Advertisement

Oracle Semantics for Concurrent Separation Logic

  • Aquinas Hobor
  • Andrew W. Appel
  • Francesco Zappa Nardelli
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4960)

Abstract

We define (with machine-checked proofs in Coq) a modular operational semantics for Concurrent C minor—a language with shared memory, spawnable threads, and first-class locks. By modular we mean that one can reason about sequential control and data-flow knowing almost nothing about concurrency, and one can reason about concurrency knowing almost nothing about sequential control and data-flow constructs. We present a Concurrent Separation Logic with first-class locks and threads, and prove its soundness with respect to the operational semantics. Using our modularity principle, we proved the sequential C.S.L. rules (those inherited from sequential Separation Logic) simply by adapting Appel & Blazy’s machine-checked soundness proofs. Our Concurrent C minor operational semantics is designed to connect to Leroy’s optimizing (sequential) C minor compiler; we propose our modular semantics as a way to adapt Leroy’s compiler-correctness proofs to the concurrent setting. Thus we will obtain end-to-end proofs: the properties you prove in Concurrent Separation Logic will be true of the program that actually executes on the machine.

Keywords

Modal Logic Operational Semantic Kripke Model Correctness Proof Separation Logic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Appel, A.W., Blazy, S.: Separation Logic for Small-Step cminor. In: Schneider, K., Brandt, J. (eds.) TPHOLs 2007. LNCS, vol. 4732, pp. 5–21. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Appel, A.W., Melliès, P.-A., Richards, C.D., Vouillon, J.: A very modal model of a modern, major, general type system. In: Proc. 34th Annual ACM Symposium on Principles of Programming Languages (POPL 2007), January 2007, pp. 109–122 (2007)Google Scholar
  3. 3.
    Boehm, H.-J.: Threads cannot be implemented as a library. In: PLDI 2005: ACM SIGPLAN Conf. on Prog. Language Design and Implementation, pp. 261–268 (2005)Google Scholar
  4. 4.
    Bornat, R., Calcagno, C., O’Hearn, P., Parkinson, M.: Permission accounting in separation logic. In: POPL 2005, pp. 259–270 (2005)Google Scholar
  5. 5.
    Gotsman, A., Berdine, J., Cook, B., Rinetzky, N., Sagiv, M.: Local reasoning for storable locks and threads. In: Shao, Z. (ed.) APLAS 2007. LNCS, vol. 4807, Springer, Heidelberg (2007)CrossRefGoogle Scholar
  6. 6.
    Gotsman, A., Berdine, J., Cook, B., Sagiv, M.: Thread-modular shape analysis. In: PLDI 2007: ACM SIGPLAN Conf. on Prog. Lang. Design and Implementation (2007)Google Scholar
  7. 7.
    Hobor, A., Appel, A.W., Zappa Nardelli, F.: Oracle semantics for concurrent separation logic (extended version). Tech. report, Princeton University (January 2008)Google Scholar
  8. 8.
    Klein, G., Nipkow, T.: A machine-checked model for a Java-like language, virtual machine and compiler. ACM Trans. on Prog. Lang. and Systems 28, 619–695 (2006)CrossRefGoogle Scholar
  9. 9.
    Leinenbach, D., Paul, W., Petrova, E.: Towards the formal verification of a C0 compiler: Code generation and implementation correctness. In: IEEE Conference on Software Engineering and Formal Methods (2005)Google Scholar
  10. 10.
    Leroy, X.: Formal certification of a compiler back-end, or: programming a compiler with a proof assistant. In: POPL 2006, pp. 42–54 (2006)Google Scholar
  11. 11.
    O’Hearn, P.W.: Resources, concurrency and local reasoning. Theoretical Computer Science 375(1), 271–307 (2007)zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Parkinson, M.J.: Local Reasoning for Java. PhD thesis, Univ. of Cambridge (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Aquinas Hobor
    • 1
  • Andrew W. Appel
    • 1
  • Francesco Zappa Nardelli
    • 2
  1. 1.Princeton University 
  2. 2.INRIA 

Personalised recommendations