Amortised resource analysis with separation logic

Type-based amortised resource analysis following Hofmann and Jost—where resources are associated with individual elements of data structures and doled out to the programmer under a linear typing discipline—have been successful in providing concrete resource bounds for functional programs, with good support for inference. In this work we translate the idea of amortised resource analysis to imperative languages by embedding a logic of resources, based on Bunched Implications, within Separation Logic. The Separation Logic component allows us to assert the presence and shape of mutable data structures on the heap, while the resource component allows us to state the resources associated with each member of the structure. We present the logic on a small imperative language with procedures and mutable heap, based on Java bytecode. We have formalised the logic within the Coq proof assistant and extracted a certified verification condition generator. We demonstrate the logic on some examples, including proving termination of in-place list reversal on lists with cyclic tails

On Automated Lemma Generation for Separation Logic with Inductive Definitions

Separation Logic with inductive definitions is a well-known approach for deductive verification of programs that manipulate dynamic data structures. Deciding verification conditions in this context is usually based on user-provided lemmas relating the inductive definitions. We propose a novel approach for generating these lemmas automatically which is based on simple syntactic criteria and deterministic strategies for applying them. Our approach focuses on iterative programs, although it can be applied to recursive programs as well, and specifications that describe not only the shape of the data structures, but also their content or their size. Empirically, we find that our approach is powerful enough to deal with sophisticated benchmarks, e.g., iterative procedures for searching, inserting, or deleting elements in sorted lists, binary search tress, red-black trees, and AVL trees, in a very efficient way

Extracting Proofs from Tabled Proof Search

We consider the problem of model checking specifications involving co-inductive definitions such as are available for bisimulation. A proof search approach to model checking with such specifications often involves state exploration. We consider four different tabling strategies that can minimize such exploration significantly. In general, tabling involves storing previously proved subgoals and reusing (instead of reproving) them in proof search. In the case of co-inductive proof search, tables allow a limited form of loop checking, which is often necessary for, say, checking bisimulation of non-terminating processes. We enhance the notion of tabled proof search by allowing a limited deduction from tabled entries when performing table lookup. The main problem with this enhanced tabling method is that it is generally unsound when co-inductive definitions are involved and when tabled entries contain unproved entries. We design a proof system with tables and show that by managing tabled entries carefully, one would still be able to obtain a sound proof system. That is, we show how one can extract a post-fixed point from a tabled proof for a co-inductive goal. We then apply this idea to the technique of bisimulation ''up-to'' commonly used in process algebra

Biabduction (and related problems) in array separation logic

We investigate array separation logic (\mathsf {ASL}), a variant of symbolic-heap separation logic in which the data structures are either pointers or arrays, i.e., contiguous blocks of memory. This logic provides a language for compositional memory safety proofs of array programs. We focus on the biabduction problem for this logic, which has been established as the key to automatic specification inference at the industrial scale. We present an \mathsf {NP} decision procedure for biabduction in \mathsf {ASL}, and we also show that the problem of finding a consistent solution is \mathsf {NP}-hard. Along the way, we study satisfiability and entailment in \mathsf {ASL}, giving decision procedures and complexity bounds for both problems. We show satisfiability to be \mathsf {NP}-complete, and entailment to be decidable with high complexity. The surprising fact that biabduction is simpler than entailment is due to the fact that, as we show, the element of choice over biabduction solutions enables us to dramatically reduce the search space

Optimal functional outcome measures for assessing treatment for Dupuytren's disease: A systematic review and recommendations for future practice

This article is available through the Brunel Open Access Publishing Fund. Copyright © 2013 Ball et al.; licensee BioMed Central Ltd.Background: Dupuytren's disease of the hand is a common condition affecting the palmar fascia, resulting in progressive flexion deformities of the digits and hence limitation of hand function. The optimal treatment remains unclear as outcomes studies have used a variety of measures for assessment. Methods: A literature search was performed for all publications describing surgical treatment, percutaneous needle aponeurotomy or collagenase injection for primary or recurrent Dupuytren’s disease where outcomes had been monitored using functional measures. Results: Ninety-one studies met the inclusion criteria. Twenty-two studies reported outcomes using patient reported outcome measures (PROMs) ranging from validated questionnaires to self-reported measures for return to work and self-rated disability. The Disability of Arm, Shoulder and Hand (DASH) score was the most utilised patient-reported function measure (n=11). Patient satisfaction was reported by eighteen studies but no single method was used consistently. Range of movement was the most frequent physical measure and was reported in all 91 studies. However, the methods of measurement and reporting varied, with seventeen different techniques being used. Other physical measures included grip and pinch strength and sensibility, again with variations in measurement protocols. The mean follow-up time ranged from 2 weeks to 17 years. Conclusions: There is little consistency in the reporting of outcomes for interventions in patients with Dupuytren’s disease, making it impossible to compare the efficacy of different treatment modalities. Although there are limitations to the existing generic patient reported outcomes measures, a combination of these together with a disease-specific questionnaire, and physical measures of active and passive individual joint Range of movement (ROM), grip and sensibility using standardised protocols should be used for future outcomes studies. As Dupuytren’s disease tends to recur following treatment as well as extend to involve other areas of the hand, follow-up times should be standardised and designed to capture both short and long term outcomes