SteelCore: an extensible concurrent separation logic for effectful dependently typed programs

Much recent research has been devoted to modeling effects within type theory. Building on this work, we observe that effectful type theories can provide a foundation on which to build semantics for more complex programming constructs and program logics, extending the reasoning principles that apply within the host effectful type theory itself. Concretely, our main contribution is a semantics for concurrent separation logic (CSL) within the F⋆ proof assistant in a manner that enables dependently typed, effectful F⋆ programs to make use of concurrency and to be specified and verified using a full-featured, extensible CSL. In contrast to prior approaches, we directly derive the partial-correctness Hoare rules for CSL from the denotation of computations in the effectful semantics of non-deterministically interleaved atomic actions. Demonstrating the flexibility of our semantics, we build generic, verified libraries that support various concurrency constructs, ranging from dynamically allocated, storable spin locks, to protocol-indexed channels. We conclude that our effectful semantics provides a simple yet expressive basis on which to layer domain-specific languages and logics for verified, concurrent programming.

[1]  Hongseok Yang,et al.  Views: compositional reasoning for concurrent programs , 2013, POPL.

[2]  Lars Birkedal,et al.  Step-Indexed Kripke Model of Separation Logic for Storable Locks , 2011, MFPS.

[3]  Frank Piessens,et al.  Implicit dynamic frames , 2008, TOPL.

[4]  Viktor Vafeiadis,et al.  Structuring the verification of heap-manipulating programs , 2010, POPL '10.

[5]  Derek Dreyer,et al.  RustBelt: securing the foundations of the rust programming language , 2017, Proc. ACM Program. Lang..

[6]  Edwin Brady,et al.  Programming and reasoning with algebraic effects and dependent types , 2013, ICFP.

[7]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[8]  Lars Birkedal,et al.  Aneris: A Mechanised Logic for Modular Reasoning about Distributed Systems , 2020, ESOP.

[9]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[10]  Lars Birkedal,et al.  A logical relation for monadic encapsulation of state: proving contextual equivalences in the presence of runST , 2017, Proc. ACM Program. Lang..

[11]  Wouter Swierstra,et al.  Data types à la carte , 2008, Journal of Functional Programming.

[12]  Stephen D. Brookes,et al.  A Semantics for Concurrent Separation Logic , 2004, CONCUR.

[13]  Nikhil Swamy,et al.  Meta-F⋆: Proof Automation with SMT, Tactics, and Metaprograms , 2018, 1803.06547.

[14]  Peter W. O'Hearn,et al.  Resources, Concurrency and Local Reasoning , 2004, CONCUR.

[15]  Joseph Tassarotti,et al.  Verifying concurrent, crash-safe systems with Perennial , 2019, SOSP.

[16]  Nikhil Swamy,et al.  Recalling a witness: foundations and applications of monotonic state , 2017, Proc. ACM Program. Lang..

[17]  Andrzej Filinski,et al.  Inductive reasoning about effectful data types , 2007, ICFP '07.

[18]  Peter Hancock,et al.  Interactive Programs in Dependent Type Theory , 2000, CSL.

[19]  Nobuko Yoshida,et al.  Language Primitives and Type Discipline for Structured Communication-Based Programming Revisited: Two Systems for Higher-Order Session Communication , 2007, Electron. Notes Theor. Comput. Sci..

[20]  Chung-Kil Hur,et al.  Interaction trees: representing recursive and impure programs in Coq , 2020, Proc. ACM Program. Lang..

[21]  Ilya Sergey,et al.  Communicating State Transition Systems for Fine-Grained Concurrent Resources , 2014, ESOP.

[22]  Andrew W. Appel,et al.  Oracle Semantics for Concurrent Separation Logic , 2008, ESOP.

[23]  Vasco Thudichum Vasconcelos,et al.  Language Primitives and Type Discipline for Structured Communication-Based Programming Revisited: Two Systems for Higher-Order Session Communication , 1998, SecReT@ICALP.

[24]  Lars Birkedal,et al.  Hoare type theory, polymorphism and separation1 , 2008, Journal of Functional Programming.

[25]  Suresh Jagannathan,et al.  Verifying Custom Synchronization Constructs Using Higher-Order Separation Logic , 2016, ACM Trans. Program. Lang. Syst..

[26]  Lars Birkedal,et al.  Iris from the ground up: A modular foundation for higher-order concurrent separation logic , 2018, Journal of Functional Programming.

[27]  Lars Birkedal,et al.  Higher-order ghost state , 2016, ICFP.

[28]  Robbert Krebbers,et al.  Intrinsically-typed definitional interpreters for imperative languages , 2018, Proc. ACM Program. Lang..

[30]  John Tang Boyland,et al.  Checking Interference with Fractional Permissions , 2003, SAS.

[31]  Juan Chen,et al.  Secure distributed programming with value-dependent types , 2013, J. Funct. Program..

[32]  Michael Hicks,et al.  Lightweight monadic programming in ML , 2011, ICFP.

[33]  Lars Birkedal,et al.  Interactive proofs in higher-order concurrent separation logic , 2017, POPL.

[34]  Pierre-Yves Strub,et al.  Dependent types and multi-monadic effects in F* , 2016, POPL.

[35]  Andreas Abel,et al.  Type-based termination: a polymorphic lambda-calculus with sized higher-order types , 2006 .

[36]  Lars Birkedal,et al.  Fictional Separation Logic , 2012, ESOP.

[37]  Ilya Sergey,et al.  Mechanized verification of fine-grained concurrent programs , 2015, PLDI.

[38]  Michael D. Ernst,et al.  Rely-guarantee references for refinement types over aliased mutable data , 2013, PLDI.

[39]  Shin-ya Katsumata,et al.  Parametric effect monads and semantics of effect systems , 2014, POPL.

[40]  Robert Atkey,et al.  Parameterised notions of computation , 2006, J. Funct. Program..

[41]  Ignacio Fábregas,et al.  Specifying concurrent programs in separation logic: morphisms and simulations , 2019, Proc. ACM Program. Lang..

[42]  Tom Schrijvers,et al.  Syntax and Semantics for Operations with Scopes , 2018, LICS.

[43]  Tsuyoshi Murata,et al.  {m , 1934, ACML.

[44]  Robbert Krebbers,et al.  Actris: session-type based reasoning in separation logic , 2019, Proc. ACM Program. Lang..

[45]  Alexey Gotsman,et al.  Local Reasoning for Storable Locks and Threads , 2007, APLAS.

[46]  Torben Amtoft,et al.  Faithful Translations between Polyvariant Flows and Polymorphic Types , 2000, ESOP.

[47]  Robbert Krebbers,et al.  Intrinsically-typed definitional interpreters for linear, session-typed languages , 2020, CPP.

[48]  Juan Chen,et al.  Secure distributed programming with value-dependent types , 2011, Journal of Functional Programming.

[49]  Matthew J. Parkinson,et al.  The Relationship between Separation Logic and Implicit Dynamic Frames , 2011, ESOP.

[50]  Oleg Kiselyov,et al.  Freer monads, more extensible effects , 2015, Haskell.