TITLE: Deciding Separation Logic with Pointer Arithmetic and Inductive Definitions

AUTHORS: Mihaela Sighireanu, Wanyun Su and Zhilin Wu

----------- Overall evaluation -----------

This paper investigates a separation logic SLAH, an extension of Array Separation Logic (ASL) with a predicate for heap lists. The paper contributes decision procedures for the satisfiability and entailment problems leading to NP-complete and EXPTIME results respectively.

The NP-complete result for satisfiability is by reduction from EPA satisfiability (from the stronger equi-satisfiability result). The EXPTIME result for entailment is via a decision procedure that explores the (exponential) space of possible orderings of endpoints of spatial atoms.

The problem is reasonably well-motivated, although the example and evaluation problems are relatively small. As highlighted in the paper, pointer arithmetic is mostly confined to low-level programs. Although it is notoriously difficult to reason with.

The writing is relatively dense and makes slightly more assumptions about the reader's awareness of separation logic terminology than I would expect at CADE. The motivating example in Section 2 is a good idea but I felt a bit lost until I returned to it after going through Section 3. There appear to be some assumptions made in a few places that could be explained.

The encoding in EPA is nice but the encoding of blocks and heap lists seemed straightforward (perhaps one of those 'easy when you see it' things) whilst the more involved issue of encoding separation is left for the Appendix. The decision procedure for entailment could have been summarised more clearly at the start as the overall idea is simple (with the details clearly requiring some effort).

I didn't find any problems in the proofs.

The evaluation section was nice, demonstrating effectiveness for some problems. Are your benchmarks available? One thing that is unclear is the scale of the benchmarks being addressed and the generality of this result. Are the numbers artificial due to the artificial nature of the benchmarks - will these methods be applicable in 'real' situations?

Overall, this paper seems to have a nicely sized contribution to an interesting (timely?) problem. The presentation doesn't appear to have major issues although could be improved. Therefore, I (weakly) recommend acceptance.

Small comments:

- I found things like '0 < b = t' as shorthand for 'e < b /\ b=t' a bit difficult to parse at points.

- p4, explain the two-arg hls predicate earlier - I wasted time trying to match the three-arg definition against the two-arg usage in Fig 1.:

- p4, you could include some intuition about the summaries: if v=2 then every chunk has size 2 and the overall heap list has even size.

- p5, near top. We don't know what 'a' is or what 'head(a)' and 'tail(a)' are here.

- p7,in the SLAH semantics in the rule for hls^{l+1} what is x? how does the recursion work as t1, t2, t2 do not change.

- It strikes me that equation 8 could be more general if v were replaced by v1 and v2 on the left and by max(v1,v2) on the right. I assume this doesn't really help.