Cargando…
Connecting Higher-Order Separation Logic to a First-Order Outside World
Separation logic is a useful tool for proving the correctness of programs that manipulate memory, especially when the model of memory includes higher-order state: Step-indexing, predicates in the heap, and higher-order ghost state have been used to reason about function pointers, data structure inva...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7702256/ http://dx.doi.org/10.1007/978-3-030-44914-8_16 |
| _version_ | 1783616577969586176 |
|---|---|
| author | Mansky, William Honoré, Wolf Appel, Andrew W. |
| author_facet | Mansky, William Honoré, Wolf Appel, Andrew W. |
| author_sort | Mansky, William |
| collection | PubMed |
| description | Separation logic is a useful tool for proving the correctness of programs that manipulate memory, especially when the model of memory includes higher-order state: Step-indexing, predicates in the heap, and higher-order ghost state have been used to reason about function pointers, data structure invariants, and complex concurrency patterns. On the other hand, the behavior of system features (e.g., operating systems) and the external world (e.g., communication between components) is usually specified using first-order formalisms. In principle, the soundness theorem of a separation logic is its interface with first-order theorems, but the soundness theorem may implicitly make assumptions about how other components are specified, limiting its use. In this paper, we show how to extend the higher-order separation logic of the Verified Software Toolchain to interface with a first-order verified operating system, in this case CertiKOS, that mediates its interaction with the outside world. The resulting system allows us to prove the correctness of C programs in separation logic based on the semantics of system calls implemented in CertiKOS. It also demonstrates that the combination of interaction trees + CompCert memories serves well as a lingua franca to interface and compose two quite different styles of program verification. |
| format | Online Article Text |
| id | pubmed-7702256 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-77022562020-12-01 Connecting Higher-Order Separation Logic to a First-Order Outside World Mansky, William Honoré, Wolf Appel, Andrew W. Programming Languages and Systems Article Separation logic is a useful tool for proving the correctness of programs that manipulate memory, especially when the model of memory includes higher-order state: Step-indexing, predicates in the heap, and higher-order ghost state have been used to reason about function pointers, data structure invariants, and complex concurrency patterns. On the other hand, the behavior of system features (e.g., operating systems) and the external world (e.g., communication between components) is usually specified using first-order formalisms. In principle, the soundness theorem of a separation logic is its interface with first-order theorems, but the soundness theorem may implicitly make assumptions about how other components are specified, limiting its use. In this paper, we show how to extend the higher-order separation logic of the Verified Software Toolchain to interface with a first-order verified operating system, in this case CertiKOS, that mediates its interaction with the outside world. The resulting system allows us to prove the correctness of C programs in separation logic based on the semantics of system calls implemented in CertiKOS. It also demonstrates that the combination of interaction trees + CompCert memories serves well as a lingua franca to interface and compose two quite different styles of program verification. 2020-04-18 /pmc/articles/PMC7702256/ http://dx.doi.org/10.1007/978-3-030-44914-8_16 Text en © The Author(s) 2020 Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made. The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. |
| spellingShingle | Article Mansky, William Honoré, Wolf Appel, Andrew W. Connecting Higher-Order Separation Logic to a First-Order Outside World |
| title | Connecting Higher-Order Separation Logic to a First-Order Outside World |
| title_full | Connecting Higher-Order Separation Logic to a First-Order Outside World |
| title_fullStr | Connecting Higher-Order Separation Logic to a First-Order Outside World |
| title_full_unstemmed | Connecting Higher-Order Separation Logic to a First-Order Outside World |
| title_short | Connecting Higher-Order Separation Logic to a First-Order Outside World |
| title_sort | connecting higher-order separation logic to a first-order outside world |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7702256/ http://dx.doi.org/10.1007/978-3-030-44914-8_16 |
| work_keys_str_mv | AT manskywilliam connectinghigherorderseparationlogictoafirstorderoutsideworld AT honorewolf connectinghigherorderseparationlogictoafirstorderoutsideworld AT appelandreww connectinghigherorderseparationlogictoafirstorderoutsideworld |