9,664 research outputs found

    Semi-automatic Proofs about Object Graphs in Separation Logic

    Get PDF
    Published correctness proofs of garbage collectors in separationlogic to date depend on extensive manual, interactive formulamanipulations. This paper shows that the approach of symbolicexecution in separation logic, as first developed by Smallfoot,also encompasses reasoning about object graphs given by the reachabilityof objects. This approach yields semi-automatic proofs oftwo central garbage collection algorithms: Schorr-Waite graph marking and Cheney's collector. Our framework is developed as a conservativeextension of Isabelle/HOL. Our verification environment re-uses theSimpl framework for classical Hoare logic

    Sound Automation of Magic Wands (extended version)

    Full text link
    The magic wand  ⁣ ⁣\mathbin{-\!\!*} (also called separating implication) is a separation logic connective commonly used to specify properties of partial data structures, for instance during iterative traversals. A footprint of a magic wand formula A ⁣ ⁣BA \mathbin{-\!\!*} B is a state that, combined with any state in which AA holds, yields a state in which BB holds. The key challenge of proving a magic wand (also called packaging a wand) is to find such a footprint. Existing package algorithms either have a high annotation overhead or, as we show in this paper, are unsound. We present a formal framework that precisely characterises a wide design space of possible package algorithms applicable to a large class of separation logics. We prove in Isabelle/HOL that our formal framework is sound and complete, and use it to develop a novel package algorithm that offers competitive automation and is sound. Moreover, we present a novel, restricted definition of wands and prove in Isabelle/HOL that it is possible to soundly combine fractions of such wands, which is not the case for arbitrary wands. We have implemented our techniques for the Viper language, and demonstrate that they are effective in practice.Comment: Extended version of CAV 2022 publicatio

    Verification of programs in virtual memory using separation logic

    Full text link
    Formal reasoning about programs executing in virtual memory is a difficult problem, as it is an environment in which writing to memory can change its layout. At the same time, correctly reasoning about virtual memory is essential to operating system verification, a field we are very much interested in. Current approaches rely on entering special modes or making high-level assertions about the nature of virtual memory which may or may not be correct. In this thesis, we examine the problems created by virtual memory and develop a unified view of memory, both physical and virtual, based on separation logic. We first develop this model for a simple programming language on a simplified architecture with a one-level page table, taking care to prove it constitutes a separation logic. We then extend the framework to deal with low-level C programs executing in a virtual memory environment of the ARMv6 architecture with a two-level page table. We perform two case studies involving mapping in of a new page into the current address space: first for the simple version of our logic, and finally for our full framework. The case studies demonstrate that separation logic style modular reasoning via the frame rule can be used in a unified model which encompasses virtual memory, even in the presence of page table writes. To our knowledge, we present the first model offering a unified view of virtual and physical memory, the first separation logic involving an address translation mechanism, as well as the first published model of a functional subset of ARM memory management unit. Our memory models, framework, proofs and all results are formalised in the Isabelle/HOL interactive theorem prover

    A Logic-Independent IDE

    Full text link
    The author's MMT system provides a framework for defining and implementing logical systems. By combining MMT with the jEdit text editor, we obtain a logic-independent IDE. The IDE functionality includes advanced features such as context-sensitive auto-completion, search, and change management.Comment: In Proceedings UITP 2014, arXiv:1410.785
    corecore