a decidable fragment in separation logic with inductive
play

A Decidable Fragment in Separation Logic with Inductive Predicates - PowerPoint PPT Presentation

Mar 10, 2023 •265 likes •490 views

A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le (TU) Makoto Tatsuta (NII) Jun Sun (SUTD) Wei-Ngan Chin (NUS) Computer Aided Verification, 29th International Conference Heidelberg Germany July

  1. A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le (TU) Makoto Tatsuta (NII) Jun Sun (SUTD) Wei-Ngan Chin (NUS) Computer Aided Verification, 29th International Conference Heidelberg Germany July 28, 2017 Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 1 / 21

  2. A fragment of Separation Logic ∆ ::= ∃ ¯ Formula Φ ::= ∆ | Φ 1 ∨ Φ 2 v . ( κ ∧ π ) ::= emp | x �→ c ( v i ) | P (¯ Spatial formula v ) | κ 1 ∗ κ 2 κ Pure formula π ::= π 1 ∧ π 2 | α | φ α : Pointer (Dis)Equalities φ : Presburger arithmetic P : inductive predicate. Predicate Definition: P (¯ t ) ≡ Φ Warning: no pointer arithmetic and no magic wand Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 2 / 21

  3. A fragment of Separation Logic Inductive predicate: Singly-linked list with size property pred ll size ( root , n ) ≡ emp ∧ root = null ∧ n = 0 ∨ ∃ r , n 1 · root �→ node ( , r ) ∗ ll size ( r , n 1 ) ∧ n = n 1 + 1 Example: ll size ( x , 3 ) Numerical projection ll size N ( n ) ≡ n = 0 ∨ ∃ n 1 · ll size N ( n 1 ) ∧ n = n 1 + 1 Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 3 / 21

  4. Satisfiability Problem Input: A formula ∆ in the fragment Question: Is ∆ satisfiable? Challenges: Unbounded heaps Infinite numerical domain Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 4 / 21

  5. Satisfiability Problem The satisfiability problem is undecidable by simulating Peano arithmetic (Tatsuta et. al. - APLAS 2016). What is decidable? Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 5 / 21

  6. Contributions Decidable Fragment: A subfragment which is decidable and more expressive than all fragments which have been shown to be decidable previously. Decision Procedure: Base Computation Compute for each inductive predicate a finite representation that precisely characterises its satisfiability. Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 6 / 21

  7. Decidable Fragment Finite Representation: Base Formula (without inductive predicates) Combining empty heap ( emp ), points-to ( �→ ), spatial conjunction ( ∗ ) and Presburger Arithmetic Example: ∆ 1 ≡ emp ∧ x = null ∧ n = 0 SAT ∆ 2 ≡ x �→ node ( n , y ) ∗ y �→ node ( n − 1 , null ) ∧ x = y UNSAT The fragment of base formulas is decidable (Piskac, Wies and Zufferey - CAV 2013, Navarro and Rybalchenko - APLAS 2013) Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 7 / 21

  8. Foundation of Base Computation For each formula, eliminating existentially quantified pointer-typed variables produces an equi-satisfiable formula. Example: ∆ 1 ≡∃ r . ll size ( r , n ) ∧ x = null ∧ n = 0 is equi-satisfiable with ∆ 2 ≡∃ r . ll size N ( n ) ∧ x = null ∧ n = 0 If ll size N ( n ) can be computed as a Presburger formula, then ∆ 2 can be reduced into a base formula and thus is decidable. Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 8 / 21

  9. Decidable Fragment: Base Computation Given an inductive predicate P (¯ x ) ≡ Φ , Construct a cyclic unfolding tree for ∆ 0 ≡ P (¯ x ) 1 Flatten the tree into a disjunctive set of base formulas 2 ∆ 0 ∆ 0 ∆ 11 ∆ b 31 ∆ 11 ∆ ⋆ 12 ∆ 21 ∆ 22 ∆ 21 ∆ 22 ∆ 31 ∆ ⋆ 32 base P ( P (¯ x )) ≡{ ∆ 21 , ∆ b 31 } Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 9 / 21

  10. Constructing Cyclic Unfolding Tree Given an inductive predicate P (¯ x ) ≡ Φ , construct a unfolding tree for ∆ 0 ≡ P (¯ x ) through iterations of actions: Choose a (open) leaf, close it if 1 it can be reduced into a base formula. a base formula a formula in which pointer-typed parameters of every inductive predicates are existentially quantified. its over-approximation is unsat. can be linked back to form a circular path. Otherwise, unfold it. 2 ∆ 0 ∆ 11 ∆ ⋆ 12 ∆ 21 ∆ 22 ∆ 31 ∆ ⋆ 32 Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 10 / 21

  11. Constructing Cyclic Unfolding Tree pred Q ( x , y , n ) ≡ ∃ y 1 . x �→ node ( null , y 1 ) ∧ y = null ∧ x � = null ∧ n = 1 ∨ ∃ x 1 , y 1 , n 1 . y �→ node ( x 1 , y 1 ) ∗ Q ( x , y 1 , n 1 ) ∧ y � = null ∧ n = n 1 + 2 ; ∆ 0 ≡ Q ( x , y , n ) Base Detection. None 1 ∆ 0 Over-Approximation. π 0 ≡ true . 2 Not UNSAT Figure : Unfolding Tree T 0 . Cyclic Detection. None 3 Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 11 / 21

  12. Constructing Cyclic Unfolding Tree pred Q ( x , y , n ) ≡ ∃ y 1 . x �→ node ( null , y 1 ) ∧ y = null ∧ x � = null ∧ n = 1 ∨ ∃ x 1 , y 1 , n 1 . y �→ node ( x 1 , y 1 ) ∗ Q ( x , y 1 , n 1 ) ∧ y � = null ∧ n = n 1 + 2 ; ∆ 0 ≡ Q ( x , y , n ) ∆ 1 ≡∃ y 1 . x �→ node ( null , y 1 ) ∧ y = null ∧ x � = null ∧ n = 1 ∆ 2 ≡∃ x 1 , y 1 , n 1 . y �→ node ( x 1 , y 1 ) ∗ Q ( x , y 1 , n 1 ) ∧ y � = null ∧ n = n 1 + 2 Base Detection. ∆ 1 1 ∆ 0 Over-Approximation. 2 π 2 ≡∃ x 1 , y 1 , n 1 . y �→ node ( x 1 , y 1 ) ∧ true ∆ 1 ∆ 2 ∧ y � = null ∧ n = n 1 + 2. Not UNSAT Figure : Unfolding Tree T 1 . Cyclic Detection. None 3 Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 12 / 21

  13. Constructing Cyclic Unfolding Tree pred Q ( x , y , n ) ≡ ∃ y 1 . x �→ node ( null , y 1 ) ∧ y = null ∧ x � = null ∧ n = 1 ∨ ∃ x 1 , y 1 , n 1 . y �→ node ( x 1 , y 1 ) ∗ Q ( x , y 1 , n 1 ) ∧ y � = null ∧ n = n 1 + 2 ; ∆ 2 ≡∃ x 1 , y 1 , n 1 . y �→ node ( x 1 , y 1 ) ∗ Q ( x , y 1 , n 1 ) ∧ y � = null ∧ n = n 1 + 2 ∆ 3 ≡∃ x 1 , y 1 , n 1 , y 2 . y �→ node ( x 1 , y 1 ) ∗ x �→ node ( null , y 2 ) ∧ y 1 = null ∧ x � = null ∧ n 1 = 1 ∧ y � = null ∧ n = n 1 + 2 ∆ 4 ≡∃ x 1 , y 1 , n 1 , x 2 , y 2 , n 2 . y �→ node ( x 1 , y 1 ) ∗ y 1 �→ node ( x 2 , y 2 ) ∗ Q ( x , y 2 , n 2 ) ∧ y 1 � = null ∧ n 1 = n 2 + 2 ∧ y � = null ∧ n = n 1 + 2 ∆ 0 Base Detection. ∆ 3 1 Over-Approximation. π 4 ≡ .... . ∆ 1 ∆ ♣ 2 2 Not UNSAT ∆ 3 Cyclic Detection. Yes ∆ ♣ 3 4 Figure : T Q 2 . Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 13 / 21

  14. Constructing Cyclic Unfolding Tree Cyclic Detection ∆ 2 ≡∃ x 1 , y 1 , n 1 . y �→ node ( x 1 , y 1 ) ∗ Q ( x , y 1 , n 1 ) ∧ y � = null ∧ n = n 1 + 2 ∆ 4 ≡∃ x 1 , y 1 , n 1 , x 2 , y 2 , n 2 . y �→ node ( x 1 , y 1 ) ∗ y 1 �→ node ( x 2 , y 2 ) ∗ Q ( x , y 2 , n 2 ) ∧ y 1 � = null ∧ n 1 = n 2 + 2 ∧ y � = null ∧ n = n 1 + 2 Steps matching externally visible points-to predicate: y �→ node ( , ) 1 matching externally visible inductive predicates: Q ( x , , ) 2 In general, we may need to group isomorphic inductive predicates beforehand (same predicate name and same sequence of free arguments) matching externally visible (dis)equalities over pointers: y � = null 3 Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 14 / 21

  15. Flattening Cyclic Unfolding Tree ∆ 0 ∆ 1 ∆ ♣ 2 ∆ 3 ∆ ♣ 4 Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 15 / 21

  16. Flattening Cyclic Unfolding Tree ∆ 0 ∆ 0 ∆ 1 ∆ 2 ∆ 1 ∆ ♣ 2 ∆ 3 ∆ 4 ∆ 3 ∆ ♣ ∆ 1 ∆ 1 4 3 4 ... ∆ flat 3 ≡ ∆ 3 ∨ ∆ 1 3 ∨ ... ∆ 3 ≡ ∃ x 1 , y 1 , n 1 , y 2 . ( y �→ node ( x 1 , y 1 ) ∗ x �→ node ( null , y 2 ) ∧ x � = null ∧ y � = null ∧ n = n 1 + 2 ) ∧ ( y 1 = null ∧ n 1 = 1 ) ∆ 1 3 ≡∃ x 1 , y 1 , n 1 , x 2 , y 2 , n 2 , y 3 . ( y �→ node ( x 1 , y 1 ) ∗ x �→ node ( null , y 3 ) ∧ x � = null y � = null ∧ n = n 1 + 2 ) ∗ ( y 1 �→ node ( x 2 , y 2 ) ∧ y 2 = null ∧ n 1 = n 2 + 2 ∧ n 2 = 1 ) Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 16 / 21

  17. Flattening Cyclic Unfolding Tree ∆ 0 ∆ 1 ∆ ♣ 2 ∆ 3 ∆ ♣ 4 P cyc ( n 1 ) ≡ n 1 = 1 ∨ ∃ n 2 . n 1 = n 2 + 2 ∧ P cyc ( n 2 ) P cyc ( n 1 ) ≡∃ k . n 1 = 2 k + 1 ∧ k ≥ 0 ∆ b 3 is equi-satisfiable to ∆ flat 3 : ∆ b 3 ≡∃ x 1 , y 1 , x 2 , y 2 , n 1 . ( y �→ node ( x 1 , y 1 ) ∗ x �→ node ( null , y 2 ) ∧ x � = null ∧ y � = null ∧ n = n 1 + 2 ) ∧ ( ∃ k . n 1 = 2 k + 1 ∧ k ≥ 0 ) Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 17 / 21

  18. Flattening Cyclic Unfolding Tree ∆ 0 ∆ 0 = ⇒ ∆ 1 ∆ b 3 ∆ 1 ∆ ♣ 2 ∆ 3 ∆ ♣ 4 base P ( Q ( x , y , n )) ≡{ ∆ 1 , ∆ b 3 } Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 18 / 21

  19. Proposed Decidable Fragment An inductive predicate is in the proposed decidable fragment if all numerical projections of base leaves; and P cyc predicates are Presburger-definable (i.e., can be computed as Presburger formulas). Some systems of arithmetic inductive predicates are Presburger-definable: DPI (Tatsuta et. al. - APLAS 2016) periodic sets (Bozga et. al. - CAV 2010) Loc Le (Teesside University) Decidable Fragment in Separation Logic July 28, 2017 19 / 21

Recommend

A Deep Embedding of a Decidable Fragment of Separation Logic in HOL Thomas Tuerk Mike Gordon

A Deep Embedding of a Decidable Fragment of Separation Logic in HOL Thomas Tuerk Mike Gordon

Motivation Basic Definitions Entailments HOL embedding Example Conclusions and Future Work A Deep Embedding of a Decidable Fragment of Separation Logic in HOL Thomas Tuerk Mike Gordon ARG Lunch, 26th June 2006 Motivation Basic

567 views • 40 slides
11. Arrays 11- 1 (2) Array Property Fragment of T A Decidable fragment of T A that includes

11. Arrays 11- 1 (2) Array Property Fragment of T A Decidable fragment of T A that includes

11. Arrays 11- 1 (2) Array Property Fragment of T A Decidable fragment of T A that includes quantifiers Array property A -formula of form i . F [ i ] G [ i ] , where i is a list of variables. index guard F [ i ]: iguard

1.19k views • 21 slides
On a Decidable Fragment of d L or, The Next 700 (Un)decidable Fragments of d L David M Kahn Siva

On a Decidable Fragment of d L or, The Next 700 (Un)decidable Fragments of d L David M Kahn Siva

On a Decidable Fragment of d L or, The Next 700 (Un)decidable Fragments of d L David M Kahn Siva Somayyajula Carnegie Mellon University December 11, 2018 David M Kahn, Siva Somayyajula (CMU) On a Decidable Fragment of d L December 11, 2018 1

855 views • 28 slides
Disproving Inductive Entailments in Separation Logic via Base Pair Approximation James Brotherston

Disproving Inductive Entailments in Separation Logic via Base Pair Approximation James Brotherston

Disproving Inductive Entailments in Separation Logic via Base Pair Approximation James Brotherston 1 Nikos Gorogiannis 2 1 UCL 2 Middlesex University TABLEAUX15, Wroclaw, 23 Sept 2015 1/ 16 Disproof, in general Disproof is the problem of

624 views • 51 slides
Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1 Nikos Gorogiannis 2 Max Kanovich 1 Reuben Rowe 1 1 UCL 2 Middlesex University Australian National University, Canberra, 9 December 2015 1/ 24 Model

1.13k views • 81 slides
Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Introduction In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing Hoare logic separation logic. We looked at the concepts separation logic is based on, the new assertions that

396 views • 14 slides
Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio Mansutti LSV, CNRS, ENS Paris-Saclay Paris - April 2019 What we will see An extension of propositional separation logic that can express some

569 views • 42 slides
Logic as a Tool Chapter 1: Understanding Propositional Logic 1.4 Inductive definitions

Logic as a Tool Chapter 1: Understanding Propositional Logic 1.4 Inductive definitions

Logic as a Tool Chapter 1: Understanding Propositional Logic 1.4 Inductive definitions Structural induction and recursion Valentin Goranko Stockholm University October 2016 Goranko Introduction Inductive definitions: a special kind of

1.23k views • 108 slides
Targeted Mailing Inductive Logic Programming Fabrizio Riguzzi University of Ferrara If

Targeted Mailing Inductive Logic Programming Fabrizio Riguzzi University of Ferrara If

Targeted Mailing Inductive Logic Programming Fabrizio Riguzzi University of Ferrara If Age<30 and Address=ca then Resp=yes Inductive Logic Programming p. 1/93 Inductive Logic Programming p. 2/93 Join Multi Table The customer will

583 views • 24 slides
Introduction to Inductive Logic Programming Stephen Muggleton Department of Computing Imperial

Introduction to Inductive Logic Programming Stephen Muggleton Department of Computing Imperial

Introduction to Inductive Logic Programming Stephen Muggleton Department of Computing Imperial College, London Motivation Logic Program [Kowalski, 1980] Inductive Logic Programming [Muggleton, 1991] Machine Learn arbitrary programs

490 views • 17 slides
Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) Dagstuhl, 2015-11-02 Plan for the talk Talk outline Motivation Basic separation logic Concurrent separation logic Frame inference

597 views • 21 slides
Pure Inductive Logic Jeff Paris School of Mathematics, University of Manchester in

Pure Inductive Logic Jeff Paris School of Mathematics, University of Manchester in

Pure Inductive Logic Jeff Paris School of Mathematics, University of Manchester in collaboration with J urgen Landes, Chris Nix, Alena Vencovsk a Jeff Paris Pure Inductive Logic Page 1 of 1 Jeff Paris Pure Inductive Logic et-

754 views • 53 slides
Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms Smaller Arthur Charguraud Franois Pottier LTP meeting Saclay, November 28, 2016 Motivation More Motivation Separation Logic with Read-Only

441 views • 27 slides
Logic Programming in a Fragment of Intuitionistic Linear Logic by Joshua Hodas , PhD student at

Logic Programming in a Fragment of Intuitionistic Linear Logic by Joshua Hodas , PhD student at

Logic Programming in a Fragment of Intuitionistic Linear Logic by Joshua Hodas , PhD student at UPenn [now an attorney in Los Angeles] and Dale Miller , Edinburgh (sabbatical leave from UPenn) [now INRIA] A revised version appears in

213 views • 5 slides
Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008 Timothe Martiel Research Topics in Software Engineering 1 / 19 Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About

553 views • 24 slides
The Calculus of Computation: Decision Procedures with 11. Arrays Applications to Verification

The Calculus of Computation: Decision Procedures with 11. Arrays Applications to Verification

The Calculus of Computation: Decision Procedures with 11. Arrays Applications to Verification by Aaron Bradley Zohar Manna Springer 2007 11- 1 11- 2 (2) Array Property Fragment of T A Array Property Fragment of T A Decidable fragment of T A

425 views • 6 slides
OWL Three species of OWL OWL full is union of OWL syntax and RDF (Undecidable) OWL DL

OWL Three species of OWL OWL full is union of OWL syntax and RDF (Undecidable) OWL DL

OWL Three species of OWL OWL full is union of OWL syntax and RDF (Undecidable) OWL DL restricted to FOL fragment (decidable in NEXPTIME) OWL Lite is easier to implement subset of OWL DL (decidable in EXPTIME) Semantic

967 views • 74 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Logic Summer School, ANU, 7 December 2015 1/ 19

789 views • 63 slides
Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

. POPL 2016, St Petersburg, Florida, USA, 1 Programming Principles, Logic & Verification Group Department of Computer Science, University College London 2 Foundations of Computing Group Department of Computer Science, Middlesex University

1.02k views • 62 slides
Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St January 14, 2020 1 LSV, CNRS, ENS Paris-Saclay 2 I3S, Universit e C ote dAzur Separation Logic 99 Logic of Bunched Implication ( BI ) [P.

310 views • 27 slides
Inductive Learning of Answer Set Programs Mark Law, Alessandra Russo and Krysia Broda

Inductive Learning of Answer Set Programs Mark Law, Alessandra Russo and Krysia Broda

Inductive Learning of Answer Set Programs Mark Law, Alessandra Russo and Krysia Broda Inductive Logic Programming The task of Inductive Logic Programming (ILP) is to find a hypothesis H which explains a set of positive and negative

583 views • 12 slides
Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

CS6202: Advanced Topics in Programming Languages and Systems Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model Hoare-style Inference Rules Specification and Annotations Linked List and Segments

1.02k views • 76 slides
A Decidable Spatial Logic With Cone-shaped Cardinal Directions Angelo Montanari 1 , Gabriele

A Decidable Spatial Logic With Cone-shaped Cardinal Directions Angelo Montanari 1 , Gabriele

Introduction Cone Logic Satisiability Interval logics Outline A Decidable Spatial Logic With Cone-shaped Cardinal Directions Angelo Montanari 1 , Gabriele Puppis 2 , Pietro Sala 1 Departement of Mathematics and Computer Science, University of

834 views • 48 slides
Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max Kanovich 2 1 Imperial College London 2 Queen Mary University of London LICS-25, University of Edinburgh, 12 July 2010 Separation logic (Reynolds,

1.11k views • 31 slides

More recommend