Differences between revisions 12 and 13
Revision 12 as of 2011-02-05 21:17:28
Size: 2470
Editor: 114
Comment:
Revision 13 as of 2011-02-07 13:18:06
Size: 2468
Editor: viktor
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= Separation logic = = Basics of separation logic =
Line 32: Line 32:
TODO Random Edit TODO

Basics of separation logic

Separation logic is an extension of Hoare's logic oriented to reasoning about mutable data structures (or, programs with dynamically allocated pointers). It enables more compact proofs and specs of imperative programs than before because of its support for local reasoning, where specifications and proofs concentrate on the portion of memory used by a program component, and not the entire global state of the system.

Separating conjunction & the frame rule

Separation logic assertions describe heaps. Besides the normal logical connectives (conjunction, disjunction, implication, etc), SL introduces the separating conjunction ($*$) of two assertions. A heap satisfies the separating conjunction of two assertions if it can be divided into two disjoint parts satisfying the two assertions. Formally, $h \models P_1 * P_2$ if and only if there exist (disjoint) $h_1$ and $h_2$ such that $h = h_1 \uplus h_2$ and $h_1 \models P_1$ and $h_2 \models P_2$.

The frame rule is the crux of local reasoning:

$$\frac{ \{P\}~C\{Q\} }{ \{P*F\}~C\{Q*F\} }\quad \mathbf{fv}(F)\cap\mathbf{mod}(C) = \emptyset$$

It says that a program that runs correctly with a heap satisfying the precondition, $P$, also runs correctly with a bigger initial heap, $P * F$. Further, the program is guaranteed not to touch the additional portion of heap, and so $F$ remains true in the postcondition. Therefore, programs specifications need only describe the footprint of the program (i.e., the part of the heap it accesses). Using the frame rule, these specifications can be applied in any larger context.

Introductory material

Extensions & tool support

There are numerous extensions of separation logic for better handling:

  • Abstraction (hypothetical frame rule, abstract predicates, context logic)
  • Concurrency (CSL, locks-in-the-heap, RGSep/SAGL/LRG, deny-guarantee)

  • Assembly code
  • Higher-order functions

There are also many SL-based tools such as entailment provers and static analyzers. For more information, see ToolSupport.

Further reading

TODO

SeparationLogic (last edited 2011-02-07 13:18:06 by viktor)