Biabduction (and Related Problems) in Array Separation Logic

  • James Brotherston
  • Nikos Gorogiannis
  • Max Kanovich
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10395)

Abstract

We investigate array separation logic (\(\mathsf {ASL}\)), a variant of symbolic-heap separation logic in which the data structures are either pointers or arrays, i.e., contiguous blocks of memory. This logic provides a language for compositional memory safety proofs of array programs. We focus on the biabduction problem for this logic, which has been established as the key to automatic specification inference at the industrial scale. We present an \(\mathsf {NP}\) decision procedure for biabduction in \(\mathsf {ASL}\), and we also show that the problem of finding a consistent solution is \(\mathsf {NP}\)-hard. Along the way, we study satisfiability and entailment in \(\mathsf {ASL}\), giving decision procedures and complexity bounds for both problems. We show satisfiability to be \(\mathsf {NP}\)-complete, and entailment to be decidable with high complexity. The surprising fact that biabduction is simpler than entailment is due to the fact that, as we show, the element of choice over biabduction solutions enables us to dramatically reduce the search space.

Keywords

Separation logic Arrays Biabduction Entailment Complexity 

References

  1. 1.
    Ajtai, M., Fagin, R., Stockmeyer, L.J.: The closure of monadic NP. J. Comput. Syst. Sci. 60(3), 660–716 (2000)MathSciNetCrossRefMATHGoogle Scholar
  2. 2.
    Alberti, F., Ghilardi, S., Sharygina, N.: Decision procedures for flat array properties. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014. LNCS, vol. 8413, pp. 15–30. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54862-8_2 CrossRefGoogle Scholar
  3. 3.
    Antonopoulos, T., Gorogiannis, N., Haase, C., Kanovich, M., Ouaknine, J.: Foundations for decision problems in separation logic with general inductive predicates. In: Muscholl, A. (ed.) FoSSaCS 2014. LNCS, vol. 8412, pp. 411–425. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54830-7_27 CrossRefGoogle Scholar
  4. 4.
    Berdine, J., Calcagno, C., O’Hearn, P.W.: A decidable fragment of separation logic. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004. LNCS, vol. 3328, pp. 97–109. Springer, Heidelberg (2004). doi:10.1007/978-3-540-30538-5_9 CrossRefGoogle Scholar
  5. 5.
    Berdine, J., Cook, B., Ishtiaq, S.: SLAyer: memory safety for systems-level code. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 178–183. Springer, Heidelberg (2011). doi:10.1007/978-3-642-22110-1_15 CrossRefGoogle Scholar
  6. 6.
    Bouajjani, A., Drăgoi, C., Enea, C., Sighireanu, M.: A logic-based framework for reasoning about composite data structures. In: Bravetti, M., Zavattaro, G. (eds.) CONCUR 2009. LNCS, vol. 5710, pp. 178–195. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04081-8_13 CrossRefGoogle Scholar
  7. 7.
    Bouajjani, A., Drăgoi, C., Enea, C., Sighireanu, M.: Accurate invariant checking for programs manipulating lists and arrays with infinite data. In: Chakraborty, S., Mukund, M. (eds.) ATVA 2012. LNCS, pp. 167–182. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33386-6_14 CrossRefGoogle Scholar
  8. 8.
    Bradley, A.R., Manna, Z., Sipma, H.B.: What’s decidable about arrays? In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 427–442. Springer, Heidelberg (2005). doi:10.1007/11609773_28 CrossRefGoogle Scholar
  9. 9.
    Brotherston, J.: Formalised inductive reasoning in the logic of bunched implications. In: Nielson, H.R., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 87–103. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74061-2_6 CrossRefGoogle Scholar
  10. 10.
    Brotherston, J., Fuhs, C., Gorogiannis, N., Navarro Pérez, J.: A decision procedure for satisfiability in separation logic with inductive predicates. In: Proceedings of CSL-LICS, pp. 25:1–25:10. ACM (2014)Google Scholar
  11. 11.
    Brotherston, J., Gorogiannis, N., Kanovich, M.: Biabduction (and related problems) in array separation logic. CoRR abs/1607.01993 (2016). http://arxiv.org/abs/1607.01993
  12. 12.
    Brotherston, J., Gorogiannis, N., Kanovich, M., Rowe, R.: Model checking for symbolic-heap separation logic with inductive predicates. In: Proceedings of POPL-43, pp. 84–96. ACM (2016)Google Scholar
  13. 13.
    Calcagno, C., Distefano, D., Dubreil, J., Gabi, D., Hooimeijer, P., Luca, M., O’Hearn, P., Papakonstantinou, I., Purbrick, J., Rodriguez, D.: Moving fast with software verification. In: Havelund, K., Holzmann, G., Joshi, R. (eds.) NFM 2015. LNCS, vol. 9058, pp. 3–11. Springer, Cham (2015). doi:10.1007/978-3-319-17524-9_1 Google Scholar
  14. 14.
    Calcagno, C., Distefano, D., O’Hearn, P.W., Yang, H.: Compositional shape analysis by means of bi-abduction. J. ACM 58(6) (2011)Google Scholar
  15. 15.
    Chin, W.N., David, C., Nguyen, H.H., Qin, S.: Automated verification of shape, size and bag properties via user-defined predicates in separation logic. Sci. Comp. Prog. 77(9), 1006–1036 (2012)CrossRefMATHGoogle Scholar
  16. 16.
    Cook, B., Haase, C., Ouaknine, J., Parkinson, M., Worrell, J.: Tractable reasoning in a fragment of separation logic. In: Katoen, J.-P., König, B. (eds.) CONCUR 2011. LNCS, vol. 6901, pp. 235–249. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23217-6_16 CrossRefGoogle Scholar
  17. 17.
    Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms, 3rd edn. MIT Press, Cambridge (2009)MATHGoogle Scholar
  18. 18.
    Cousot, P., Cousot, R., Fähndrich, M., Logozzo, F.: Automatic inference of necessary preconditions. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 128–148. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35873-9_10 CrossRefGoogle Scholar
  19. 19.
    Cousot, P., Cousot, R., Logozzo, F.: A parametric segmentation functor for fully automatic and scalable array content analysis. In: Proceedings of POPL-38, pp. 105–118. ACM (2011)Google Scholar
  20. 20.
    Dillig, I., Dillig, T., Aiken, A.: Fluid updates: beyond strong vs. weak updates. In: Gordon, A.D. (ed.) ESOP 2010. LNCS, vol. 6012, pp. 246–266. Springer, Heidelberg (2010). doi:10.1007/978-3-642-11957-6_14 CrossRefGoogle Scholar
  21. 21.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman, New York (1979)MATHGoogle Scholar
  22. 22.
    Gorogiannis, N., Kanovich, M., O’Hearn, P.W.: The complexity of abduction for separated heap abstractions. In: Yahav, E. (ed.) SAS 2011. LNCS, vol. 6887, pp. 25–42. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23702-7_7 CrossRefGoogle Scholar
  23. 23.
    Grädel, E.: Subclasses of Presburger arithmetic and the polynomial-time hierarchy. Theor. Comput. Sci. 56, 289–301 (1988)MathSciNetCrossRefMATHGoogle Scholar
  24. 24.
    Gu, X., Chen, T., Wu, Z.: A complete decision procedure for linearly compositional separation logic with data constraints. In: Olivetti, N., Tiwari, A. (eds.) IJCAR 2016. LNCS, vol. 9706, pp. 532–549. Springer, Cham (2016). doi:10.1007/978-3-319-40229-1_36 Google Scholar
  25. 25.
    Haase, C.: Subclasses of Presburger arithmetic and the weak EXP hierarchy. In: Proceedings of CSL-LICS, pp. 47:1–47:10. ACM (2014)Google Scholar
  26. 26.
    Hartmanis, J., Immerman, N., Sewelson, V.: Sparse sets in NP-P: EXPTIME versus NEXPTIME. Inform. Control 65(2), 158–181 (1985)MathSciNetCrossRefMATHGoogle Scholar
  27. 27.
    Iosif, R., Rogalewicz, A., Simacek, J.: The tree width of separation logic with recursive definitions. In: Bonacina, M.P. (ed.) CADE 2013. LNCS, vol. 7898, pp. 21–38. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38574-2_2 CrossRefGoogle Scholar
  28. 28.
    Jacobs, B., Smans, J., Philippaerts, P., Vogels, F., Penninckx, W., Piessens, F.: VeriFast: a powerful, sound, predictable, fast verifier for C and Java. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 41–55. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20398-5_4 CrossRefGoogle Scholar
  29. 29.
    Kovács, L., Voronkov, A.: Finding loop invariants for programs over arrays using a theorem prover. In: Chechik, M., Wirsing, M. (eds.) FASE 2009. LNCS, vol. 5503, pp. 470–485. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00593-0_33 CrossRefGoogle Scholar
  30. 30.
    Le, Q.L., Sun, J., Chin, W.-N.: Satisfiability modulo heap-based programs. In: Chaudhuri, S., Farzan, A. (eds.) CAV 2016. LNCS, vol. 9779, pp. 382–404. Springer, Cham (2016). doi:10.1007/978-3-319-41528-4_21 Google Scholar
  31. 31.
    Müller, P., Schwerhoff, M., Summers., A.J.: Automatic verification of iterated separating conjunctions using symbolic execution. In: Proceedings of CAV-28 (2016, to appear)Google Scholar
  32. 32.
    O’Hearn, P.W.: Resources, concurrency and local reasoning. Theor. Comput. Sci. 375(1–3), 271–307 (2007)MathSciNetCrossRefMATHGoogle Scholar
  33. 33.
    O’Hearn, P.W., Yang, H., Reynolds, J.C.: Separation and information hiding. In: Proceedings of POPL-31, pp. 268–280. ACM (2004)Google Scholar
  34. 34.
    Reynolds, J.C.: Separation logic: a logic for shared mutable data structures. In: Proceedings of LICS-17, pp. 55–74. IEEE (2002)Google Scholar
  35. 35.
    Scarpellini, B.: Complexity of subcases of Presburger arithmetic. Trans. Am. Math. Soc. 284(1), 203–218 (1984)MathSciNetCrossRefMATHGoogle Scholar
  36. 36.
    Stockmeyer, L.J.: The polynomial-time hierarchy. Theor. Comput. Sci. 3, 1–22 (1977)MathSciNetCrossRefMATHGoogle Scholar
  37. 37.
    Ströder, T., Giesl, J., Brockschmidt, M., Frohn, F., Fuhs, C., Hensel, J., Schneider-Kamp, P., Aschermann, C.: Automatically proving termination and memory safety for programs with pointer arithmetic. J. Autom. Reasoning 58(1), 33–65 (2017)MathSciNetCrossRefMATHGoogle Scholar
  38. 38.
    Tatsuta, M., Kimura, D.: Separation logic with monadic inductive definitions and implicit existentials. In: Feng, X., Park, S. (eds.) APLAS 2015. LNCS, vol. 9458, pp. 69–89. Springer, Cham (2015). doi:10.1007/978-3-319-26529-2_5 CrossRefGoogle Scholar
  39. 39.
    Yang, H., O’Hearn, P.W.: A semantic basis for local reasoning. In: Nielsen, M., Engberg, U. (eds.) FoSSaCS 2002. LNCS, vol. 2303, pp. 402–416. Springer, Heidelberg (2002). doi:10.1007/3-540-45931-6_28 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • James Brotherston
    • 1
  • Nikos Gorogiannis
    • 2
  • Max Kanovich
    • 1
    • 3
  1. 1.University College LondonLondonUK
  2. 2.Middlesex UniversityLondonUK
  3. 3.National Research University Higher School of EconomicsMoscowRussian Federation

Personalised recommendations