Advertisement

Formal Aspects of Computing

, Volume 30, Issue 3–4, pp 381–441 | Cite as

Unifying separation logic and region logic to allow interoperability

  • Yuyan Bao
  • Gary T. LeavensEmail author
  • Gidon Ernst
Original Article

Abstract

Framing is important for specification and verification, especially in programs that mutate data structures with shared data, such as DAGs. Both separation logic and region logic are successful approaches to framing, with separation logic providing a concise way to reason about data structures that are disjoint, and region logic providing the ability to reason about framing for shared mutable data. In order to obtain the benefits of both logics for programs with shared mutable data, this paper unifies them into a single logic, which can encode both of them and allows them to interoperate. The new logic thus provides a way to reason about program modules specified in a mix of styles.

Keywords

Separation logic Fine-grained region logic Framing Shared mutable data Formal specification Formal verification Hoare logic Unified fine-grained region logic (UFRL) 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. BCD+06.
    Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: a modular reusable verifier for object-oriented programs. Formal methods for components and objects (FMCO) 2005, revised lectures (Lecture notes in computer science), vol. 4111, pp. 364–387. Springer-Verlag, New York, NY (2006)Google Scholar
  2. BCD+11.
    Barrett C, Conway CL, Deters M, Hadarean L, Jovanović D, King T, Reynolds A, Tinelli C (2011) Cvc4. In: Proceedings of the 23rd international conference on computer aided verification, CAV'11. Springer, Berlin, pp 171–177Google Scholar
  3. BCO05.
    Berdine, J., Calcagno, C., OHearn PW, : A decidable fragment of separation logic. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004: foundations of software technology and theoretical computer science. Lecture Notes in Computer Science, vol. 3328, pp. 97–109. Springer, Berlin (2004)Google Scholar
  4. BCO06.
    Berdine J, Calcagno C, O'Hearn PW (2006) Smallfoot: modular automatic assertion checking with separation logic. In: Proceedings of the 4th international conference on formal methods for components and objects, FMCO'05. Springer, Berlin, pp 115–137Google Scholar
  5. BCOM05.
    Berdine J, Calcagno C, O'Hearn PW, Mary Q (2005) Symbolic execution with separation logic. In: In APLAS. Springer, pp 52–68Google Scholar
  6. BE16a.
    Bao Y, Ernst G (2016) A KIV project for defining semantics for intuitionistic separation logic. http://www.eecs.ucf.edu/~ybao/project/sl-semantics/index.xml
  7. BE16b.
    Bao Y, Ernst G (2016) A KIV project for proving encoding supported separation logic into unified fine-grained region logic. http://www.eecs.ucf.edu/~ybao/project/frl-sep-expr/index.xml
  8. BF12.
    Bobot, B., Filliâtre, J.-C.: Separation predicates: a taste of separation logic in first-order logic. Formal methods and software engineering: 14th international conference on formal engineering methods, ICFEM 2012, Kyoto, Japan, November 12–16 proceedings, pp. 167–181. Springer, Berlin (2012)CrossRefGoogle Scholar
  9. BHS07.
    Beckert, B., Hähnle, R., Schmitt, P.H.: Verification of object-oriented software: the KeY approach Lecture Notes in Computer Science, vol. 4334. Springer, Berlin (2007)Google Scholar
  10. BLE15.
    Bao Y, Leavens GT, Ernst G (2015) Conditional effects in fine-grained region logic. In: Proceedings of the 17th Workshop on formal techniques for Java-like programs, FTfJP '15. ACM, New York, NY, USA, pp 5:1–5:6Google Scholar
  11. BLE16.
    Bao Y, Leavens GT, Ernst G (2016) Fine-grained region logic and unified fine-grained region logic. Technical report CS-TR-16-01, Computer Science, University of Central Florida, Orlando, FL, August 2016. http://www.eecs.ucf.edu/~ybao/tech-reports/FRL-UFRL-TR.pdf
  12. BLS05.
    Barnett, M., Leino, K.R.M., Schulte, W.: The Spec# programming system: an overview. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) Construction and analysis of safe, secure, and interoperable smart devices (CASSIS 2004) (Lecture Notes in Computer Science). Springer, vol. 3362, pp. 49–69. New York, NY (2005)CrossRefGoogle Scholar
  13. BMR95.
    Borgida, A., Mylopoulos, J., Reiter, R.: On the frame problem in procedure specifications. IEEE Trans Softw Eng 21(10), 785–798 (1995)CrossRefGoogle Scholar
  14. BN13.
    Banerjee B, Naumann DA (2013) Local reasoning for global invariants, part ii: dynamic boundaries. J ACM 60(3):19:1–19:73Google Scholar
  15. BN14.
    Banerjee, A., Naumann, D.A.: A logical analysis of framing for specifications with pure method calls. Verified software: theories, tools and experiments: 6th international conference, VSTTE 2014, Vienna, Austria, July 17–18, revised selected papers, pp. 3–20. Springer, Cham (2014)Google Scholar
  16. BNR08.
    Banerjee, A., Naumann, D.A., Rosenberg, S.: Regional logic for local reasoning about global invariants. In: Vitek, J. (ed.) European conference on object-oriented programming (ECOOP) (Lecture Notes in Computer Science), vol. 5142, pp. 387–411. Springer, New York (2008)Google Scholar
  17. BNR13.
    Banerjee A, Naumann DA, Rosenberg S (2013) Local reasoning for global invariants, part i: region logic. J ACM 60(3):18:1–18:56Google Scholar
  18. Bro07.
    Brotherston J (2007) Formalised inductive reasoning in the logic of bunched implications. In: Proceedings of the 14th international conference on static analysis, SAS'07. Springer, Berlin, pp 87–103Google Scholar
  19. CHO+11.
    Cook B, Haase C, Ouaknine J, Parkinson M, Worrell J (2011) Tractable reasoning in a fragment of separation logic. In: CONCUR 2011–Concurrency theory: 22nd international conference, CONCUR 2011, Aachen, Germany, September 6–9, 2011. Proceedings. Springer, Berlin, pp 235–249Google Scholar
  20. CKLP06.
    Chalin, P., Kiniry, J.R., Leavens, G.T., Poll, E.: Beyond assertions: advanced specification and verification with JML and ESC/Java2. Formal methods for components and objects (FMCO) 2005, Revised Lectures (Lecture Notes in Computer Science), vol. 4111, pp. 342–363. Springer, Berlin (2006)Google Scholar
  21. CLSE05.
    Cheon, Y., Leavens, G.T., Sitaraman, M., Edwards, S.: Model variables: cleanly supporting abstraction in design by contract. Softw Pract Exp 35(6), 583–599 (2005)CrossRefGoogle Scholar
  22. dMB08.
    de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. Tools and algorithms for the construction and analysis (TACAS) (Lecture Notes in Computer Science), vol. 4963, pp. 337–340. Springer, Berlin (2008)Google Scholar
  23. DOY06.
    Distefano D, O'Hearn PW, Yang H (2006) A local shape analysis based on separation logic. In Proceedings of the 12th International conference on tools and algorithms for the construction and analysis of systems, TACAS'06. Springer, Berlin, pp 287–302Google Scholar
  24. EPS+14.
    Ernst G, Pfhler J, Schellhorn G,Haneberg D, Reif W (2014) Kiv: overview and verifythis competition. Int J Softw Tools Technol Transf 1–18Google Scholar
  25. FL17.
    Ford RL, Leino KRM (2017) Dafny reference manual (draft). https://github.com/Microsoft/dafny/blob/master/Docs/DafnyRef/out/DafnyRef.pdf
  26. GHW85.
    Guttag, J.V., Horning, J.J., Wing, J.J.: The Larch family of specification languages. IEEE Softw 2(5), 24–36 (1985)CrossRefGoogle Scholar
  27. HV13.
    Hobor A, Villard J (2012) The ramifications of sharing in data structures. In: Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on principles of programming languages, POPL '13. ACM, New York, pp 523–536Google Scholar
  28. IO01.
    Ishtiaq SS, O'Hearn PW (2001) BI as an assertion language for mutable data structures. In: Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on principles of programming languages, POPL '01. ACM, New York, pp 14–26Google Scholar
  29. Jon86.
    Jones, C.B.: Systematic software development using VDM. International Series in Computer Science, Prentice-Hall Inc, Englewood Cliffs (1986)zbMATHGoogle Scholar
  30. JSP10.
    Jacobs B, Smans J, Piessens F (2010) The verifast program verifier: a tutorialGoogle Scholar
  31. Kas06.
    Kassios, I.T.: Dynamic frames: support for framing, dependencies and sharing without restrictions. In: Sekerinski, E., Misra, J., Nipkow, T. (eds.) Formal methods (FM) (Lecture Notes in Computer Science), vol. 4085, pp. 268–283. Springer, Berlin (2006)Google Scholar
  32. Kas11.
    Kassios, I.T.: The dynamic frames theory. Form Asp Comput 23(3), 267–288 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  33. LBR01.
    Leavens GT, Baker AL, Ruby C (2001) Preliminary design of JML: a behavioral interface specification language for Java. Technical Report 98-06q, Iowa State University, Department of Computer Science, December 2001. This is an obsolete versionGoogle Scholar
  34. LBR06.
    Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of JML: a behavioral interface specification language for Java. ACM SIGSOFT Softw Eng Notes 31(3), 1–38 (2006)CrossRefGoogle Scholar
  35. Lei95.
    Leino KRM (1995) Toward reliable modular programs. Ph.D. thesis, California Institute of Technology. Available as Technical Report Caltech-CS-TR-95-03Google Scholar
  36. Lei98.
    Leino, K.R.M.: Data groups: specifying the modification of extended state. OOPSLA '98 conference proceedings (ACM SIGPLAN Notices), vol 33(10), pp. 144–153. ACM, New York (1998)Google Scholar
  37. Lei08.
    Leino KRM (2008) Specification and verification of object-oriented software. Lecture notes from Marktoberdorf Internation Summer School. http://research.microsoft.com/en-us/um/people/leino/papers/krml190.pdf
  38. Lei10.
    Leino KRM (2010) Dafny: an automatic program verifier for functional correctness. In: Logic for programming, artificial intelligence, and reasoning, 16th international conference, LPAR-16 (Lecture Notes in Computer Science), vol 6355. Springer, pp 348–370Google Scholar
  39. LM09.
    Leino, K.R.M., Müller, P.: A basis for verifying multi-threaded programs. In: Castagna, G. (ed.) Programming languages and systems, 18th European symposium on programming, ESOP 2009 (Lecture Notes in Computer Science), vol. 5502, pp. 378–393. Springer, Berlin (2009)Google Scholar
  40. LM10.
    Leino KRM, Monahan R (2010) Dafny meets the verification benchmarks challenge. In: Proceedings of the third international conference on verified software: theories, tools, experiments (Lecture Notes in Computer Science), vol 6217. Springer, Berlin, pp 112–126Google Scholar
  41. LN02.
    Leino, K.R.M., Nelson, G.: Data abstraction and information hiding. ACM Trans Program Lang Syst 24(5), 491–553 (2002)CrossRefGoogle Scholar
  42. LPHZ02.
    Leino KRM, Poetzsch-Heffter A, Zhou Y (2002) Using data groups to specify and check side effects. In: Proceedings of the ACM SIGPLAN 2002 Conference on programming language design and implementation (PLDI'02) (ACM SIGPLAN Notices), vol 37(5). ACM, New York, pp 246–257Google Scholar
  43. MPHL06.
    Müller, P., Poetzsch-Heffter, A., Leavens, G.T.: Modular invariants for layered object structures. Sci Comput Program 62(3), 253–286 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  44. MU15.
    Mostowski W, Ulbrich M (2015) Dynamic dispatch for method contracts through abstract predicates. In: Proceedings of the 14th international conference on modularity, MODULARITY 2015. ACM, New York, pp 109–116Google Scholar
  45. Mül02.
    Müller, P.: Modular specification and verification of object-oriented programs (Lecture Notes in Computer Science), vol. 2262. Springer, Berlin (2002)CrossRefGoogle Scholar
  46. NVP98.
    Noble J, Vitek J, Potter J (1998) Flexible alias protection. In: Jul E (ed) ECOOP '98—Object-oriented programming, 12th European conference, Brussels, Belgium (Lecture Notes in Computer Science), vol 1445. Springer, pp 158–185Google Scholar
  47. ORY01.
    O'Hearn P, Reynolds J, Yang H (2001) Local reasoning about programs that alter data structures. In: Proceedings of CSL'01 (Lecture Notes in Computer Science), vol 2142. Springer, Berlin, pp 1–19Google Scholar
  48. OYR04.
    O'Hearn PW, Yang H, Reynolds JC (2004) Separation and information hiding. In: Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on principles of programming languages, POPL '04. ACM, New York, pp 268–280Google Scholar
  49. OYR09.
    O'Hearn PW, Yang H, Reynolds JC (2009) Separation and information hiding. ACM Trans Program Lang Syst 31(3):11:1–11:50Google Scholar
  50. Par05.
    Parkinson MJ (2005) Local reasoning for Java. Technical Report 654, University of Cambridge Computer Laboratory, November 2005. The author's Ph.D. dissertationGoogle Scholar
  51. PB05.
    Parkinson, M., Bierman, G.: Separation logic and abstraction. In: Palsberg, J., Abadi, M. (eds.) ACM symposium on principles of programming languages, pp. 247–258. ACM, New York (2005)Google Scholar
  52. PB08.
    Parkinson, M., Bierman, G.: Separation logic, abstraction and inheritance. In: Wadler, P. (ed.) ACM symposium on principles of programming languages, pp. 75–86. ACM, New York (2008)Google Scholar
  53. PS12.
    Parkinson, M.J., Summers, A.J.: The relationship between separation logic and implicit dynamic frames. Log Methods Comput Sci 8(3), (2012)Google Scholar
  54. RBN12.
    Rosenberg, S., Banerjee, A., Naumann, D.A.: Decision procedures for region logic. Verification, Model checking, and abstract interpretation, pp. 379–395. Springer, Berlin (2012)CrossRefGoogle Scholar
  55. Rey02.
    Reynolds JC (2002) Separation logic: a logic for shared mutable data structures. In: Proceedings of the seventeenth annual IEEE symposium on logic in computer science. IEEE Computer Society Press, Los Alamitos, pp 55–74Google Scholar
  56. SJP10.
    Smans J, Jacobs B, Piessens F (2010) Heap-dependent expressions in separation logic. In: Proceedings of the 12th IFIP WG 6.1 international conference and 30th IFIP WG 6.1 international conference on formal techniques for distributed systems, FMOODS'10/FORTE'10. Springer, Berlin, pp 170–185Google Scholar
  57. SJP12.
    Smans J, Jacobs B, Piessens F (2012) Implicit dynamic frames. ACM Trans Program Lang Syst 34(1):2:1–2:58Google Scholar
  58. SJPS10.
    Smans, J., Jacobs, B., Piessens, F., Schulte, W.: Automatic verification of java programs with dynamic frames. Form Asp Comput 22(3), 423–457 (2010)CrossRefzbMATHGoogle Scholar
  59. Tue10.
    Tuerk T (2010) Local reasoning about while-loops. In: International conference on verified software: theories, tools and experiments—theory workshop (VS-TheoryGoogle Scholar
  60. Wei11.
    Weiß B (2011) Deductive Verification of object-oriented software: dynamic frames, dynamic logic and predicate abstraction. Ph.D. thesis, Karlsruhe Institute of TechnologyGoogle Scholar
  61. YO02.
    Yang H, O'Hearn PW (2002) A semantic basis for local reasoning. In: Proceedings of the 5th international conference on foundations of software science and computation structures, FoSSaCS '02. Springer, London, pp 402–416Google Scholar

Copyright information

© British Computer Society 2018

Authors and Affiliations

  1. 1.University of Central FloridaOrlandoUSA
  2. 2.Universität AugsburgAugsburgGermany

Personalised recommendations