Compiler verification meets cross-language linking via data abstraction

Many real programs are written in multiple different programming languages, and supporting this pattern creates challenges for formal compiler verification. We describe our Coq verification of a compiler for a high-level language, such that the compiler correctness theorem allows us to derive partial-correctness Hoare-logic theorems for programs built by linking the assembly code output by our compiler and assembly code produced by other means. Our compiler supports such tricky features as storable cross-language function pointers, without giving up the usual benefits of being able to verify different compiler phases (including, in our case, two classic optimizations) independently. The key technical innovation is a mixed operational and axiomatic semantics for the source language, with a built-in notion of abstract data types, such that compiled code interfaces with other languages only through axiomatically specified methods that mutate encapsulated private data, represented in whatever formats are most natural for those languages.National Science Foundation (U.S.) (Grant CCF-1253229)United States. Defense Advanced Research Projects Agency (Agreement FA8750-12-2-0293)United States. Dept. of Energy. Office of Science (Award DE-SC0008923

Inductive Proof Outlines for Monitors in Java

Abstract. The research concerning Java’s semantics and proof theory has mainly focussed on various aspects of sequential sub-languages. Java, however, integrates features of a class-based object-oriented language with the notion of multi-threading, where multiple threads can concurrently execute and exchange information via shared instance variables. Furthermore, each object can act as a monitor to assure mutual exclusion or to coordinate between threads. In this paper we present a sound and relatively complete assertional proof system for Java’s monitor concept, which generates verification conditions for a concurrent sublanguage JavaMT of Java. This work extends previous results by incorporating Java’s monitor methods

Leaf Trait-Environment Relationships in a Subtropical Broadleaved Forest in South-East China

Although trait analyses have become more important in community ecology, trait-environment correlations have rarely been studied along successional gradients. We asked which environmental variables had the strongest impact on intraspecific and interspecific trait variation in the community and which traits were most responsive to the environment. We established a series of plots in a secondary forest in the Chinese subtropics, stratified by successional stages that were defined by the time elapsed since the last logging activities. On a total of 27 plots all woody plants were recorded and a set of individuals of every species was analysed for leaf traits, resulting in a trait matrix of 26 leaf traits for 122 species. A Fourth Corner Analysis revealed that the mean values of many leaf traits were tightly related to the successional gradient. Most shifts in traits followed the leaf economics spectrum with decreasing specific leaf area and leaf nutrient contents with successional time. Beside succession, few additional environmental variables resulted in significant trait relationships, such as soil moisture and soil C and N content as well as topographical variables. Not all traits were related to the leaf economics spectrum, and thus, to the successional gradient, such as stomata size and density. By comparing different permutation models in the Fourth Corner Analysis, we found that the trait-environment link was based more on the association of species with the environment than of the communities with species traits. The strong species-environment association was brought about by a clear gradient in species composition along the succession series, while communities were not well differentiated in mean trait composition. In contrast, intraspecific trait variation did not show close environmental relationships. The study confirmed the role of environmental trait filtering in subtropical forests, with traits associated with the leaf economics spectrum being the most responsive ones

The influence of the landscape structure within buffer zones, catchment land use and instream environmental variables on mollusc communities in a medium-sized lowland river

The world’s freshwater molluscan fauna is facing unprecedented threats from habitat loss and degradation. Declines in native populations are mostly attributed to the human impact, which results in reduced water quality. The objectives of our survey were to analyse the structure of the mollusc communities in a medium-sized lowland river and to determine the most important environmental variables at different spatial scales, including landscape structure, catchment land use and instream environmental factors that influence their structure. Our survey showed that a medium-sized river, that flows through areas included in the European Ecological Natura 2000 Network Programme of protected sites, provides diverse instream habitats and niches that support 47 mollusc species including Unio crassus, a bivalve of Community interest, whose conservation requires the designation of a special conservation area under the Habitats Directive Natura 2000. This survey showed that mollusc communities are impacted by several environmental variables that act together at multiple scales. The landscape structure within buffer zones, catchment land use and instream environmental variables were all important and influenced the structure of mollusc communities. Therefore, they should all be taken into consideration in the future restoration of the river, future management projects and programmes for the conservation of biodiversity in running waters. The results of this study may be directly applicable for the rehabilitation of river ecosystems and are recommended to stakeholders in their future decision concerning landscape planning, monitoring species and their habitats, conservation plans and management in accordance with the requirements of sustainable development

A program logic for resources

AbstractWe introduce a reasoning infrastructure for proving statements about resource consumption in a fragment of the Java Virtual Machine Language (JVML). The infrastructure is based on a small hierarchy of program logics, with increasing levels of abstraction: at the top there is a type system for a high-level language that encodes resource consumption. The infrastructure is designed to be used in a proof-carrying code (PCC) scenario, where mobile programs can be equipped with formal evidence that they have predictable resource behaviour.This article focuses on the core logic in our infrastructure, a VDM-style program logic for partial correctness, which can make statements about resource consumption alongside functional behaviour. We establish some important results for this logic, including soundness and completeness with respect to a resource-aware operational semantics for the JVML. We also present a second logic built on top of the core logic, which is used to express termination; it too is shown to be sound and complete. We then outline how high-level language type systems may be connected to these logics.The entire infrastructure has been formalized in Isabelle/HOL, both to enhance the confidence in our meta-theoretical results, and to provide a prototype implementation for PCC. We give examples to show the usefulness of this approach, including proofs of resource bounds on code resulting from compiling high-level functional programs