An Asynchronous Soundness...

An Asynchronous Soundness Theorem for

Concurrent Separation Logic

Paul-André Melliès Léo Stefanesco

IRIF, CNRS & Université Paris Diderot

Séminaire Gallium 4 juin 2018

Summary• The imperative concurrent language and its semantics

• Concurrent separation Logic and its semantics

• Soundness theorems: relating those semantics

!2

Asynchronous Graphs

!3

Topological Intuition

!4

v

u

u´

v ´

Asynchronous Morphisms

!5

u

v

v,

u,

F

F F

Fu

v

v,

u,

It’s a graph homomorphism, such that:

Asynchronous Graphs with Environment

!6

m1 m1

m2

m3

A Simple Concurrent Language

“Assembly language”

Source language

State transitions

is the memory and is the set of held lockswhere!8

A Simple Concurrent Language

Asynchronous Transition System

Machine model

!9

Code-acyclic asynchronous graph


Machine model

!9


Two semantics:


Machine model

!9


is an Environment 1-fibration = “the Environment can always execute every instructions”

Two semantics:

Machine Models for the Code


Machine modelAsynchronous graph of machine states

Nodes:

Edges:

is a tile when:

Asynchronous graph of locks

Nodes:

is a tile when:

!10

Edges:

Semantics of leaves

such that:

There is a tile wheneverthe footprints are independent

!11

m2 m2

m1

x y

Graphical representation

Non terminating executions

!12

Sequential Composition

C C’

!13

Conditionals

B

¬ B

B

C

C’nop

nop

!14

Parallel Product:Nodes: such that


Edges: an edge is a pair of edges

andin in


Edges: an edge is a pair of edges

and

Tiles:

if

!15

in in

Morphism between the two semantics

Morphisms for leaves

They are preserved by the constructions

!16

Separation LogicHoare triples:

are predicates on Logical States

!17

Semantics:

A few concurrent separation logics

Iris 2.0 (2016)

Iris 3.0 (2017)

Owicki-Gries (1976)

CSL (2004)Rely-Guarantee (1983)

SAGL (2007)RGSep (2007)

Deny-Guarantee (2009)

CAP (2010)

Liang-Feng (2013)

LRG (2009)

SCSL (2013)HOCAP (2013)

iCAP (2014)

Iris (2015)

CaReSL (2013)

FCSL (2014)

TaDA (2014)

CoLoSL (2015)

Gotsman-al (2007)

HLRG (2010)

Bornat-al (2005)

RGSim (2012)

GPS (2014)Total-TaDA (2016)

FTCSL (2015)

Jacobs-Piessens (2011)

RSL (2013)

LiLi (2016)

Bell-al (2010)Hobor-al (2008)

FSL (2016)

Hobor-Gherghina (2011)

FSL++ (2017)

Disel (2018)

by Ilya Sergey !18

Concurrent Separation Logic (CSL)

!19

Separated States

σC

σ(r2)

σ(r1)

σFThe Code The Environment

The Shared Resources

!20

Separated States

σCσ(r2)

σ(r1)



!20

Separated States

σC

σ(r2)

σ(r1)



!20

Semantics of derivation trees

The semantics of a derivation tree

is an Asynchronous Transition System over separated states

• The initial states are all the separated states that satisfy P

• The final states all satisfy Q

• Each of the M satisfies G

• The edges/moves are of the form:!21

Machine Model of Separated States

!22

Two kinds of transitions:

States: separated states

Tiles: so that they correspond to tiles in

Asynchronous Graph Morphism

There is an asynchronous graph morphism

with

!23

Soundness theorems

• “A well specified program does not go wrong”

• Memory safety, etc…

• Data-race freedom

• Precondition, postcondition

!24

1-soundnessTheorem 1

is an op-fibration on Code transitions.

!25

2-soundnessTheorem 2

is a 2-fibration.

!26

The End

An Asynchronous Soundness...

Documents

Transcript of An Asynchronous Soundness...