is particularly useful in tandem with automatic testing tools such as QuickCheck. The specifications in Haskell are not total. This makes them unsuitable for the formal verification of effectful functions. This dissertation overcomes this limitation, by presenting total functional specifications in Agda, a programming language with dependent types. There have been alternative approaches to incorporating effects in a dependently typed programming language. Most notably, recent work on Hoare Type Theory proposes to extend type theory with axioms that postulate the existence of primitive effectful functions. This dissertation shows how the functional specifications implement these axioms, unifying the two approaches. The results presented in this dissertation may be used to write and verify effectful programs in the framework of type theory

A program logic for resources

AbstractWe introduce a reasoning infrastructure for proving statements about resource consumption in a fragment of the Java Virtual Machine Language (JVML). The infrastructure is based on a small hierarchy of program logics, with increasing levels of abstraction: at the top there is a type system for a high-level language that encodes resource consumption. The infrastructure is designed to be used in a proof-carrying code (PCC) scenario, where mobile programs can be equipped with formal evidence that they have predictable resource behaviour.This article focuses on the core logic in our infrastructure, a VDM-style program logic for partial correctness, which can make statements about resource consumption alongside functional behaviour. We establish some important results for this logic, including soundness and completeness with respect to a resource-aware operational semantics for the JVML. We also present a second logic built on top of the core logic, which is used to express termination; it too is shown to be sound and complete. We then outline how high-level language type systems may be connected to these logics.The entire infrastructure has been formalized in Isabelle/HOL, both to enhance the confidence in our meta-theoretical results, and to provide a prototype implementation for PCC. We give examples to show the usefulness of this approach, including proofs of resource bounds on code resulting from compiling high-level functional programs

Distribution, social structure and habitat use of short-finned pilot whale, Globicephala macrorhynchus, in the Canary Islands

The Canary Archipelago is considered one of the planet’s biodiversity hotspots and the short-finned pilot whale is a key species in need of conservation measures. To address a lack of knowledge, almost 2,000 day-surveys were conducted (1999-2012) resulting in 1,094 short-finned pilot whale sightings. The species was recorded year-round and distributed non-uniformly around the archipelago, with greater densities concentrated in patchy areas mainly on the leeward side of the main islands. A total of 1,320 well-marked individuals were identified, which exhibited a large degree of variability in site fidelity (from core residents to transients). Evidence of an island-associated sub-population and a transient one was found. Longitudinal data were used to infer population structure and estimate abundance, while a spatial modelling approach was used to study spatio-temporal patterns in habitat use, distribution and abundance. Spatial modelling revealed habitat preferences in areas between depths of 1000m and 1500m, and higher densities in the south-west of Tenerife and La Gomera (117 short-finned pilot whales recaptured within the two islands). Abundance of 1,980 individuals (CV = 0.33, 95% CI=1,442 – 2,324) was estimated for the entire archipelago, with higher density predicted during the summer months. Mark-recapture analysis estimated 636 resident individuals (CV = 0.028, 95% CI=602 - 671) in the southwest waters of Tenerife between 2007 and 2009. The social and temporal analyses of the behavioural relationships between pairs of individuals revealed a well-differentiated society with long-lasting and non-random social structure built of constant companions. A hierarchical social system is proposed composed of a population encompassing several clans of pilot whales, each one containing several pods. Nine long-term units were identified with a high degree of association (0.62 - 0.83). This study, the first to provide combined results on distribution, habitat use, and social structure of the species, provides essential information towards the development of recommendations for much needed conservation measures

Journées Francophones des Langages Applicatifs 2018

National audienceLes 29èmes journées francophones des langages applicatifs (JFLA) se déroulent en 2018 à l'observatoire océanographique de Banyuls-sur-Mer. Les JFLA réunissent chaque année, dans un cadre convivial, concepteurs, développeurs et utilisateurs des langages fonctionnels, des assistants de preuve et des outils de vérification de programmes en présentant des travaux variés, allant des aspects les plus théoriques aux applications industrielles.Cette année, nous avons sélectionné 9 articles de recherche et 8 articles courts. Les thématiques sont variées : preuve formelle, vérification de programmes, modèle mémoire, langages de programmation, mais aussi théorie de l'homotopieet blockchain