skip to main content

Later credits: resourceful reasoning for the later modality

Published:31 August 2022Publication History
Skip Abstract Section

Abstract

In the past two decades, step-indexed logical relations and separation logics have both come to play a major role in semantics and verification research. More recently, they have been married together in the form of step-indexed separation logics like VST, iCAP, and Iris, which provide powerful tools for (among other things) building semantic models of richly typed languages like Rust. In these logics, propositions are given semantics using a step-indexed model, and step-indexed reasoning is reflected into the logic through the so-called “later” modality. On the one hand, this modality provides an elegant, high-level account of step-indexed reasoning; on the other hand, when used in sufficiently sophisticated ways, it can become a nuisance, turning perfectly natural proof strategies into dead ends.

In this work, we introduce later credits, a new technique for escaping later-modality quagmires. By leveraging the second ancestor of these logics—separation logic—later credits turn “the right to eliminate a later” into an ownable resource, which is subject to all the traditional modular reasoning principles of separation logic. We develop the theory of later credits in the context of Iris, and present several challenging examples of proofs and proof patterns which were previously not possible in Iris but are now possible due to later credits.

References

  1. Amal Ahmed. 2004. Semantics of types for mutable state. Ph. D. Dissertation. Princeton University. Google ScholarGoogle Scholar
  2. Amal Ahmed, Andrew W. Appel, Christopher D. Richards, Kedar N. Swadi, Gang Tan, and Daniel C. Wang. 2010. Semantic foundations for typed assembly languages. TOPLAS, 32, 3 (2010), 1–67. https://doi.org/10.1145/1709093.1709094 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Andrew W. Appel and David A. McAllester. 2001. An indexed model of recursive types for foundational proof-carrying code. TOPLAS, 23, 5 (2001), 657–683. https://doi.org/10.1145/504709.504712 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Andrew W. Appel, Paul-André Melliès, Christopher D. Richards, and Jérôme Vouillon. 2007. A very modal model of a modern, major, general type system. In POPL. 109–122. https://doi.org/10.1145/1190216.1190235 Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Nick Benton and Peter Buchlovsky. 2007. Semantics of an effect analysis for exceptions. In TLDI. 15–26. https://doi.org/10.1145/1190315.1190320 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Nick Benton, Andrew Kennedy, Lennart Beringer, and Martin Hofmann. 2007. Relational semantics for effect-based program transformations with dynamic allocation. In PPDP. 87–96. https://doi.org/10.1145/1273920.1273932 Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Nick Benton, Andrew Kennedy, Lennart Beringer, and Martin Hofmann. 2009. Relational semantics for effect-based program transformations: higher-order store. In PPDP. 301–312. https://doi.org/10.1145/1599410.1599447 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Nick Benton, Andrew Kennedy, Martin Hofmann, and Lennart Beringer. 2006. Reading, writing and relations. In APLAS (LNCS, Vol. 4279). 114–130. https://doi.org/10.1007/11924661_7 Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Lars Birkedal, Thomas Dinsdale-Young, Armaël Guéneau, Guilhem Jaber, Kasper Svendsen, and Nikos Tzevelekos. 2021. Theorems for free from separation logic specifications. PACMPL, 5, ICFP (2021), 1–29. https://doi.org/10.1145/3473586 Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Lars Birkedal, Bernhard Reus, Jan Schwinghammer, Kristian Støvring, Jacob Thamsborg, and Hongseok Yang. 2011. Step-indexed Kripke models over recursive worlds. In POPL. 119–132. https://doi.org/10.1145/1926385.1926401 Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Stephen Brookes. 2007. A semantics for concurrent separation logic. TCS, 375, 1-3 (2007), 227–270. https://doi.org/10.1016/j.tcs.2006.12.034 Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Alexandre Buisse, Lars Birkedal, and Kristian Støvring. 2011. Step-Indexed Kripke Model of Separation Logic for Storable Locks. In MFPS (ENTCS, Vol. 276). 121–143. https://doi.org/10.1016/j.entcs.2011.09.018 Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Qinxiang Cao, Lennart Beringer, Samuel Gruetter, Josiah Dodds, and Andrew W. Appel. 2018. VST-Floyd: A separation logic tool to verify correctness of C programs. JAR, 61, 1-4 (2018), 367–422. https://doi.org/10.1007/s10817-018-9457-5 Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Quentin Carbonneaux, Noam Zilberstein, Christoph Klee, Peter W. O’Hearn, and Francesco Zappa Nardelli. 2022. Applying formal verification to microkernel IPC at Meta. In CPP. 116–129. https://doi.org/10.1145/3497775.3503681 Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Tej Chajed, Joseph Tassarotti, M. Frans Kaashoek, and Nickolai Zeldovich. 2019. Verifying concurrent, crash-safe systems with Perennial. In SOSP. 243–258. https://doi.org/10.1145/3341301.3359632 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Soham Chakraborty, Thomas A. Henzinger, Ali Sezgin, and Viktor Vafeiadis. 2015. Aspect-oriented linearizability proofs. LMCS, 11, 1 (2015), https://doi.org/10.2168/LMCS-11(1:20)2015 Google ScholarGoogle ScholarCross RefCross Ref
  17. Pedro da Rocha Pinto, Thomas Dinsdale-Young, and Philippa Gardner. 2014. TaDA: A logic for time and data abstraction. In ECOOP (LNCS, Vol. 8586). 207–231. https://doi.org/10.1007/978-3-662-44202-9_9 Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Hoang-Hai Dang, Jacques-Henri Jourdan, Jan-Oliver Kaiser, and Derek Dreyer. 2020. RustBelt meets relaxed memory. PACMPL, 4, POPL (2020), 34:1–34:29. https://doi.org/10.1145/3371102 Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Derek Dreyer, Amal Ahmed, and Lars Birkedal. 2011. Logical Step-Indexed Logical Relations. LMCS, 7, 2:16 (2011), 1–37. https://doi.org/10.2168/LMCS-7(2:16)2011 Google ScholarGoogle ScholarCross RefCross Ref
  20. Tayfun Elmas, Shaz Qadeer, Ali Sezgin, Omer Subasi, and Serdar Tasiran. 2010. Simplifying Linearizability Proofs with Reduction and Abstraction. In TACAS (LNCS, Vol. 6015). 296–311. https://doi.org/10.1007/978-3-642-12002-2_25 Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Aymeric Fromherz, Aseem Rastogi, Nikhil Swamy, Sydney Gibson, Guido Martínez, Denis Merigoux, and Tahina Ramananandro. 2021. Steel: proof-oriented programming in a dependently typed concurrent separation logic. PACMPL, 5, ICFP, 1–30. https://doi.org/10.1145/3473590 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Dan Frumin, Robbert Krebbers, and Lars Birkedal. 2018. ReLoC: A mechanised relational logic for fine-grained concurrency. In LICS. 442–451. https://doi.org/10.1145/3209108.3209174 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Dan Frumin, Robbert Krebbers, and Lars Birkedal. 2021. ReLoC Reloaded: A Mechanized Relational Logic for Fine-Grained Concurrency and Logical Atomicity. LMCS, 17, 3 (2021), https://doi.org/10.46298/lmcs-17(3:9)2021 Google ScholarGoogle ScholarCross RefCross Ref
  24. Paolo G. Giarrusso, Léo Stefanesco, Amin Timany, Lars Birkedal, and Robbert Krebbers. 2020. Scala step-by-step: soundness for DOT with step-indexed logical relations in Iris. PACMPL, 4, ICFP (2020), 114:1–114:29. https://doi.org/10.1145/3408996 Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Maurice P. Herlihy and Jeannette M. Wing. 1990. Linearizability: a correctness condition for concurrent objects. TOPLAS, 12, 3 (1990), 463–492. https://doi.org/10.1145/78969.78972 Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Jonas Kastberg Hinrichsen, Jesper Bengtson, and Robbert Krebbers. 2020. Actris: session-type based reasoning in separation logic. PACMPL, 4, POPL (2020), 6:1–6:30. https://doi.org/10.1145/3371074 Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Jonas Kastberg Hinrichsen, Daniël Louwrink, Robbert Krebbers, and Jesper Bengtson. 2021. Machine-checked semantic session typing. In CPP. 178–198. https://doi.org/10.1145/3437992.3439914 Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Jacques-Henri Jourdan. 2021. Flexible number of logical steps per physical step. https://gitlab.mpi-sws.org/iris/iris/-/merge_requests/595 Iris merge request 595 Google ScholarGoogle Scholar
  29. Ralf Jung. 2019. Logical Atomicity in Iris: The Good, the Bad, and the Ugly. https://people.mpi-sws.org/~jung/iris/logatom-talk-2019.pdf Presented at the Iris Workshop ( Google ScholarGoogle Scholar
  30. Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2018. RustBelt: Securing the foundations of the Rust programming language. PACMPL, 2, POPL (2018), 66:1–66:34. https://doi.org/10.1145/3158154 Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Ralf Jung, Robbert Krebbers, Lars Birkedal, and Derek Dreyer. 2016. Higher-order ghost state. In ICFP. 256–269. https://doi.org/10.1145/2951913.2951943 Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Ralf Jung, Robbert Krebbers, Jacques-Henri Jourdan, Ales Bizjak, Lars Birkedal, and Derek Dreyer. 2018. Iris from the ground up: A modular foundation for higher-order concurrent separation logic. JFP, 28 (2018), e20. https://doi.org/10.1017/S0956796818000151 Google ScholarGoogle ScholarCross RefCross Ref
  33. Ralf Jung, Rodolphe Lepigre, Gaurav Parthasarathy, Marianna Rapoport, Amin Timany, Derek Dreyer, and Bart Jacobs. 2020. The future is ours: prophecy variables in separation logic. PACMPL, 4, POPL (2020), 45:1–45:32. https://doi.org/10.1145/3371113 Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Ralf Jung, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Lars Birkedal, and Derek Dreyer. 2015. Iris: Monoids and invariants as an orthogonal basis for concurrent reasoning. In POPL. 637–650. https://doi.org/10.1145/2676726.2676980 Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Artem Khyzha, Alexey Gotsman, and Matthew J. Parkinson. 2016. A Generic Logic for Proving Linearizability. In FM (LNCS, Vol. 9995). 426–443. https://doi.org/10.1007/978-3-319-48989-6_26 Google ScholarGoogle ScholarCross RefCross Ref
  36. Robbert Krebbers, Jacques-Henri Jourdan, Ralf Jung, Joseph Tassarotti, Jan-Oliver Kaiser, Amin Timany, Arthur Charguéraud, and Derek Dreyer. 2018. MoSeL: A general, extensible modal framework for interactive proofs in separation logic. PACMPL, 2, ICFP (2018), 77:1–77:30. https://doi.org/10.1145/3236772 Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Robbert Krebbers, Ralf Jung, Ales Bizjak, Jacques-Henri Jourdan, Derek Dreyer, and Lars Birkedal. 2017. The essence of higher-order concurrent separation logic. In ESOP (LNCS, Vol. 10201). 696–723. https://doi.org/10.1007/978-3-662-54434-1_26 Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Robbert Krebbers, Amin Timany, and Lars Birkedal. 2017. Interactive proofs in higher-order concurrent separation logic. In POPL. 205–217. https://doi.org/10.1145/3093333.3009855 Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Morten Krogh-Jespersen, Kasper Svendsen, and Lars Birkedal. 2017. A relational model of types-and-effects in higher-order concurrent separation logic. In POPL. 218–231. https://doi.org/10.1145/3093333.3009877 Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Morten Krogh-Jespersen, Amin Timany, Marit Edna Ohlenbusch, Simon Oddershede Gregersen, and Lars Birkedal. 2020. Aneris: A Mechanised Logic for Modular Reasoning about Distributed Systems. In ESOP (LNCS, Vol. 12075). 336–365. https://doi.org/10.1007/978-3-030-44914-8_13 Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Hongjin Liang and Xinyu Feng. 2013. Modular verification of linearizability with non-fixed linearization points. In PLDI. 459–470. https://doi.org/10.1145/2491956.2462189 Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Glen Mével, Jacques-Henri Jourdan, and François Pottier. 2019. Time credits and time receipts in Iris. In ESOP (LNCS, Vol. 11423). 3–29. https://doi.org/10.1007/978-3-030-17184-1_1 Google ScholarGoogle ScholarCross RefCross Ref
  43. Aleksandar Nanevski, Anindya Banerjee, Germán Andrés Delbianco, and Ignacio Fábregas. 2019. Specifying concurrent programs in separation logic: morphisms and simulations. PACMPL, 3, OOPSLA (2019), 161:1–161:30. https://doi.org/10.1145/3360587 Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Peter W. O’Hearn. 2007. Resources, concurrency, and local reasoning. TCS, 375, 1-3 (2007), 271–307. https://doi.org/10.1016/j.tcs.2006.12.035 Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Peter W. O’Hearn, John C. Reynolds, and Hongseok Yang. 2001. Local reasoning about programs that alter data structures. In CSL (LNCS, Vol. 2142). 1–19. https://doi.org/10.1007/3-540-44802-0_1 Google ScholarGoogle ScholarCross RefCross Ref
  46. John C. Reynolds. 2002. Separation logic: A logic for shared mutable data structures. In LICS. 55–74. https://doi.org/10.1109/LICS.2002.1029817 Google ScholarGoogle ScholarCross RefCross Ref
  47. Ilya Sergey, Aleksandar Nanevski, and Anindya Banerjee. 2015. Specifying and Verifying Concurrent Algorithms with Histories and Subjectivity. In ESOP (LNCS, Vol. 9032). 333–358. https://doi.org/10.1007/978-3-662-46669-8_14 Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Simon Spies, Lennard Gäher, Daniel Gratzer, Joseph Tassarotti, Robbert Krebbers, Derek Dreyer, and Lars Birkedal. 2021. Transfinite Iris: Resolving an existential dilemma of step-indexed separation logic. In PLDI. 80–95. https://doi.org/10.1145/3453483.3454031 Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Simon Spies, Lennard Gäher, Joseph Tassarotti, Ralf Jung, Robbert Rebbers, Lars Birkedal, and Derek Dreyer. 2022. Later credits Coq development and technical documentation. https://doi.org/10.5281/zenodo.6702804 Latest development at Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Kasper Svendsen and Lars Birkedal. 2014. Impredicative concurrent abstract predicates. In ESOP (LNCS, Vol. 8410). 149–168. https://doi.org/10.1007/978-3-642-54833-8_9 Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Kasper Svendsen, Filip Sieczkowski, and Lars Birkedal. 2016. Transfinite step-indexing: Decoupling concrete and logical steps. In ESOP (LNCS, Vol. 9632). 727–751. https://doi.org/10.1007/978-3-662-49498-1_28 Google ScholarGoogle ScholarCross RefCross Ref
  52. Nikhil Swamy, Aseem Rastogi, Aymeric Fromherz, Denis Merigoux, Danel Ahman, and Guido Martínez. 2020. SteelCore: an extensible concurrent separation logic for effectful dependently typed programs. PACMPL, 4, ICFP (2020), 121:1–121:30. https://doi.org/10.1145/3409003 Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Joseph Tassarotti, Ralf Jung, and Robert Harper. 2017. A higher-order logic for concurrent termination-preserving refinement. In ESOP (LNCS, Vol. 10201). 909–936. https://doi.org/10.1007/978-3-662-54434-1_34 Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. Jacob Thamsborg and Lars Birkedal. 2011. A Kripke logical relation for effect-based program transformations. In ICFP. 445–456. https://doi.org/10.1145/2034773.2034831 Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Amin Timany, Léo Stefanesco, Morten Krogh-Jespersen, and Lars Birkedal. 2018. A logical relation for monadic encapsulation of state: proving contextual equivalences in the presence of runST. PACMPL, 2, POPL (2018), 64:1–64:28. https://doi.org/10.1145/3158152 Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. Aaron Turon, Derek Dreyer, and Lars Birkedal. 2013. Unifying refinement and Hoare-style reasoning in a logic for higher-order concurrency. In ICFP. 377–390. https://doi.org/10.1145/2500365.2500600 Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. Hengchu Zhang, Wolf Honoré, Nicolas Koh, Yao Li, Yishuai Li, Li-yao Xia, Lennart Beringer, William Mansky, Benjamin C. Pierce, and Steve Zdancewic. 2021. Verifying an HTTP Key-Value Server with Interaction Trees and VST. In ITP (LIPIcs, Vol. 193). 32:1–32:19. https://doi.org/10.4230/LIPIcs.ITP.2021.32 Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Later credits: resourceful reasoning for the later modality

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!