Pub Date : 2023-07-31DOI: 10.1007/s10703-023-00427-w
Felix A. Wolf, Malte Schwerhoff, Peter Müller
Abstract Modern separation logics allow one to prove rich properties of intricate code, e.g., functional correctness and linearizability of non-blocking concurrent code. However, this expressiveness leads to a complexity that makes these logics difficult to apply. Manual proofs or proofs in interactive theorem provers consist of a large number of steps, often with subtle side conditions. On the other hand, automation with dedicated verifiers typically requires sophisticated proof search algorithms that are specific to the given program logic, resulting in limited tool support that makes it difficult to experiment with program logics, e.g., when learning, improving, or comparing them. Proof outline checkers fill this gap. Their input is a program annotated with the most essential proof steps, just like the proof outlines typically presented in papers. The tool then checks automatically that this outline represents a valid proof in the program logic. In this paper, we systematically develop a proof outline checker for the TaDA logic, which reduces the checking to a simpler verification problem, for which automated tools exist. Our approach leads to proof outline checkers that provide substantially more automation than interactive provers, but are much simpler to develop than custom automatic verifiers.
{"title":"Concise outlines for a complex logic: a proof outline checker for TaDA","authors":"Felix A. Wolf, Malte Schwerhoff, Peter Müller","doi":"10.1007/s10703-023-00427-w","DOIUrl":"https://doi.org/10.1007/s10703-023-00427-w","url":null,"abstract":"Abstract Modern separation logics allow one to prove rich properties of intricate code, e.g., functional correctness and linearizability of non-blocking concurrent code. However, this expressiveness leads to a complexity that makes these logics difficult to apply. Manual proofs or proofs in interactive theorem provers consist of a large number of steps, often with subtle side conditions. On the other hand, automation with dedicated verifiers typically requires sophisticated proof search algorithms that are specific to the given program logic, resulting in limited tool support that makes it difficult to experiment with program logics, e.g., when learning, improving, or comparing them. Proof outline checkers fill this gap. Their input is a program annotated with the most essential proof steps, just like the proof outlines typically presented in papers. The tool then checks automatically that this outline represents a valid proof in the program logic. In this paper, we systematically develop a proof outline checker for the TaDA logic, which reduces the checking to a simpler verification problem, for which automated tools exist. Our approach leads to proof outline checkers that provide substantially more automation than interactive provers, but are much simpler to develop than custom automatic verifiers.","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135154480","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-14DOI: 10.1007/s10703-022-00407-6
Florian Renkin, Philipp Schlehuber-Caissier, A. Duret-Lutz, Adrien Pommellet
{"title":"Dissecting ltlsynt","authors":"Florian Renkin, Philipp Schlehuber-Caissier, A. Duret-Lutz, Adrien Pommellet","doi":"10.1007/s10703-022-00407-6","DOIUrl":"https://doi.org/10.1007/s10703-022-00407-6","url":null,"abstract":"","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":" ","pages":""},"PeriodicalIF":0.8,"publicationDate":"2023-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43309901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-07DOI: 10.1007/s10703-023-00431-0
B. Bollig, Mathieu Lehaut, N. Sznajder
{"title":"Round- and context-bounded control of dynamic pushdown systems","authors":"B. Bollig, Mathieu Lehaut, N. Sznajder","doi":"10.1007/s10703-023-00431-0","DOIUrl":"https://doi.org/10.1007/s10703-023-00431-0","url":null,"abstract":"","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":" ","pages":""},"PeriodicalIF":0.8,"publicationDate":"2023-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43319758","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Symbolic encoding of LL(1) parsing and its applications","authors":"Pankaj Kumar Kalita, Dhruv Singal, Palak Agarwal, Saket Jhunjhunwala, Subhajit Roy","doi":"10.1007/s10703-023-00420-3","DOIUrl":"https://doi.org/10.1007/s10703-023-00420-3","url":null,"abstract":"","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":" ","pages":""},"PeriodicalIF":0.8,"publicationDate":"2023-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49049947","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-21DOI: 10.1007/s10703-023-00428-9
Felipe Gorostiaga, César Sánchez
{"title":"Runtime verification of real-time event streams using the tool HStriver","authors":"Felipe Gorostiaga, César Sánchez","doi":"10.1007/s10703-023-00428-9","DOIUrl":"https://doi.org/10.1007/s10703-023-00428-9","url":null,"abstract":"","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136355708","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-26DOI: 10.1007/s10703-023-00415-0
Tiago Cogumbreiro, J. Lange, Dennis Liew, Hannah Zicarelli
{"title":"Memory access protocols: certified data-race freedom for GPU kernels","authors":"Tiago Cogumbreiro, J. Lange, Dennis Liew, Hannah Zicarelli","doi":"10.1007/s10703-023-00415-0","DOIUrl":"https://doi.org/10.1007/s10703-023-00415-0","url":null,"abstract":"","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":"1 1","pages":""},"PeriodicalIF":0.8,"publicationDate":"2023-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43050909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-17DOI: 10.1007/s10703-023-00422-1
Luca Di Stefano, Frédéric Lang
{"title":"Compositional verification of priority systems using sharp bisimulation","authors":"Luca Di Stefano, Frédéric Lang","doi":"10.1007/s10703-023-00422-1","DOIUrl":"https://doi.org/10.1007/s10703-023-00422-1","url":null,"abstract":"","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":" ","pages":""},"PeriodicalIF":0.8,"publicationDate":"2023-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44689100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-16DOI: 10.1007/s10703-023-00417-y
Azadeh Farzan, Victor Nicolet
{"title":"Partial bounding for recursive function synthesis","authors":"Azadeh Farzan, Victor Nicolet","doi":"10.1007/s10703-023-00417-y","DOIUrl":"https://doi.org/10.1007/s10703-023-00417-y","url":null,"abstract":"","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":" ","pages":""},"PeriodicalIF":0.8,"publicationDate":"2023-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45330897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-12DOI: 10.1007/s10703-023-00409-y
Alasdair Armstrong, Brian Campbell, Ben Simner, Christopher Pulte, Peter Sewell
Abstract Architecture specifications such as Armv8-A and RISC-V are the ultimate foundation for software verification and the correctness criteria for hardware verification. They should define the allowed sequential and relaxed-memory concurrency behaviour of programs, but hitherto there has been no integration of full-scale instruction-set architecture (ISA) semantics with axiomatic concurrency models, either in mathematics or in tools. These ISA semantics can be surprisingly large and intricate, e.g. 100k $$+$$ + lines for Armv8-A. In this paper we present a tool, Isla, for computing the allowed behaviours of concurrent litmus tests with respect to full-scale ISA definitions, in the Sail language, and arbitrary axiomatic relaxed-memory concurrency models, in the Cat language. It is based on a generic symbolic engine for Sail ISA specifications. We equip the tool with a web interface to make it widely accessible, and illustrate and evaluate it for Armv8-A and RISC-V. The symbolic execution engine is valuable also for other verification tasks: it has been used in automated ISA test generation for the Arm Morello prototype architecture, extending Armv8-A with CHERI capabilities, and for Iris program-logic reasoning about binary code above the Armv8-A and RISC-V ISA specifications. By using full-scale and authoritative ISA semantics, Isla lets one evaluate litmus tests using arbitrary user instructions with high confidence. Moreover, because these ISA specifications give detailed and validated definitions of the sequential aspects of systems functionality, as used by hypervisors and operating systems, e.g. instruction fetch, exceptions, and address translation, our tool provides a basis for developing concurrency semantics for these. We demonstrate this for the Armv8-A instruction-fetch and virtual-memory models and examples of Simner et al.
{"title":"Isla: integrating full-scale ISA semantics and axiomatic concurrency models (extended version)","authors":"Alasdair Armstrong, Brian Campbell, Ben Simner, Christopher Pulte, Peter Sewell","doi":"10.1007/s10703-023-00409-y","DOIUrl":"https://doi.org/10.1007/s10703-023-00409-y","url":null,"abstract":"Abstract Architecture specifications such as Armv8-A and RISC-V are the ultimate foundation for software verification and the correctness criteria for hardware verification. They should define the allowed sequential and relaxed-memory concurrency behaviour of programs, but hitherto there has been no integration of full-scale instruction-set architecture (ISA) semantics with axiomatic concurrency models, either in mathematics or in tools. These ISA semantics can be surprisingly large and intricate, e.g. 100k $$+$$ <mml:math xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"> <mml:mo>+</mml:mo> </mml:math> lines for Armv8-A. In this paper we present a tool, Isla, for computing the allowed behaviours of concurrent litmus tests with respect to full-scale ISA definitions, in the Sail language, and arbitrary axiomatic relaxed-memory concurrency models, in the Cat language. It is based on a generic symbolic engine for Sail ISA specifications. We equip the tool with a web interface to make it widely accessible, and illustrate and evaluate it for Armv8-A and RISC-V. The symbolic execution engine is valuable also for other verification tasks: it has been used in automated ISA test generation for the Arm Morello prototype architecture, extending Armv8-A with CHERI capabilities, and for Iris program-logic reasoning about binary code above the Armv8-A and RISC-V ISA specifications. By using full-scale and authoritative ISA semantics, Isla lets one evaluate litmus tests using arbitrary user instructions with high confidence. Moreover, because these ISA specifications give detailed and validated definitions of the sequential aspects of systems functionality, as used by hypervisors and operating systems, e.g. instruction fetch, exceptions, and address translation, our tool provides a basis for developing concurrency semantics for these. We demonstrate this for the Armv8-A instruction-fetch and virtual-memory models and examples of Simner et al.","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135337992","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-10DOI: 10.1007/s10703-023-00424-z
Marcel Moosbrugger, Ezio Bartocci, Joost-Pieter Katoen, Laura Kovács
Abstract We describe the Amber tool for proving and refuting the termination of a class of probabilistic while-programs with polynomial arithmetic, in a fully automated manner. Amber combines martingale theory with properties of asymptotic bounding functions and implements relaxed versions of existing probabilistic termination proof rules to prove/disprove (positive) almost sure termination of probabilistic loops. Amber supports programs parametrized by symbolic constants and drawing from common probability distributions. Our experimental comparisons give practical evidence of Amber outperforming existing state-of-the-art tools.
{"title":"The probabilistic termination tool amber","authors":"Marcel Moosbrugger, Ezio Bartocci, Joost-Pieter Katoen, Laura Kovács","doi":"10.1007/s10703-023-00424-z","DOIUrl":"https://doi.org/10.1007/s10703-023-00424-z","url":null,"abstract":"Abstract We describe the Amber tool for proving and refuting the termination of a class of probabilistic while-programs with polynomial arithmetic, in a fully automated manner. Amber combines martingale theory with properties of asymptotic bounding functions and implements relaxed versions of existing probabilistic termination proof rules to prove/disprove (positive) almost sure termination of probabilistic loops. Amber supports programs parametrized by symbolic constants and drawing from common probability distributions. Our experimental comparisons give practical evidence of Amber outperforming existing state-of-the-art tools.","PeriodicalId":12430,"journal":{"name":"Formal Methods in System Design","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135572692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: