Automatically Verifying Temporal Properties of Pointer Programs with Cyclic Proof

Tellez, Gadi; Brotherston, J G.

doi:10.1007/s10817-019-09532-0

Cited by 11 publications

(6 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While our result can be seen as negative for circular proofs, it does not prevent actual implementations from being tractable and usable in many situations as exemplified by the Cyclist prover for instance. In such systems, validity checking does not seem to be the bottleneck in circular proof construction compared with the complexity that is inherent in exploring and backtracking in the search tree [4,15,16].…”

Section: Discussionmentioning

confidence: 99%

PSPACE-Completeness of a Thread Criterion for Circular Proofs in Linear Logic with Least and Greatest Fixed Points

Nollet

Saurin

Tasson

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

In the context of logics with least and greatest fixed points, circular (ie. non-wellfounded but regular) proofs have been proposed as an alternative to induction and coinduction with explicit invariants. However, those proofs are not wellfounded and to recover logical consistency, it is necessary to consider a validity criterion which differentiates valid proofs among all preproofs (i.e. infinite derivation trees). The paper focuses on circular proofs for MALL with fixed points. It is known that given a finite circular representation of a non-wellfounded preproof, one can decide in PSPACE whether this preproof is valid with respect to the thread criterion. We prove that the problem of deciding thread-validity for µMALL is in fact PSPACE-complete. Our proof is based on a deeper exploration of the connection between thread-validity and the size-change termination principle, which is usually used to ensure program termination.

show abstract

Section: Discussionmentioning

confidence: 99%

PSPACE-Completeness of a Thread Criterion for Circular Proofs in Linear Logic with Least and Greatest Fixed Points

Nollet

Saurin

Tasson

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Program verification. Brotherston et al [Brotherston et al 2008[Brotherston et al , 2012Tellez and Brotherston 2020] gave cyclic proof systems for Hoare logic (with the separation logic as the underlying assertion language). They mentioned a certain part of a proof search corresponds to symbolic execution.…”

Section: Proof Sarch In Cyclic and Martin-löf-style Proof Systemsmentioning

confidence: 99%

“…Unno et al [2017] presented an inductive proof system tailored to CHC solving and applied it to relational verification. The search algorithms presented in these studies correspond to bounded model-checking with covering, and the cut-rules (i.e., (Cons) rule in [Tellez and Brotherston 2020] and (Apply⊥)/(ApplyP) rules in [Unno et al 2017]) are used only when one needs to check whether an open leaf node is covered. Researchers have extended SMT solvers to efficiently handle recursive functions and applied them to verification of programs that manipulate structured data [Qiu et al 2013;Reynolds and Kuncak 2015;Suter et al 2010Suter et al , 2011.…”

Section: Proof Sarch In Cyclic and Martin-löf-style Proof Systemsmentioning

confidence: 99%

Software model-checking as cyclic-proof search

Tsukada

Unno

2022

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

This paper shows that a variety of software model-checking algorithms can be seen as proof-search strategies for a non-standard proof system, known as a cyclic proof system . Our use of the cyclic proof system as a logical foundation of software model checking enables us to compare different algorithms, to reconstruct well-known algorithms from a few simple principles, and to obtain soundness proofs of algorithms for free. Among others, we show the significance of a heuristics based on a notion that we call maximal conservativity ; this explains the cores of important algorithms such as property-directed reachability (PDR) and reveals a surprising connection to an efficient solver of games over infinite graphs that was not regarded as a kind of PDR.

show abstract

“…As in other cyclic systems (e.g. [5,7,34,36]) it is decidable whether or not this is the case via a construction involving complementation of Büchi automata. This means that decidability of the global trace condition for G3PDL ω pre-proofs is PSPACE-complete.…”

Section: Definition 6 (Trace) a Trace Is A (Possibly Infinite) Sequementioning

confidence: 99%

A Non-wellfounded, Labelled Proof System for Propositional Dynamic Logic

Docherty

Rowe

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We define an infinitary labelled sequent calculus for PDL, G3PDL ∞ . A finitarily representable cyclic system, G3PDL ω , is then given. We show that both are sound and complete with respect to standard models of PDL and, further, that G3PDL ∞ is cut-free complete. We additionally investigate proof-search strategies in the cyclic system for the fragment of PDL without tests.where • denotes relational composition, R n denotes the composition of R with itself n times, Π 1 returns a set by projecting the first component of each tuple in a relation, and Id(X) denotes the identity relation over the set X.We write m, s |= ϕ to mean s ∈ I m (ϕ), and m |= ϕ to mean that m, s |= ϕ for all states s ∈ S. A PDL formula ϕ is valid when m |= ϕ for all models m.We now define a sequent calculus for deriving theorems (i.e. valid formulas) of PDL. This proof system has two important features. The first is that it is a labelled proof system. Thus sequents contain assertions about the structure of the underlying Kripke models and formulas are labelled with atoms denoting specific states in which they should be interpreted. Secondly, we allow proofs of infinite height.We assume a countable set L of labels (ranged over by x, y, z) that we will use to denote particular states. A relational atom is an expression of the form x R a y, where x and y are labels and a is an atomic program. A labelled formula is an expression of the form x : ϕ, where x is a label and ϕ is a formula. We define a label substitution operation by z{x/y} = y when x = z, and z{x/y} = z otherwise. We lift this to relational atoms and labelled formulas by:Sequents are expressions of the form Γ ⇒ ∆, where Γ and ∆ are finite sets of relational atoms and labelled formulas. We denote an arbitrary member of such a set using A, B, etc. As usual, Γ, A and A, Γ both denote the set {A} ∪ Γ , and Γ {z/y} denotes the application of the (label) substitution {x/y} to all the elements in Γ . We denote by [α]Γ the set of formulas obtained from Γ by prepending the modality [α] to every labelled formula. That is, we define [α]Γ = {x R a y | x R a y ∈ Γ } ∪ {x : [α]ϕ | x : ϕ ∈ Γ }. labs(Γ ) denotes the set of all labels ocurring in the relational atoms and labelled formulas in Γ .We interpret sequents with respect to PDL models using label valuations v, which are functions from labels to states. We write m, v |= x R a y to mean that (v(x), v(y)) ∈ I m (a). We write m, v |= x : ϕ to mean m, v(x) |= ϕ. For a sequent Γ ⇒ ∆, denoted by S, we write m, v |= S to mean that m, v |= B for some B ∈ ∆ whenever m, v |= A for all A ∈ Γ . We write m, v |= S whenever this is not the case, i.e. when m, v |= A for all A ∈ Γ and m, v |= B for all B ∈ ∆. We say S is valid, and write |= S, when m, v |= S for all models m and valuations v that map each label to some state of m.The sequent calculus G3PDL ∞ is defined by the inference rules in fig. 1. A pre-proof is a possibly infinite derivation tree built from these inference rules.Definition 3 (Pre-proof ). A pre-proof is a possibly infinite (i.e. non-wel...

show abstract

Automatically Verifying Temporal Properties of Pointer Programs with Cyclic Proof

Cited by 11 publications

References 34 publications

PSPACE-Completeness of a Thread Criterion for Circular Proofs in Linear Logic with Least and Greatest Fixed Points

PSPACE-Completeness of a Thread Criterion for Circular Proofs in Linear Logic with Least and Greatest Fixed Points

Software model-checking as cyclic-proof search

A Non-wellfounded, Labelled Proof System for Propositional Dynamic Logic

Contact Info

Product

Resources

About