A separation logic framework for HOL

Separation Logic as introduced by Calcagno, O’Hearn, and Yang [7] is the foun- dation of the separation logic framework in HOL4. In the following, this foundation will be described. 3.2.1 States and Predicates on States As the name suggests, Abstract Separation Logic is an abstract version of separation logic. It abstracts from both the concrete specification and the concrete programming 62 CHAPTER 3. THEORETICAL FOUNDATION AND IMPLEMENTATION language. The programming language of Abstract Separation Logic manipulates some abstract states, the specification language is based on predicates on these states. 3.2.1.1 Separation Combinators Since nothing is known about these states, a partial function , called the separation combinator, is used to combine states and define whether two states are separate. Definition 3.2.1 (Separation Combinator (HOL4-Thm 217)). A separation combinator on a set of states Σ is a partially defined function : Σ Σ a Σ that satisfies the following properties: • is partially associative, i. e. s1, s2, s3. Definedps1 ps2 s3qq Definedpps1 s2q s3q ^ s1, s2, s3. Definedps1 ps2 s3qq un ps1 ps2 s3q ps1 s2q s3q • is partially commutative, i. e. s1, s2. Definedps1 s2q Definedps2 s1q ^ s1, s2. Definedps1 s2q un ps1 s2 s2 s1q • is partially cancellative, i. e. s1, s2, s3. Definedps1 s2q ^ Definedps1 s3q ^ ps1 s2 s1 s3q un ps2 s3q • for all states s P Σ there exists a neutral element us P Σ with us s s HOL4 remark 3.2.2. HOL4 supports only total functions. In order to formalise separation combinators, which are only partially defined, option-types are used. The value NONE is used to model undefined, whereas SOME(x) represents the defined value x. Definition 3.2.3 (Separateness, Substates, Superstates (HOL4-Thms 132, 133)). The definition of separation combinators induces notions of separateness (#), substates ( ) and superstates (©). s1 # s2 iff s1 s2 is defined s1 s3 iff Ds2. s3 s1 s2 s3 © s1 iff s1 s3

[1]  Peter W. O'Hearn,et al.  Smallfoot: Modular Automatic Assertion Checking with Separation Logic , 2005, FMCO.

[2]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[3]  Adam Chlipala,et al.  Effective interactive proofs for higher-order imperative programs , 2009, ICFP.

[4]  Rafal Kolanski,et al.  Types, Maps and Separation Logic , 2009, TPHOLs.

[5]  Xavier Leroy,et al.  Formal certification of a compiler back-end or: programming a compiler with a proof assistant , 2006, POPL '06.

[6]  Richard Bornat,et al.  Variables as Resource in Hoare Logics , 2006, 21st Annual IEEE Symposium on Logic in Computer Science (LICS'06).

[7]  Lawrence Charles Paulson,et al.  ML for the working programmer , 1991 .

[8]  Viktor Vafeiadis,et al.  A Marriage of Rely/Guarantee and Separation Logic , 2007, CONCUR.

[9]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[10]  Frank Piessens,et al.  The VeriFast program verifier , 2008 .

[11]  Peter W. O'Hearn,et al.  Permission accounting in separation logic , 2005, POPL '05.

[12]  Lawrence C. Paulson,et al.  ML for the working programmer (2. ed.) , 1996 .

[13]  Frank Piessens,et al.  A Quick Tour of the VeriFast Program Verifier , 2010, APLAS.

[14]  Peter W. O'Hearn,et al.  BI as an assertion language for mutable data structures , 2001, POPL '01.

[15]  Stephen Brookes A semantics for concurrent separation logic , 2007, Theor. Comput. Sci..

[16]  Matthew J. Parkinson,et al.  jStar: towards practical verification for java , 2008, OOPSLA.

[17]  Peter W. O'Hearn,et al.  Compositional Shape Analysis by Means of Bi-Abduction , 2011, JACM.

[18]  Michael Norrish,et al.  A Brief Overview of HOL4 , 2008, TPHOLs.

[19]  Michael Norrish,et al.  Types, bytes, and separation logic , 2007, POPL '07.

[20]  Michael Norrish A formal semantics for c , 2007 .

[21]  Tobias Nipkow,et al.  Isabelle/HOL , 2002, Lecture Notes in Computer Science.

[22]  E. Clarke,et al.  Inferring Invariants in Separation Logic for Imperative List-processing Programs , 2005 .

[23]  Alexey Gotsman,et al.  Local Reasoning for Storable Locks and Threads , 2007, APLAS.

[24]  Xinyu Feng,et al.  Deny-Guarantee Reasoning , 2009, ESOP.

[25]  Peter W. O'Hearn,et al.  Local Reasoning about Programs that Alter Data Structures , 2001, CSL.

[26]  Peter W. O'Hearn,et al.  Local Action and Abstract Separation Logic , 2007, 22nd Annual IEEE Symposium on Logic in Computer Science (LICS 2007).

[27]  Nicolas Marti,et al.  Towards Formal Verication of Memory Properties using Separation Logic , 2005 .

[28]  Andrew McCreight,et al.  Practical Tactics for Separation Logic , 2009, TPHOLs.

[29]  Andrew W. Appel,et al.  Separation Logic for Small-Step cminor , 2007, TPHOLs.

[30]  Peter W. O'Hearn,et al.  A Local Shape Analysis Based on Separation Logic , 2006, TACAS.

[31]  Tjark Weber Towards Mechanized Program Verification with Separation Logic , 2004, CSL.

[32]  Wei-Ngan Chin,et al.  Enhancing Program Verification with Lemmas , 2008, CAV.

[33]  Peter W. O'Hearn,et al.  Symbolic Execution with Separation Logic , 2005, APLAS.

[34]  Eric C. R. Hehner Specified Blocks , 2005, VSTTE.

[35]  Andrew Ireland,et al.  Cooperative Reasoning for Automatic Software Verification 2 , 2008 .