Results 1  10
of
14
Unifying Refinement and HoareStyle Reasoning in a Logic for HigherOrder Concurrency (Technical Appendix)
, 2013
"... Note: This online appendix contains a few minor typo corrections found after submission. It also contains a more significant correction to the Flat Combining case study. The original submission contained a lastminute simplification of the protocol that turned out not to be sound. This updated appen ..."
Abstract

Cited by 19 (4 self)
 Add to MetaCart
(Show Context)
Note: This online appendix contains a few minor typo corrections found after submission. It also contains a more significant correction to the Flat Combining case study. The original submission contained a lastminute simplification of the protocol that turned out not to be sound. This updated appendix (and the updated paper available at
Fictional Separation Logic
"... Separation logic formalizes the idea of local reasoning for heapmanipulating programs via the frame rule and the separating conjunction P ∗ Q, which describes states that can be split into separate parts, with one satisfying P and the other satisfying Q. In standard separation logic, separation m ..."
Abstract

Cited by 14 (4 self)
 Add to MetaCart
Separation logic formalizes the idea of local reasoning for heapmanipulating programs via the frame rule and the separating conjunction P ∗ Q, which describes states that can be split into separate parts, with one satisfying P and the other satisfying Q. In standard separation logic, separation means physical separation. In this paper, we introduce fictional separation logic, which includes more general forms of fictional separating conjunctions P ∗ Q, where ∗ does not require physical separation, but may also be used in situations where the memory resources described by P and Q overlap. We demonstrate, via a range of examples, how fictional separation logic can be used to reason locally and modularly about mutable abstract data types, possibly implemented using sophisticated sharing. Fictional separation logic is defined on top of standard separation logic, and both the metatheory and the application of the logic is much simpler than earlier related approaches.
Modular Reasoning about Separation of Concurrent Data Structures
"... Abstract. In a concurrent setting, the usage protocol of standard separation logic specifications are not refinable by clients, because standard specifications abstract all information about potential interleavings. This breaks modularity, as libraries cannot be verified in isolation, since the appr ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
Abstract. In a concurrent setting, the usage protocol of standard separation logic specifications are not refinable by clients, because standard specifications abstract all information about potential interleavings. This breaks modularity, as libraries cannot be verified in isolation, since the appropriate specification depends on how clients intend to use the library. In this paper we propose a new logic and a new style of specification for threadsafe concurrent data structures. Our specifications allow clients to refine usage protocols and associate ownership of additional resources with instances of these data structures. 1
Charge! A framework for higherorder separation logic in Coq
"... We present a comprehensive set of tactics for working with a shallow embedding of a higherorder separation logic for a subset of Java in Coq. The tactics make it possible to reason at a level of abstraction similar to penandpaper separationlogic proof outlines. In particular, the tactics allow t ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
We present a comprehensive set of tactics for working with a shallow embedding of a higherorder separation logic for a subset of Java in Coq. The tactics make it possible to reason at a level of abstraction similar to penandpaper separationlogic proof outlines. In particular, the tactics allow the user to reason in the embedded logic rather than in the concrete model, where the stacks and heaps are exposed. The development is generic in the choice of heap model, and most of the development is also independent of the choice of programming language.
Proof search for propositional abstract separation logics via labelled sequents
 In POPL’14. ACM
, 2014
"... ar ..."
(Show Context)
ResourceSensitive Synchronization Inference by Abduction
"... We present an analysis which takes as its input a sequential program, augmented with annotations indicating potential parallelization opportunities, and a sequential proof, written in separation logic, and produces a correctlysynchronized parallelized program and proof of that program. Unlike previ ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
We present an analysis which takes as its input a sequential program, augmented with annotations indicating potential parallelization opportunities, and a sequential proof, written in separation logic, and produces a correctlysynchronized parallelized program and proof of that program. Unlike previous work, ours is not an independence analysis; we insert synchronization constructs to preserve relevant dependencies found in the sequential program that may otherwise be violated by a naïve translation. Separation logic allows us to parallelize finegrained patterns of resourceusage, moving beyond straightforward pointsto analysis. Our analysis works by using the sequential proof to discover dependencies between different parts of the program. It leverages these discovered dependencies to guide the insertion of synchronization primitives into the parallelized program, and to ensure that the resulting parallelized program satisfies the same specification as the original sequential program, and exhibits the same sequential behaviour. Our analysis is built using frame inference and abduction, two techniques supported by an increasing number of separation logic tools.
A Type and Effect System for Determinism in Multithreaded Programs
"... Abstract. There has been much recent interest in supporting deterministic parallelism in imperative programs. Structured parallel programming models have used type systems or static analysis to enforce determinism by constraining potential interference of lexically scoped tasks. But similar support ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. There has been much recent interest in supporting deterministic parallelism in imperative programs. Structured parallel programming models have used type systems or static analysis to enforce determinism by constraining potential interference of lexically scoped tasks. But similar support for multithreaded programming, where threads may be ubiquitously spawned with arbitrary lifetimes, especially to achieve a modular and manageable combination of determinism and nondeterminism in multithreaded programs, remains an open problem. This paper proposes a simple and intuitive approach for tracking thread interference and capturing both determinism and nondeterminism as computational effects. This allows us to present a type and effect system for statically reasoning about determinism in multithreaded programs. Our general framework may be used in multithreaded languages for supporting determinism, or in structured parallel models for supporting threads. Even more sophisticated concurrency models, such as actors, are often implemented on top of an underlying threading model, thus the underlying ideas presented here should be of value in reasoning about the correctness of such implementations. 1
A Primer on Separation Logic (and Automatic Program Verification and Analysis)
"... Abstract. These are the notes to accompany a course at the Marktoberdorf PhD summer school in 2011. The course consists of an introduction to separation logic, with a slant towards its use in automatic program verification and analysis. ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. These are the notes to accompany a course at the Marktoberdorf PhD summer school in 2011. The course consists of an introduction to separation logic, with a slant towards its use in automatic program verification and analysis.
A ProofDirected Parallelization Synthesis by Separation Logic
"... We present an analysis which takes as its input a sequential program, augmented with annotations indicating potential parallelization opportunities, and a sequential proof, written in separation logic, and produces a correctlysynchronized parallelized program and proof of that program. Unlike previ ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
We present an analysis which takes as its input a sequential program, augmented with annotations indicating potential parallelization opportunities, and a sequential proof, written in separation logic, and produces a correctlysynchronized parallelized program and proof of that program. Unlike previous work, ours is not a simple independence analysis that admits parallelization only when threads do not interfere; rather, we insert synchronization to preserve dependencies in the sequential program that might be violated by a naïve translation. Separation logic allows us to parallelize finegrained patterns of resourceusage, moving beyond straightforward pointsto analysis. The sequential proof need only represent shape properties, meaning we can handle complex algorithms without verifying every aspect of their behavior. Our analysis works by using the sequential proof to discover dependencies between different parts of the program. It leverages these discovered dependencies to guide the insertion of synchronization primitives into the parallelized program, and to ensure that the resulting parallelized program satisfies the same specification as the original sequential program, and exhibits the same sequential behavior. Our analysis is built using frame inference and abduction, two techniques supported by an increasing number of separation logic tools.