Jianhua Zhao,Xuandong Li

DOI: https://doi.org/10.48550/arXiv.1012.2553

2010-12-13

Abstract:This paper presents an extension to Hoare logic for pointer program verification. Logic formulas with user-defined recursive functions are used to specify properties on the program states before/after program executions. Three basic functions are introduced to represents memory access, record-field access and array-element access. Some axioms are introduced to specify these basic functions in our logic. The concept Memory Scope Function (MSF) is introduced in our logic. Given a recursive function $f$, the MSF of $f$ computes the set of memory units accessed during the evaluation of $f$. A set of rules are given to derive the definition of this MSF syntactically from the definition of $f$. As MSFs are also recursive functions, they also have their MSFs. An axiom is given to specify that an MSF contains its MSF. Based on this axiom, local reasoning is supported with predicate variables. Pre-state terms are used to specify the relations between pre-states and post-states. People can use pre-state terms in post-conditions to represents the values on the pre-state. The axiom of assignment statements in Hoare's logic is modified to deal with pointers. The basic idea is that during the program execution, a recursive function is evaluated to the same value as long as no memory unit in its memory scope is modified. Another proof rule is added for memory allocation statements. We use a simple example to show that our logic can deal with pointer programs in this paper. In the appendix, the Shorre-Waite algorithm is proved using our logic. We also use the selection-sort program to show that our logic can be used to prove program with indirectly-specified components.

Logic in Computer Science

Jianhua Zhao,Xuandong Li

DOI: https://doi.org/10.48550/arXiv.0912.4184

2009-12-21

Abstract:This paper presents an extension to Hoare logic for pointer program verification. First, the Logic for Partial Function (LPF) used by VDM is extended to specify memory access using pointers and memory layout of composite types. Then, the concepts of data-retrieve functions (DRF) and memory-scope functions (MSF) are introduced in this paper. People can define DRFs to retrieve abstract values from interconnected concrete data objects. The definition of the corresponding MSF of a DRF can be derived syntactically from the definition of the DRF. This MSF computes the set of memory units accessed when the DRF retrieves an abstract value. This memory unit set is called the memory scope of the abstract value. Finally, the proof rule of assignment statements in Hoare's logic is modified to deal with pointers. The basic idea is that a virtual value keeps unmodified as long as no memory unit in its scope is over-written. Another proof rule is added for memory allocation statements. The consequence rule and the rules for control-flow statements are slightly modified. They are essentially same as their original version in Hoare logic. An example is presented to show the efficacy of this logic. We also give some heuristics on how to verify pointer programs.

Logic in Computer Science

Nobuko Yoshida,Kohei Honda,Martin Berger

DOI: https://doi.org/10.2168/LMCS-4%284%3A2%292008

2008-10-20

Abstract:We introduce an extension of Hoare logic for call-by-value higher-order functions with ML-like local reference generation. Local references may be generated dynamically and exported outside their scope, may store higher-order functions and may be used to construct complex mutable data structures. This primitive is captured logically using a predicate asserting reachability of a reference name from a possibly higher-order datum and quantifiers over hidden references. We explore the logic's descriptive and reasoning power with non-trivial programming examples combining higher-order procedures and dynamically generated local state. Axioms for reachability and local invariant play a central role for reasoning about the examples.

Logic in Computer Science,Programming Languages

梁红瑾,张昱,陈意云,李兆鹏,华保健

DOI: https://doi.org/10.3724/sp.j.1001.2010.03783

2010-01-01

Journal of Software

Abstract:A pointer logic is designed for a C-like programming language PointerC.The pointer logic is an extension of Hoare logic,and it uses the idea of precise alias analysis in pointer program verification to support safety verification of programs in which equality of pointers is well-regulated.This paper presents an extension to the pointer logic by introducing a set of uncertain-equality pointer access path sets,so as to reason in the extended pointer logic about properties of programs which manipulate data structures like directed graph in which equality of pointers is uncertain.

Yifeng Chen,J W Sanders

2007-01-01

Abstract:Compositional reasoning about pointers and references is c rucial to verification of contemporary software. This paper introduces a pointer logic that extends Sep aration Logic with a fixpoint operator and new compositions different from separating conjunction. H igher level of abstraction can be achieved if the right compositions are used in the right places. In parti cular, if a relation is a ‘full unique decomposition’ then the corresponding composition decomposes a ny given graph uniquely into two parts; an example is the separation between the non-garbage and garba ge parts of memory. The logic is proved to be largely satisfaction-decidable in the sense that there i s a finite procedure to determine whether or not a program state satisfies a formula. The main technical resul t of the paper is that if only full unique decompositions are used in compositions, then a rather genera l fragment becomes validity-decidable. The logic is axiomatized and, with the help of an infinitary infer ence rule, proved to be complete. Separation Logic without pointer arithmetic is shown to be a fragment of he logic. Yifeng Chen is a lecturer in Computer Science at the University of Durham , England, with interests in imperative, parallel and object-oriented programming l anguages, including design, translation, static analysis, semantics, specifications and their support for d ecentralised software development. Jeff Sandersis Principal Research Fellow at UNU-IIST, having recently j oined from the Programming Research Group at Oxford. His interests lie largely in Forma l Methods. Copyright c © 2007by UNU-IIST

Eduard Kamburjan,Dilian Gurov

2024-02-01

Abstract:Programs must be correct with respect to their application domain. Yet, the program specification and verification approaches so far only consider correctness in terms of computations. In this work, we present a two-tier Hoare Logic that integrates assertions for both implementation and domain. For domain specification, we use description logics and semantic lifting, a recently proposed approach to interpret a program as a knowledge graph. We present a calculus that uses translations between both kinds of assertions, thus separating the concerns in specification, but enabling the use of description logic in verification.

Logic in Computer Science

Richard Bornat,Jade Alglave,Matthew Parkinson

DOI: https://doi.org/10.48550/arXiv.1512.01416

2016-11-05

Abstract:We describe a program logic for weak memory (also known as relaxed memory). The logic is based on Hoare logic within a thread, and rely/guarantee between threads. It is presented via examples, giving proofs of many weak-memory litmus tests. It extends to coherence but not yet to synchronised assignment (compare-and-swap, load-logical/store-conditional). It deals with conditionals and loops but not yet arrays or heap. The logic uses a version of Hoare logic within threads, and a version of rely/guarantee between threads, with five stability rules to handle various kinds of parallelism (external, internal, propagation-free and two kinds of in-flight parallelism). There are $\mathbb{B}$ and $\mathbb{U}$ modalities to regulate propagation, and temporal modalities $\mathsf{since}$, $\mathbb{S}\mathsf{ofar}$ and $\mathbb{O}\mathsf{uat}$ to deal with global coherence (SC per location). The logic is presented by example. Proofs and unproofs of about thirty weak-memory examples, including many litmus tests in various guises, are dealt with in detail. There is a proof of a version of the token ring. In version 2: The correspondence with Herding Cats has been clarified. The stability rules have been simplified: in particular the sat and x= x tests have been eliminated from external stability checks. The embedding is simplified and has a more transparent relation to the mechanisms of the logic. Definitions of U, Sofar and Ouat have been considerably altered. The description of modalities and the treatment of termination has been reworked. Many proofs are reconstructed. A comprehensive summary of the logic is an appendix.

Logic in Computer Science

Thomas Powell

DOI: https://doi.org/10.46298/lmcs-20(1:7)2024

2024-01-26

Logical Methods in Computer Science

Abstract:We introduce an extension of first-order logic that comes equipped with additional predicates for reasoning about an abstract state. Sequents in the logic comprise a main formula together with pre- and postconditions in the style of Hoare logic, and the axioms and rules of the logic ensure that the assertions about the state compose in the correct way. The main result of the paper is a realizability interpretation of our logic that extracts programs into a mixed functional/imperative language. All programs expressible in this language act on the state in a sequential manner, and we make this intuition precise by interpreting them in a semantic metatheory using the state monad. Our basic framework is very general, and our intention is that it can be instantiated and extended in a variety of different ways. We outline in detail one such extension: A monadic version of Heyting arithmetic with a wellfounded while rule, and conclude by outlining several other directions for future work.

computer science, theory & methods,logic

Zhaowei Xu,Mingsheng Ying,Shenggang Ying

2018-01-01

Abstract:Most modern (classical) programming languages support recursion. Recursion has also been successfully applied to the design of several quantum algorithms and introduced in a couple of quantum programming languages. So, it can be expected that recursion will become one of the fundamental paradigms of quantum programming. Several program logics have been developed for verification of non-recursive quantum programs. However, there are as yet no general methods for reasoning about recursive procedures in quantum computing. We fill the gap in this paper by presenting a logic for recursive quantum programs. This logic is an extension of quantum Hoare logic for quantum While-programs. The (relative) completeness of the logic is proved, and its effectiveness is shown by a running example: fixed-point Groveru0027s search.

Li Zhou,Nengkun Yu,Mingsheng Ying

DOI: https://doi.org/10.1145/3314221.3314584

2019-01-01

Abstract:We derive a variant of quantum Hoare logic (QHL), called applied quantum Hoare logic (aQHL for short), by: (1) restricting QHL to a special class of preconditions and postconditions, namely projections, which can significantly simplify verification of quantum programs and are much more convenient when used in debugging and testing; and (2) adding several rules for reasoning about robustness of quantum programs, i.e. error bounds of outputs. The effectiveness of aQHL is shown by its applications to verify two sophisticated quantum algorithms: HHL (Harrow-Hassidim-Lloyd) for solving systems of linear equations and qPCA (quantum Principal Component Analysis).

Naijun Zhan,Xiangyu Jin,Bohua Zhan,Shuling Wang,Dimitar Guelev

2024-07-13

Abstract:Deductive verification of hybrid systems (HSs) increasingly attracts more attention in recent years because of its power and scalability, where a powerful specification logic for HSs is the cornerstone. Often, HSs are naturally modelled by concurrent processes that communicate with each other. However, existing specification logics cannot easily handle such models. In this paper, we present a specification logic and proof system for Hybrid Communicating Sequential Processes (HCSP), that extends CSP with ordinary differential equations (ODE) and interrupts to model interactions between continuous and discrete evolution. Because it includes a rich set of algebraic operators, complicated hybrid systems can be easily modelled in an algebra-like compositional way in HCSP. Our logic can be seen as a generalization and simplification of existing hybrid Hoare logics (HHL) based on duration calculus (DC), as well as a conservative extension of existing Hoare logics for concurrent programs. Its assertion logic is the first-order theory of differential equations (FOD), together with assertions about traces recording communications, readiness, and continuous evolution. We prove continuous relative completeness of the logic w.r.t. FOD, as well as discrete relative completeness in the sense that continuous behaviour can be arbitrarily approximated by discretization. Finally, we implement the above logic in Isabelle/HOL, and apply it to verify two case studies to illustrate the power and scalability of our logic.

Logic in Computer Science

Wanyun Su,Zhilin Wu,Mihaela Sighireanu

2024-03-04

Abstract:Pointer arithmetic is widely used in low-level programs, e.g. memory allocators. The specification of such programs usually requires using pointer arithmetic inside inductive definitions to define the common data structures, e.g. heap lists in memory allocators. In this work, we investigate decision problems for SLAH, a separation logic fragment that allows pointer arithmetic inside inductive definitions, thus enabling specification of properties for programs manipulating heap lists. Pointer arithmetic inside inductive definitions is challenging for automated reasoning. We tackle this challenge and achieve decision procedures for both satisfiability and entailment of SLAH formulas. The crux of our decision procedure for satisfiability is to compute summaries of inductive definitions. We show that although the summary is naturally expressed as an existentially quantified non-linear arithmetic formula, it can actually be transformed into an equivalent linear arithmetic formula. The decision procedure for entailment, on the other hand, has to match and split the spatial atoms according to the arithmetic relation between address variables. We report on the implementation of these decision procedures and their good performance in solving problems issued from the verification of building block programs used in memory allocators.

Logic in Computer Science

Zhaowei Xu,Mingsheng Ying,Benoît Valiron

2021-01-01

Abstract: Most modern (classical) programming languages support recursion. Recursion has also been successfully applied to the design of several quantum algorithms and introduced in a couple of quantum programming languages. So, it can be expected that recursion will become one of the fundamental paradigms of quantum programming. Several program logics have been developed for verification of quantum while-programs. However, there are as yet no general methods for reasoning about (mutual) recursive procedures and ancilla quantum data structure in quantum computing (with measurement). We fill the gap in this paper by proposing a parameterized quantum assertion logic and, based on which, designing a quantum Hoare logic for verifying parameterized recursive quantum programs with ancilla data and probabilistic control. The quantum Hoare logic can be used to prove partial, total, and even probabilistic correctness (by reducing to total correctness) of those quantum programs. In particular, two counterexamples for illustrating incompleteness of non-parameterized assertions in verifying recursive procedures, and, one counterexample for showing the failure of reasoning with exact probabilities based on partial correctness, are constructed. The effectiveness of our logic is shown by three main examples -- recursive quantum Markov chain (with probabilistic control), fixed-point Grover's search, and recursive quantum Fourier sampling.

Yang Zhao,Ligong Yu,Gongxuan Zhang,Jia Bei

DOI: https://doi.org/10.4304/jsw.4.4.283-290

2009-01-01

Abstract:This paper proposes a “scoped permission” system for a simple object-oriented language with sharedmemory and structural parallelism. The permission is abstracted as a linear value associated with some piece of state in a program and it is normally adopted in program analysis and verification. In this paper, the permission nesting is utilized to model the protection mechanism associated with field instances, while the partial order among different locks is specified when parallel executions start. By generating and eliminating shared facts, the order in our system is designed to be scoped and mutable. We show the operational semantics as well as some permission rules, and demonstrate how to interpret program annotations into permission representations.

Mingsheng Ying

2009-01-01

Abstract:Hoare logic is a foundation of axiomatic semantics of classical programs and it provides effective proof techniques for reasoning about correctness of classical programs. To offer similar techniques for quantum program verification and to build a logical foundation of programming methodology for quantum computers, we develop a full-fledged Hoare logic for both partial and total correctness of quantum programs. It is proved that this logic is (relatively) complete by exploiting the power of weakest preconditions and weakest liberal preconditions for quantum programs.

Darius Foo,Yahui Song,Wei-Ngan Chin

2024-07-02

Abstract:Higher-order functions and imperative states are language features supported by many mainstream languages. Their combination is expressive and useful, but complicates specification and reasoning, due to the use of yet-to-be-instantiated function parameters. One inherent limitation of existing specification mechanisms is its reliance on only two stages: an initial stage to denote the precondition at the start of the method and a final stage to capture the postcondition. Such two-stage specifications force abstract properties to be imposed on unknown function parameters, leading to less precise specifications for higher-order methods. To overcome this limitation, we introduce a novel extension to Hoare logic that supports multiple stages for a call-by-value higher-order language with ML-like local references. Multiple stages allow the behavior of unknown function-type parameters to be captured abstractly as uninterpreted relations; and can also model the repetitive behavior of each recursion as a separate stage. In this paper, we define our staged logic with its semantics, prove its soundness and develop a new automated higher-order verifier, called Heifer, for a core ML-like language.

Programming Languages

Yuan Feng,Mingsheng Ying

DOI: https://doi.org/10.1145/3456877

2021-01-01

ACM Transactions on Quantum Computing

Abstract:Hoare logic provides a syntax-oriented method to reason about program correctness and has been proven effective in the verification of classical and probabilistic programs. Existing proposals for quantum Hoare logic either lack completeness or support only quantum variables, thus limiting their capability in practical use. In this article, we propose a quantum Hoare logic for a simple while language that involves both classical and quantum variables. Its soundness and relative completeness are proven for both partial and total correctness of quantum programs written in the language. Remarkably, with novel definitions of classical-quantum states and corresponding assertions, the logic system is quite simple and similar to the traditional Hoare logic for classical programs. Furthermore, to simplify reasoning in real applications, auxiliary proof rules are provided that support standard logical operation in the classical part of assertions and super-operator application in the quantum part. Finally, a series of practical quantum algorithms, in particular the whole algorithm of Shor’s factorisation, are formally verified to show the effectiveness of the logic.

Hongjin Liang,Yu Zhang,Yiyun Chen

2010-01-01

Abstract:Pointer programs remain a major challenge for program analysis and verification. Shape analysis can discover the shape invariants of data structures in the heap and detect errors about manipulating pointers in a program. This paper presents a shape analysis for linked list programs based on a new shape graph representation. Our shape graphs could describe unbounded data structures without loss of pointer information. A novel shape system is designed to help the shape analysis. The shape system contains a set of shape inference rules to deduce the shapes of the heap contents at each program point and a set of shape checking rules to find shape errors in pointer programs. In the shape system, programmers are expected to declare the shapes of the data structures constructed by recursive data types and to annotate each pointer variable with the shape of the objects which it should point to, so that compilers or other tools can check whether the programs have shape errors and generate loop invariants and even pre/post conditions for program verification. Keywords-Shape Graph, Loop Invariant Inference, Shape Analysis, Program Analysis, Pointer Logic

Liu Yijing,Qiu Zongyan

DOI: https://doi.org/10.1007/978-3-642-27269-1_6

2012-01-01

Abstract:We present a general storage model that reflects features of object oriented (OO) languages with pure reference semantics. Based on this model, we develop an OO Separation Logic (OOSL) to specify and verify OO programs. Many inference rules in the Separation Logic still hold in OOSL. Additionally, OOSL has certain properties important to OO reasoning. We introduce HoareTriple for a small OO language, and use the Schorr-Waite Marking Algorithm as a verification example.