Constraint-Based Program Reasoning with Heaps and Separation
نویسندگان
چکیده
This paper introduces a constraint language H for finite partial maps (a.k.a. heaps) that incorporates the notion of separation from Separation Logic. We use H to build an extension of Hoare Logic for reasoning over heap manipulating programs using (constraint-based) symbolic execution. We present a sound and complete algorithm for solving quantifier-free (QF) H-formulae based on heap element propagation. An implementation of the H-solver has been integrated into a Satisfiability Modulo Theories (SMT) framework. We experimentally evaluate the implementation against Verification Conditions (VCs) generated from symbolic execution of large (heap manipulating) programs. In particular, we mitigate the path explosion problem using subsumption via interpolation – made possible by the constraint-based encoding.
منابع مشابه
A Symbolic Execution Framework with Explicit Heaps and Separation
Program verification of heap properties is challenging. A promising approach is Separation Logic, which supports local reasoning over disjoint portions of the heap. In this paper, we propose a heap constraint language H that explicates the heap and incorporates separation. By explicating the heap, the language is more suitable for automatic symbolic execution. We show that this language can be ...
متن کاملA Constraint Solver for Heaps with Separation
This paper introduces a constraint language H for finite partial maps (a.k.a. heaps) that incorporates the notion of separation from Separation Logic. The motivation behind H is reasoning over heap manipulating programs using constraint-based symbolic execution. For this we present a modest extension of Hoare Logic that inherits many of the benefits from Separation Logic, such as local reasonin...
متن کاملLocal Reasoning with First-Class Heaps, and a New Frame Rule
Separation Logic (SL) brought an advance to program verification of data structures by interpreting (recursively defined) predicates as implicit heaps, and using a separating conjoin operator to construct heaps from disjoint subheaps. While the Frame Rule of SL facilitated local reasoning in program fragments, its restriction to disjoint subheaps means that any form of sharing between predicate...
متن کاملSeparation Logic with First-Class Heaps and a New Frame Rule
Separation Logic brought an advance to program verification of data structures through its use of (recursively defined) predicates to implicitly represent heaps, and the separation operator to construct heaps from disjoint subheaps. While this facilitated local reasoning in program fragments, the consideration of subheaps that are disjoint meant that any form of sharing between predicates is pr...
متن کاملStructural separation logic
This thesis presents structural separation logic, a novel program reasoning approach for software that manipulates both standard heaps and structured data such as lists and trees. Structural separation logic builds upon existing work in both separation logic and context logic. It considers data abstractly, much as it is exposed by library interfaces, ignoring implementation details. We provide ...
متن کامل