separation logic goes
play

Separation Logic Goes Joost-Pieter Katoen Verified Software - PDF document

Aug 07, 2023 •265 likes •1.03k views

Verified Software Workshop 2019 Separation Logic Goes Joost-Pieter Katoen Verified Software Workshop, Isaac Newton Institute, Cambridge 2019 Joost-Pieter Katoen Separation Logic Goes 1/68 Verified Software Workshop 2019 Background and

  1. Verified Software Workshop 2019 Separation Logic Goes Joost-Pieter Katoen Verified Software Workshop, Isaac Newton Institute, Cambridge 2019 Joost-Pieter Katoen Separation Logic Goes 1/68

  2. Verified Software Workshop 2019 Background and Introduction Overview Background and Introduction 1 Separation Logic 2 Probabilistic Weakest Preconditions 3 Quantitative Separation Logic 4 Case Studies 5 Epilogue 6 Joost-Pieter Katoen Separation Logic Goes 2/68

  3. Verified Software Workshop 2019 Background and Introduction Perspective in Nature “There are several reasons why probabilistic programming could prove to be revolutionary for machine intelligence and scientific modelling.” Joost-Pieter Katoen Separation Logic Goes 3/68

  4. Verified Software Workshop 2019 Background and Introduction Probabilistic Programming Scenic O Popular PPL: STAN ( > 10,000 active users, 33 releases) Almost every PL has a probabilistic version! probabilistic-programming.org Joost-Pieter Katoen Separation Logic Goes 4/68

  5. Verified Software Workshop 2019 Background and Introduction Today’s Focus “Randomised skip list algorithms have the same asymptotic expected time bounds as balanced trees and are simpler, faster, and use less space.” [ Pugh, 1989 ] “The expected running time of randomised splay trees is smaller than deterministic variants” [ Albers and Karpinski, 2002 ] Joost-Pieter Katoen Separation Logic Goes 5/68

  6. Verified Software Workshop 2019 Background and Introduction Today’s Focus Can we formally prove programs that flip coins and manipulate pointers? At the source code level. No “descend” in some operational model. No ad-hoc arguments. Enabling mechanised certification. Joost-Pieter Katoen Separation Logic Goes 6/68

  7. Verified Software Workshop 2019 Background and Introduction Practical Relevance E Pugh ng 8g ] CACM , Joost-Pieter Katoen Separation Logic Goes 7/68

  8. Verified Software Workshop 2019 Background and Introduction Practical Relevance 2016 ] [ Carbin et al CACM . , Joost-Pieter Katoen Separation Logic Goes 7/68

  9. Verified Software Workshop 2019 Background and Introduction Practical Relevance [ Ruttenberg 2014 ] & Pfeffer , Joost-Pieter Katoen Separation Logic Goes 7/68

  10. Verified Software Workshop 2019 Background and Introduction Array Randomisation randomise(array,n) { i := 0; while (0 <= i < n) { j := uniform (i,n-1); swap(array,i,j); i++ } } Is the probability of any fixed array configuration 1 n ! ? Joost-Pieter Katoen Separation Logic Goes 8/68

  11. Verified Software Workshop 2019 Background and Introduction Faulty Garbage Collector delete (x) { if (x != 0) {{ skip // fails with probability p } [p] { // flip biased coin left := <x> ; right := <x+1>; delete (left) ; delete (right); * free(x) ; free(x+1) }} } II left right Joost-Pieter Katoen Separation Logic Goes 9/68

  12. Verified Software Workshop 2019 Background and Introduction Faulty Garbage Collector delete (x) { if (x != 0) {{ skip // fails with probability p } [p] { // flip biased coin left := <x> ; right := <x+1>; delete (left) ; delete (right); free(x) ; free(x+1) }} } What is the probability that on termination the heap is empty? Joost-Pieter Katoen Separation Logic Goes 9/68

  13. Verified Software Workshop 2019 Background and Introduction Pointers = Problematic Dereferencing null pointers, aliasing, memory leaks, . . . Joost-Pieter Katoen Separation Logic Goes 10/68

  14. Verified Software Workshop 2019 Background and Introduction Probabilities = Problematic Too “In no other branch of mathematics is it so easy to make mistakes as in probability theory” [Henk Tijms, Understanding Probability, 2004] Joost-Pieter Katoen Separation Logic Goes 11/68

  15. Verified Software Workshop 2019 Background and Introduction Mission Impossible? Not Quite! We will develop a weakest precondition calculus à la Dijkstra that: 1. combines discrete probabilities with pointers Joost-Pieter Katoen Separation Logic Goes 12/68

  16. Verified Software Workshop 2019 Background and Introduction Mission Impossible? Not Quite! We will develop a weakest precondition calculus à la Dijkstra that: 1. combines discrete probabilities with pointers 2. mixes probabilistic choices and unbounded nondeterminism 3. preserves virtually all properties of both: Z separation logic, and Z weakest pre-expectations (aka: quantitative preconditions) though things can easily break in both worlds . . . 4. is applicable to reason about actual randomised algorithms Joost-Pieter Katoen Separation Logic Goes 12/68

  17. Verified Software Workshop 2019 Separation Logic Overview Background and Introduction 1 Separation Logic 2 Probabilistic Weakest Preconditions 3 Quantitative Separation Logic 4 Case Studies 5 Epilogue 6 Joost-Pieter Katoen Separation Logic Goes 13/68

  18. Verified Software Workshop 2019 Separation Logic “The Hoare Logic for Pointers” SEPARATION LOGIC John Reynolds and Peter O’Hearn Joost-Pieter Katoen Separation Logic Goes 14/68

  19. Verified Software Workshop 2019 Separation Logic Heaps Ó“““““““““““““““–““““““““““““““““Œ ⊆ N > 0 States = S = { ( s , h ) ∂ s ⇥ Vars � Z Õ“““““““““““““““““““““““““““““““““““—“““““““““““““““““““““““““““““““““““œ , h ⇥ dom ( h ) � Z } Õ““““““““““““““““““““““““““““““““““““““““““““““—““““““““““““““““““““““““““““““““““““““““““““““œ valuation heap oh is - Joost-Pieter Katoen Separation Logic Goes 15/68

  20. Verified Software Workshop 2019 Separation Logic Deficiency of Hoare Logic: Pointers { P } C { Q } and Mod ( C ) = Vars ( R ) = o { P 0 R } C { Q 0 R } becomes unsound for pointers, e.g., { x ( 0 } Ö x ã ⇥ = 1 { x ( 1 } { x ( 0 0 y ( 0 } Ö x ã ⇥ = 1 { x ( 1 0 y ( 0 } is not valid as y could alias x Joost-Pieter Katoen Separation Logic Goes 16/68

  21. Verified Software Workshop 2019 Separation Logic The Frame Rule { P } C { Q } Mod ( C ) = Vars ( R ) = o and { P ì R } C { Q ì R } for any heap R that is una ff ected by program C . Then: { x ( 0 } Ö x ã ⇥ = 1 { x ( 1 } { x ( 0 ì y ( 0 } Ö x ã ⇥ = 1 { x ( 1 ì y ( 0 } is valid as the separation conjunction excludes aliasing of x and y The frame rule is the key to compositional reasoning. Joost-Pieter Katoen Separation Logic Goes 17/68

  22. Verified Software Workshop 2019 Separation Logic Pointer Programs Heap manipulation commands: x ⇥ = new ( E ) allocation free ( E ) deallocation x ⇥ = Ö E ã lookup Ö E ã ⇥ = E ¨ mutation Operational semantics: u ∈ N > 0 \ dom ( h ) E ( s ) = v and Ö x ⇥ = new ( E ) , s , h ã � Ö term, s [ x / u ] , h B { u ⇥⇥ v } ã E ( s ) = u ∈ dom ( h ) h ( u ) = v and Ö x ⇥ = Ö E ã , s , h ã � Ö term, s [ x / v ] , h ã E ( s ) = u / ∈ dom ( h ) h ( u ) = v and Ö x ⇥ = Ö E ã , s , h ã � Ö fault, s , h ã Joost-Pieter Katoen Separation Logic Goes 18/68

  23. Verified Software Workshop 2019 Separation Logic Elementary SL Formulas ( s , h ) Ï emp i ff dom ( h ) = o ( s , h ) Ï [ x ( y ] i ff dom ( h ) = { s ( x ) } and h ( s ( x )) = s ( y ) - en p - erp 7 Temp emp Joost-Pieter Katoen Separation Logic Goes 19/68

  24. Verified Software Workshop 2019 Separation Logic Separation Conjunction s , h Ï F ì G i ff Ω h 1 , h 2 ⇥ h = h 1 B h 2 and s , h 1 Ï F and s , h 2 Ï G FF I FF to G f- T T For heap h = { 4 ⇥⇥ 7 } B { 7 ⇥⇥ 4 } we have: Joost-Pieter Katoen Separation Logic Goes 20/68 ( ) ( )

  25. Verified Software Workshop 2019 Separation Logic Separation Implication º h ¨ ⇥ � h # h ¨ and s , h ¨ Ï F ⌥ implies s , h B h ¨ Ï G s , h Ï F — i ff ì G Adjointness of ì and — ì : ' •ammmBaBaammaaga*am£ ( F ì G ) � R i ff G � ( F — ì R ) * Modus ponens: . F ì ( F — ì G ) � G Joost-Pieter Katoen Separation Logic Goes 21/68

  26. Verified Software Workshop 2019 Separation Logic Separation Implication º h ¨ ⇥ � h # h ¨ and s , h ¨ Ï F ⌥ implies s , h B h ¨ Ï G s , h Ï F — i ff ì G ⇐ of : If Adjointness of ì and — ì : F f- f- F ( F ì G ) � R i ff G � ( F — ì R ) to Modus ponens: F ì ( F — ì G ) � G Joost-Pieter Katoen Separation Logic Goes 21/68

  27. Verified Software Workshop 2019 Separation Logic Example SL Proof Joost-Pieter Katoen Separation Logic Goes 22/68

  28. Verified Software Workshop 2019 Probabilistic Weakest Preconditions Overview Background and Introduction 1 Separation Logic 2 Probabilistic Weakest Preconditions 3 Quantitative Separation Logic 4 Case Studies 5 Epilogue 6 Joost-Pieter Katoen Separation Logic Goes 23/68

  29. Verified Software Workshop 2019 Probabilistic Weakest Preconditions “Dijkstra’s Weakest Preconditions Go Random” WEAKEST PRE-EXPECTATIONS Dexter Kozen, Annabelle McIver, and Carroll Morgan Joost-Pieter Katoen Separation Logic Goes 24/68

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Hoare logic separation logic. We looked at the concepts separation logic is based on, the new

Introduction In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing Hoare logic separation logic. We looked at the concepts separation logic is based on, the new assertions that

396 views • 14 slides
Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio

Extending propositional separation logic for robustness properties of separation logic Alessio Mansutti LSV, CNRS, ENS Paris-Saclay Paris - April 2019 What we will see An extension of propositional separation logic that can express some

569 views • 42 slides
Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS)

Tutorial on separation logic Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) Dagstuhl, 2015-11-02 Plan for the talk Talk outline Motivation Basic separation logic Concurrent separation logic Frame inference

597 views • 21 slides
Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms

Temporary Read-Only Permissions for Separation Logic Making Separation Logics Small Axioms Smaller Arthur Charguraud Franois Pottier LTP meeting Saclay, November 28, 2016 Motivation More Motivation Separation Logic with Read-Only

441 views • 27 slides
Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008

Separation Logic, Abstraction and Inheritance M. Parkinson, G. Bierman, in Proc. POPL , 2008 Timothe Martiel Research Topics in Software Engineering 1 / 19 Outline 1 From Separation Logic to Inheritance 2 Beyond Separation Logic 3 What About

553 views • 24 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Logic Summer School, ANU, 7 December 2015 1/ 19

789 views • 63 slides
Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St

Internal calculi for Separation Logic ephane Demri 1 Etienne Lozes 2 Alessio Mansutti 1 St January 14, 2020 1 LSV, CNRS, ENS Paris-Saclay 2 I3S, Universit e C ote dAzur Separation Logic 99 Logic of Bunched Implication ( BI ) [P.

310 views • 27 slides
Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model

CS6202: Advanced Topics in Programming Languages and Systems Lecture 8/9 : Separation Logic Overview Assertion Logic Semantic Model Hoare-style Inference Rules Specification and Annotations Linked List and Segments

1.02k views • 76 slides
Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max

Undecidability of propositional separation logic and its neighbours James Brotherston 1 and Max Kanovich 2 1 Imperial College London 2 Queen Mary University of London LICS-25, University of Edinburgh, 12 July 2010 Separation logic (Reynolds,

1.11k views • 31 slides
Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis

Biabduction (and Related Problems) in Array Separation Logic James Brotherston 1 Nikos Gorogiannis 2 Max Kanovich 1 1 UCL 2 Middlesex University University of Vienna, 14 Mar 2017 1/ 19 Compositional proofs in separation logic (1) Separation

1.14k views • 91 slides
Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri

Separation logic and fragments: from expressive power to decision procedures St ephane Demri CNRS Marie Curie Fellow Yorktown Heights, March 2015 In Memoriam: Morgan Deters 2 Overview Separation Logic in a Nutshell 1 2 Expressive

915 views • 55 slides
An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and

An introduction to separation logic James Brotherston Programming Principles, Logic and Verification Group Dept. of Computer Science University College London, UK J.Brotherston@ucl.ac.uk Oracle Labs, Brisbane, 4 December 2015 1/ 19

291 views • 27 slides
Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview

CS6202: Advanced Topics in Programming Hoare Logic Hoare Logic Languages and Systems Lecture 8/9 : Separation Logic Can handle reasoning of imperative programs well. Overview Notation : {P} code {Q} Assertion Logic {P}

557 views • 19 slides
Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa,

Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa,

Reasoning over Permissions Regions in Concurrent Separation Logic James Brotherston, Diana Costa, Aquinas Hobor and John Wickerson IRIS Day OScience, Coronavirus Lockdown Edition Tuesday 7th April, 2020 1/ 13 Concurrent separation logic (

164 views • 13 slides
On Temporal and Separation Logics St ephane Demri CNRS, LSV, ENS Paris-Saclay TIME18

On Temporal and Separation Logics St ephane Demri CNRS, LSV, ENS Paris-Saclay TIME18

On Temporal and Separation Logics St ephane Demri CNRS, LSV, ENS Paris-Saclay TIME18 Warsaw, October 2018 The blossom of separation logics Separation logic: extension of Hoare-Floyd logic for (concurrent) programs with mutable data

642 views • 48 slides
Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics

Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics

Charge! a framework for higher-order separation logic in Coq Lars Birkedal Logic and Semantics Group Dept. of Comp. Science, Aarhus University (Joint work with J. Bengtson, J.B. Jensen, H. Mehnert, P . Sestoft, F . Sieczkowski) April 2013

499 views • 34 slides
COL106: Data Structures and Algorithms Ragesh Jaiswal, IIT Delhi Ragesh Jaiswal, IIT Delhi

COL106: Data Structures and Algorithms Ragesh Jaiswal, IIT Delhi Ragesh Jaiswal, IIT Delhi

COL106: Data Structures and Algorithms Ragesh Jaiswal, IIT Delhi Ragesh Jaiswal, IIT Delhi COL106: Data Structures and Algorithms Data Structures Multiway Search Trees (2,4)-Trees Definition ((2-4)-Tree) A (2, 4)-Tree is a multiway search

535 views • 22 slides
L a b d e a d l i n e s I f y o u ' v e m i s s e d t h e fj n a l

L a b d e a d l i n e s I f y o u ' v e m i s s e d t h e fj n a l

L a b d e a d l i n e s I f y o u ' v e m i s s e d t h e fj n a l d e a d l i n e f o r a l a b , d o n ' t p a n i c ! O n J u n e t h e 6 ( M o n d a y a f t e r t

625 views • 23 slides
Data Structures Splay Tree &amp; Graph Virendra Singh Associate Professor Computer Architecture

Data Structures Splay Tree &amp; Graph Virendra Singh Associate Professor Computer Architecture

Data Structures Splay Tree &amp; Graph Virendra Singh Associate Professor Computer Architecture and Dependable Systems Lab Department of Electrical Engineering Indian Institute of Technology Bombay http://www.ee.iitb.ac.in/~viren/ E-mail:

575 views • 39 slides
For Friday Finish Weiss, chapter 4 Program 2 due by Thursday at 11pm Programming

For Friday Finish Weiss, chapter 4 Program 2 due by Thursday at 11pm Programming

For Friday Finish Weiss, chapter 4 Program 2 due by Thursday at 11pm Programming Assignment 2 Any questions? Splay Trees Interested in the cost of a sequence of search operations rather than the cost of a single search. We

97 views • 6 slides
Pairing Heaps CS 261 Oregon State University Heaps Heap is a great data structure Any

Pairing Heaps CS 261 Oregon State University Heaps Heap is a great data structure Any

Pairing Heaps CS 261 Oregon State University Heaps Heap is a great data structure Any chance to make it even better? Seeking an O(1) addition How do we obtain O(1) addition? Answer: only change the location of the root How to

464 views • 17 slides
Ice Quay and Breakwater Quay Extensions 7pm 5 th November 2020 Welcome Please turn-off

Ice Quay and Breakwater Quay Extensions 7pm 5 th November 2020 Welcome Please turn-off

Ice Quay and Breakwater Quay Extensions 7pm 5 th November 2020 Welcome Please turn-off your camera and mute your microphone. This meeting is being recorded so that it can be placed on the website after the event. If you would like

434 views • 26 slides
Efficient Local Search Application Examples Graph Coloring Traveling Salesman Problem Single

Efficient Local Search Application Examples Graph Coloring Traveling Salesman Problem Single

Outline DM811 HEURISTICS AND LOCAL SEARCH ALGORITHMS FOR COMBINATORIAL OPTIMZATION Lecture 8 1. Efficient Local Search Efficiency vs Effectiveness Efficient Local Search Application Examples Graph Coloring Traveling Salesman Problem

555 views • 7 slides
Chimera-like states in two interacting populations of heterogeneous quadratic integrate-and-fire

Chimera-like states in two interacting populations of heterogeneous quadratic integrate-and-fire

Chimera-like states in two interacting populations of heterogeneous quadratic integrate-and-fire neurons Irmantas Ratas, Kstutis Pyragas Center for Physical Sciences and Technology, Lithuania Loughborough 2018 09 04 irmantas.ratas@gmail.com

389 views • 20 slides

More recommend