Data Refinement with Low-Level Pointer Operations
نویسندگان
چکیده
We present a method for proving data refinement in the presence of low-level pointer operations, such as memory allocation and deallocation, and pointer arithmetic. Surprisingly, none of the existing methods for data refinement, including those specifically designed for pointers, are sound in the presence of low-level pointer operations. The reason is that the low-level pointer operations allow an additional potential for obtaining the information about the implementation details of the module: using memory allocation and pointer comparison, a client of a module can find out which cells are internally used by the module, even without dereferencing any pointers. The unsoundness of the existing methods comes from the failure of handling this potential. In the paper, we propose a novel method for proving data refinement, called power simulation, and show that power simulation is sound even with low-level pointer operations.
منابع مشابه
Alias Types
Linear type systems allow destructive operations such as object deallocation and imperative updates of functional data structures. These operations and others, such as the ability to reuse memory at different types, are essential in low-level typed languages. However, traditional linear type systems are too restrictive for use in low-level code where it is necessary to exploit pointer aliasing....
متن کاملReasoning about Pointers in Refinement Calculus
Pointers are an important programming concept. They are used explicitely or implicitly in many programming languages. In particular, the semantics of object-oriented programming languages rely on pointers. We introduce a semantics for pointer structures. Pointers are seen as indexes and pointer fields are functions from these indexes to values. Using this semantics we turn all pointer operation...
متن کاملMind the Gap: A Verification Framework for Low-Level C
This paper presents the formal Isabelle/HOL framework we use to prove refinement between an executable, monadic specification and the C implementation of the seL4 microkernel. We describe the refinement framework itself, the automated tactics it supports, and the connection to our previous C verification framework. We also report on our experience in applying the framework to seL4. The characte...
متن کاملFrom Low-Level Pointers to High-Level Containers
We propose a method that transforms a C program manipulating containers using low-level pointer statements into an equivalent program where the containers are manipulated via calls of standard high-level container operations like push back or pop front. The input of our method is a C program annotated by a special form of shape invariants which can be obtained from current automatic shape analy...
متن کاملA Hash Data Structure for Adaptive PDE–Solvers Based on Discontinuous Galerkin Discretizations
Adaptive multiscale methods are among the most effective techniques for the numerical solution of partial differential equations. Efficient grid management is an important task in these solvers. In this paper we focus on this problem for Discontinuous Galerkin discretization methods in 2 and 3 spatial dimensions and present a data structure for handling adaptive grids of different cell types in...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005