Separation Logic Contracts for a Java-Like Language with Fork/Join

We adapt a variant of permission-accounting separation logic to a concurrent Java-like language with fork/join. To support both concurrent reads and information hiding, we combine fractional permissions with abstract predicates. As an example, we present a separation logic contract for iterators that prevents data races and concurrent modifications. Our program logic is presented in an algorithmic style: we avoid structural rules for Hoare triples and formalize logical reasoning about typed heaps by natural deduction rules and a set of sound axioms. We show that verified programs satisfy the following properties: data race freedom, absence of null-dereferences and partial correctness.

[1]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[2]  Yang Zhao,et al.  Iterators can be Independent “ from ” Their Collections , 2007 .

[3]  Peter W. O'Hearn,et al.  The Logic of Bunched Implications , 1999, Bulletin of Symbolic Logic.

[4]  Jean-Louis Lanet,et al.  Enforcing High-Level Security Properties for Applets , 2004, CARDIS.

[5]  Peter W. O'Hearn,et al.  BI as an assertion language for mutable data structures , 2001, POPL '01.

[6]  Stephen D. Brookes,et al.  Variables as Resource for Shared-Memory Programs: Semantics and Soundness , 2006, MFPS.

[7]  K. Rustan M. Leino,et al.  Verification of Object-Oriented Programs with Invariants , 2003, J. Object Technol..

[8]  Frank Piessens,et al.  A Statically Verifiable Programming Model for Concurrent Object-Oriented Programs , 2006, ICFEM.

[9]  Albert L. Baker,et al.  Preliminary design of JML: a behavioral interface specification language for java , 2006, SOEN.

[10]  Neelakantan R. Krishnaswami,et al.  Reasoning about iterators with separation logic , 2006, SAVCBS '06.

[11]  Christian Haack,et al.  Resource Usage Protocols for Iterators , 2009, J. Object Technol..

[12]  Robert DeLine,et al.  Typestates for Objects , 2004, ECOOP.

[13]  G. Glauberman Proof of Theorem A , 1977 .

[14]  Alan Burns,et al.  Concurrent programming , 1980, Operating Systems Engineering.

[15]  John Tang Boyland Semantics of fractional permissions with nesting , 2010, TOPL.

[16]  Peter W. O'Hearn,et al.  Resources, concurrency, and local reasoning , 2007 .

[17]  Martin C. Rinard,et al.  ACM Conference on Object-Oriented Programming, Systems, Languages and Applications (OOPSLA), November 2002 Ownership Types for Safe Programming: Preventing Data Races and Deadlocks , 2022 .

[18]  Hongseok Yang,et al.  An Example of Local Reasoning in BI Pointer Logic: the Schorr−Waite Graph Marking Algorithm , 2001 .

[19]  David Walker,et al.  Alias Types , 2000, ESOP.

[20]  David Walker,et al.  Typed memory management in a calculus of capabilities , 1999, POPL '99.

[21]  Alexey Gotsman,et al.  Local Reasoning for Storable Locks and Threads , 2007, APLAS.

[22]  Peter W. O'Hearn,et al.  Smallfoot: Modular Automatic Assertion Checking with Separation Logic , 2005, FMCO.

[23]  Matthew J. Parkinson,et al.  Local reasoning for Java , 2005 .

[24]  Michael D. Ernst,et al.  An overview of JML tools and applications , 2003, Electron. Notes Theor. Comput. Sci..

[25]  Gilles Dowek,et al.  Principles of programming languages , 1981, Prentice Hall International Series in Computer Science.

[26]  John C. Reynolds Toward a Grainless Semantics for Shared-Variable Concurrency , 2004, FSTTCS.

[27]  Andrew W. Appel,et al.  Separation Logic for Small-Step cminor , 2007, TPHOLs.

[28]  John Tang Boyland,et al.  Checking Interference with Fractional Permissions , 2003, SAS.

[29]  J. Girard,et al.  Advances in Linear Logic , 1995 .

[30]  K. Rustan M. Leino,et al.  Data groups: specifying the modification of extended state , 1998, OOPSLA '98.

[31]  Robert DeLine,et al.  Enforcing high-level protocols in low-level software , 2001, PLDI '01.

[32]  Peter W. O'Hearn,et al.  A Local Shape Analysis Based on Separation Logic , 2006, TACAS.

[33]  Peter W. O'Hearn,et al.  Resources, Concurrency and Local Reasoning , 2004, CONCUR.

[34]  Shengchao Qin,et al.  Enhancing modular OO verification with separation logic , 2008, POPL '08.

[35]  John Tang Boyland,et al.  Connecting effects and uniqueness with adoption , 2005, POPL '05.

[36]  Philip Wadler,et al.  Featherweight Java: a minimal core calculus for Java and GJ , 2001, TOPL.

[37]  Jean-Yves Girard,et al.  Linear logic: its syntax and semantics , 1995 .

[38]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[39]  Jonathan Aldrich,et al.  Modular typestate checking of aliased objects , 2007, OOPSLA.

[40]  Jonathan Aldrich,et al.  Modular Typestate Verification of Aliased Objects , 2007 .

[41]  Stephen D. Brookes,et al.  A Semantics for Concurrent Separation Logic , 2004, CONCUR.

[42]  Peter W. O'Hearn,et al.  Permission accounting in separation logic , 2005, POPL '05.

[43]  Martín Abadi,et al.  Types for safe locking: Static race detection for Java , 2006, TOPL.

[44]  Gavin M. Bierman,et al.  Separation logic, abstraction and inheritance , 2008, POPL '08.

[45]  Philip Wadler,et al.  A Taste of Linear Logic , 1993, MFCS.

[46]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[47]  Gavin M. Bierman,et al.  Separation logic and abstraction , 2005, POPL '05.

[48]  Jeremy Manson,et al.  The Java memory model , 2005, POPL '05.

[49]  Doug Lea,et al.  Concurrent programming in Java - design principles and patterns , 1996, Java series.

[50]  Peter W. O'Hearn,et al.  Separation and information hiding , 2004, POPL.