Separation Logic Modulo Theories

Logical reasoning about program data often requires dealing with heap structures as well as scalar data types. Recent advances in Satisfiability Modular Theory (SMT) already offer efficient procedures for dealing with scalars, yet they lack any support for dealing with heap structures. In this paper, we present an approach that integrates Separation Logic---a prominent logic for reasoning about list segments on the heap---and SMT. We follow a model-based approach that communicates aliasing among heap cells between the SMT solver and the Separation Logic reasoning part. An experimental evaluation using the Z3 solver indicates that our approach can effectively put to work the advances in SMT for dealing with heap structures. This is the first decision procedure for the combination of separation logic with SMT theories.Comment: 16 page

Spatial Interpolants

We propose Splinter, a new technique for proving properties of heap-manipulating programs that marries (1) a new separation logic-based analysis for heap reasoning with (2) an interpolation-based technique for refining heap-shape invariants with data invariants. Splinter is property directed, precise, and produces counterexample traces when a property does not hold. Using the novel notion of spatial interpolants modulo theories, Splinter can infer complex invariants over general recursive predicates, e.g., of the form all elements in a linked list are even or a binary tree is sorted. Furthermore, we treat interpolation as a black box, which gives us the freedom to encode data manipulation in any suitable theory for a given program (e.g., bit vectors, arrays, or linear arithmetic), so that our technique immediately benefits from any future advances in SMT solving and interpolation.Comment: Short version published in ESOP 201

On Deciding Local Theory Extensions via E-matching

Satisfiability Modulo Theories (SMT) solvers incorporate decision procedures for theories of data types that commonly occur in software. This makes them important tools for automating verification problems. A limitation frequently encountered is that verification problems are often not fully expressible in the theories supported natively by the solvers. Many solvers allow the specification of application-specific theories as quantified axioms, but their handling is incomplete outside of narrow special cases. In this work, we show how SMT solvers can be used to obtain complete decision procedures for local theory extensions, an important class of theories that are decidable using finite instantiation of axioms. We present an algorithm that uses E-matching to generate instances incrementally during the search, significantly reducing the number of generated instances compared to eager instantiation strategies. We have used two SMT solvers to implement this algorithm and conducted an extensive experimental evaluation on benchmarks derived from verification conditions for heap-manipulating programs. We believe that our results are of interest to both the users of SMT solvers as well as their developers

Aftermath Of The Nothing

This article consists in two parts that are complementary and autonomous at the same time. In the first one, we develop some surprising consequences of the introduction of a new constant called Lambda in order to represent the object ``nothing" or ``void" into a standard set theory. On a conceptual level, it allows to see sets in a new light and to give a legitimacy to the empty set. On a technical level, it leads to a relative resolution of the anomaly of the intersection of a family free of sets. In the second part, we show the interest of introducing an operator of potentiality into a standard set theory. Among other results, this operator allows to prove the existence of a hierarchy of empty sets and to propose a solution to the puzzle of "ubiquity" of the empty set. Both theories are presented with equi-consistency results (model and interpretation). Here is a declaration of intent : in each case, the starting point is a conceptual questionning; the technical tools come in a second time\\[0.4cm] \textbf{Keywords:} nothing, void, empty set, null-class, zero-order logic with quantifiers, potential, effective, empty set, ubiquity, hierarchy, equality, equality by the bottom, identity, identification