separation logic abstraction and inheritance
play

Separation Logic, Abstraction and Inheritance M. Parkinson, G. - PowerPoint PPT Presentation

Jul 03, 2023 •305 likes •553 views

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008 Timothe Martiel Research Topics in Software Engineering 1 / 19 Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About

  1. Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008 Timothée Martiel Research Topics in Software Engineering 1 / 19

  2. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 2 / 19

  3. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 3 / 19

  4. Separation Logic • Extension of Hoare Logic • Models heap manipulation • Local reasoning: separate heap into disjoint parts • No abstraction (modules, classes, dynamic method binding) { P } C { Q } { Precondition } Code { Postcondition } 4 / 19

  5. Separation Logic: Specification and Program Constructs Specifications • Points to predicate: i �→ x • ∗ conjunction: i �→ x ∗ j �→ y Program • Heap allocation: cons ( x ) • Heap lookup: i = [ x ] • Heap assignment: [ x ] = i • Heap deallocation: dispose ( x ) 5 / 19

  6. Separation Logic: Frame Rule Frame Rule { P } C { Q } { P ∗ R } C { Q ∗ R } Provided: free variables of R are not modified in C • Aliasing control • Local reasoning 6 / 19

  7. Separation Logic and Object-Oriented Verification Challenges of object-oriented languages: • Heavy heap usage: object references • Inheritance and dynamic dispatch Separation logic • Is a good framework for heap control • Needs extension to support inheritance 7 / 19

  8. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 8 / 19

  9. Framework Overview 3 extensions 1 Abstract Predicate Families to abstract data types 2 Static and Dynamic method specifications for static or dynamic method calls 3 Verification rules: method body is verified exactly once 9 / 19

  10. Example: Cell Class Hierarchy Example class ReCell: Cell { class Cell { int back; int val; public Cell(){} public Cell(){} public override void set(int x) public virtual void set(int x) {this.back = this.Cell::get(); {this.val = x;} this.Cell::set(x);} public virtual int get() public inherit int get(); {return this.val;} public virtual void undo(){...} } } 10 / 19

  11. Extension 1: Abstract Predicate Family • Abstract predicate describe abstract data types • Class hierarchy gives a family of abstract predicates, one for each class • Predicates accessible within the class hierarchy, predicate definition accessible within the class Example Family Val ( x , v ) : x . val �→ v Val Cell ( x , v ) = ˆ Val ReCell ( x , v , b ) = ˆ Val Cell ( x , v ) ∧ x . back �→ b Note: variable argument numbers are compensated by existential quantifiers 11 / 19

  12. Extension 2: Method Specifications • Two types of specifications: static ( { S C } _ { T C } ) and dynamic ( { P C } _ { Q C } ), for static and dynamic dispatch 4 elementary verifications • Body verification: { S C } method body { T C } • Dynamic dispatch: { S C } _ { T C } stronger than { P C } _ { Q C } • Behavioral subtyping: with D < : C , { P D } _ { Q D } stronger than { P C } _ { Q C } • Inheritance: with D < : C , { S C } _ { T C } stronger than { S D } _ { T D } 12 / 19

  13. Extension 3, Verifying Methods: Cell::set(int x) Specifications • Dynamic: { Val ( this , _ ) } _ { Val ( this , x ) } • Static: { Val Cell ( this , _ ) } _ { Val Cell ( this , x ) } Verification: method implemented in the base class • Body verification: { Val Cell ( this , _ ) } this . val = x ; { Val Cell ( this , x ) } • Dynamic dispatch: { Val Cell ( this , _ ) } _ { Val Cell ( this , x ) } ⇒ { Val ( this , _ ) } _ { Val ( this , x ) } 13 / 19

  14. Extension 3, Verifying Methods: ReCell::set(int x) Specifications • Dynamic: { Val ( this , v , _ ) } _ { Val ( this , x , v ) } • Static: { Val ReCell ( this , v , _ ) } _ { Val ReCell ( this , x , v ) } Verification: overridden method • Behavioral subtyping: { Val ( this , v , _ ) } _ { Val ( this , x , v ) } ⇒ { Val ( this , _ ) } _ { Val ( this , x ) } • Dynamic dispatch • Body verification 14 / 19

  15. Extension 3, Verifying Methods: ReCell::get() Specifications • Dynamic: { Val ( this , v , o ) } _ { Val ( this , v , o ) ∗ ret = v } • Static: { Val ReCell ( this , v , o ) } _ { Val ReCell ( this , v , o ) ∗ ret = v } • Static for Cell : { Val Cell ( this , v ) } _ { Val Cell ( this , v ) ∗ ret = v } Verification: inherited (not overridden) method • Inheritance: { Val Cell ( this , v ) } _ { Val Cell ( this , v ) ∗ ret = v } ⇒ { Val ReCell ( this , v , o ) } _ { Val ReCell ( this , v , o ) } • Behavioral subtyping • Dynamic dispatch 15 / 19

  16. Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About Invariants? 16 / 19

  17. Object Invariants • Invariant: explicit consistency criterion on an object • When does it hold or not? How does an object tell that to a client? • Drossopoulou et al., in ECOOP , 2008 • Spec#, Barnett et al., in Proceedings of CASSIS , 2005 17 / 19

  18. Separation Logic: One More Trick • Not a behavioral subtype: Example “copy-and-paste” inheritance • Forbidden in class DCell: Cell { invariant-based approaches public DCell(){} • With separation logic: Val DCell ( x , v )ˆ = false public override void set(int x) DVal ( x , v )ˆ = Val Cell ( x , v ) {this.Cell::set(2 * x);} works fine: DCell is not a } (behavioral) subtype of Cell for the logic. 18 / 19

  19. Conclusion: a Flexible Framework Framework • More expressive than most other approaches • Requires more annotation: this can be automated • Cannot use first-order SMT solvers • Has been extended to a Java verifier (jStar, Distefano et al., in OOPSLA , 2008) Article • Self-contained, no other article required if you know separation logic • Well explained: formalism, intuition, examples • Gives an elegant solution in an elegant form 19 / 19

  20. Appendix 4 Formal Separation Logic Definitions 5 Bibliography 20 / 19

  21. Separation Logic Definitions: Stack and Heap Definition (Stack) S ˆ = Variables ⇀ Values Definition (Heap) H ˆ = Locations ⇀ Values Definition (Program State) ( S , H , I ) • I : auxiliary variables stack 21 / 19

  22. Separation Logic Definitions: Specifications Definition (points to) = E �→ E ′ ( S , H , I ) | = ˆ dom ( H ) = { [ E ] S , I } ∧ H ([ E ] S , I ) = [ E ′ ] S , I Definition (star) ( S , H , I ) | = P ∗ Q = ˆ ∃ H 1 , H 2 . H 1 ∗ H 2 = H ∧ ( S , H 1 , I ) | = P ∧ ( S , H 2 , I ) | = Q 22 / 19

  23. Separation Logic: Rules Definition (Frame Rule) ⊢ { P } C { Q } ⊢ { P ∗ R } C { Q ∗ R } Provided: modified ( C ) ∩ FV ( R ) = ∅ 23 / 19

  24. Bibliography • M. Barnett, K. R. M. Leino and W. Schulte. “The Spec# Programming System: An Overview”. In Proceedings of CASSIS , 2005 • D. Distefano and M. Parkinson “jStar: towards practical verification for java”, in OOPSLA 2008 • S. Drossopoulou, A. Francalanza, P. Müller and A. J. Summers. “A Unified Framework for Verification Techniques for Object Invariants”. In ECOOP 2008 24 / 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Introduction In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing Hoare logic separation logic. We looked at the concepts separation logic is based on, the new assertions that

396 views • 14 slides
Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio Mansutti LSV, CNRS, ENS Paris-Saclay Paris - April 2019 What we will see An extension of propositional separation logic that can express some

569 views • 42 slides
Features of OO Programming Topic 4 Encapsulation Inheritance abstraction information hiding

Features of OO Programming Topic 4 Encapsulation Inheritance abstraction information hiding

Features of OO Programming Topic 4 Encapsulation Inheritance abstraction information hiding breaking problem up based on data types &quot;Question: What is the object oriented way of Inheritance getting rich? code reuse specialization

500 views • 8 slides
Inheritance Inheritance How inheritance works Inheritance Design I h it D i

Inheritance Inheritance How inheritance works Inheritance Design I h it D i

Contents Basic Inheritance Why inheritance Inheritance Inheritance How inheritance works Inheritance Design I h it D i Protected members Exploring different Constructors and destructors inheritance structure

1.28k views • 11 slides
Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) Dagstuhl, 2015-11-02 Plan for the talk Talk outline Motivation Basic separation logic Concurrent separation logic Frame inference

597 views • 21 slides
Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms Smaller Arthur Charguraud Franois Pottier LTP meeting Saclay, November 28, 2016 Motivation More Motivation Separation Logic with Read-Only

441 views • 27 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Logic Summer School, ANU, 7 December 2015 1/ 19

789 views • 63 slides
24. Subtyping, Inheritance and Polymorphism Expression Trees, Separation of Concerns and

24. Subtyping, Inheritance and Polymorphism Expression Trees, Separation of Concerns and

24. Subtyping, Inheritance and Polymorphism Expression Trees, Separation of Concerns and Modularisation, Type Hierarchies, Virtual Functions, Dynamic Binding, Code Reuse, Concepts of Object-Oriented Programming 750 Last Week: Expression Trees

728 views • 46 slides
Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St January 14, 2020 1 LSV, CNRS, ENS Paris-Saclay 2 I3S, Universit e C ote dAzur Separation Logic 99 Logic of Bunched Implication ( BI ) [P.

310 views • 27 slides
Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

CS6202: Advanced Topics in Programming Languages and Systems Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model Hoare-style Inference Rules Specification and Annotations Linked List and Segments

1.02k views • 76 slides
Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max Kanovich 2 1 Imperial College London 2 Queen Mary University of London LICS-25, University of Edinburgh, 12 July 2010 Separation logic (Reynolds,

1.11k views • 31 slides
Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis 2 Max Kanovich 1 1 UCL 2 Middlesex University University of Vienna, 14 Mar 2017 1/ 19 Compositional proofs in separation logic (1) Separation

1.14k views • 91 slides
Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri CNRS Marie Curie Fellow Yorktown Heights, March 2015 In Memoriam: Morgan Deters 2 Overview Separation Logic in a Nutshell 1 2 Expressive

915 views • 55 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Oracle Labs, Brisbane, 4 December 2015 1/ 19

291 views • 27 slides
Inheritance Tiziana Ligorio 1 Todays Plan Recap Useful C++ / OOP Intro to Inheritance

Inheritance Tiziana Ligorio 1 Todays Plan Recap Useful C++ / OOP Intro to Inheritance

Inheritance Tiziana Ligorio 1 Todays Plan Recap Useful C++ / OOP Intro to Inheritance Maybe More useful C++ / OOP 2 First a Recap and Review OPP Abstraction Encapsulation Information Hiding Classes Public

783 views • 35 slides
Inheritance Inheritance Introduction Three different kinds of inheritance Chapter 15

Inheritance Inheritance Introduction Three different kinds of inheritance Chapter 15

Overview Inheritance Inheritance Introduction Three different kinds of inheritance Chapter 15 Changing an inherited member function &amp; additional topics More Inheritance Details Polymorphism Motivating Example: Employee

406 views • 24 slides
Verification of cryptographic protocols: techniques, tools and link to cryptanalysis Vronique

Verification of cryptographic protocols: techniques, tools and link to cryptanalysis Vronique

Verification of cryptographic protocols: techniques, tools and link to cryptanalysis Vronique Cortier INRIA project Cassis, Loria CNRS, Nancy, France French/Japanese Symposium on Computer Security - Sept. 6th, 2005 Verification of

605 views • 46 slides
Desynchronisation of coupled bistable oscillators perturbed by additive white noise Joint work

Desynchronisation of coupled bistable oscillators perturbed by additive white noise Joint work

Numerics and Theory for Stochastic Evolution Equations University of Bielefeld, 2224 November 2006 Barbara Gentz, University of Bielefeld http://www.math.uni-bielefeld.de/ gentz Desynchronisation of coupled bistable oscillators perturbed

698 views • 49 slides
Limits and new directions in PID J. Vavra, SLAC Reach of the present PID techniques TRD e

Limits and new directions in PID J. Vavra, SLAC Reach of the present PID techniques TRD e

Limits and new directions in PID J. Vavra, SLAC Reach of the present PID techniques TRD e identification TOF dE/dx hadron identification RICH 10 3 10 4 10 0 10 -1 10 1 10 2 p [GeV/c] TOF &amp; dE/dx cover the lowest momentum

557 views • 40 slides
SAT Solvers for Queries over Tree Automata with Constraints Pierre-Cyrille Ham, Vincent Hugot,

SAT Solvers for Queries over Tree Automata with Constraints Pierre-Cyrille Ham, Vincent Hugot,

The SAT encoding Implementation and Experiments SAT Solvers for Queries over Tree Automata with Constraints Pierre-Cyrille Ham, Vincent Hugot, Olga Kouchnarenko {pcheam,okouchnarenko}@lifc.univ-fcomte.fr, vhugot@edu.univ-fcomte.fr

882 views • 59 slides
Resource Guarantees and PCC 50 ways* to say it with a proof Ian Stark Laboratory for Foundations

Resource Guarantees and PCC 50 ways* to say it with a proof Ian Stark Laboratory for Foundations

Resource Guarantees and PCC 50 ways* to say it with a proof Ian Stark Laboratory for Foundations of Computer Science School of Informatics The University of Edinburgh Proof Carrying Code workshop Friday 11 August 2006

469 views • 36 slides
Verification techniques for cryptographic protocols eronique Cortier 1 V RTA08 1 LORIA, CNRS

Verification techniques for cryptographic protocols eronique Cortier 1 V RTA08 1 LORIA, CNRS

Introduction Formal models Adding equational theories Towards more guarantees Verification techniques for cryptographic protocols eronique Cortier 1 V RTA08 1 LORIA, CNRS - INRIA Cassis project, Nancy Universities 1/45 V eronique

785 views • 76 slides
On Securely Manipulating XML Data Houari Mahfoud and Abdessamad Imine Houari Mahfoud and

On Securely Manipulating XML Data Houari Mahfoud and Abdessamad Imine Houari Mahfoud and

On Securely Manipulating XML Data Houari Mahfoud and Abdessamad Imine Houari Mahfoud and Abdessamad Imine CASSIS Team CASSIS Team INRIA-LORIA Grand-Est, Nancy, France INRIA-LORIA Grand-Est, Nancy, France 5TH INTERNATIONAL SYMPOSIUM ON

905 views • 30 slides
Z3 - a Tutorial Leonardo de Moura Nikolaj Bjrner Microsoft Research Microsoft Research

Z3 - a Tutorial Leonardo de Moura Nikolaj Bjrner Microsoft Research Microsoft Research

Z3 - a Tutorial Leonardo de Moura Nikolaj Bjrner Microsoft Research Microsoft Research leonardo@microsoft.com nbjorner@microsoft.com Abstract This tutorial introduces the use of the state-of-the-art Satisfiability Modulo Theories Solver

1k views • 61 slides

More recommend