Abstract
Program equivalence checking is the task of confirming that two programs have the same behavior on corresponding inputs. We develop a calculus based on symbolic execution and coinduction to check the equivalence of programs in a non-strict functional language. Additionally, we show that our calculus can be used to derive counterexamples for pairs of inequivalent programs, including counterexamples that arise from non-termination. We describe a fully automated approach for finding both equivalence proofs and counterexamples. Our implementation, Nebula, proves equivalences of programs written in Haskell. We demonstrate Nebula's practical effectiveness at both proving equivalence and producing counterexamples automatically by applying Nebula to existing benchmark properties.
- Nick Benton. 2004. Simple relational correctness proofs for static analyses and program transformations. ACM SIGPLAN Notices, 39, 1 (2004), 14–25. https://doi.org/10.1145/982962.964003
Google Scholar
Digital Library
- Joachim Breitner. 2018. hs-to-coq supports coinduction. https://mobile.twitter.com/nomeata/status/977257104120664064
Google Scholar
- Joachim Breitner, Antal Spector-Zabusky, Yao Li, Christine Rizkallah, John Wiegley, and Stephanie Weirich. 2018. Ready, set, verify! applying hs-to-coq to real-world Haskell code (experience report). Proceedings of the ACM on Programming Languages, 2, ICFP (2018), 1–16. https://doi.org/10.1145/3236784
Google Scholar
Digital Library
- James Brotherston, Nikos Gorogiannis, and Rasmus L. Petersen. 2012. A generic cyclic theorem prover. In Asian Symposium on Programming Languages and Systems. 350–367. https://doi.org/10.1007/978-3-642-35182-2_25
Google Scholar
Cross Ref
- Jacob Burnim, Nicholas Jalbert, Christos Stergiou, and Koushik Sen. 2009. Looper: Lightweight detection of infinite loops at runtime. In 2009 IEEE/ACM International Conference on Automated Software Engineering. 161–169. https://doi.org/10.1109/ASE.2009.87
Google Scholar
Digital Library
- Eric Hayden Campbell, William T. Hallahan, Priya Srikumar, Carmelo Cascone, Jed Liu, Vignesh Ramamurthy, Hossein Hojjat, Ruzica Piskac, Robert Soulé, and Nate Foster. 2021. Avenir: Managing Data Plane Diversity with Control Plane Synthesis. In NSDI. 133–153.
Google Scholar
- Michael Carbin, Sasa Misailovic, Michael Kling, and Martin C. Rinard. 2011. Detecting and escaping infinite loops with Jolt. In European Conference on Object-Oriented Programming. 609–633. https://doi.org/10.1007/978-3-642-22655-7_28
Google Scholar
Cross Ref
- Koen Claessen, Moa Johansson, Dan Rosén, and Nicholas Smallbone. 2012. HipSpec: Automating Inductive Proofs of Program Properties. In ATx/WInG@ IJCAR. 16–25. https://doi.org/10.29007/3qwr
Google Scholar
Cross Ref
- Koen Claessen, Moa Johansson, Dan Rosén, and Nicholas Smallbone. 2013. Automating inductive proofs using theory exploration. In International Conference on Automated Deduction. 392–406. https://doi.org/10.1007/978-3-642-38574-2_27
Google Scholar
Digital Library
- Byron Cook, Carsten Fuhs, Kaustubh Nimkar, and Peter O’Hearn. 2014. Disproving termination with overapproximation. In 2014 Formal Methods in Computer-Aided Design (FMCAD). 67–74. https://doi.org/10.1109/FMCAD.2014.6987597
Google Scholar
Cross Ref
- Lucas Dixon and Jacques Fleuriot. 2003. IsaPlanner: A prototype proof planner in Isabelle. In International Conference on Automated Deduction. 279–283. https://doi.org/10.1007/978-3-540-45085-6_22
Google Scholar
Cross Ref
- Conal Elliot. 2010. Non-strict memoization. http://conal.net/blog/posts/nonstrict-memoization
Google Scholar
- Gian Pietro Farina, Stephen Chong, and Marco Gaboardi. 2019. Relational symbolic execution. In Proceedings of the 21st International Symposium on Principles and Practice of Declarative Programming. 1–14. https://doi.org/10.1145/3354166.3354175
Google Scholar
Digital Library
- Andrew Farmer, Neil Sculthorpe, and Andy Gill. 2015. Reasoning with the HERMIT: tool support for equational reasoning on GHC core programs. ACM SIGPLAN Notices, 50, 12 (2015), 23–34. https://doi.org/10.1145/2887747.2804303
Google Scholar
Digital Library
- Jeremy Gibbons and Graham Hutton. 2005. Proof methods for corecursive programs. Fundamenta Informaticae, 66, 4 (2005), 353–366. https://dl.acm.org/doi/abs/10.5555/1227189.1227192
Google Scholar
Digital Library
- Andrew D. Gordon. 1995. A tutorial on co-induction and functional programming. Functional Programming, Glasgow 1994, 78–95. https://doi.org/10.1007/978-1-4471-3573-9_6
Google Scholar
Cross Ref
- Ashutosh Gupta, Thomas A. Henzinger, Rupak Majumdar, Andrey Rybalchenko, and Ru-Gang Xu. 2008. Proving non-termination. In Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages. 147–158. https://doi.org/10.1145/1328438.1328459
Google Scholar
Digital Library
- William T. Hallahan, Anton Xue, Maxwell Troy Bland, Ranjit Jhala, and Ruzica Piskac. 2019. Lazy counterfactual symbolic execution. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation. 411–424. https://doi.org/10.1145/3314221.3314618
Google Scholar
Digital Library
- Moa Johansson, Lucas Dixon, and Alan Bundy. 2010. Case-analysis for rippling and inductive proof. In International Conference on Interactive Theorem Proving. 291–306. https://doi.org/10.1007/978-3-642-14052-5_21
Google Scholar
Digital Library
- Michael Kling, Sasa Misailovic, Michael Carbin, and Martin Rinard. 2012. Bolt: on-demand infinite loop escape in unmodified binaries. ACM SIGPLAN Notices, 47, 10 (2012), 431–450. https://doi.org/10.1145/2398857.2384648
Google Scholar
Digital Library
- John Kolesar, Ruzica Piskac, and William Hallahan. 2022. Checking Equivalence in a Non-strict Language: Artifact. Zenodo. https://doi.org/10.5281/zenodo.7083308
Google Scholar
Digital Library
- Vasileios Koutavas and Mitchell Wand. 2006. Small bisimulations for reasoning about higher-order imperative programs. In Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages. 141–152. https://doi.org/10.1145/1111037.1111050
Google Scholar
Digital Library
- Dexter Kozen and Alexandra Silva. 2017. Practical coinduction. Mathematical Structures in Computer Science, 27, 7 (2017), 1132–1152. https://doi.org/10.1017/S0960129515000493
Google Scholar
Cross Ref
- Ton Chanh Le, Timos Antonopoulos, Parisa Fathololumi, Eric Koskinen, and ThanhVu Nguyen. 2020. DynamiTe: dynamic termination and non-termination proofs. Proceedings of the ACM on Programming Languages, 4, OOPSLA (2020), 1–30. https://doi.org/10.1145/3428257
Google Scholar
Digital Library
- Chin Soon Lee, Neil D. Jones, and Amir M. Ben-Amram. 2001. The size-change principle for program termination. In Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages. 81–92. https://doi.org/10.1145/360204.360210
Google Scholar
Digital Library
- K. Rustan M. Leino and Michał Moskal. 2014. Co-induction simply. In International Symposium on Formal Methods. 382–398. https://doi.org/10.1007/978-3-319-06410-9_27
Google Scholar
Digital Library
- Dorel Lucanu and Grigore Roşu. 2007. CIRC: A circular coinductive prover. In International Conference on Algebra and Coalgebra in Computer Science. 372–378. https://doi.org/10.1007/978-3-540-73859-6_25
Google Scholar
Cross Ref
- Lykourgos Mastorou, Nikolaos Papaspyrou, and Niki Vazou. 2022. Coinduction Inductively: Mechanizing Coinductive Proofs in Liquid Haskell. In Haskell Symposium. https://nikivazou.github.io/static/Haskell22/coinduction.pdf
Google Scholar
- Dragana Milovancevic, Julie Giunta, and Viktor Kuncak. 2021. On Proving and Disproving Equivalence of Functional Programming Assignments.
Google Scholar
- Phúc C. Nguy\~ên, Thomas Gilray, Sam Tobin-Hochstadt, and David Van Horn. 2019. Size-change termination as a contract: dynamically and statically enforcing termination for higher-order programs. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation. 845–859. https://doi.org/10.1145/3314221.3314643
Google Scholar
Digital Library
- Phúc C. Nguy\~ên and David Van Horn. 2015. Relatively complete counterexamples for higher-order programs. ACM SIGPLAN Notices, 50, 6 (2015), 446–456. https://doi.org/10.1145/2813885.2737971
Google Scholar
Digital Library
- Suzette Person, Matthew B. Dwyer, Sebastian Elbaum, and Corina S. Păsăreanu. 2008. Differential symbolic execution. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering. 226–237. https://doi.org/10.1145/1453101.1453131
Google Scholar
Digital Library
- Simon Peyton Jones, Andrew Tolmach, and Tony Hoare. 2001. Playing by the rules: rewriting as a practical optimisation technique in GHC. In Haskell workshop. 1, 203–233.
Google Scholar
- Simon L. Peyton Jones. 1996. Compiling Haskell by program transformation: A report from the trenches. In European Symposium on Programming. 18–44. https://doi.org/10.1007/3-540-61055-3_27
Google Scholar
Cross Ref
- Grigore Roşu and Dorel Lucanu. 2009. Circular coinduction: A proof theoretical foundation. In International Conference on Algebra and Coalgebra in Computer Science. 127–144. https://doi.org/10.1007/978-3-642-03741-2_10
Google Scholar
Cross Ref
- Jan J.M.M. Rutten. 2000. Universal coalgebra: a theory of systems. Theoretical computer science, 249, 1 (2000), 3–80. https://doi.org/10.1016/S0304-3975(00)00056-6
Google Scholar
Digital Library
- Davide Sangiorgi. 2009. On the origins of bisimulation and coinduction. ACM Transactions on Programming Languages and Systems (TOPLAS), 31, 4 (2009), 1–41. https://doi.org/10.1145/1516507.1516510
Google Scholar
Digital Library
- Davide Sangiorgi, Naoki Kobayashi, and Eijiro Sumii. 2007. Environmental bisimulations for higher-order languages. In 22nd Annual IEEE Symposium on Logic in Computer Science (LICS 2007). 293–302. https://doi.org/10.1109/LICS.2007.17
Google Scholar
Digital Library
- Eric Schkufza, Rahul Sharma, and Alex Aiken. 2013. Stochastic superoptimization. ACM SIGARCH Computer Architecture News, 41, 1 (2013), 305–316. https://doi.org/10.1145/2490301.2451150
Google Scholar
Digital Library
- Mathijs Schuts, Jozef Hooman, and Frits Vaandrager. 2016. Refactoring of legacy software using model learning and equivalence checking: an industrial experience report. In International Conference on Integrated Formal Methods. 311–325. https://doi.org/10.1007/978-3-319-33693-0_20
Google Scholar
Digital Library
- Calvin Smith and Aws Albarghouthi. 2019. Program synthesis with equivalence reduction. In International Conference on Verification, Model Checking, and Abstract Interpretation. 24–47. https://doi.org/10.1007/978-3-030-11245-5_2
Google Scholar
Cross Ref
- William Sonnex, Sophia Drossopoulou, and Susan Eisenbach. 2012. Zeno: An automated prover for properties of recursive data structures. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 407–421. https://doi.org/10.1007/978-3-642-28756-5_28
Google Scholar
Digital Library
Index Terms
Checking equivalence in a non-strict language
Recommendations
Equivalence and Minimization for Model Checking Labeled Markov Chains
VALUETOOLS'15: Proceedings of the 9th EAI International Conference on Performance Evaluation Methodologies and ToolsModel checking of Markov chains using logics like CSL or asCSL proves whether a logical formula holds for a state of the Markov chain. It has been developed in the last decade to a widely used approach to express performance and dependability quantities ...
Sloth - a tool for checking minimal-strictness
PADL'11: Proceedings of the 13th international conference on Practical aspects of declarative languagesWe present a light-weight tool called Sloth which assists programmers in identifying unnecessarily strict first order functions. Sloth reports counterexamples in form of a partial value, the corresponding result of the tested function and a recommended ...
Coinductive Verification of Program Optimizations Using Similarity Relations
Formal verification methods have gained increased importance due to their ability to guarantee system correctness and improve reliability. Nevertheless, the question how proofs are to be formalized in theorem provers is far from being trivial, yet very ...






Comments