Strong Logic for Weak Memory: Reasoning About Release-Acquire Consistency in Iris

The field of concurrent separation logics (CSLs) has recently undergone two exciting developments: (1) the Iris framework for encoding and unifying advanced higher-order CSLs and formalizing them in Coq, and (2) the adaptation of CSLs to account for weak memory models, notably C11's release-acquire (RA) consistency. Unfortunately, these developments are seemingly incompatible, since Iris only applies to languages with an operational interleaving semantics, while C11 is defined by a declarative (axiomatic) semantics. In this paper, we show that, on the contrary, it is not only feasible but useful to marry these developments together. Our first step is to provide a novel operational characterization of RA+NA, the fragment of C11 containing RA accesses and "non-atomic" (normal data) accesses. Instantiating Iris with this semantics, we then derive higher-order variants of two prominent RA+NA logics, GPS and RSL. Finally, we deploy these derived logics in order to perform the first mechanical verifications (in Coq) of several interesting case studies of RA+NA programming. In a nutshell, we provide the first foundationally verified framework for proving programs correct under C11's weak-memory semantics.

[1]  Tom Ridge,et al.  A Rely-Guarantee Proof System for x86-TSO , 2010, VSTTE.

[2]  Ori Lahav,et al.  Taming release-acquire consistency , 2016, POPL.

[3]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[4]  Cliff B. Jones,et al.  Tentative steps toward a development method for interfering programs , 1983, TOPL.

[5]  Viktor Vafeiadis,et al.  Concurrent Abstract Predicates , 2010, ECOOP.

[6]  Philippa Gardner,et al.  TaDA: A Logic for Time and Data Abstraction , 2014, ECOOP.

[7]  Peter Sewell,et al.  The Problem of Programming Language Concurrency Semantics , 2015, ESOP.

[8]  Viktor Vafeiadis,et al.  A Marriage of Rely/Guarantee and Separation Logic , 2007, CONCUR.

[9]  Ori Lahav,et al.  Owicki-Gries Reasoning for Weak Memory Models , 2015, ICALP.

[10]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[11]  Peter Sewell,et al.  Mathematizing C++ concurrency , 2011, POPL '11.

[12]  Xinyu Feng Local rely-guarantee reasoning , 2009, POPL '09.

[13]  Ilya Sergey,et al.  Mechanized verification of fine-grained concurrent programs , 2015, PLDI.

[14]  Lars Birkedal,et al.  Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning , 2015, POPL.

[15]  Viktor Vafeiadis,et al.  Relaxed separation logic: a program logic for C11 concurrency , 2013, OOPSLA.

[16]  Ilya Sergey,et al.  Mechanized Verification of Fine-grained Concurrent Programs Accompanying tutorial and code commentary for PLDI 2015 artifact evaluation , 2015 .

[17]  Peter Müller,et al.  Viper: A Verification Infrastructure for Permission-Based Reasoning , 2016, VMCAI.

[18]  Ilya Sergey,et al.  Communicating State Transition Systems for Fine-Grained Concurrent Resources , 2014, ESOP.

[19]  Viktor Vafeiadis,et al.  GPS: navigating weak memory with ghosts, protocols, and separation , 2014, OOPSLA.

[20]  Jeehoon Kang,et al.  A promising semantics for relaxed-memory concurrency , 2017, POPL.

[21]  Lars Birkedal,et al.  Impredicative Concurrent Abstract Predicates , 2014, ESOP.

[22]  Peter W. O'Hearn,et al.  Resources, concurrency, and local reasoning , 2007 .

[23]  Lars Birkedal,et al.  Unifying refinement and hoare-style reasoning in a logic for higher-order concurrency , 2013, ICFP.

[24]  Viktor Vafeiadis,et al.  Tackling Real-Life Relaxed Concurrency with FSL++ , 2017, ESOP.

[25]  Lars Birkedal,et al.  A Separation Logic for Fictional Sequential Consistency , 2015, ESOP.

[26]  Lars Birkedal,et al.  Interactive proofs in higher-order concurrent separation logic , 2017, POPL.

[27]  Lars Birkedal,et al.  The Essence of Higher-Order Concurrent Separation Logic , 2017, ESOP.

[28]  Lars Birkedal,et al.  Higher-order ghost state , 2016, ICFP.

[29]  Toshiyuki Maeda,et al.  Observation-Based Concurrent Program Logic for Relaxed Memory Consistency Models , 2016, APLAS.

[30]  Joseph Tassarotti,et al.  Verifying read-copy-update in a logic for weak memory , 2015, PLDI.

[31]  Lars Birkedal,et al.  A relational model of types-and-effects in higher-order concurrent separation logic , 2017, POPL.

[32]  Richard Bornat,et al.  New Lace and Arsenic: adventures in weak memory with a program logic , 2015, ArXiv.

[33]  Viktor Vafeiadis,et al.  A Program Logic for C11 Memory Fences , 2016, VMCAI.