Results 1  10
of
34
Symbolic execution with separation logic
 In APLAS
, 2005
"... Abstract. We describe a sound method for automatically proving Hoare triples for loopfree code in Separation Logic, for certain preconditions and postconditions (symbolic heaps). The method uses a form of symbolic execution, a decidable proof theory for symbolic heaps, and extraction of frame axiom ..."
Abstract

Cited by 110 (26 self)
 Add to MetaCart
Abstract. We describe a sound method for automatically proving Hoare triples for loopfree code in Separation Logic, for certain preconditions and postconditions (symbolic heaps). The method uses a form of symbolic execution, a decidable proof theory for symbolic heaps, and extraction of frame axioms from incomplete proofs. This is a precursor to the use of the logic in automatic specification checking, program analysis, and model checking. 1
Focusing the inverse method for linear logic
 Proceedings of CSL 2005
, 2005
"... 1.1 Quantification and the subformula property.................. 3 1.2 Ground forward sequent calculus......................... 5 1.3 Lifting to free variables............................... 10 ..."
Abstract

Cited by 39 (11 self)
 Add to MetaCart
(Show Context)
1.1 Quantification and the subformula property.................. 3 1.2 Ground forward sequent calculus......................... 5 1.3 Lifting to free variables............................... 10
The Logical Approach to Stack Typing
, 2003
"... We develop a logic for reasoning about adjacency and separation of memory blocks, as well as aliasing of pointers. We provide a memory model for our logic and present a sound set of natural deductionstyle inference rules. We deploy the logic in a simple type system for a stackbased assembly langu ..."
Abstract

Cited by 22 (4 self)
 Add to MetaCart
We develop a logic for reasoning about adjacency and separation of memory blocks, as well as aliasing of pointers. We provide a memory model for our logic and present a sound set of natural deductionstyle inference rules. We deploy the logic in a simple type system for a stackbased assembly language. The connectives for the logic provide a flexible yet concise mechanism for controlling allocation, deallocation and access to both heapallocated and stackallocated data.
Hybridizing a logical framework
 In International Workshop on Hybrid Logic 2006 (HyLo 2006), Electronic Notes in Computer Science
, 2006
"... The logical framework LF is a constructive type theory of dependent functions that can elegantly encode many other logical systems. Prior work has studied the benefits of extending it to the linear logical framework LLF, for the incorporation linear logic features into the type theory affords good r ..."
Abstract

Cited by 21 (1 self)
 Add to MetaCart
The logical framework LF is a constructive type theory of dependent functions that can elegantly encode many other logical systems. Prior work has studied the benefits of extending it to the linear logical framework LLF, for the incorporation linear logic features into the type theory affords good representations of state change. We describe and argue for the usefulness of an extension of LF by features inspired by hybrid logic, which has several benefits. For one, it shows how linear logic features can be decomposed into primitive operations manipulating abstract resource labels. More importantly, it makes it possible to realize a metalogical framework capable of reasoning about stateful deductive systems encoded in the style familiar from prior work with LLF, taking advantage of familiar methodologies used for metatheoretic reasoning in LF.Acknowledgments From the very first computer science course I took at CMU, Frank Pfenning has been an exceptional teacher and mentor. For his patience, breadth of knowledge, and mathematical good taste I am extremely thankful. No less do I owe to the other two major contributors to my programming languages
Geometry of Synthesis  A structured approach . . .
, 2007
"... We propose a new technique for hardware synthesis from higherorder functional languages with imperative features based on Reynolds’s Syntactic Control of Interference. The restriction on contraction in the type system is useful for managing the thorny issue of sharing of physical circuits. We use a ..."
Abstract

Cited by 19 (9 self)
 Add to MetaCart
We propose a new technique for hardware synthesis from higherorder functional languages with imperative features based on Reynolds’s Syntactic Control of Interference. The restriction on contraction in the type system is useful for managing the thorny issue of sharing of physical circuits. We use a semantic model inspired by game semantics and the geometry of interaction, and express it directly as a certain class of digital circuits that form a
ILC: A Foundation for Automated Reasoning About Pointer Programs
, 2005
"... This paper shows how to use Girard’s intuitionistic linear logic extended with arithmetic or other constraints to reason about pointer programs. More specifically, first, the paper defines the proof theory for ILC (Intuitionistic Linear logic with Constraints) and shows it is consistent via a proof ..."
Abstract

Cited by 15 (3 self)
 Add to MetaCart
This paper shows how to use Girard’s intuitionistic linear logic extended with arithmetic or other constraints to reason about pointer programs. More specifically, first, the paper defines the proof theory for ILC (Intuitionistic Linear logic with Constraints) and shows it is consistent via a proof of cut elimination. Second, inspired by prior work of O’Hearn, Reynolds and Yang, the paper explains how to interpret linear logical formulas as descriptions of a program store. Third, we define a simple imperative programming language with mutable references and arrays and give verification condition generation rules that produce assertions in ILC. Finally, we identify a fragment of ILC, ILC − , that is both decidable and closed under generation of verification conditions. In other words, if loop invariants are specified in ILC − , then the resulting verification conditions are also in ILC −. Since verification condition generation is syntaxdirected, we obtain a decidable procedure for checking properties of pointer programs.
A Dependent Type Theory with Names and Binding
 In Proceedings of the 2004 Computer Science Logic Conference, number 3210 in Lecture notes in Computer Science
, 2004
"... We consider the problem of providing formal support for working with abstract syntax involving variable binders. Gabbay and Pitts have shown in their work on FraenkelMostowski (FM) set theory how to address this through firstclass names: in this paper we present a dependent type theory for prog ..."
Abstract

Cited by 15 (1 self)
 Add to MetaCart
We consider the problem of providing formal support for working with abstract syntax involving variable binders. Gabbay and Pitts have shown in their work on FraenkelMostowski (FM) set theory how to address this through firstclass names: in this paper we present a dependent type theory for programming and reasoning with such names. Our development is based on a categorical axiomatisation of names, with freshness as its central notion. An associated adjunction captures constructions known from FM theory: the freshness quantifier N , namebinding, and unique choice of fresh names. The Schanuel topos  the category underlying FM set theory  is an instance of this axiomatisation.
The Effects of
 Artificial Sources of Water on Rangeland Biodiversity. Environment Australia and CSIRO
, 1997
"... “Turing hoped that his abstractedpapertape model was so simple, so transparent and well defined, that it would not depend on any assumptions about physics that could conceivably be falsified, and therefore that it could become the basis of an abstract theory of computation that was independent of ..."
Abstract

Cited by 10 (5 self)
 Add to MetaCart
(Show Context)
“Turing hoped that his abstractedpapertape model was so simple, so transparent and well defined, that it would not depend on any assumptions about physics that could conceivably be falsified, and therefore that it could become the basis of an abstract theory of computation that was independent of the underlying physics. ‘He thought, ’ as Feynman once put it, ‘that he understood paper. ’ But he was mistaken. Real, quantummechanical paper is wildly different from the abstract stuff that the Turing machine uses. The Turing machine is entirely classical...”
Amortised memory analysis using the depth of data structures
 In Proceedings of ESOP 2009: European Symposium on Programming, LNCS 5502
, 2009
"... Abstract. Hofmann and Jost have presented a heap space analysis [1] that finds linear space bounds for many functional programs. It uses an amortised analysis: assigning hypothetical amounts of free space (called potential) to data structures in proportion to their sizes using type annotations. Cons ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Hofmann and Jost have presented a heap space analysis [1] that finds linear space bounds for many functional programs. It uses an amortised analysis: assigning hypothetical amounts of free space (called potential) to data structures in proportion to their sizes using type annotations. Constraints on these annotations in the type system ensure that the total potential assigned to the input is an upper bound on the total memory required to satisfy all allocations. We describe a related system for bounding the stack space requirements which uses the depth of data structures, by expressing potential in terms of maxima as well as sums. This is achieved by adding extra structure to typing contexts (inspired by O’Hearn’s bunched typing [2]) to describe the form of the bounds. We will also present the extra steps that must be taken to construct a typing during the analysis. Obtaining bounds on the resource requirements of programs can be crucial for ensuring that they enjoy reliability and security properties, particularly for use in