Local reasoning for global invariants, Part I: Region logic

Anindya Banerjee; David A. Naumann; Stan Rosenberg

doi:10.1145/2485982

Local reasoning for global invariants, Part I: Region logic

Anindya Banerjee, David A. Naumann, Stan Rosenberg

Department of Computer Science

Research output: Contribution to journal › Article › peer-review

18 Scopus citations

Abstract

Shared mutable objects pose grave challenges in reasoning, especially for information hiding and modularity. This article presents a novel technique for reasoning about error-avoiding partial correctness of programs featuring shared mutable objects, and investigates the technique by formalizing a logic. Using a first-order assertion language, the logic provides heap-local reasoning about mutation and separation, via ghost fields and variables of type "region" (finite sets of object references). A new form of frame condition specifies write, read, and allocation effects using region expressions; this supports a frame rule that allows a command to read state on which the framed predicate depends. Soundness is proved using a standard program semantics. The logic facilitates heap-local reasoning about object invariants, as shown here by examples. Part II of this article extends the logic with second-order framing which formalizes the hiding of data invariants.

Original language	English
Article number	18
Journal	Journal of the ACM (JACM)
Volume	60
Issue number	3
DOIs	https://doi.org/10.1145/2485982
State	Published - Jun 2013

Keywords

Data abstraction
Data invariants
Heap separation
Information hiding
Modularity
Resource protection

Access to Document

10.1145/2485982

Cite this

@article{29f462a45ddd42a18d448e38250720cc,

title = "Local reasoning for global invariants, Part I: Region logic",

abstract = "Shared mutable objects pose grave challenges in reasoning, especially for information hiding and modularity. This article presents a novel technique for reasoning about error-avoiding partial correctness of programs featuring shared mutable objects, and investigates the technique by formalizing a logic. Using a first-order assertion language, the logic provides heap-local reasoning about mutation and separation, via ghost fields and variables of type {"}region{"} (finite sets of object references). A new form of frame condition specifies write, read, and allocation effects using region expressions; this supports a frame rule that allows a command to read state on which the framed predicate depends. Soundness is proved using a standard program semantics. The logic facilitates heap-local reasoning about object invariants, as shown here by examples. Part II of this article extends the logic with second-order framing which formalizes the hiding of data invariants.",

keywords = "Data abstraction, Data invariants, Heap separation, Information hiding, Modularity, Resource protection",

author = "Anindya Banerjee and Naumann, {David A.} and Stan Rosenberg",

year = "2013",

month = jun,

doi = "10.1145/2485982",

language = "English",

volume = "60",

number = "3",

}

TY - JOUR

T1 - Local reasoning for global invariants, Part I

T2 - Region logic

AU - Banerjee, Anindya

AU - Naumann, David A.

AU - Rosenberg, Stan

PY - 2013/6

Y1 - 2013/6

N2 - Shared mutable objects pose grave challenges in reasoning, especially for information hiding and modularity. This article presents a novel technique for reasoning about error-avoiding partial correctness of programs featuring shared mutable objects, and investigates the technique by formalizing a logic. Using a first-order assertion language, the logic provides heap-local reasoning about mutation and separation, via ghost fields and variables of type "region" (finite sets of object references). A new form of frame condition specifies write, read, and allocation effects using region expressions; this supports a frame rule that allows a command to read state on which the framed predicate depends. Soundness is proved using a standard program semantics. The logic facilitates heap-local reasoning about object invariants, as shown here by examples. Part II of this article extends the logic with second-order framing which formalizes the hiding of data invariants.

AB - Shared mutable objects pose grave challenges in reasoning, especially for information hiding and modularity. This article presents a novel technique for reasoning about error-avoiding partial correctness of programs featuring shared mutable objects, and investigates the technique by formalizing a logic. Using a first-order assertion language, the logic provides heap-local reasoning about mutation and separation, via ghost fields and variables of type "region" (finite sets of object references). A new form of frame condition specifies write, read, and allocation effects using region expressions; this supports a frame rule that allows a command to read state on which the framed predicate depends. Soundness is proved using a standard program semantics. The logic facilitates heap-local reasoning about object invariants, as shown here by examples. Part II of this article extends the logic with second-order framing which formalizes the hiding of data invariants.

KW - Data abstraction

KW - Data invariants

KW - Heap separation

KW - Information hiding

KW - Modularity

KW - Resource protection

UR - http://www.scopus.com/inward/record.url?scp=84880342788&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84880342788&partnerID=8YFLogxK

U2 - 10.1145/2485982

DO - 10.1145/2485982

M3 - Article

AN - SCOPUS:84880342788

SN - 0004-5411

VL - 60

JO - Journal of the ACM (JACM)

JF - Journal of the ACM (JACM)

IS - 3

M1 - 18

ER -

Local reasoning for global invariants, Part I: Region logic

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this