skip to main content
research-article
Free Access

Verifying Custom Synchronization Constructs Using Higher-Order Separation Logic

Published:04 January 2016Publication History
Skip Abstract Section

Abstract

Synchronization constructs lie at the heart of any reliable concurrent program. Many such constructs are standard (e.g., locks, queues, stacks, and hash-tables). However, many concurrent applications require custom synchronization constructs with special-purpose behavior. These constructs present a significant challenge for verification. Like standard constructs, they rely on subtle racy behavior, but unlike standard constructs, they may not have well-understood abstract interfaces. As they are custom built, such constructs are also far more likely to be unreliable.

This article examines the formal specification and verification of custom synchronization constructs. Our target is a library of channels used in automated parallelization to enforce sequential behavior between program statements. Our high-level specification captures the conditions necessary for correct execution; these conditions reflect program dependencies necessary to ensure sequential behavior. We connect the high-level specification with the low-level library implementation to prove that a client’s requirements are satisfied. Significantly, we can reason about program and library correctness without breaking abstraction boundaries.

To achieve this, we use a program logic called iCAP (impredicative Concurrent Abstract Predicates) based on separation logic. iCAP supports both high-level abstraction and low-level reasoning about races. We use this to show that our high-level channel specification abstracts three different, increasingly complex low-level implementations of the library. iCAP’s support for higher-order reasoning lets us prove that sequential dependencies are respected, while iCAP’s next-generation semantic model lets us avoid ugly problems with cyclic dependencies.

References

  1. C. J. Bell, A. Appel, and D. Walker. 2009. Concurrent separation logic for pipelined parallelization. In SAS. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. E. D. Berger, T. Yang, T. Liu, and G. Novark. 2010. Grace: Safe multithreaded programming for C/C++. In OOPSLA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. L. Birkedal, R. E. Møgelberg, J. Schwinghammer, and K. Støvring. 2012. First steps in synthetic guarded domain theory: Step-indexing in the topos of trees. Logical Methods in Computer Science 8, 4 (2012).Google ScholarGoogle Scholar
  4. R. L. Bocchino Jr., V. S. Adve, D. Dig, S. V. Adve, S. Heumann, R. Komuravelli, J. Overbey, P. Simmons, H. Sung, and M. Vakilian. 2009. A type and effect system for deterministic parallel Java. In OOPSLA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. R. Bornat, C. Calcagno, P. O’Hearn, and M. Parkinson. 2005. Permission accounting in separation logic. In POPL. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. M. Botinčan, M. Dodds, and S. Jagannathan. 2013. Resource-sensitive synchronization inference by abduction. TOPLAS 32, 2 (2013).Google ScholarGoogle Scholar
  7. P. da Rocha Pinto, T. Dinsdale-Young, M. Dodds, P. Gardner, and M. Wheelhouse. 2011. A simple abstraction for complex concurrent indexes. In OOPSLA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. P. da Rocha Pinto, T. Dinsdale-Young, and P. Gardner. 2014. TaDA: A logic for time and data abstraction. In ECOOP.Google ScholarGoogle Scholar
  9. T. Dinsdale-Young, M. Dodds, P. Gardner, M. J. Parkinson, and V. Vafeiadis. 2010. Concurrent abstract predicates. In ECOOP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. M. Dodds, X. Feng, M. J. Parkinson, and V. Vafeiadis. 2009. Deny-guarantee reasoning. In ESOP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. M. Dodds, S. Jagannathan, and M. J. Parkinson. 2011. Modular reasoning for deterministic parallelism. In POPL. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. X. Feng, R. Ferreira, and Z. Shao. 2007. On the relationship between concurrent separation logic and assume-guarantee reasoning. In ESOP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. A. Gotsman, J. Berdine, B. Cook, N. Rinetzky, and M. Sagiv. 2007. Local reasoning for storable locks and threads. In APLAS. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. C. Haack, M. Huisman, and C. Hurlin. 2008. Reasoning about Java’s reentrant locks. In APLAS. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. C. A. R. Hoare and P. W. O’Hearn. 2008. Separation logic semantics for communicating processes. ENTCS 212 (2008), 3--25. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. A. Hobor, A. W. Appel, and F. Z. Nardelli. 2008. Oracle semantics for concurrent separation logic. In ESOP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. B. Jacobs and F. Piessens. 2009. Modular Full Functional Specification and Verification of Lock-Free Data Structures. Technical Report CW 551. Katholieke Universiteit Leuven, Dept. of Computer Science.Google ScholarGoogle Scholar
  18. C. B. Jones. 1983. Tentative steps toward a development method for interfering programs. TOPLAS 5, 4 (1983). Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. N. R. Krishnaswami, L. Birkedal, and J. Aldrich. 2010. Verifying event-driven programs using ramified frame properties. In TLDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. K. R. M. Leino, P. Müller, and J. Smans. 2010. Deadlock-free channels and locks. In ESOP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. A. Nanevski, R. Ley-Wild, I. Sergey, and G. A. Delbianco. 2014. Communicating state transition systems for fine-grained concurrent resources. In ESOP.Google ScholarGoogle Scholar
  22. A. Navabi, X. Zhang, and S. Jagannathan. 2008. Quasi-static scheduling for safe futures. In PPoPP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. P. W. O’Hearn. 2007. Resources, concurrency and local reasoning. TCS 375, 1--3 (2007). Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. M. J. Parkinson and G. M. Bierman. 2005. Separation logic and abstraction. In POPL. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. M. C. Rinard and M. S. Lam. 1992. Semantic foundations of Jade. In POPL. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. K. Svendsen and L. Birkedal. 2014a. Impredicative concurrent abstract predicates. In ESOP.Google ScholarGoogle Scholar
  27. K. Svendsen and L. Birkedal. 2014b. Impredicative Concurrent Abstract Predicates. Technical Report. Aarhus University. Retrieved from https://bitbucket.org/logsem/public/src/master/icap/esop2014-tr.pdf.Google ScholarGoogle Scholar
  28. K. Svendsen, L. Birkedal, and M. J. Parkinson. 2013. Joins: A case study in modular specification of a concurrent reentrant higher-order library. In ECOOP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. A. Turon, D. Dreyer, and L. Birkedal. 2013. Unifying refinement and hoare-style reasoning in a logic for higher-order concurrency. In ICFP. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. V. Vafeiadis. 2007. Modular Fine-Grained Concurrency Verification. Ph.D. Dissertation. University of Cambridge.Google ScholarGoogle Scholar
  31. V. Vafeiadis and M. J. Parkinson. 2007. A marriage of rely/guarantee and separation logic. In CONCUR. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. J. Villard, É. Lozes, and C. Calcagno. 2010. Tracking heaps that hop with heap-hop. In TACAS. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. A. Welc, S. Jagannathan, and A. Hosking. 2005. Safe futures for Java. In OOPSLA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. J. Wickerson, M. Dodds, and M. Parkinson. 2010. Explicit stabilisation for modular rely-guarantee reasoning. In ESOP. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Verifying Custom Synchronization Constructs Using Higher-Order Separation Logic

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Programming Languages and Systems
          ACM Transactions on Programming Languages and Systems  Volume 38, Issue 2
          January 2016
          212 pages
          ISSN:0164-0925
          EISSN:1558-4593
          DOI:10.1145/2866613
          Issue’s Table of Contents

          Copyright © 2016 Owner/Author

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 4 January 2016
          • Revised: 1 August 2015
          • Accepted: 1 August 2015
          • Received: 1 August 2014
          Published in toplas Volume 38, Issue 2

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!