Clément Hurlin scite author profile

Abstract. This paper presents a program logic for reasoning about multithreaded Javalike programs with dynamic thread creation, thread joining and reentrant object monitors. The logic is based on concurrent separation logic. It is the first detailed adaptation of concurrent separation logic to a multithreaded Java-like language.The program logic associates a unique static access permission with each heap location, ensuring exclusive write accesses and ruling out data races. Concurrent reads are supported through fractional permissions. Permissions can be transferred between threads upon thread starting, thread joining, initial monitor entrancies and final monitor exits. In order to distinguish between initial monitor entrancies and monitor reentrancies, auxiliary variables keep track of multisets of currently held monitors. Data abstraction and behavioral subtyping are facilitated through abstract predicates, which are also used to represent monitor invariants, preconditions for thread starting and postconditions for thread joining. Value-parametrized types allow to conveniently capture common strong global invariants, like static object ownership relations.The program logic is presented for a model language with Java-like classes and interfaces, the soundness of the program logic is proven, and a number of illustrative examples are presented. ACM CCS: [Theory of computation]:Semantics and reasoning-Program reasoning-Program verification.

show abstract

Reasoning about Java’s Reentrant Locks

Haack

Huisman

Hurlin

2008

View full text Add to dashboard Cite

This paper presents a verification technique for a concurrent Java-like language with reentrant locks. The verification technique is based on permissionaccounting separation logic. As usual, each lock is associated with a resource invariant, i.e., when acquiring the lock the resources are obtained by the thread holding the lock, and when releasing the lock, the resources are released. To accommodate for reentrancy, the notion of lockset is introduced: a multiset of locks held by a thread. Keeping track of the lockset enables the logic to ensure that resources are not re-acquired upon reentrancy, thus avoiding the introduction of new resources in the system. To be able to express flexible locking policies, we combine the verification logic with value-parameterized classes. Verified programs satisfy the following properties: data race freedom, absence of null-dereferencing and partial correctness. The verification technique is illustrated on several examples, including a challenging lock-coupling algorithm.

show abstract

Separation Logic Contracts for a Java-Like Language with Fork/Join

Haack

Hurlin

View full text Add to dashboard Cite

Nous adaptons une variante de la logique de séparation avec permissions a un langageà la Java avec fork/join. Afin d'autoriser les lectures concurrentes dans le tas sans révéler l'implémentation, nous combinons les permissions fractionnelles avec les prédicats abstraits. Nous présentons une spécification d'itérateurs concurrents qui empêche les data races et les modifications concurrentes. Notre logique est présentée dans un style algorithmique,à partir d'un système de preuve théorique. Nous démontrons que les programmes vérifiés satisfont les propriétés suivantes: pas de data race, pas de déréference de pointeurs nuls et correction partielle.

show abstract

Resource Usage Protocols for Iterators.

Haack¹,

Hurlin²

2009

JOT

View full text Add to dashboard Cite

We discuss usage protocols for iterator objects that prevent concurrent modifications of the underlying collection while iterators are in progress. We formalize these protocols in Java-like object interfaces, enriched with separation logic contracts. We present examples of iterator clients and proofs that they adhere to the iterator protocol, as well as examples of iterator implementations and proofs that they implement the iterator interface.

show abstract

Specifying and checking protocols of multithreaded classes

Hurlin

2009

View full text Add to dashboard Cite

In the Design By Contract (DBC) approach, programmers specify methods with pre and postconditions (also called contracts). Earlier work added protocols to the DBC approach to describe allowed method call sequences for classes. We extend this work to deal with a variant of generic classes and multithreaded classes. We present the semantical foundations of our extension. We describe a new technique to check that method contracts are correct w.r.t. to protocols. We show how to generate programs that must be proven to show that method contracts are correct w.r.t. to protocols. Because little support currently exists to help writing method contracts, our technique helps programmers to check their contracts early in the development process.

show abstract

Automatic Parallelization and Optimization of Programs by Proof Rewriting

Hurlin

2009

View full text Add to dashboard Cite

show abstract

Integrating Static Checking and Interactive Verification: Supporting Multiple Theories and Provers in Verification

Kiniry

Chalin

Hurlin

2008

View full text Add to dashboard Cite

Abstract. Automatic verification by means of extended static checking (ESC)has seen some success in industry and academia due to its lightweight and easyto-use nature. Unfortunately, ESC comes at a cost: a host of logical and practical completeness and soundness issues. Interactive verification technology, on the other hand, is usually complete and sound, but requires a large amount of mathematical and practical expertise. Most programmers can be expected to use automatic, but not interactive, verification. The focus of this proposal is to integrate these two approaches into a single theoretical and practical framework, leveraging the benefits of each approach.

show abstract

Semi-automatic Synthesis of Security Policies by Invariant-Guided Abduction

Hurlin

Kirchner

2011

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Clément Hurlin

Permission-Based Separation Logic for Multithreaded Java Programs

Reasoning about Java’s Reentrant Locks

Separation Logic Contracts for a Java-Like Language with Fork/Join

Resource Usage Protocols for Iterators.

Specifying and checking protocols of multithreaded classes

Automatic Parallelization and Optimization of Programs by Proof Rewriting

Integrating Static Checking and Interactive Verification: Supporting Multiple Theories and Provers in Verification

Semi-automatic Synthesis of Security Policies by Invariant-Guided Abduction

Contact Info

Product

Resources

About