Léo Stefanesco scite author profile

International audienceProbabilistic coupling is a powerful tool for analyzing prob-abilistic processes. Roughly, coupling two processes requires finding an appropriate witness process that characterizes both processes in the same probability space. Applications of coupling include reasoning about convergence of distributions, and stochastic dominance—a probabilistic version of a monotonicity property. While the mathematical definition of coupling looks rather complex and difficult to manipulate, we show that the relational program logic pRHL—the logic underlying the EasyCrypt cryptographic proof assistant— internalizes a generalization of probabilistic coupling. We demonstrate how to express and verify classic examples of couplings in pRHL, and we mechanically verifying several couplings in EasyCrypt

show abstract

A logical relation for monadic encapsulation of state: proving contextual equivalences in the presence of runST

Timany

Stefanesco

Krogh-Jespersen

et al. 2017

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

We present a logical relations model of a higher-order functional programming language with impredicative polymorphism, recursive types, and a Haskell-style ST monad type with runST. We use our logical relations model to show that runST provides proper encapsulation of state, by showing that effectful computations encapsulated by runST are heap independent. Furthermore, we show that contextual refinements and equivalences that are expected to hold for pure computations do indeed hold in the presence of runST. This is the first time such relational results have been proven for a language with monadic encapsulation of state. We have formalized all the technical development and results in Coq.

show abstract

An Asynchronous Soundness Theorem for Concurrent Separation Logic

Melliès

Stefanesco

2018

View full text Add to dashboard Cite

Verifying Fast and Sparse SSA-Based Optimizations in Coq

Demange

Pichardie

Stefanesco

2015

View full text Add to dashboard Cite

The Static Single Assignment (SSA) form is a predominant technology in modern compilers, enabling powerful and fast program optimizations. Despite its great success in the implementation of production compilers, it is only very recently that this technique has been introduced in verified compilers. As of today, few evidence exist on that, in this context, it also allows faster and simpler optimizations. This work builds on the CompCertSSA verified compiler (an SSA branch of the verified CompCert C compiler). We implement and verify two prevailing SSA optimizations: Sparse Conditional Constant Propagation and Global Value Numbering. For both transformations, we mechanically prove their soundness in the Coq proof assistant. Both optimization proofs are embedded in a single sparse optimization framework, factoring out many of the dominance-based reasoning steps required in proofs of SSA-based optimizations. Our experimental evaluations indicate both a better precision, and a significant compilation time speedup.

show abstract

A Game Semantics of Concurrent Separation Logic

Melliès

Stefanesco

2018

Electronic Notes in Theoretical Computer Science

View full text Add to dashboard Cite

In this paper, we develop a game-theoretic account of concurrent separation logic. To every execution trace of the Code confronted to the Environment, we associate a specification game where Eve plays for the Code, and Adam for the Environment. The purpose of Eve and Adam is to decompose every intermediate machine state of the execution trace into three pieces: one piece for the Code, one piece for the Environment, and one piece for the available shared resources. We establish the soundness of concurrent separation logic by interpreting every derivation tree of the logic as a winning strategy of this specification game.

show abstract

Scala step-by-step: soundness for DOT with step-indexed logical relations in Iris

Giarrusso

Stefanesco

Timany

et al. 2020

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

The metatheory of Scala's core type system Ð the Dependent Object Types (DOT) calculus Ð is hard to extend, like the metatheory of other type systems combining subtyping and dependent types. Soundness of important Scala features therefore remains an open problem in theory and in practice. To address some of these problems, we use a semantics-first approach to develop a logical relations model for a new version of DOT, called guarded DOT (gDOT). Our logical relations model makes use of an abstract form of step-indexing, as supported by the Iris framework, to model various forms of recursion in gDOT. To demonstrate the expressiveness of gDOT, we show that it handles Scala examples that could not be handled by previous versions of DOT, and prove using our logical relations model that gDOT provides the desired data abstraction. The gDOT type system, its semantic model, its soundness proofs, and all examples in the paper have been mechanized in Coq.

show abstract

Concurrent Separation Logic Meets Template Games

Melliès

Stefanesco

2020

View full text Add to dashboard Cite

An Asynchronous soundness theorem for concurrent separation logic

Melliès¹,

Stefanesco²

2018

Preprint

View full text Add to dashboard Cite

Concurrent separation logic (CSL) is a specification logic for concurrent imperative programs with shared memory and locks. In this paper, we develop a concurrent and interactive account of the logic inspired by asynchronous game semantics. To every program C, we associate a pair of asynchronous transition systems C S and C L which describe the operational behavior of the Code when confronted to its Environment or Frame -both at the level of machine states (S) and of machine instructions and locks (L). We then establish that every derivation tree π of a judgment Γ {P }C{Q} defines a winning and asynchronous strategy π Sep with respect to both asynchronous semantics C S and C L . From this, we deduce an asynchronous soundness theorem for CSL, which states that the canonical map L : C S → C L from the stateful semantics C S to the stateless semantics C L satisfies a basic fibrational property. We advocate that this provides a clean and conceptual explanation for the usual soundness theorem of CSL, including the absence of data races.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Léo Stefanesco

Relational Reasoning via Probabilistic Coupling

A logical relation for monadic encapsulation of state: proving contextual equivalences in the presence of runST

An Asynchronous Soundness Theorem for Concurrent Separation Logic

Verifying Fast and Sparse SSA-Based Optimizations in Coq

A Game Semantics of Concurrent Separation Logic

Scala step-by-step: soundness for DOT with step-indexed logical relations in Iris

Concurrent Separation Logic Meets Template Games

An Asynchronous soundness theorem for concurrent separation logic

Contact Info

Product

Resources

About