Implicit dynamic frames

Smans, Jan; Jacobs, Bart; Piessens, Frank

doi:10.1145/2160910.2160911

Cited by 50 publications

(43 citation statements)

References 66 publications

(85 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Alternatives to separation logic that enable compositional reasoning about heapmanipulating programs but rely on classical logic include (implicit) dynamic frames [22,31] and region logic [1,30]. The connection between separation logic and implicit dynamic frames has been studied in [26].…”

Section: Introductionmentioning

confidence: 99%

Automating Separation Logic Using SMT

Piskač

Wies

Zufferey

2013

Lecture Notes in Computer Science

105

120

View full text Add to dashboard Cite

Abstract. Separation logic (SL) has gained widespread popularity because of its ability to succinctly express complex invariants of a program's heap configurations. Several specialized provers have been developed for decidable SL fragments. However, these provers cannot be easily extended or combined with solvers for other theories that are important in program verification, e.g., linear arithmetic. In this paper, we present a reduction of decidable SL fragments to a decidable first-order theory that fits well into the satisfiability modulo theories (SMT) framework. We show how to use this reduction to automate satisfiability, entailment, frame inference, and abduction problems for separation logic using SMT solvers. Our approach provides a simple method of integrating separation logic into existing verification tools that provide SMT backends, and an elegant way of combining SL fragments with other decidable first-order theories. We implemented this approach in a verification tool and applied it to heap-manipulating programs whose verification involves reasoning in theory combinations.

show abstract

Section: Introductionmentioning

confidence: 99%

Automating Separation Logic Using SMT

Piskač

Wies

Zufferey

2013

Lecture Notes in Computer Science

105

120

View full text Add to dashboard Cite

show abstract

“…Specification and Verification of Atomic Operations in GPGPU Programs. In SEFM 2015, pages [69][70][71][72][73][74][75][76][77][78][79][80][81][82][83]2015..…”

Section: Thesismentioning

confidence: 99%

“…IDF [78] is another program logic that extends Hoare Logic with the ability to reason about access to the heap by means of access permissions to heap locations, similar to permission-based Separation Logic. However, IDF and permission-based Separation Logic differ in how value-specifications are handled: in IDF, one uses side-effect-free expressions in the underlying programming language, while using permission-based Separation Logic, one first relates the program variables to logical variables and then states properties about these logical variables.…”

Section: Layer 1: Permissions and Resource Invariantsmentioning

confidence: 99%

“…The main compilation target used for kernel programs is Silver, the intermediate language of the Viper framework [54]. Silver is a specification language designed along the lines of Implicit Dynamic Frames [78]. We can then verify these Silver programs with the Silicon tool that is part of the framework.…”

Section: Chapter 8 Specification and Verification Of Atomic Operatiomentioning

confidence: 99%

“…At the bottom layer, we use a combination of Implicit Dynamic Frames (IDF) [78] and CSL-style resource invariants, to reason about data race freedom of programs. We illustrate this on the verification of a lock-free queue implementation.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Specification and verification of synchronisation classes in Java : a practical approach

Amighi¹

View full text Add to dashboard Cite

Starvation-Free Monitors

Hamin

2019

Theoretical Aspects of Computing – ICTAC 2019

View full text Add to dashboard Cite

Monitors are a synchronization construct which allows to keep a thread waiting until a specific resource for that thread is available. One potential problem with these constructs is starvation; a situation where a thread, competing for a resource, infinitely waits for that resource because other threads, that started competing for that resource later, get it earlier infinitely often. In this paper a modular approach to verify starvation-freedom of monitors is presented, ensuring that each time that a resource is released and its associated condition variable is notified each waiting thread approaches the front of the waiting queue; more specifically, the loop in which the wait command is executed (that checks the waiting condition) has a loop variant. To this end, we introduce notions of publishable resources and publishable obligations, which are published from the thread notifying a condition variable to all of the threads waiting for that condition variable. The publishable resources ensure the waiting threads that they are approaching the front of the waiting queue, by allowing to define an appropriate loop variant for the related loop. The publishable obligations ensure that for any thread waiting for a condition variable v there is another thread obliged to notify v, which only waits for waitable objects whose levels, some arbitrary numbers associated with each waitable object, are lower than the level of v (preventing circular dependencies). We encoded the proposed separation logic-based proof rules in the VeriFast program verifier and succeeded in verifying deadlock-freedom and starvation-freedom of two monitors, having no scheduling policy, which implement two common queue locking algorithms, namely ticket lock and CLH lock.

show abstract

Implicit dynamic frames

Cited by 50 publications

References 66 publications

Automating Separation Logic Using SMT

Automating Separation Logic Using SMT

Specification and verification of synchronisation classes in Java : a practical approach

Starvation-Free Monitors

Contact Info

Product

Resources

About