Separation Logic Modulo Theories

Logical reasoning about program behaviours often requires dealing with heap structures as well as scalar data types. Advances in Satisfiability Modulo Theories (SMT) offer efficient procedures for dealing with scalar values, yet they lack expressive support for dealing with heap structures. In this paper, we present an approach that integrates separation logic—a prominent logic for reasoning about linked data structures on the heap—and existing SMT solving technology. Our model-based approach communicates heap aliasing information between theory and separation logic reasoning, providing an efficient decision procedure for discharging verification conditions in program analysis and verification.

[1]  Wolfram Schulte,et al.  Separation Logic Verification of C Programs with an SMT Solver , 2009, Electron. Notes Theor. Comput. Sci..

[2]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[3]  Roberto Bruttomesso,et al.  The MathSAT 4SMT Solver , 2008, CAV.

[4]  Matthew J. Parkinson,et al.  jStar: towards practical verification for java , 2008, OOPSLA.

[5]  Peter W. O'Hearn,et al.  Symbolic Execution with Separation Logic , 2005, APLAS.

[6]  Peter W. O'Hearn,et al.  Shape Analysis for Composite Data Structures , 2007, CAV.

[7]  Nikolaj Bjørner,et al.  Model-based Theory Combination , 2008, SMT@CAV.

[8]  Joël Ouaknine,et al.  Tractable Reasoning in a Fragment of Separation Logic , 2011, CONCUR.

[9]  Greg Nelson,et al.  Simplification by Cooperating Decision Procedures , 1979, TOPL.

[10]  Peter W. O'Hearn,et al.  A Decidable Fragment of Separation Logic , 2004, FSTTCS.

[11]  Shengchao Qin,et al.  Automated Verification of Shape, Size and Bag Properties , 2007, ICECCS.

[12]  David Detlefs,et al.  Simplify: a theorem prover for program checking , 2005, JACM.

[13]  Patrick Cousot,et al.  The Reduced Product of Abstract Domains and the Combination of Decision Procedures , 2011, FoSSaCS.

[14]  Peter W. O'Hearn,et al.  A Local Shape Analysis Based on Separation Logic , 2006, TACAS.

[15]  Andrey Rybalchenko,et al.  Separation logic + superposition calculus = heap theorem prover , 2011, PLDI '11.

[16]  L. D. Moura,et al.  The YICES SMT Solver , 2006 .

[17]  Albert Rubio,et al.  Paramodulation-Based Theorem Proving , 2001, Handbook of Automated Reasoning.

[18]  Andrew W. Appel,et al.  A Fresh Look at Separation Algebras and Share Accounting , 2009, APLAS.

[19]  Peter W. O'Hearn,et al.  Scalable Shape Analysis for Systems Code , 2008, CAV.

[20]  Peter W. O'Hearn,et al.  Compositional Shape Analysis by Means of Bi-Abduction , 2011, JACM.

[21]  Radu Iosif,et al.  The Tree Width of Separation Logic with Recursive Definitions , 2013, CADE.

[22]  Peter W. O'Hearn,et al.  Smallfoot: Modular Automatic Assertion Checking with Separation Logic , 2005, FMCO.

[23]  Joël Ouaknine,et al.  SeLoger: A Tool for Graph-Based Reasoning in Separation Logic , 2013, CAV.

[24]  Ruzica Piskac,et al.  Automating Separation Logic Using SMT , 2013, CAV.

[25]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[26]  Hongseok Yang,et al.  An Example of Local Reasoning in BI Pointer Logic: the Schorr−Waite Graph Marking Algorithm , 2001 .

[27]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[28]  Lars Birkedal,et al.  Ynot: dependent types for imperative programs , 2008, ICFP 2008.