首页 > 最新文献

Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages最新文献

英文 中文
The type discipline of behavioral separation 行为分离的类型纪律
Luís Caires, J. Seco
We introduce the concept of behavioral separation as a general principle for disciplining interference in higher-order imperative concurrent programs, and present a type-based approach that systematically develops the concept in the context of an ML-like language extended with concurrency and synchronization primitives. Behavioral separation builds on notions originally introduced for behavioral type systems and separation logics, but shifts the focus from the separation of static program state properties towards the separation of dynamic usage behaviors of runtime values. Behavioral separation types specify how values may be safely used by client code, and can enforce fine-grained interference control disciplines while preserving compositionality, information hiding, and flexibility. We illustrate how our type system, even if based on a small set of general primitives, is already able to tackle fairly challenging program idioms, involving aliasing at various types, concurrency with first-class threads, manipulation of linked data structures, behavioral borrowing, and invariant-based separation.
我们引入了行为分离的概念,作为高阶命令式并发程序中规范干扰的一般原则,并提出了一种基于类型的方法,该方法在扩展了并发和同步原语的类ml语言的上下文中系统地发展了这一概念。行为分离建立在最初为行为类型系统和分离逻辑引入的概念之上,但将焦点从静态程序状态属性的分离转移到运行时值的动态使用行为的分离上。行为分离类型指定了客户端代码如何安全地使用值,并且可以在保持组合性、信息隐藏和灵活性的同时强制执行细粒度的干扰控制规则。我们将说明我们的类型系统(即使是基于一小组通用原语)如何已经能够处理相当具有挑战性的程序习惯用法,包括各种类型的混叠、一级线程的并发性、链接数据结构的操作、行为借用和基于不变量的分离。
{"title":"The type discipline of behavioral separation","authors":"Luís Caires, J. Seco","doi":"10.1145/2429069.2429103","DOIUrl":"https://doi.org/10.1145/2429069.2429103","url":null,"abstract":"We introduce the concept of behavioral separation as a general principle for disciplining interference in higher-order imperative concurrent programs, and present a type-based approach that systematically develops the concept in the context of an ML-like language extended with concurrency and synchronization primitives. Behavioral separation builds on notions originally introduced for behavioral type systems and separation logics, but shifts the focus from the separation of static program state properties towards the separation of dynamic usage behaviors of runtime values. Behavioral separation types specify how values may be safely used by client code, and can enforce fine-grained interference control disciplines while preserving compositionality, information hiding, and flexibility. We illustrate how our type system, even if based on a small set of general primitives, is already able to tackle fairly challenging program idioms, involving aliasing at various types, concurrency with first-class threads, manipulation of linked data structures, behavioral borrowing, and invariant-based separation.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"18 1","pages":"275-286"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88295866","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 33
The sequential semantics of producer effect systems 生产者效应系统的顺序语义
R. Tate
Effects are fundamental to programming languages. Even the lambda calculus has effects, and consequently the two famous evaluation strategies produce different semantics. As such, much research has been done to improve our understanding of effects. Since Moggi introduced monads for his computational lambda calculus, further generalizations have been designed to formalize increasingly complex computational effects, such as indexed monads followed by layered monads followed by parameterized monads. This succession prompted us to determine the most general formalization possible. In searching for this formalization we came across many surprises, such as the insufficiencies of arrows, as well as many unexpected insights, such as the importance of considering an effect as a small component of a whole system rather than just an isolated feature. In this paper we present our semantic formalization for producer effect systems, which we call a productor, and prove its maximal generality by focusing on only sequential composition of effectful computations, consequently guaranteeing that the existing monadic techniques are specializations of productors.
效果是编程语言的基础。甚至lambda演算也有影响,因此这两种著名的求值策略产生了不同的语义。因此,已经进行了大量的研究来提高我们对影响的理解。自从Moggi在他的计算lambda演算中引入了单子之后,进一步的推广被设计成形式化日益复杂的计算效果,比如索引单子、分层单子和参数化单子。这种继承促使我们尽可能确定最普遍的形式化。在寻找这种形式化的过程中,我们遇到了许多意外,例如箭头的不足,以及许多意想不到的见解,例如将效果视为整个系统的一个小组件而不仅仅是一个孤立的特性的重要性。本文提出了生产者效应系统的语义形式化,我们称之为生产者效应系统,并通过只关注有效计算的顺序组合证明了它的最大通用性,从而保证了现有的一元技术是生产者的专门化。
{"title":"The sequential semantics of producer effect systems","authors":"R. Tate","doi":"10.1145/2429069.2429074","DOIUrl":"https://doi.org/10.1145/2429069.2429074","url":null,"abstract":"Effects are fundamental to programming languages. Even the lambda calculus has effects, and consequently the two famous evaluation strategies produce different semantics. As such, much research has been done to improve our understanding of effects. Since Moggi introduced monads for his computational lambda calculus, further generalizations have been designed to formalize increasingly complex computational effects, such as indexed monads followed by layered monads followed by parameterized monads. This succession prompted us to determine the most general formalization possible. In searching for this formalization we came across many surprises, such as the insufficiencies of arrows, as well as many unexpected insights, such as the importance of considering an effect as a small component of a whole system rather than just an isolated feature. In this paper we present our semantic formalization for producer effect systems, which we call a productor, and prove its maximal generality by focusing on only sequential composition of effectful computations, consequently guaranteeing that the existing monadic techniques are specializations of productors.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"105 1","pages":"15-26"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86263496","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 34
The power of parameterization in coinductive proof 参数化在共归纳证明中的作用
C. Hur, Georg Neis, Derek Dreyer, Viktor Vafeiadis
Coinduction is one of the most basic concepts in computer science. It is therefore surprising that the commonly-known lattice-theoretic accounts of the principles underlying coinductive proofs are lacking in two key respects: they do not support compositional reasoning (i.e. breaking proofs into separate pieces that can be developed in isolation), and they do not support incremental reasoning (i.e. developing proofs interactively by starting from the goal and generalizing the coinduction hypothesis repeatedly as necessary). In this paper, we show how to support coinductive proofs that are both compositional and incremental, using a dead simple construction we call the parameterized greatest fixed point. The basic idea is to parameterize the greatest fixed point of interest over the accumulated knowledge of "the proof so far". While this idea has been proposed before, by Winskel in 1989 and by Moss in 2001, neither of the previous accounts suggests its general applicability to improving the state of the art in interactive coinductive proof. In addition to presenting the lattice-theoretic foundations of parameterized coinduction, demonstrating its utility on representative examples, and studying its composition with "up-to" techniques, we also explore its mechanization in proof assistants like Coq and Isabelle. Unlike traditional approaches to mechanizing coinduction (e.g. Coq's cofix), which employ syntactic "guardedness checking", parameterized coinduction offers a semantic account of guardedness. This leads to faster and more robust proof development, as we demonstrate using our new Coq library, Paco.
共归纳是计算机科学中最基本的概念之一。因此,令人惊讶的是,众所周知的关于协归纳证明基础原理的格理论在两个关键方面是缺乏的:它们不支持组合推理(即,将证明分解成可以单独发展的单独部分),它们不支持增量推理(即,通过从目标开始交互式地发展证明,并在必要时重复推广协归纳假设)。在本文中,我们展示了如何使用一个非常简单的构造来支持复合和增量的共归纳证明,我们称之为参数化最大不动点。其基本思想是在“迄今为止的证明”积累的知识中参数化最大不动的兴趣点。虽然这一观点在1989年由Winskel和2001年由Moss提出,但之前的两种说法都没有表明它普遍适用于改进交互式共归纳证明的技术水平。除了介绍参数化协归纳的晶格理论基础,在代表性例子上展示其效用,并研究其与“up-to”技术的组成外,我们还探索了它在Coq和Isabelle等证明助手中的机械化。与传统的机械化协同归纳方法(例如Coq的cofix)不同,它使用语法上的“保护性检查”,参数化协同归纳提供了对保护性的语义解释。这将导致更快、更健壮的证明开发,正如我们使用新的Coq库Paco所演示的那样。
{"title":"The power of parameterization in coinductive proof","authors":"C. Hur, Georg Neis, Derek Dreyer, Viktor Vafeiadis","doi":"10.1145/2429069.2429093","DOIUrl":"https://doi.org/10.1145/2429069.2429093","url":null,"abstract":"Coinduction is one of the most basic concepts in computer science. It is therefore surprising that the commonly-known lattice-theoretic accounts of the principles underlying coinductive proofs are lacking in two key respects: they do not support compositional reasoning (i.e. breaking proofs into separate pieces that can be developed in isolation), and they do not support incremental reasoning (i.e. developing proofs interactively by starting from the goal and generalizing the coinduction hypothesis repeatedly as necessary).\u0000 In this paper, we show how to support coinductive proofs that are both compositional and incremental, using a dead simple construction we call the parameterized greatest fixed point. The basic idea is to parameterize the greatest fixed point of interest over the accumulated knowledge of \"the proof so far\". While this idea has been proposed before, by Winskel in 1989 and by Moss in 2001, neither of the previous accounts suggests its general applicability to improving the state of the art in interactive coinductive proof.\u0000 In addition to presenting the lattice-theoretic foundations of parameterized coinduction, demonstrating its utility on representative examples, and studying its composition with \"up-to\" techniques, we also explore its mechanization in proof assistants like Coq and Isabelle. Unlike traditional approaches to mechanizing coinduction (e.g. Coq's cofix), which employ syntactic \"guardedness checking\", parameterized coinduction offers a semantic account of guardedness. This leads to faster and more robust proof development, as we demonstrate using our new Coq library, Paco.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"25 1","pages":"193-206"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82199558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 101
Quantitative abstraction refinement 定量抽象细化
Pavol Cerný, T. Henzinger, Arjun Radhakrishna
We propose a general framework for abstraction with respect to quantitative properties, such as worst-case execution time, or power consumption. Our framework provides a systematic way for counter-example guided abstraction refinement for quantitative properties. The salient aspect of the framework is that it allows anytime verification, that is, verification algorithms that can be stopped at any time (for example, due to exhaustion of memory), and report approximations that improve monotonically when the algorithms are given more time. We instantiate the framework with a number of quantitative abstractions and refinement schemes, which differ in terms of how much quantitative information they keep from the original system. We introduce both state-based and trace-based quantitative abstractions, and we describe conditions that define classes of quantitative properties for which the abstractions provide over-approximations. We give algorithms for evaluating the quantitative properties on the abstract systems. We present algorithms for counter-example based refinements for quantitative properties for both state-based and segment-based abstractions. We perform a case study on worst-case execution time of executables to evaluate the anytime verification aspect and the quantitative abstractions we proposed.
我们提出了一个关于定量属性的抽象的一般框架,比如最坏情况下的执行时间,或者功耗。我们的框架为定量性质的反例引导抽象细化提供了一种系统的方法。该框架的突出方面是它允许随时验证,也就是说,验证算法可以在任何时候停止(例如,由于内存耗尽),并且当算法被给予更多时间时,报告的近似值会单调地改进。我们用大量的定量抽象和细化方案实例化框架,这些方案的不同之处在于它们从原始系统中保留了多少定量信息。我们引入了基于状态和基于跟踪的定量抽象,并描述了定义定量属性类的条件,抽象为这些类提供了过度近似。给出了评价抽象系统定量性质的算法。我们提出了基于反例的算法,用于基于状态和基于段的抽象的定量属性的改进。我们对可执行文件的最坏情况执行时间进行了案例研究,以评估随时验证方面和我们提出的定量抽象。
{"title":"Quantitative abstraction refinement","authors":"Pavol Cerný, T. Henzinger, Arjun Radhakrishna","doi":"10.1145/2429069.2429085","DOIUrl":"https://doi.org/10.1145/2429069.2429085","url":null,"abstract":"We propose a general framework for abstraction with respect to quantitative properties, such as worst-case execution time, or power consumption. Our framework provides a systematic way for counter-example guided abstraction refinement for quantitative properties. The salient aspect of the framework is that it allows anytime verification, that is, verification algorithms that can be stopped at any time (for example, due to exhaustion of memory), and report approximations that improve monotonically when the algorithms are given more time.\u0000 We instantiate the framework with a number of quantitative abstractions and refinement schemes, which differ in terms of how much quantitative information they keep from the original system. We introduce both state-based and trace-based quantitative abstractions, and we describe conditions that define classes of quantitative properties for which the abstractions provide over-approximations. We give algorithms for evaluating the quantitative properties on the abstract systems. We present algorithms for counter-example based refinements for quantitative properties for both state-based and segment-based abstractions. We perform a case study on worst-case execution time of executables to evaluate the anytime verification aspect and the quantitative abstractions we proposed.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"38 1","pages":"115-128"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73994212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 29
Plan B: a buffered memory model for Java 方案B: Java的缓冲内存模型
Delphine Demange, Vincent Laporte, Lei Zhao, S. Jagannathan, David Pichardie, J. Vitek
Recent advances in verification have made it possible to envision trusted implementations of real-world languages. Java with its type-safety and fully specified semantics would appear to be an ideal candidate; yet, the complexity of the translation steps used in production virtual machines have made it a challenging target for verifying compiler technology. One of Java's key innovations, its memory model, poses significant obstacles to such an endeavor. The Java Memory Model is an ambitious attempt at specifying the behavior of multithreaded programs in a portable, hardware agnostic, way. While experts have an intuitive grasp of the properties that the model should enjoy, the specification is complex and not well-suited for integration within a verifying compiler infrastructure. Moreover, the specification is given in an axiomatic style that is distant from the intuitive reordering-based reasonings traditionally used to justify or rule out behaviors, and ill suited to the kind of operational reasoning one would expect to employ in a compiler. This paper takes a step back, and introduces a Buffered Memory Model (BMM) for Java. We choose a pragmatic point in the design space sacrificing generality in favor of a model that is fully characterized in terms of the reorderings it allows, amenable to formal reasoning, and which can be efficiently applied to a specific hardware family, namely x86 multiprocessors. Although the BMM restricts the reorderings compilers are allowed to perform, it serves as the key enabling device to achieving a verification pathway from bytecode to machine instructions. Despite its restrictions, we show that it is backwards compatible with the Java Memory Model and that it does not cripple performance on TSO architectures.
验证方面的最新进展已经使设想真实世界语言的可信实现成为可能。具有类型安全和完全指定语义的Java似乎是一个理想的候选者;然而,生产虚拟机中使用的翻译步骤的复杂性使得验证编译器技术成为一个具有挑战性的目标。Java的关键创新之一,它的内存模型,给这种努力带来了巨大的障碍。Java内存模型是一项雄心勃勃的尝试,旨在以可移植的、与硬件无关的方式指定多线程程序的行为。虽然专家对模型应该享有的属性有直观的把握,但是规范是复杂的,并且不适合在验证编译器基础结构中集成。此外,该规范以一种公理的风格给出,与传统上用于证明或排除行为的基于重新排序的直观推理相去甚远,并且不适合期望在编译器中使用的那种操作推理。本文退一步介绍了Java的缓冲内存模型(BMM)。我们在设计空间中选择了一个实用的点,牺牲了通用性,以支持一个模型,该模型在其允许的重新排序方面具有完全的特征,符合形式推理,并且可以有效地应用于特定的硬件系列,即x86多处理器。尽管BMM限制了编译器允许执行的重排序,但它是实现从字节码到机器指令的验证路径的关键启用设备。尽管有其限制,但我们证明了它与Java内存模型向后兼容,并且不会削弱TSO体系结构上的性能。
{"title":"Plan B: a buffered memory model for Java","authors":"Delphine Demange, Vincent Laporte, Lei Zhao, S. Jagannathan, David Pichardie, J. Vitek","doi":"10.1145/2429069.2429110","DOIUrl":"https://doi.org/10.1145/2429069.2429110","url":null,"abstract":"Recent advances in verification have made it possible to envision trusted implementations of real-world languages. Java with its type-safety and fully specified semantics would appear to be an ideal candidate; yet, the complexity of the translation steps used in production virtual machines have made it a challenging target for verifying compiler technology. One of Java's key innovations, its memory model, poses significant obstacles to such an endeavor. The Java Memory Model is an ambitious attempt at specifying the behavior of multithreaded programs in a portable, hardware agnostic, way. While experts have an intuitive grasp of the properties that the model should enjoy, the specification is complex and not well-suited for integration within a verifying compiler infrastructure. Moreover, the specification is given in an axiomatic style that is distant from the intuitive reordering-based reasonings traditionally used to justify or rule out behaviors, and ill suited to the kind of operational reasoning one would expect to employ in a compiler. This paper takes a step back, and introduces a Buffered Memory Model (BMM) for Java. We choose a pragmatic point in the design space sacrificing generality in favor of a model that is fully characterized in terms of the reorderings it allows, amenable to formal reasoning, and which can be efficiently applied to a specific hardware family, namely x86 multiprocessors. Although the BMM restricts the reorderings compilers are allowed to perform, it serves as the key enabling device to achieving a verification pathway from bytecode to machine instructions. Despite its restrictions, we show that it is backwards compatible with the Java Memory Model and that it does not cripple performance on TSO architectures.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"1 1","pages":"329-342"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90326665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
A model-learner pattern for bayesian reasoning 贝叶斯推理的模型-学习者模式
A. Gordon, Mihhail Aizatulin, J. Borgström, Guillaume Claret, T. Graepel, A. Nori, S. Rajamani, Claudio V. Russo
A Bayesian model is based on a pair of probability distributions, known as the prior and sampling distributions. A wide range of fundamental machine learning tasks, including regression, classification, clustering, and many others, can all be seen as Bayesian models. We propose a new probabilistic programming abstraction, a typed Bayesian model, which is based on a pair of probabilistic expressions for the prior and sampling distributions. A sampler for a model is an algorithm to compute synthetic data from its sampling distribution, while a learner for a model is an algorithm for probabilistic inference on the model. Models, samplers, and learners form a generic programming pattern for model-based inference. They support the uniform expression of common tasks including model testing, and generic compositions such as mixture models, evidence-based model averaging, and mixtures of experts. A formal semantics supports reasoning about model equivalence and implementation correctness. By developing a series of examples and three learner implementations based on exact inference, factor graphs, and Markov chain Monte Carlo, we demonstrate the broad applicability of this new programming pattern.
贝叶斯模型是基于一对概率分布,即先验分布和抽样分布。广泛的基本机器学习任务,包括回归、分类、聚类和许多其他任务,都可以被视为贝叶斯模型。我们提出了一种新的概率规划抽象,即基于先验分布和抽样分布的一对概率表达式的类型化贝叶斯模型。模型的采样器是一种从样本分布中计算合成数据的算法,而模型的学习器是一种对模型进行概率推理的算法。模型、采样器和学习器形成了基于模型的推理的通用编程模式。它们支持通用任务的统一表达,包括模型测试,以及诸如混合模型、循证模型平均和专家混合等通用组合。形式化语义支持关于模型等价性和实现正确性的推理。通过开发一系列示例和三种基于精确推理、因子图和马尔可夫链蒙特卡罗的学习器实现,我们展示了这种新的编程模式的广泛适用性。
{"title":"A model-learner pattern for bayesian reasoning","authors":"A. Gordon, Mihhail Aizatulin, J. Borgström, Guillaume Claret, T. Graepel, A. Nori, S. Rajamani, Claudio V. Russo","doi":"10.1145/2429069.2429119","DOIUrl":"https://doi.org/10.1145/2429069.2429119","url":null,"abstract":"A Bayesian model is based on a pair of probability distributions, known as the prior and sampling distributions. A wide range of fundamental machine learning tasks, including regression, classification, clustering, and many others, can all be seen as Bayesian models. We propose a new probabilistic programming abstraction, a typed Bayesian model, which is based on a pair of probabilistic expressions for the prior and sampling distributions. A sampler for a model is an algorithm to compute synthetic data from its sampling distribution, while a learner for a model is an algorithm for probabilistic inference on the model. Models, samplers, and learners form a generic programming pattern for model-based inference. They support the uniform expression of common tasks including model testing, and generic compositions such as mixture models, evidence-based model averaging, and mixtures of experts. A formal semantics supports reasoning about model equivalence and implementation correctness. By developing a series of examples and three learner implementations based on exact inference, factor graphs, and Markov chain Monte Carlo, we demonstrate the broad applicability of this new programming pattern.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"59 1","pages":"403-416"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79928942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 34
A theorem prover for Boolean BI 布尔BI的定理证明
Jonghyun Park, Jeongbong Seo, Sungwoo Park
While separation logic is acknowledged as an enabling technology for large-scale program verification, most of the existing verification tools use only a fragment of separation logic that excludes separating implication. As the first step towards a verification tool using full separation logic, we develop a nested sequent calculus for Boolean BI (Bunched Implications), the underlying theory of separation logic, as well as a theorem prover based on it. A salient feature of our nested sequent calculus is that its sequent may have not only smaller child sequents but also multiple parent sequents, thus producing a graph structure of sequents instead of a tree structure. Our theorem prover is based on backward search in a refinement of the nested sequent calculus in which weakening and contraction are built into all the inference rules. We explain the details of designing our theorem prover and provide empirical evidence of its practicality.
虽然分离逻辑被认为是大规模程序验证的支持技术,但大多数现有的验证工具只使用分离逻辑的一小部分,不包括分离隐含。作为使用完整分离逻辑的验证工具的第一步,我们开发了布尔BI(束暗示)的嵌套序列演算,分离逻辑的底层理论,以及基于它的定理证明器。我们的嵌套序列演算的一个显著特点是,它的序列不仅可以有较小的子序列,而且可以有多个父序列,从而产生序列的图结构而不是树结构。我们的定理证明是基于对嵌套序列演算的改进中的向后搜索,其中在所有推理规则中都内置了弱化和收缩。我们解释了设计定理证明器的细节,并提供了其实用性的经验证据。
{"title":"A theorem prover for Boolean BI","authors":"Jonghyun Park, Jeongbong Seo, Sungwoo Park","doi":"10.1145/2429069.2429095","DOIUrl":"https://doi.org/10.1145/2429069.2429095","url":null,"abstract":"While separation logic is acknowledged as an enabling technology for large-scale program verification, most of the existing verification tools use only a fragment of separation logic that excludes separating implication. As the first step towards a verification tool using full separation logic, we develop a nested sequent calculus for Boolean BI (Bunched Implications), the underlying theory of separation logic, as well as a theorem prover based on it. A salient feature of our nested sequent calculus is that its sequent may have not only smaller child sequents but also multiple parent sequents, thus producing a graph structure of sequents instead of a tree structure. Our theorem prover is based on backward search in a refinement of the nested sequent calculus in which weakening and contraction are built into all the inference rules. We explain the details of designing our theorem prover and provide empirical evidence of its practicality.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"45 1","pages":"219-232"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79741892","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Engineering mathematics: the odd order theorem proof 工程数学:奇次定理的证明
Georges Gonthier
Even with the assistance of computer tools, the formalized de-scription and verification of research-level mathematics remains a daunting task, not least because of the talent with which mathema-ticians combine diverse theories to achieve their ends. By combin-ing tools and techniques from type theory, language design, and software engineering we have managed to capture enough of these practices to formalize the proof of the Odd Order theorem, a landmark result in Group Theory.
即使在计算机工具的帮助下,研究级数学的形式化描述和验证仍然是一项艰巨的任务,尤其是因为数学家们结合各种理论以达到目的的才能。通过结合来自类型论、语言设计和软件工程的工具和技术,我们已经设法捕获了足够的这些实践来形式化奇序定理的证明,奇序定理是群论中的一个里程碑式的结果。
{"title":"Engineering mathematics: the odd order theorem proof","authors":"Georges Gonthier","doi":"10.1145/2429069.2429071","DOIUrl":"https://doi.org/10.1145/2429069.2429071","url":null,"abstract":"Even with the assistance of computer tools, the formalized de-scription and verification of research-level mathematics remains a daunting task, not least because of the talent with which mathema-ticians combine diverse theories to achieve their ends. By combin-ing tools and techniques from type theory, language design, and software engineering we have managed to capture enough of these practices to formalize the proof of the Odd Order theorem, a landmark result in Group Theory.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"468 1","pages":"1-2"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84751789","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
Subjective auxiliary state for coarse-grained concurrency 粗粒度并发的主观辅助状态
Ruy Ley-Wild, Aleksandar Nanevski
From Owicki-Gries' Resource Invariants and Jones' Rely/Guarantee to modern variants based on Separation Logic, axiomatic logics for concurrency require auxiliary state to explicitly relate the effect of all threads to the global invariant on the shared resource. Unfortunately, auxiliary state gives the proof of an individual thread access to the auxiliaries of all other threads. This makes proofs sensitive to the global context, which prevents local reasoning and compositionality. To tame this historical difficulty of auxiliary state, we propose subjective auxiliary state, whereby each thread is verified using a self view (i.e., the thread's effect on the shared resource) and an other view (i.e., the collective effect of all the other threads). Subjectivity generalizes auxiliary state from stacks and heaps to user-chosen partial commutative monoids, which can eliminate the dependence on the global thread structure. We employ subjectivity to formulate Subjective Concurrent Separation Logic as a combination of subjective auxiliary state and Concurrent Separation Logic. The logic yields simple, compositional proofs of coarse-grained concurrent programs that use auxiliary state, and scales to support higher-order recursive procedures that can themselves fork new threads. We prove the soundness of the logic with a novel denotational semantics of action trees and a definition of safety using rely/guarantee transitions over a large subjective footprint. We have mechanized the denotational semantics, logic, metatheory, and a number of examples by a shallow embedding in Coq.
从Owicki-Gries的资源不变量和Jones的依赖/保证到基于分离逻辑的现代变体,并发的公理逻辑需要辅助状态来显式地将所有线程对共享资源的全局不变量的影响联系起来。不幸的是,辅助状态证明了一个线程可以访问所有其他线程的辅助状态。这使得证明对全局上下文敏感,从而阻止了局部推理和组合性。为了克服辅助状态的历史困难,我们提出了主观辅助状态,即每个线程使用一个自我视图(即线程对共享资源的影响)和另一个视图(即所有其他线程的集体影响)来验证。主观性将辅助状态从栈和堆推广到用户选择的部分可交换单群,从而消除了对全局线程结构的依赖。我们利用主观性将主观辅助状态与并发分离逻辑相结合,形成主观并发分离逻辑。该逻辑生成使用辅助状态的粗粒度并发程序的简单组合证明,并扩展到支持可以派生新线程的高阶递归过程。我们用一个新的动作树的指称语义和一个使用依赖/保证转换的安全定义来证明逻辑的合理性。通过在Coq中进行浅嵌入,我们机械化了指称语义、逻辑、元理论和一些例子。
{"title":"Subjective auxiliary state for coarse-grained concurrency","authors":"Ruy Ley-Wild, Aleksandar Nanevski","doi":"10.1145/2429069.2429134","DOIUrl":"https://doi.org/10.1145/2429069.2429134","url":null,"abstract":"From Owicki-Gries' Resource Invariants and Jones' Rely/Guarantee to modern variants based on Separation Logic, axiomatic logics for concurrency require auxiliary state to explicitly relate the effect of all threads to the global invariant on the shared resource. Unfortunately, auxiliary state gives the proof of an individual thread access to the auxiliaries of all other threads. This makes proofs sensitive to the global context, which prevents local reasoning and compositionality.\u0000 To tame this historical difficulty of auxiliary state, we propose subjective auxiliary state, whereby each thread is verified using a self view (i.e., the thread's effect on the shared resource) and an other view (i.e., the collective effect of all the other threads). Subjectivity generalizes auxiliary state from stacks and heaps to user-chosen partial commutative monoids, which can eliminate the dependence on the global thread structure.\u0000 We employ subjectivity to formulate Subjective Concurrent Separation Logic as a combination of subjective auxiliary state and Concurrent Separation Logic. The logic yields simple, compositional proofs of coarse-grained concurrent programs that use auxiliary state, and scales to support higher-order recursive procedures that can themselves fork new threads. We prove the soundness of the logic with a novel denotational semantics of action trees and a definition of safety using rely/guarantee transitions over a large subjective footprint. We have mechanized the denotational semantics, logic, metatheory, and a number of examples by a shallow embedding in Coq.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"82 1","pages":"561-574"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88775695","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 62
Full abstraction for nominal Scott domains 对名义Scott域的完全抽象
Steffen Lösch, A. Pitts
We develop a domain theory within nominal sets and present programming language constructs and results that can be gained from this approach. The development is based on the concept of orbit-finite subset, that is, a subset of a nominal sets that is both finitely supported and contained in finitely many orbits. This concept appears prominently in the recent research programme of Bojanczyk et al. on automata over infinite languages, and our results establish a connection between their work and a characterisation of topological compactness discovered, in a quite different setting, by Winskel and Turner as part of a nominal domain theory for concurrency. We use this connection to derive a notion of Scott domain within nominal sets. The functionals for existential quantification over names and `definite description' over names turn out to be compact in the sense appropriate for nominal Scott domains. Adding them, together with parallel-or, to a programming language for recursively defined higher-order functions with name abstraction and locally scoped names, we prove a full abstraction result for nominal Scott domains analogous to Plotkin's classic result about PCF and conventional Scott domains: two program phrases have the same observable operational behaviour in all contexts if and only if they denote equal elements of the nominal Scott domain model. This is the first full abstraction result we know of for higher-order functions with local names that uses a domain theory based on ordinary extensional functions, rather than using the more intensional approach of game semantics.
我们在标称集内发展了一个领域理论,并提出了从这种方法中可以获得的编程语言结构和结果。这一发展是基于轨道有限子集的概念,即一个标称集合的子集,它既被有限支持又被包含在有限多个轨道中。这一概念在Bojanczyk等人最近关于无限语言上的自动机的研究计划中表现突出,我们的结果建立了他们的工作与拓扑紧致性特征之间的联系,在一个完全不同的环境中,winskkel和Turner发现了拓扑紧致性,作为并发性的名义领域理论的一部分。我们利用这个联系导出了名义集合内的斯科特域的概念。名称上的存在量化泛函和名称上的“确定描述”泛函在适合名义斯科特域的意义上是紧凑的。将它们与parallel-or一起添加到具有名称抽象和局部作用域名称的递归定义高阶函数的编程语言中,我们证明了名义Scott域的完全抽象结果,类似于Plotkin关于PCF和传统Scott域的经典结果:两个程序短语在所有上下文中具有相同的可观察操作行为,当且仅当它们表示名义Scott域模型的相等元素。这是我们所知道的第一个具有局部名称的高阶函数的完整抽象结果,它使用基于普通外延函数的域理论,而不是使用更内蕴的游戏语义方法。
{"title":"Full abstraction for nominal Scott domains","authors":"Steffen Lösch, A. Pitts","doi":"10.1145/2429069.2429073","DOIUrl":"https://doi.org/10.1145/2429069.2429073","url":null,"abstract":"We develop a domain theory within nominal sets and present programming language constructs and results that can be gained from this approach. The development is based on the concept of orbit-finite subset, that is, a subset of a nominal sets that is both finitely supported and contained in finitely many orbits. This concept appears prominently in the recent research programme of Bojanczyk et al. on automata over infinite languages, and our results establish a connection between their work and a characterisation of topological compactness discovered, in a quite different setting, by Winskel and Turner as part of a nominal domain theory for concurrency. We use this connection to derive a notion of Scott domain within nominal sets. The functionals for existential quantification over names and `definite description' over names turn out to be compact in the sense appropriate for nominal Scott domains. Adding them, together with parallel-or, to a programming language for recursively defined higher-order functions with name abstraction and locally scoped names, we prove a full abstraction result for nominal Scott domains analogous to Plotkin's classic result about PCF and conventional Scott domains: two program phrases have the same observable operational behaviour in all contexts if and only if they denote equal elements of the nominal Scott domain model. This is the first full abstraction result we know of for higher-order functions with local names that uses a domain theory based on ordinary extensional functions, rather than using the more intensional approach of game semantics.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"7 1","pages":"3-14"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86223567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
期刊
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1