separation logic abstraction and inheritance
play

Separation Logic, Abstraction and Inheritance M. Parkinson, G. - PowerPoint PPT Presentation

Jul 03, 2023 •305 likes •553 views

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008 Timothe Martiel Research Topics in Software Engineering 1 / 19 Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About

  1. Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008 Timothée Martiel Research Topics in Software Engineering 1 / 19

  2. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 2 / 19

  3. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 3 / 19

  4. Separation Logic • Extension of Hoare Logic • Models heap manipulation • Local reasoning: separate heap into disjoint parts • No abstraction (modules, classes, dynamic method binding) { P } C { Q } { Precondition } Code { Postcondition } 4 / 19

  5. Separation Logic: Specification and Program Constructs Specifications • Points to predicate: i �→ x • ∗ conjunction: i �→ x ∗ j �→ y Program • Heap allocation: cons ( x ) • Heap lookup: i = [ x ] • Heap assignment: [ x ] = i • Heap deallocation: dispose ( x ) 5 / 19

  6. Separation Logic: Frame Rule Frame Rule { P } C { Q } { P ∗ R } C { Q ∗ R } Provided: free variables of R are not modified in C • Aliasing control • Local reasoning 6 / 19

  7. Separation Logic and Object-Oriented Verification Challenges of object-oriented languages: • Heavy heap usage: object references • Inheritance and dynamic dispatch Separation logic • Is a good framework for heap control • Needs extension to support inheritance 7 / 19

  8. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 8 / 19

  9. Framework Overview 3 extensions 1 Abstract Predicate Families to abstract data types 2 Static and Dynamic method specifications for static or dynamic method calls 3 Verification rules: method body is verified exactly once 9 / 19

  10. Example: Cell Class Hierarchy Example class ReCell: Cell { class Cell { int back; int val; public Cell(){} public Cell(){} public override void set(int x) public virtual void set(int x) {this.back = this.Cell::get(); {this.val = x;} this.Cell::set(x);} public virtual int get() public inherit int get(); {return this.val;} public virtual void undo(){...} } } 10 / 19

  11. Extension 1: Abstract Predicate Family • Abstract predicate describe abstract data types • Class hierarchy gives a family of abstract predicates, one for each class • Predicates accessible within the class hierarchy, predicate definition accessible within the class Example Family Val ( x , v ) : x . val �→ v Val Cell ( x , v ) = ˆ Val ReCell ( x , v , b ) = ˆ Val Cell ( x , v ) ∧ x . back �→ b Note: variable argument numbers are compensated by existential quantifiers 11 / 19

  12. Extension 2: Method Specifications • Two types of specifications: static ( { S C } _ { T C } ) and dynamic ( { P C } _ { Q C } ), for static and dynamic dispatch 4 elementary verifications • Body verification: { S C } method body { T C } • Dynamic dispatch: { S C } _ { T C } stronger than { P C } _ { Q C } • Behavioral subtyping: with D < : C , { P D } _ { Q D } stronger than { P C } _ { Q C } • Inheritance: with D < : C , { S C } _ { T C } stronger than { S D } _ { T D } 12 / 19

  13. Extension 3, Verifying Methods: Cell::set(int x) Specifications • Dynamic: { Val ( this , _ ) } _ { Val ( this , x ) } • Static: { Val Cell ( this , _ ) } _ { Val Cell ( this , x ) } Verification: method implemented in the base class • Body verification: { Val Cell ( this , _ ) } this . val = x ; { Val Cell ( this , x ) } • Dynamic dispatch: { Val Cell ( this , _ ) } _ { Val Cell ( this , x ) } ⇒ { Val ( this , _ ) } _ { Val ( this , x ) } 13 / 19

  14. Extension 3, Verifying Methods: ReCell::set(int x) Specifications • Dynamic: { Val ( this , v , _ ) } _ { Val ( this , x , v ) } • Static: { Val ReCell ( this , v , _ ) } _ { Val ReCell ( this , x , v ) } Verification: overridden method • Behavioral subtyping: { Val ( this , v , _ ) } _ { Val ( this , x , v ) } ⇒ { Val ( this , _ ) } _ { Val ( this , x ) } • Dynamic dispatch • Body verification 14 / 19

  15. Extension 3, Verifying Methods: ReCell::get() Specifications • Dynamic: { Val ( this , v , o ) } _ { Val ( this , v , o ) ∗ ret = v } • Static: { Val ReCell ( this , v , o ) } _ { Val ReCell ( this , v , o ) ∗ ret = v } • Static for Cell : { Val Cell ( this , v ) } _ { Val Cell ( this , v ) ∗ ret = v } Verification: inherited (not overridden) method • Inheritance: { Val Cell ( this , v ) } _ { Val Cell ( this , v ) ∗ ret = v } ⇒ { Val ReCell ( this , v , o ) } _ { Val ReCell ( this , v , o ) } • Behavioral subtyping • Dynamic dispatch 15 / 19

  16. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 16 / 19

  17. Object Invariants • Invariant: explicit consistency criterion on an object • When does it hold or not? How does an object tell that to a client? • Drossopoulou et al., in ECOOP , 2008 • Spec#, Barnett et al., in Proceedings of CASSIS , 2005 17 / 19

  18. Separation Logic: One More Trick • Not a behavioral subtype: Example “copy-and-paste” inheritance • Forbidden in class DCell: Cell { invariant-based approaches public DCell(){} • With separation logic: Val DCell ( x , v )ˆ = false public override void set(int x) DVal ( x , v )ˆ = Val Cell ( x , v ) {this.Cell::set(2 * x);} works fine: DCell is not a } (behavioral) subtype of Cell for the logic. 18 / 19

  19. Conclusion: a Flexible Framework Framework • More expressive than most other approaches • Requires more annotation: this can be automated • Cannot use first-order SMT solvers • Has been extended to a Java verifier (jStar, Distefano et al., in OOPSLA , 2008) Article • Self-contained, no other article required if you know separation logic • Well explained: formalism, intuition, examples • Gives an elegant solution in an elegant form 19 / 19

  20. Appendix 4 Formal Separation Logic Definitions 5 Bibliography 20 / 19

  21. Separation Logic Definitions: Stack and Heap Definition (Stack) S ˆ = Variables ⇀ Values Definition (Heap) H ˆ = Locations ⇀ Values Definition (Program State) ( S , H , I ) • I : auxiliary variables stack 21 / 19

  22. Separation Logic Definitions: Specifications Definition (points to) = E �→ E ′ ( S , H , I ) | = ˆ dom ( H ) = { [ E ] S , I } ∧ H ([ E ] S , I ) = [ E ′ ] S , I Definition (star) ( S , H , I ) | = P ∗ Q = ˆ ∃ H 1 , H 2 . H 1 ∗ H 2 = H ∧ ( S , H 1 , I ) | = P ∧ ( S , H 2 , I ) | = Q 22 / 19

  23. Separation Logic: Rules Definition (Frame Rule) ⊢ { P } C { Q } ⊢ { P ∗ R } C { Q ∗ R } Provided: modified ( C ) ∩ FV ( R ) = ∅ 23 / 19

  24. Bibliography • M. Barnett, K. R. M. Leino and W. Schulte. “The Spec# Programming System: An Overview”. In Proceedings of CASSIS , 2005 • D. Distefano and M. Parkinson “jStar: towards practical verification for java”, in OOPSLA 2008 • S. Drossopoulou, A. Francalanza, P. Müller and A. J. Summers. “A Unified Framework for Verification Techniques for Object Invariants”. In ECOOP 2008 24 / 19

Recommend

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Introduction In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing Hoare logic separation logic. We looked at the concepts separation logic is based on, the new assertions that

396 views • 14 slides
Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio Mansutti LSV, CNRS, ENS Paris-Saclay Paris - April 2019 What we will see An extension of propositional separation logic that can express some

569 views • 42 slides
Features of OO Programming Topic 4 Encapsulation Inheritance abstraction information hiding

Features of OO Programming Topic 4 Encapsulation Inheritance abstraction information hiding

Features of OO Programming Topic 4 Encapsulation Inheritance abstraction information hiding breaking problem up based on data types &quot;Question: What is the object oriented way of Inheritance getting rich? code reuse specialization

500 views • 8 slides
Inheritance Inheritance How inheritance works Inheritance Design I h it D i

Inheritance Inheritance How inheritance works Inheritance Design I h it D i

Contents Basic Inheritance Why inheritance Inheritance Inheritance How inheritance works Inheritance Design I h it D i Protected members Exploring different Constructors and destructors inheritance structure

1.28k views • 11 slides
Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) Dagstuhl, 2015-11-02 Plan for the talk Talk outline Motivation Basic separation logic Concurrent separation logic Frame inference

597 views • 21 slides
Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms Smaller Arthur Charguraud Franois Pottier LTP meeting Saclay, November 28, 2016 Motivation More Motivation Separation Logic with Read-Only

441 views • 27 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Logic Summer School, ANU, 7 December 2015 1/ 19

789 views • 63 slides
24. Subtyping, Inheritance and Polymorphism Expression Trees, Separation of Concerns and

24. Subtyping, Inheritance and Polymorphism Expression Trees, Separation of Concerns and

24. Subtyping, Inheritance and Polymorphism Expression Trees, Separation of Concerns and Modularisation, Type Hierarchies, Virtual Functions, Dynamic Binding, Code Reuse, Concepts of Object-Oriented Programming 750 Last Week: Expression Trees

728 views • 46 slides
Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St January 14, 2020 1 LSV, CNRS, ENS Paris-Saclay 2 I3S, Universit e C ote dAzur Separation Logic 99 Logic of Bunched Implication ( BI ) [P.

310 views • 27 slides
Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

CS6202: Advanced Topics in Programming Languages and Systems Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model Hoare-style Inference Rules Specification and Annotations Linked List and Segments

1.02k views • 76 slides
Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max Kanovich 2 1 Imperial College London 2 Queen Mary University of London LICS-25, University of Edinburgh, 12 July 2010 Separation logic (Reynolds,

1.11k views • 31 slides
Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis 2 Max Kanovich 1 1 UCL 2 Middlesex University University of Vienna, 14 Mar 2017 1/ 19 Compositional proofs in separation logic (1) Separation

1.14k views • 91 slides
Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri CNRS Marie Curie Fellow Yorktown Heights, March 2015 In Memoriam: Morgan Deters 2 Overview Separation Logic in a Nutshell 1 2 Expressive

915 views • 55 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Oracle Labs, Brisbane, 4 December 2015 1/ 19

291 views • 27 slides
Inheritance Tiziana Ligorio 1 Todays Plan Recap Useful C++ / OOP Intro to Inheritance

Inheritance Tiziana Ligorio 1 Todays Plan Recap Useful C++ / OOP Intro to Inheritance

Inheritance Tiziana Ligorio 1 Todays Plan Recap Useful C++ / OOP Intro to Inheritance Maybe More useful C++ / OOP 2 First a Recap and Review OPP Abstraction Encapsulation Information Hiding Classes Public

783 views • 35 slides
Inheritance Inheritance Introduction Three different kinds of inheritance Chapter 15

Inheritance Inheritance Introduction Three different kinds of inheritance Chapter 15

Overview Inheritance Inheritance Introduction Three different kinds of inheritance Chapter 15 Changing an inherited member function &amp; additional topics More Inheritance Details Polymorphism Motivating Example: Employee

406 views • 24 slides
Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

CS6202: Advanced Topics in Programming Hoare Logic Hoare Logic Languages and Systems Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview Notation : {P} code {Q} Assertion Logic {P}

557 views • 19 slides
Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa,

Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa,

Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa, Aquinas Hobor and John Wickerson IRIS Day OScience, Coronavirus Lockdown Edition Tuesday 7th April, 2020 1/ 13 Concurrent separation logic (

164 views • 13 slides
On Temporal and Separation Logics St ephane Demri CNRS, LSV, ENS Paris-Saclay TIME18

On Temporal and Separation Logics St ephane Demri CNRS, LSV, ENS Paris-Saclay TIME18

On Temporal and Separation Logics St ephane Demri CNRS, LSV, ENS Paris-Saclay TIME18 Warsaw, October 2018 The blossom of separation logics Separation logic: extension of Hoare-Floyd logic for (concurrent) programs with mutable data

642 views • 48 slides
Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics

Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics

Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics Group Dept. of Comp. Science, Aarhus University (Joint work with J. Bengtson, J.B. Jensen, H. Mehnert, P . Sestoft, F . Sieczkowski) April 2013

499 views • 34 slides
Undecidability of propositional separation logic and its neighbours James Brotherston Computer

Undecidability of propositional separation logic and its neighbours James Brotherston Computer

Undecidability of propositional separation logic and its neighbours James Brotherston Computer Science Seminar Institute of Cybernetics, Tallinn University of Technology 17 Nov 2011 1/ 27 Outline 1. An overview of propositional separation

948 views • 76 slides
Hoare logic Lecture 5: Introduction to separation logic Jean Pichon-Pharabod University of

Hoare logic Lecture 5: Introduction to separation logic Jean Pichon-Pharabod University of

Hoare logic Lecture 5: Introduction to separation logic Jean Pichon-Pharabod University of Cambridge CST Part II 2017/18 Introduction In the previous lectures, we have considered a language, WHILE , where mutability only concerned program

734 views • 57 slides
Inheritance Inheritance reminder from dIntProg pre- postconditions Graphics

Inheritance Inheritance reminder from dIntProg pre- postconditions Graphics

Inheritance Inheritance reminder from dIntProg pre- postconditions Graphics programming with inheritance Inheritance extending JComponent Mouse(Motion)Adapters Abstract classes and TEMPLATE pattern

186 views • 8 slides
Hoare Logic and Model Checking In the previous lecture we saw the informal concepts that

Hoare Logic and Model Checking In the previous lecture we saw the informal concepts that

Introduction Hoare Logic and Model Checking In the previous lecture we saw the informal concepts that Separation Logic is based on. This lecture will Kasper Svendsen University of Cambridge introduce a formal proof system for Separation

740 views • 10 slides

More recommend