disproving inductive entailments in separation logic via
play

Disproving Inductive Entailments in Separation Logic via Base Pair - PowerPoint PPT Presentation

May 19, 2023 •97 likes •624 views

Disproving Inductive Entailments in Separation Logic via Base Pair Approximation James Brotherston 1 Nikos Gorogiannis 2 1 UCL 2 Middlesex University TABLEAUX15, Wroclaw, 23 Sept 2015 1/ 16 Disproof, in general Disproof is the problem of

  1. Disproving Inductive Entailments in Separation Logic via Base Pair Approximation James Brotherston 1 Nikos Gorogiannis 2 1 UCL 2 Middlesex University TABLEAUX’15, Wroclaw, 23 Sept 2015 1/ 16

  2. Disproof, in general • Disproof is the problem of showing that an entailment A ⊢ B (in some undecidable logic) is not valid. 2/ 16

  3. Disproof, in general • Disproof is the problem of showing that an entailment A ⊢ B (in some undecidable logic) is not valid. • Application in proof search: backtrack from invalid subgoals. 2/ 16

  4. Disproof, in general • Disproof is the problem of showing that an entailment A ⊢ B (in some undecidable logic) is not valid. • Application in proof search: backtrack from invalid subgoals. • Application in lemma speculation and automated theory exploration: filter out invalid “lemmas”. 2/ 16

  5. Disproof, in general • Disproof is the problem of showing that an entailment A ⊢ B (in some undecidable logic) is not valid. • Application in proof search: backtrack from invalid subgoals. • Application in lemma speculation and automated theory exploration: filter out invalid “lemmas”. • Precision usually costs. 2/ 16

  6. Disproof, in general • Disproof is the problem of showing that an entailment A ⊢ B (in some undecidable logic) is not valid. • Application in proof search: backtrack from invalid subgoals. • Application in lemma speculation and automated theory exploration: filter out invalid “lemmas”. • Precision usually costs. • Our setting: symbolic-heap separation logic with inductive definitions, widely used in program verification. 2/ 16

  7. Symbolic-heap separation logic • Terms t are either variables x, y, z . . . or the constant nil . 3/ 16

  8. Symbolic-heap separation logic • Terms t are either variables x, y, z . . . or the constant nil . • Spatial formulas F and pure formulas π given by: F ::= emp | x �→ t | P t | F ∗ F π ::= t = t | t � = t (where P a predicate symbol, t a tuple of terms). • �→ (“points-to”) denotes an individual pointer to a record in the heap. • ∗ (“separating conjunction”) demarks domain-disjoint heaps. 3/ 16

  9. Symbolic-heap separation logic • Terms t are either variables x, y, z . . . or the constant nil . • Spatial formulas F and pure formulas π given by: F ::= emp | x �→ t | P t | F ∗ F π ::= t = t | t � = t (where P a predicate symbol, t a tuple of terms). • �→ (“points-to”) denotes an individual pointer to a record in the heap. • ∗ (“separating conjunction”) demarks domain-disjoint heaps. • Symbolic heaps A given by ∃ x . Π : F , for Π a set of pure formulas. 3/ 16

  10. Inductive definitions in separation logic • Inductive predicates defined by a set of rules of form: A ⇒ P t (We typically suppress the existential quantifiers in A .) 4/ 16

  11. Inductive definitions in separation logic • Inductive predicates defined by a set of rules of form: A ⇒ P t (We typically suppress the existential quantifiers in A .) • E.g., linked list segments with root x and tail element y given by: emp ⇒ ls x x x � = nil : x �→ z ∗ ls z y ⇒ ls x y 4/ 16

  12. Inductive definitions in separation logic • Inductive predicates defined by a set of rules of form: A ⇒ P t (We typically suppress the existential quantifiers in A .) • E.g., linked list segments with root x and tail element y given by: emp ⇒ ls x x x � = nil : x �→ z ∗ ls z y ⇒ ls x y • E.g., binary trees with root x given by: x = nil : emp ⇒ bt x x � = nil : x �→ ( y, z ) ∗ bt y ∗ bt z ⇒ bt x 4/ 16

  13. Semantics • Models are stacks s : Var → Val paired with heaps h : Loc ⇀ fin Val . ◦ is union of domain-disjoint heaps; e is the empty heap; nil is a non-allocable value. 5/ 16

  14. Semantics • Models are stacks s : Var → Val paired with heaps h : Loc ⇀ fin Val . ◦ is union of domain-disjoint heaps; e is the empty heap; nil is a non-allocable value. • Forcing relation s, h | = A given by s, h | = Φ t 1 = ( � =) t 2 ⇔ s ( t 1 ) = ( � =) s ( t 2 ) s, h | = Φ emp ⇔ h = e s, h | = Φ x �→ t ⇔ dom( h ) = { s ( x ) } and h ( s ( x )) = s ( t ) ( s ( t ) , h ) ∈ � P i � Φ s, h | = Φ P i t ⇔ s, h | = Φ F 1 ∗ F 2 ⇔ ∃ h 1 , h 2 . h = h 1 ◦ h 2 and s, h 1 | = Φ F 1 and s, h 2 | = Φ F 2 ∃ v ∈ Val | z | . s [ z �→ v ] , h | s, h | = Φ ∃ z . Π : F ⇔ = Φ π for all π ∈ Π and s [ z �→ v ] , h | = Φ F 5/ 16

  15. Disproof in our logic • Entailment is here undecidable [Antoupoulos et al., FOSSACS’14], although satisfiability is decidable [Brotherston et al., CSL-LICS’14]. 6/ 16

  16. Disproof in our logic • Entailment is here undecidable [Antoupoulos et al., FOSSACS’14], although satisfiability is decidable [Brotherston et al., CSL-LICS’14]. • To disprove A ⊢ B , we need a countermodel ( s, h ) s.t. s, h | = Φ A but s, h �| = Φ B . 6/ 16

  17. Disproof in our logic • Entailment is here undecidable [Antoupoulos et al., FOSSACS’14], although satisfiability is decidable [Brotherston et al., CSL-LICS’14]. • To disprove A ⊢ B , we need a countermodel ( s, h ) s.t. s, h | = Φ A but s, h �| = Φ B . • Model checking has only very recently been shown decidable, in fact EXPTIME-complete [Brotherston et al., submitted, 2015]. 6/ 16

  18. Disproof in our logic • Entailment is here undecidable [Antoupoulos et al., FOSSACS’14], although satisfiability is decidable [Brotherston et al., CSL-LICS’14]. • To disprove A ⊢ B , we need a countermodel ( s, h ) s.t. s, h | = Φ A but s, h �| = Φ B . • Model checking has only very recently been shown decidable, in fact EXPTIME-complete [Brotherston et al., submitted, 2015]. • Enumerating and checking all possible counter-models is complete, but complicated and, I suspect, ridiculously expensive. 6/ 16

  19. Base pairs [Brotherston et al., CSL-LICS’14] • For any symbolic heap A , we can compute an overapproximation, base Φ ( A ). 7/ 16

  20. Base pairs [Brotherston et al., CSL-LICS’14] • For any symbolic heap A , we can compute an overapproximation, base Φ ( A ). Each “base pair” records, for each possible way of constructing a model of A , 1. the variables in FV ( A ) that must be allocated, and 2. the (dis)equalities over FV ( A ) ∪ { nil } that must hold. 7/ 16

  21. Base pairs [Brotherston et al., CSL-LICS’14] • For any symbolic heap A , we can compute an overapproximation, base Φ ( A ). Each “base pair” records, for each possible way of constructing a model of A , 1. the variables in FV ( A ) that must be allocated, and 2. the (dis)equalities over FV ( A ) ∪ { nil } that must hold. • E.g., recall linked list segment predicate ls : emp ⇒ ls x x x � = nil : x �→ z ∗ ls z y ⇒ ls x y 7/ 16

  22. Base pairs [Brotherston et al., CSL-LICS’14] • For any symbolic heap A , we can compute an overapproximation, base Φ ( A ). Each “base pair” records, for each possible way of constructing a model of A , 1. the variables in FV ( A ) that must be allocated, and 2. the (dis)equalities over FV ( A ) ∪ { nil } that must hold. • E.g., recall linked list segment predicate ls : emp ⇒ ls x x x � = nil : x �→ z ∗ ls z y ⇒ ls x y We obtain two base pairs: base Φ ( ls x y ) = { ( ∅ , { x = y } ) , ( { x } , { x � = nil } ) } 7/ 16

  23. Connecting base pairs and models • Base pairs are formally related to models as follows. 8/ 16

  24. Connecting base pairs and models • Base pairs are formally related to models as follows. Lemma (1) Given ( V, Π) ∈ base Φ ( A ) , a stack s s.t. s | = Π , and finite set W ⊂ Loc \ s ( V ) , then ∃ h. s, h | = Φ A and W ∩ dom( h ) = ∅ . 8/ 16

  25. Connecting base pairs and models • Base pairs are formally related to models as follows. Lemma (1) Given ( V, Π) ∈ base Φ ( A ) , a stack s s.t. s | = Π , and finite set W ⊂ Loc \ s ( V ) , then ∃ h. s, h | = Φ A and W ∩ dom( h ) = ∅ . Lemma (2) = Φ B , there is a base pair ( V, Π) ∈ base Φ ( B ) such that If s, h | s ( V ) ⊆ dom( h ) and s | = Π . 8/ 16

  26. Connecting base pairs and models • Base pairs are formally related to models as follows. Lemma (1) Given ( V, Π) ∈ base Φ ( A ) , a stack s s.t. s | = Π , and finite set W ⊂ Loc \ s ( V ) , then ∃ h. s, h | = Φ A and W ∩ dom( h ) = ∅ . Lemma (2) = Φ B , there is a base pair ( V, Π) ∈ base Φ ( B ) such that If s, h | s ( V ) ⊆ dom( h ) and s | = Π . • Consequently, we can use Lemma 1 to construct a model of A and then Lemma 2 to show it cannot be a model of B. 8/ 16

  27. Disproof “game” Game (1) • Given A ⊢ B . a move by Player 1 is a choice of: • a base pair ( X, Π) ∈ base Φ ( A ) ; • a stack s such that s | = Π ; and • a finite set W ⊂ Loc \ s ( X ) . 9/ 16

  28. Disproof “game” Game (1) • Given A ⊢ B . a move by Player 1 is a choice of: • a base pair ( X, Π) ∈ base Φ ( A ) ; • a stack s such that s | = Π ; and • a finite set W ⊂ Loc \ s ( X ) . • A response by Player 2 is a base pair ( Y, Θ) ∈ base Φ ( B ) such that s | = Θ and W ∩ s ( Y ) = ∅ . 9/ 16

  29. Disproof “game” Game (1) • Given A ⊢ B . a move by Player 1 is a choice of: • a base pair ( X, Π) ∈ base Φ ( A ) ; • a stack s such that s | = Π ; and • a finite set W ⊂ Loc \ s ( X ) . • A response by Player 2 is a base pair ( Y, Θ) ∈ base Φ ( B ) such that s | = Θ and W ∩ s ( Y ) = ∅ . • A move is winning if there is no possible response. 9/ 16

Recommend

Decidability of Entailments in Separation Logic with Arrays Daisuke Kimura (Toho Univ.) joint

Decidability of Entailments in Separation Logic with Arrays Daisuke Kimura (Toho Univ.) joint

Decidability of Entailments in Separation Logic with Arrays Daisuke Kimura (Toho Univ.) joint work with Makoto Tatsuta (NII) Workshop on Mathematical Logic and its Application JSPS Core-to-Core Program 16-17 Sep. 2016 Kyoto University

251 views • 22 slides
A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le

A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le

A Decidable Fragment in Separation Logic with Inductive Predicates and Arithmetic Quang Loc Le (TU) Makoto Tatsuta (NII) Jun Sun (SUTD) Wei-Ngan Chin (NUS) Computer Aided Verification, 29th International Conference Heidelberg Germany July

490 views • 21 slides
Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1 Nikos Gorogiannis 2 Max Kanovich 1 Reuben Rowe 1 1 UCL 2 Middlesex University Australian National University, Canberra, 9 December 2015 1/ 24 Model

1.13k views • 81 slides
Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Introduction In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing Hoare logic separation logic. We looked at the concepts separation logic is based on, the new assertions that

396 views • 14 slides
A Deep Embedding of a Decidable Fragment of Separation Logic in HOL Thomas Tuerk Mike Gordon

A Deep Embedding of a Decidable Fragment of Separation Logic in HOL Thomas Tuerk Mike Gordon

Motivation Basic Definitions Entailments HOL embedding Example Conclusions and Future Work A Deep Embedding of a Decidable Fragment of Separation Logic in HOL Thomas Tuerk Mike Gordon ARG Lunch, 26th June 2006 Motivation Basic

567 views • 40 slides
Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio Mansutti LSV, CNRS, ENS Paris-Saclay Paris - April 2019 What we will see An extension of propositional separation logic that can express some

569 views • 42 slides
Logic as a Tool Chapter 1: Understanding Propositional Logic 1.4 Inductive definitions

Logic as a Tool Chapter 1: Understanding Propositional Logic 1.4 Inductive definitions

Logic as a Tool Chapter 1: Understanding Propositional Logic 1.4 Inductive definitions Structural induction and recursion Valentin Goranko Stockholm University October 2016 Goranko Introduction Inductive definitions: a special kind of

1.23k views • 108 slides
Targeted Mailing Inductive Logic Programming Fabrizio Riguzzi University of Ferrara If

Targeted Mailing Inductive Logic Programming Fabrizio Riguzzi University of Ferrara If

Targeted Mailing Inductive Logic Programming Fabrizio Riguzzi University of Ferrara If Age<30 and Address=ca then Resp=yes Inductive Logic Programming p. 1/93 Inductive Logic Programming p. 2/93 Join Multi Table The customer will

583 views • 24 slides
Introduction to Inductive Logic Programming Stephen Muggleton Department of Computing Imperial

Introduction to Inductive Logic Programming Stephen Muggleton Department of Computing Imperial

Introduction to Inductive Logic Programming Stephen Muggleton Department of Computing Imperial College, London Motivation Logic Program [Kowalski, 1980] Inductive Logic Programming [Muggleton, 1991] Machine Learn arbitrary programs

490 views • 17 slides
Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) Dagstuhl, 2015-11-02 Plan for the talk Talk outline Motivation Basic separation logic Concurrent separation logic Frame inference

597 views • 21 slides
Pure Inductive Logic Jeff Paris School of Mathematics, University of Manchester in

Pure Inductive Logic Jeff Paris School of Mathematics, University of Manchester in

Pure Inductive Logic Jeff Paris School of Mathematics, University of Manchester in collaboration with J urgen Landes, Chris Nix, Alena Vencovsk a Jeff Paris Pure Inductive Logic Page 1 of 1 Jeff Paris Pure Inductive Logic et-

754 views • 53 slides
Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms Smaller Arthur Charguraud Franois Pottier LTP meeting Saclay, November 28, 2016 Motivation More Motivation Separation Logic with Read-Only

441 views • 27 slides
Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008 Timothe Martiel Research Topics in Software Engineering 1 / 19 Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About

553 views • 24 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Logic Summer School, ANU, 7 December 2015 1/ 19

789 views • 63 slides
Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

Model Checking for Symbolic-Heap Separation Logic with Inductive Predicates James Brotherston 1

. POPL 2016, St Petersburg, Florida, USA, 1 Programming Principles, Logic & Verification Group Department of Computer Science, University College London 2 Foundations of Computing Group Department of Computer Science, Middlesex University

1.02k views • 62 slides
Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St January 14, 2020 1 LSV, CNRS, ENS Paris-Saclay 2 I3S, Universit e C ote dAzur Separation Logic 99 Logic of Bunched Implication ( BI ) [P.

310 views • 27 slides
Inductive Learning of Answer Set Programs Mark Law, Alessandra Russo and Krysia Broda

Inductive Learning of Answer Set Programs Mark Law, Alessandra Russo and Krysia Broda

Inductive Learning of Answer Set Programs Mark Law, Alessandra Russo and Krysia Broda Inductive Logic Programming The task of Inductive Logic Programming (ILP) is to find a hypothesis H which explains a set of positive and negative

583 views • 12 slides
Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

CS6202: Advanced Topics in Programming Languages and Systems Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model Hoare-style Inference Rules Specification and Annotations Linked List and Segments

1.02k views • 76 slides
Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max Kanovich 2 1 Imperial College London 2 Queen Mary University of London LICS-25, University of Edinburgh, 12 July 2010 Separation logic (Reynolds,

1.11k views • 31 slides
Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis 2 Max Kanovich 1 1 UCL 2 Middlesex University University of Vienna, 14 Mar 2017 1/ 19 Compositional proofs in separation logic (1) Separation

1.14k views • 91 slides
Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri CNRS Marie Curie Fellow Yorktown Heights, March 2015 In Memoriam: Morgan Deters 2 Overview Separation Logic in a Nutshell 1 2 Expressive

915 views • 55 slides
Probabilistic Inductive Logic Programming with SLIPCOVER Fabrizio Riguzzi F. Riguzzi PILP 1 /

Probabilistic Inductive Logic Programming with SLIPCOVER Fabrizio Riguzzi F. Riguzzi PILP 1 /

Probabilistic Inductive Logic Programming with SLIPCOVER Fabrizio Riguzzi F. Riguzzi PILP 1 / 33 Logic Programming Useful to model domains with complex relationships among entities A subset of First Order Logic Closed World Assumption

340 views • 33 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Oracle Labs, Brisbane, 4 December 2015 1/ 19

291 views • 27 slides
Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

CS6202: Advanced Topics in Programming Hoare Logic Hoare Logic Languages and Systems Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview Notation : {P} code {Q} Assertion Logic {P}

557 views • 19 slides

More recommend