Results 1  10
of
17
Natural termination
 Theoretical Computer Science
"... Abstract. We generalize the various path orderings and the conditions under which they work, and describe an implementation of this general ordering. We look at methods for proving termination of orthogonal systems and give a new solution to a problem of Zantema's. 1 ..."
Abstract

Cited by 84 (11 self)
 Add to MetaCart
(Show Context)
Abstract. We generalize the various path orderings and the conditions under which they work, and describe an implementation of this general ordering. We look at methods for proving termination of orthogonal systems and give a new solution to a problem of Zantema's. 1
Constructing Recursion Operators in Intuitionistic Type Theory
 Journal of Symbolic Computation
, 1984
"... MartinLöf's Intuitionistic Theory of Types is becoming popular for formal reasoning about computer programs. To handle recursion schemes other than primitive recursion, a theory of wellfounded relations is presented. Using primitive recursion over higher types, induction and recursion are for ..."
Abstract

Cited by 22 (5 self)
 Add to MetaCart
(Show Context)
MartinLöf's Intuitionistic Theory of Types is becoming popular for formal reasoning about computer programs. To handle recursion schemes other than primitive recursion, a theory of wellfounded relations is presented. Using primitive recursion over higher types, induction and recursion are formally derived for a large class of wellfounded relations. Included are < on natural numbers, and relations formed by inverse images, addition, multiplication, and exponentiation of other relations. The constructions are given in full detail to allow their use in theorem provers for Type Theory, such as Nuprl. The theory is compared with work in the field of ordinal recursion over higher types.
Proving theorems about Java and the JVM with ACL2
 Models, Algebras and Logic of Engineering Software
, 2003
"... We describe a methodology for proving theorems mechanically about Java methods. The theorem prover used is the ACL2 system, an industrialstrength version of the BoyerMoore theorem prover. An operational semantics for a substantial subset of the Java Virtual Machine (JVM) has been defined in ACL2. ..."
Abstract

Cited by 21 (10 self)
 Add to MetaCart
(Show Context)
We describe a methodology for proving theorems mechanically about Java methods. The theorem prover used is the ACL2 system, an industrialstrength version of the BoyerMoore theorem prover. An operational semantics for a substantial subset of the Java Virtual Machine (JVM) has been defined in ACL2. Theorems are proved about Java methods and classes by compiling them with javac and then proving the corresponding theorem about the JVM. Certain automatically applied strategies are implemented with rewrite rules (and other proofguiding pragmas) in ACL2 “books” to control the theorem prover when operating on problems involving the JVM model. The Java Virtual Machine or JVM [27] is the basic abstraction Java [17] implementors are expected to respect. We speculate that the JVM is an appropriate level of abstraction at which to model Java programs with the intention of mechanically verifying their properties. The most complex features of the Java subset we handle – construction and initialization of new objects, synchronization, thread management, and virtual method invocation – are all supported directly and with full abstraction as single atomic instructions in the JVM. The complexity of verifying JVM bytecode program stems from the complexity of Java’s semantics, not
Dependent type theory of stateful higherorder functions
, 2005
"... In this paper we investigate a logic for reasoning about programs with higherorder functions and effectful features like nontermination and state with aliasing. We propose a dependent type theory HTT (short for Hoare Type Theory), where types serve as program specifications. In case of effectful p ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
In this paper we investigate a logic for reasoning about programs with higherorder functions and effectful features like nontermination and state with aliasing. We propose a dependent type theory HTT (short for Hoare Type Theory), where types serve as program specifications. In case of effectful programs, the type of Hoare triples {P}x:A{Q} specifies the precondition P, the type of the return result A, and the postcondition Q. By CurryHoward isomorphism, a dependent type theory may be viewed as a functional programming language. From this perspective, the type of Hoare triples is a monad, and HTT is a monadic language, whose pure fragment consists of higherorder functions, while the effectful fragment is a full Turingcomplete imperative language with conditionals, loops, recursion and commands for stateful operations like allocation, lookup and mutation of location content. 1
Strong Normalisation Proofs for Cut Elimination in Gentzen's Sequent Calculi
, 1996
"... We define a variant LKsp of the Gentzen sequent calculus LK. In LKsp weakenings or contractions can be done in parallel. This modification allows us to interpret a symmetrical system of mix elimination rules ELKsp by a finite rewriting system; the termination of this rewriting system can be checked ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
We define a variant LKsp of the Gentzen sequent calculus LK. In LKsp weakenings or contractions can be done in parallel. This modification allows us to interpret a symmetrical system of mix elimination rules ELKsp by a finite rewriting system; the termination of this rewriting system can be checked by machines. We give also a selfcontained strong normalisation proof by structural induction. We give another strong normalisation proof by a strictly monotone subrecursive interpretation; this interpretation gives subrecursive bounds for the length of derivations. We give a strong normalisation proof by applying orthogonal term rewriting results for a confluent restriction of the mix elimination system ELKsp .
Ordinals and Interactive Programs
, 2000
"... The work reported in this thesis arises from the old idea, going back to the origins of constructive logic, that a proof is fundamentally a kind of program. If proofs can be ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
The work reported in this thesis arises from the old idea, going back to the origins of constructive logic, that a proof is fundamentally a kind of program. If proofs can be
Strong Normalization Proofs for Cut Elimination in Gentzen's Sequent Calculi
 Banach Center Publication
, 1999
"... We define an equivalent variant LK sp of the Gentzen sequent calculus LK. In LK sp weakenings or contractions can be performed in parallel. This modification allows us to interpret a symmetrical system of mix elimination rules by a finite rewriting system; the termination of this rewriting system ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
We define an equivalent variant LK sp of the Gentzen sequent calculus LK. In LK sp weakenings or contractions can be performed in parallel. This modification allows us to interpret a symmetrical system of mix elimination rules by a finite rewriting system; the termination of this rewriting system can be machine checked. We give also a selfcontained strong normalization proof by structural induction. We give another strong normalization proof by a strictly monotone subrecursive interpretation; this interpretation gives subrecursive bounds for the length of derivations. We give a strong normalization proof by applying orthogonal term rewriting results for a confluent restriction of the mix elimination system .
Automation of HigherOrder Logic
 THE HANDBOOK OF THE HISTORY OF LOGIC, EDS. D. GABBAY & J. WOODS; VOLUME 9: LOGIC AND COMPUTATION, EDITOR JÖRG SIEKMANN
, 2014
"... ..."
A Lightweight Formalization of the Metatheory of BisimulationUpTo
"... Bisimilarity of two processes is formally established by producing a bisimulation relation that contains those two processes and obeys certain closure properties. In many situations, particularly when the underlying labeled transition system is unbounded, these bisimulation relations can be large a ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Bisimilarity of two processes is formally established by producing a bisimulation relation that contains those two processes and obeys certain closure properties. In many situations, particularly when the underlying labeled transition system is unbounded, these bisimulation relations can be large and even infinite. The bisimulationupto technique has been developed to reduce the size of the relations being computed while retaining soundness, that is, the guarantee of the existence of a bisimulation. Such techniques are increasingly becoming a critical ingredient in the automated checking of bisimilarity. This paper is devoted to the formalization of the meta theory of several major bisimulationupto techniques for the process calculi CCS and the picalculus (with replication). Our formalization is based on recent work on the proof theory of least and greatest fixpoints, particularly the use of relations defined (co)inductively, and of coinductive proofs about such relations, as implemented in the Abella theorem prover. An important feature of our formalization is that our definitions of the bisimulationupto relations are, in most cases, straightforward translations of published informal definitions, and our proofs clarify several technical details of the informal descriptions. Since the logic behind Abella also supports λtree syntax and generic reasoning using the∇quantifier, our treatment of the picalculus is both direct and natural.