Program Verification Under Weak Memory Consistency Using Separation Logic
نویسنده
چکیده
The semantics of concurrent programs is now defined by a weak memory model, determined either by the programming language (e.g., in the case of C/C++11 or Java) or by the hardware architecture (e.g., for assembly and legacy C code). Since most work in concurrent software verification has been developed prior to weak memory consistency, it is natural to ask how these models affect formal reasoning about concurrent programs. In this overview paper, we show that verification is indeed affected: for example, the standard Owicki-Gries method is unsound under weak memory. Further, based on concurrent separation logic, we develop a number of sound program logics for fragments of the C/C++11 memory model. We show that these logics are useful not only for verifying concurrent programs, but also for explaining the weak memory constructs of C/C++.
منابع مشابه
Automating Deductive Verification for Weak-Memory Programs
Writing correct programs for weak memory models such as the C11 memory model is challenging because of the weak consistency guarantees these models provide. The first program logics for the verification of such programs have recently been proposed, but their usage has been limited thus far to manual proofs. Automating proofs in these logics via first-order solvers is non-trivial, due to reasoni...
متن کاملSpecifying Weak Memory Consistency with Temporal Logic
Modern multiprocessors only provide weak memory consistency that deviates from the traditional sequential consistency in many unintuitive ways: In essence, the read and write operations issued by one processor might be observed by other processors in a different order than executed by the issuing processor. It is therefore strongly recommended to formally verify multithreaded systems. To this e...
متن کاملConcurrent Separation Logic with Weak Updates
Concurrent Separation Logic (CSL) provides a simple but powerful technique for reasoning about shared-memory concurrent programs. Unfortunately, CSL and separation logic can only support “strong updates,” where mutation to a memory location is safe only if there is a strong memory separation. This severely limits the applicability of CSL since most statically typed languages (e.g., ML, Java, C#...
متن کاملSoftware Verification for Weak Memory via Program Transformation
Multiprocessors implement weak memory models, but program verifiers often assume Sequential Consistency (SC), and thus may miss bugs due to weak memory. We propose a sound transformation of the program to verify, enabling SC tools to perform verification w.r.t. weak memory. We present experiments for a broad variety of models (from x86-TSO to Power) and a vast range of verification tools, quant...
متن کاملVerifying concurrent programs under weak memory models
Modern multicore processors provide weak memory models like TSO, PSO or even weaker execution semantics. These memory models – due to store bu ers – seemingly reorder program operations. Thus, they deviate from the commonly assumed sequential consistency (SC) semantics. Analysis and in particular veri cation techniques for concurrent programs consequently need to take these weak semantics into ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017