Results 1  10
of
12
Building and Using Pluggable TypeCheckers
"... This paper describes practical experience building and using pluggable typecheckers. A pluggable typechecker refines (strengthens) the builtin type system of a programming language. This permits programmers to detect and prevent, at compile time, defects that would otherwise have been manifested ..."
Abstract

Cited by 11 (8 self)
 Add to MetaCart
(Show Context)
This paper describes practical experience building and using pluggable typecheckers. A pluggable typechecker refines (strengthens) the builtin type system of a programming language. This permits programmers to detect and prevent, at compile time, defects that would otherwise have been manifested as runtime errors. The prevented defects may be generally applicable to all programs, such as null pointer dereferences. Or, an applicationspecific pluggable type system may be designed for a single application. We built a series of pluggable type checkers using the Checker Framework, and evaluated them on 2 million lines of code, finding hundreds of bugs in the process. We also observed 28 firstyear computer science students use a checker to eliminate null pointer errors in their course projects. Along with describing the checkers and characterizing the bugs we found, we report the insights we had throughout the process. Overall, we found that the type checkers were easy to write, easy for novices to productively use, and effective in finding real bugs and verifying program properties, even for widely tested and used open source projects.
Improving Coq Propositional Reasoning Using a Lazy CNF Conversion Scheme
"... Abstract. In an attempt to improve automation capabilities in the Coq proof assistant, we develop a tactic for the propositional fragment based on the DPLL procedure. Although formulas naturally arising in interactive proofs do not require a stateoftheart SAT solver, the conversion to clausal for ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
(Show Context)
Abstract. In an attempt to improve automation capabilities in the Coq proof assistant, we develop a tactic for the propositional fragment based on the DPLL procedure. Although formulas naturally arising in interactive proofs do not require a stateoftheart SAT solver, the conversion to clausal form required by DPLL strongly damages the performance of the procedure. In this paper, we present a reflexive DPLL algorithm formalized in Coq which outperforms the existing tactics. It is tightly coupled with a lazy CNF conversion scheme which, unlike Tseitinstyle approaches, does not disrupt the procedure. This conversion relies on a lazy mechanism which requires slight adaptations of the original DPLL. As far as we know, this is the first formal proof of this mechanism and its Coq implementation raises interesting challenges. 1
Lightweight Integration of the Ergo Theorem Prover inside a Proof Assistant, in: Second Automated Formal Methods workshop series (AFM07
, 2007
"... Ergo is a little engine of proof dedicated to program verification. It fully supports quantifiers and directly handles polymorphic sorts. Its core component is CC(X), a new combination scheme for the theory of uninterpreted symbols parameterized by a builtin theory X. In order to make a sound integ ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
(Show Context)
Ergo is a little engine of proof dedicated to program verification. It fully supports quantifiers and directly handles polymorphic sorts. Its core component is CC(X), a new combination scheme for the theory of uninterpreted symbols parameterized by a builtin theory X. In order to make a sound integration in a proof assistant possible, Ergo is capable of generating proof traces for CC(X). Alternatively, Ergo can also be called interactively as a simple oracle without further verification. It is currently used to prove correctness of C and Java programs as part of the Why platform. 1.
Importing HOL Light into Coq
 In ITP
, 2010
"... Abstract. We present a new scheme to translate mathematical developments from HOL Light to Coq, where they can be reused and rechecked. By relying on a carefully chosen embedding of HigherOrder Logic into Type Theory, we try to avoid some pitfalls of interoperation between proof systems. In parti ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We present a new scheme to translate mathematical developments from HOL Light to Coq, where they can be reused and rechecked. By relying on a carefully chosen embedding of HigherOrder Logic into Type Theory, we try to avoid some pitfalls of interoperation between proof systems. In particular, our translation keeps the mathematical statements intelligible. This translation has been implemented and allows the importation of the HOL Light basic library into Coq. 1
Verifying SAT and SMT in Coq for a fully automated decision procedure
 PSATTT'11: INTERNATIONAL WORKSHOP ON PROOFSEARCH IN AXIOMATIC THEORIES AND TYPE THEORIES
, 2011
"... Enjoying the power of SAT and SMT solvers in the Coq proof assistant without compromising soundness requires more than a yes/no answer from them. SAT and SMT solvers should also return a proof witness that can be checked by an external tool. We propose a fully certified checker for such witnesses w ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
Enjoying the power of SAT and SMT solvers in the Coq proof assistant without compromising soundness requires more than a yes/no answer from them. SAT and SMT solvers should also return a proof witness that can be checked by an external tool. We propose a fully certified checker for such witnesses written in Coq. It can currently check witnesses from the SAT solvers ZChaff and MiniSat and from the SMT solver VeriT. Experiments highlight the efficiency of this checker. On top of it, new reflexive Coq tactics have been built that can decide a subset of Coq’s logic by calling external provers and carefully checking their answers.
M.: Edit and verify
 In: Proceedings of the 6th International Workshop on FirstOrder Theorem Proving (FTP
, 2007
"... Abstract. Automated theorem provers are used in extended static checking, where they are the performance bottleneck. Extended static checkers are run typically after incremental changes to the code. We propose to exploit this usage pattern to improve performance. We present two approaches of how to ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Automated theorem provers are used in extended static checking, where they are the performance bottleneck. Extended static checkers are run typically after incremental changes to the code. We propose to exploit this usage pattern to improve performance. We present two approaches of how to do so and a full solution. 1
Fast inmemory XPath search over compressed text and tree indexes
 In Proc. 26th ICDE
, 2010
"... Abstract — A large fraction of an XML document typically consists of text data. The XPath query language allows text search via the equal, contains, and startswith predicates. Such predicates can efficiently be implemented using a compressed selfindex of the document’s text nodes. Most queries, ho ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract — A large fraction of an XML document typically consists of text data. The XPath query language allows text search via the equal, contains, and startswith predicates. Such predicates can efficiently be implemented using a compressed selfindex of the document’s text nodes. Most queries, however, contain some parts of querying the text of the document, plus some parts of querying the tree structure. It is therefore a challenge to choose an appropriate evaluation order for a given query, which optimally leverages the execution speeds of the text and tree indexes. Here the SXSI system is introduced; it stores the tree structure of an XML document using a bit array of opening and closing brackets, and stores the text nodes of the document using a global compressed selfindex. On top of these indexes sits an XPath query engine that is based on tree automata. The engine uses fast counting queries of the text index in order to dynamically determine whether to evaluate topdown or bottomup with respect to the tree structure. The resulting system has several advantages over existing systems: (1) on pure tree queries (without text search) such as the XPathMark queries, the SXSI system performs on par or better than the fastest known systems MonetDB and Qizx, (2) on queries that use text search, SXSI outperforms the existing systems by 1–3 orders of magnitude (depending on the size of the result set), and (3) with respect to memory consumption, SXSI outperforms all other systems for countingonly queries. I.
Programmer’s Guide to The Recognition Strategy Language (RSL) Version 2.0 (DRAFT)
, 2011
"... ..."
(Show Context)
Supported by
, 2007
"... c ○ 2007 for the individual papers by the papers ’ authors. Reproduction (electronically ..."
Abstract
 Add to MetaCart
(Show Context)
c ○ 2007 for the individual papers by the papers ’ authors. Reproduction (electronically
Symbolic Algorithms for Language Equivalence and Kleene Algebra with Tests
"... We first propose algorithms for checking language equivalence of finite automata over a large alphabet. We use symbolic automata, where the transition function is compactly represented using a (multiterminal) binary decision diagrams (BDD). The key idea consists in computing a bisimulation by explo ..."
Abstract
 Add to MetaCart
(Show Context)
We first propose algorithms for checking language equivalence of finite automata over a large alphabet. We use symbolic automata, where the transition function is compactly represented using a (multiterminal) binary decision diagrams (BDD). The key idea consists in computing a bisimulation by exploring reachable pairs symbolically, so as to avoid redundancies. This idea can be combined with already existing optimisations, and we show in particular a nice integration with the disjoint sets forest datastructure from Hopcroft and Karp’s standard algorithm. Then we consider Kleene algebra with tests (KAT), an algebraic theory that can be used for verification in various domains ranging from compiler optimisation to network programming analysis. This theory is decidable by reduction to language equivalence of automata on guarded strings, a particular kind of automata that have exponentially large alphabets. We propose several methods allowing to construct symbolic automata out of KAT expressions, based either on Brzozowski’s derivatives or standard automata constructions. All in all, this results in efficient algorithms for deciding equivalence of KAT expressions.