skip to main content
research-article

Separation logic, abstraction and inheritance

Published:07 January 2008Publication History
Skip Abstract Section

Abstract

Inheritance is a fundamental concept in object-oriented programming, allowing new classes to be defined in terms of old classes. When used with care, inheritance is an essential tool for object-oriented programmers. Thus, for those interested in developing formal verification techniques, the treatment of inheritance is of paramount importance. Unfortunately, inheritance comes in a number of guises, all requiring subtle techniques.

To address these subtleties, most existing verification methodologies typically adopt one of two restrictions to handle inheritance: either (1) they prevent a derived class from restricting the behaviour of its base class (typically by syntactic means) to trivialize the proof obligations; or (2) they allow a derived class to restrict the behaviour of its base class, but require that every inherited method must be reverified. Unfortunately, this means that typical inheritance-rich code either cannot be verified or results in an unreasonable number of proof obligations.

In this paper, we develop a separation logic for a core object-oriented language. It allows derived classes which override the behaviour of their base class, yet supports the inheritance of methods without reverification where this is safe. For each method, we require two specifications: a static specification that is used to verify the implementation and direct method calls (in Java this would be with a super call); and a dynamic specification that is used for calls that are dynamically dispatched; along with a simple relationship between the two specifications. Only the dynamic specification is involved with behavioural subtyping. This simple separation of concerns leads to a powerful system that supports all forms of inheritance with low proof-obligation overheads. We both formalize our methodology and demonstrate its power with a series of inheritance examples.

References

  1. M. Barnett, R. DeLine, M. Fähndrich, K. R. M. Leino, and W. Schulte. Verification of object-oriented programs with invariants. Journal of Object Technology, 3(6):27--56, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  2. M. Barnett, K. R. M. Leino, and W. Schulte. The Spec# programming system: An overview. In Proceedings of CASSIS, pages 49--69, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. B. Biering, L. Birkedal, and N. Torp-Smith. Bi-hyperdoctrines, higher-order separation logic, and abstraction. ACM TOPLAS, 2007. To appear. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. G. M. Bierman, M. J. Parkinson, and A. M. Pitts. MJ: An imperative core calculus for Java and Java with effects. Technical Report 563, University of Cambridge Computer Laboratory, 2004.Google ScholarGoogle Scholar
  5. W.-N. Chin, C. David, H. Nguyen, and S. Qin. Enhancing modular OO verification with separation logic. In Proceedings of POPL, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. W. R. Cook, W. Hill, and P. Canning. Inheritance is not subtyping. In Proceedings of POPL, 1990. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. K. K. Dhara and G. Leavens. Forcing behavioral subtyping through specification inheritance. In Proceedings of ICSE, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Flanagan, A. Sabry, B.F. Duba, and M. Felleisen. The essence of compiling with continuations. In Proceedings of PLDI, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. M. Flatt, S. Krishnamurthi, and M. Felleisen. A programmer's reduction semantics for classes and mixins. Technical Report TR-97-293, Rice University, 1997. Corrected June, 1999.Google ScholarGoogle Scholar
  10. E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison Wesley, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. A. Igarashi, B. Pierce, and P. Wadler. Featherweight Java: A minimal core calculus for Java and GJ. ACM TOPLAS, 23(3):396--450, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. S. Ishtiaq and P. W. O'Hearn. BI as an assertion language for mutable data structures. In Proceedings of POPL, pages 14--26, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. N. Krishnaswami, J. Aldrich, and L. Birkedal. Modular verification of the subject-observer pattern via higher-order separation logic. In Proceedings of FTfJP, 2007.Google ScholarGoogle Scholar
  14. G.T. Leavens and D.A. Naumann. Behavioral subtyping is equivalent to modular reasoning for object-oriented programs. Technical Report TR-06-36, Iowa State University, 2006.Google ScholarGoogle Scholar
  15. G.T. Leavens, A.L. Baker, and C. Ruby. Preliminary design of JML: a behavioral interface specification language for Java. SIGSOFT Software Engineering Notes, 31(3): 1--38, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. K. R. M. Leino. Data groups: Specifying the modification of extended state. In Proceedings of OOPSLA, pages 144--153, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. K. R. M. Leino and P. Müller. A verification methodology for model fields. In Proceedings of ESOP, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. K. R. M. Leino and W. Schulte. Using history invariants to verify observers. In Proceedings of ESOP, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. B. H. Liskov and J. M. Wing. A behavioral notion of subtyping. ACM TOPLAS, 16(6):1811--1841, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. P. Müller. Modular Specification and Verification of Object--Oriented Programs, volume 2262 of LNCS. Springer-Verlag, 2002. PhD thesis, FernUniversität Hagen.Google ScholarGoogle Scholar
  21. P. Müller, A. Poetzsch-Heffter, and G.T. Leavens. Modular invariants for layered object structures. Science of Computer Programming, 62:253--286, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. A. Nanevski, A. Ahmed, G. Morrisett, and L. Birkedal. Abstract predicates and mutable ADTs in Hoare Type Theory. In Proceedings of ESOP, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. P. W. O'Hearn, J. C. Reynolds, and H. Yang. Local reasoning about programs that alter data structures. In Proceedings of CSL, pages 1--19, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. M. Parkinson, G. Bierman, J. Noble, and W. Schulte. Contracts for patterns. Unpublished note, 2007.Google ScholarGoogle Scholar
  25. M. J. Parkinson. Local Reasoning for Java. PhD thesis, Computer Laboratory, University of Cambridge, 2005. UCAM-CL-TR-654.Google ScholarGoogle Scholar
  26. M. J. Parkinson and G.M. Bierman. Separation logic and abstraction. In Proceedings of POPL, pages 247--258, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. A. Poetzsch-Heffter and P. Müller. A programming logic for sequential Java. In Proceedings of ESOP, volume 1576 of LNCS, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. J. C. Reynolds. Separation logic: A logic for shared mutable data structures. In Proceedings of LICS, pages 55--74, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. C. Ruby and G. T. Leavens. Safely creating correct subclasses without seeing superclass code. SIGPLAN Not., 35(10):208--228, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. H. Yang. Local reasoning for stateful programs. PhD thesis, University of Illinois, July 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Separation logic, abstraction and inheritance

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image ACM SIGPLAN Notices
            ACM SIGPLAN Notices  Volume 43, Issue 1
            POPL '08
            January 2008
            420 pages
            ISSN:0362-1340
            EISSN:1558-1160
            DOI:10.1145/1328897
            Issue’s Table of Contents
            • cover image ACM Conferences
              POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
              January 2008
              448 pages
              ISBN:9781595936899
              DOI:10.1145/1328438

            Copyright © 2008 ACM

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 7 January 2008

            Check for updates

            Qualifiers

            • research-article

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!