skip to main content

Simuliris: a separation logic framework for verifying concurrent program optimizations

Published:12 January 2022Publication History
Skip Abstract Section

Abstract

Today’s compilers employ a variety of non-trivial optimizations to achieve good performance. One key trick compilers use to justify transformations of concurrent programs is to assume that the source program has no data races: if it does, they cause the program to have undefined behavior (UB) and give the compiler free rein. However, verifying correctness of optimizations that exploit this assumption is a non-trivial problem. In particular, prior work either has not proven that such optimizations preserve program termination (particularly non-obvious when considering optimizations that move instructions out of loop bodies), or has treated all synchronization operations as external functions (losing the ability to reorder instructions around them).

In this work we present Simuliris, the first simulation technique to establish termination preservation (under a fair scheduler) for a range of concurrent program transformations that exploit UB in the source language. Simuliris is based on the idea of using ownership to reason modularly about the assumptions the compiler makes about programs with well-defined behavior. This brings the benefits of concurrent separation logics to the space of verifying program transformations: we can combine powerful reasoning techniques such as framing and coinduction to perform thread-local proofs of non-trivial concurrent program optimizations. Simuliris is built on a (non-step-indexed) variant of the Coq-based Iris framework, and is thus not tied to a particular language. In addition to demonstrating the effectiveness of Simuliris on standard compiler optimizations involving data race UB, we also instantiate it with Jung et al.’s Stacked Borrows semantics for Rust and generalize their proofs of interesting type-based aliasing optimizations to account for concurrency.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

This is a short teaser video for our talk at POPL 2022 on our paper "Simuliris: A Separation Logic Framework for Verifying Concurrent Program Optimizations".

References

  1. Andrew W. Appel and David A. McAllester. 2001. An indexed model of recursive types for foundational proof-carrying code. TOPLAS, 23, 5 (2001), 657–683. https://doi.org/10.1145/504709.504712 Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Nick Benton. 2004. Simple relational correctness proofs for static analyses and program transformations. In POPL. 14–25. https://doi.org/10.1145/964001.964003 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Lennart Beringer, Gordon Stewart, Robert Dockins, and Andrew W. Appel. 2014. Verified Compilation for Shared-Memory C. In ESOP (LNCS, Vol. 8410). 107–127. https://doi.org/10.1007/978-3-642-54833-8_7 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Richard Bornat, Cristiano Calcagno, Peter W. O’Hearn, and Matthew J. Parkinson. 2005. Permission accounting in separation logic. In POPL. 259–270. https://doi.org/10.1145/1040305.1040327 Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. John Boyland. 2003. Checking Interference with Fractional Permissions. In Static Analysis. 55–72.Google ScholarGoogle Scholar
  6. Santiago Cuellar. 2020. Concurrent Permission Machine for modular proofs of optimizing compilers with shared memory concurrency. Ph.D. Dissertation. Princeton University, New Jersey, USA. https://dataspace.princeton.edu/handle/88435/dsp01qr46r378dGoogle ScholarGoogle Scholar
  7. Dan Frumin, Robbert Krebbers, and Lars Birkedal. 2018. ReLoC: A Mechanised Relational Logic for Fine-Grained Concurrency. In LICS. 442–451. https://doi.org/10.1145/3209108.3209174 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Ronghui Gu, Jérémie Koenig, Tahina Ramananandro, Zhong Shao, Xiongnan (Newman) Wu, Shu-Chun Weng, Haozhong Zhang, and Yu Guo. 2015. Deep Specifications and Certified Abstraction Layers. In POPL. 595–608. https://doi.org/10.1145/2676726.2676975 Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Ronghui Gu, Zhong Shao, Jieung Kim, Xiongnan (Newman) Wu, Jérémie Koenig, Vilhelm Sjöberg, Hao Chen, David Costanzo, and Tahina Ramananandro. 2018. Certified concurrent abstraction layers. In PLDI. 646–661. https://doi.org/10.1145/3192366.3192381 Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Lennard Gäher, Michael Sammler, Simon Spies, Ralf Jung, Hoang(-)Hai Dang, Robbert Krebbers, Jeehoon Kang, and Derek Dreyer. 2022. Simuliris: Technical Documentation and Coq Development. https://doi.org/10.5281/zenodo.5667545 Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Chung-Kil Hur, Derek Dreyer, Georg Neis, and Viktor Vafeiadis. 2012. The marriage of bisimulations and Kripke logical relations. In POPL. 59–72. https://doi.org/10.1145/2103656.2103666 Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Chung-Kil Hur, Georg Neis, Derek Dreyer, and Viktor Vafeiadis. 2013. The power of parameterization in coinductive proof. In POPL. 193–206. https://doi.org/10.1145/2429069.2429093 Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Hanru Jiang, Hongjin Liang, Siyang Xiao, Junpeng Zha, and Xinyu Feng. 2019. Towards certified separate compilation for concurrent programs. In PLDI. 111–125. https://doi.org/10.1145/3314221.3314595 Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Ralf Jung. 2020. Understanding and evolving the Rust programming language. Ph.D. Dissertation. Universität des Saarlandes, Saarbrücken, Germany. https://publikationen.sulb.uni-saarland.de/handle/20.500.11880/29647Google ScholarGoogle Scholar
  15. Ralf Jung, Hoang-Hai Dang, Jeehoon Kang, and Derek Dreyer. 2020. Stacked borrows: an aliasing model for Rust. Proc. ACM Program. Lang., 4, POPL (2020), 41:1–41:32. https://doi.org/10.1145/3371109 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2018. RustBelt: Securing the foundations of the Rust programming language. Proc. ACM Program. Lang., 2, POPL (2018), 66:1–66:34. https://doi.org/10.1145/3158154 Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Ralf Jung, Robbert Krebbers, Lars Birkedal, and Derek Dreyer. 2016. Higher-order ghost state. In ICFP. 256–269. https://doi.org/10.1145/2951913.2951943 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Ralf Jung, Robbert Krebbers, Jacques-Henri Jourdan, Ales Bizjak, Lars Birkedal, and Derek Dreyer. 2018. Iris from the ground up: A modular foundation for higher-order concurrent separation logic. J. Funct. Program., 28 (2018), e20. https://doi.org/10.1017/S0956796818000151 Google ScholarGoogle ScholarCross RefCross Ref
  19. Ralf Jung, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Lars Birkedal, and Derek Dreyer. 2015. Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning. In POPL. 637–650. https://doi.org/10.1145/2676726.2676980 Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Jeehoon Kang, Chung-Kil Hur, Ori Lahav, Viktor Vafeiadis, and Derek Dreyer. 2017. A promising semantics for relaxed-memory concurrency. In POPL. 175–189. https://doi.org/10.1145/3009837.3009850 Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Jeehoon Kang, Chung-Kil Hur, William Mansky, Dmitri Garbuzov, Steve Zdancewic, and Viktor Vafeiadis. 2015. A formal C memory model supporting integer-pointer casts. In PLDI. 326–335. https://doi.org/10.1145/2737924.2738005 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Robbert Krebbers, Jacques-Henri Jourdan, Ralf Jung, Joseph Tassarotti, Jan-Oliver Kaiser, Amin Timany, Arthur Charguéraud, and Derek Dreyer. 2018. MoSeL: A general, extensible modal framework for interactive proofs in separation logic. Proc. ACM Program. Lang., 2, ICFP (2018), 77:1–77:30. https://doi.org/10.1145/3236772 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Robbert Krebbers, Ralf Jung, Ales Bizjak, Jacques-Henri Jourdan, Derek Dreyer, and Lars Birkedal. 2017. The Essence of Higher-Order Concurrent Separation Logic. In ESOP (LNCS, Vol. 10201). 696–723. https://doi.org/10.1007/978-3-662-54434-1_26 Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Robbert Krebbers, Amin Timany, and Lars Birkedal. 2017. Interactive proofs in higher-order concurrent separation logic. In POPL. 205–217. https://doi.org/10.1145/3009837.3009855 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Ramana Kumar, Magnus O. Myreen, Michael Norrish, and Scott Owens. 2014. CakeML: a verified implementation of ML. In POPL. 179–192. https://doi.org/10.1145/2535838.2535841 Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Juneyoung Lee, Yoonseung Kim, Youngju Song, Chung-Kil Hur, Sanjoy Das, David Majnemer, John Regehr, and Nuno P. Lopes. 2017. Taming undefined behavior in LLVM. In PLDI. 633–647. https://doi.org/10.1145/3062341.3062343 Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. D. Lehmann, A. Pnueli, and J. Stavi. 1981. Impartiality, justice and fairness: The ethics of concurrent termination. In Automata, Languages and Programming. 264–277. isbn:978-3-540-38745-9 https://doi.org/10.1007/3-540-10843-2_22 Google ScholarGoogle ScholarCross RefCross Ref
  28. Xavier Leroy. 2006. Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In POPL. 42–54. https://doi.org/10.1145/1111037.1111042 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Xavier Leroy. 2009. Formal verification of a realistic compiler. Commun. ACM, 52, 7 (2009), 107–115. https://doi.org/10.1145/1538788.1538814 Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Hongjin Liang and Xinyu Feng. 2016. A program logic for concurrent objects under fair scheduling. In POPL. 385–399. https://doi.org/10.1145/2837614.2837635 Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Hongjin Liang and Xinyu Feng. 2018. Progress of concurrent objects with partial methods. PACMPL, 2, POPL (2018), 20:1–20:31. https://doi.org/10.1145/3158108 Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Hongjin Liang, Xinyu Feng, and Zhong Shao. 2014. Compositional verification of termination-preserving refinement of concurrent programs. In CSL-LICS. 65:1–65:10. https://doi.org/10.1145/2603088.2603123 Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Robin Morisset, Pankaj Pawan, and Francesco Zappa Nardelli. 2013. Compiler testing via a theory of sound optimisations in the C11/C++11 memory model. In PLDI. 187–196. https://doi.org/10.1145/2491956.2491967 Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Peter W. O’Hearn and David J. Pym. 1999. The Logic of Bunched Implications. Bulletin of Symbolic Logic, 5 (1999), 215–244. https://doi.org/10.2307/421090 Google ScholarGoogle ScholarCross RefCross Ref
  35. Michael Sammler, Rodolphe Lepigre, Robbert Krebbers, Kayvan Memarian, Derek Dreyer, and Deepak Garg. 2021. RefinedC: Automating the Foundational Verification of C Code with Refined Ownership Types. In PLDI. 158–174. https://doi.org/10.1145/3453483.3454036 Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Simon Spies, Lennard Gäher, Daniel Gratzer, Joseph Tassarotti, Robbert Krebbers, Derek Dreyer, and Lars Birkedal. 2021. Transfinite Iris: Resolving an Existential Dilemma of Step-Indexed Separation Logic. In PLDI. https://doi.org/10.1145/3453483.3454031 Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Gordon Stewart, Lennart Beringer, Santiago Cuellar, and Andrew W. Appel. 2015. Compositional CompCert. In POPL. 275–287. https://doi.org/10.1145/2676726.2676985 Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Kasper Svendsen and Lars Birkedal. 2014. Impredicative Concurrent Abstract Predicates. In ESOP (LNCS, Vol. 8410). 149–168. https://doi.org/10.1007/978-3-642-54833-8_9 Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Joseph Tassarotti, Ralf Jung, and Robert Harper. 2017. A Higher-Order Logic for Concurrent Termination-Preserving Refinement. In ESOP (LNCS, Vol. 10201). 909–936. https://doi.org/10.1007/978-3-662-54434-1_34 Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Viktor Vafeiadis, Thibaut Balabonski, Soham Chakraborty, Robin Morisset, and Francesco Zappa Nardelli. 2015. Common Compiler Optimisations are Invalid in the C11 Memory Model and what we can do about it. In POPL. 209–220. https://doi.org/10.1145/2676726.2676995 Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Jaroslav Ševčík, Viktor Vafeiadis, Francesco Zappa Nardelli, Suresh Jagannathan, and Peter Sewell. 2013. CompCertTSO: A Verified Compiler for Relaxed-Memory Concurrency. J. ACM, 60, 3 (2013), https://doi.org/10.1145/2487241.2487248 Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Li-yao Xia, Yannick Zakowski, Paul He, Chung-Kil Hur, Gregory Malecha, Benjamin C. Pierce, and Steve Zdancewic. 2020. Interaction trees: representing recursive and impure programs in Coq. Proc. ACM Program. Lang., 4, POPL (2020), 51:1–51:32. https://doi.org/10.1145/3371119 Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Hongseok Yang. 2007. Relational Separation Logic. TCS, 375, 1–3 (2007), 308–334. https://doi.org/10.1016/j.tcs.2006.12.036 Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Jaroslav Ševčík. 2009. Program transformations in weak memory models. Ph.D. Dissertation. University of Edinburgh, UK. http://hdl.handle.net/1842/3132Google ScholarGoogle Scholar
  45. Jaroslav Ševčík. 2011. Safe optimisations for shared-memory concurrent programs. In PLDI. 306–316. https://doi.org/10.1145/1993498.1993534 Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Simuliris: a separation logic framework for verifying concurrent program optimizations

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!