RustBelt: Securing the foundations of the Rust programming language
Rust is a new systems programming language that promises to overcome the seemingly
fundamental tradeoff between high-level safety guarantees and low-level control over …
fundamental tradeoff between high-level safety guarantees and low-level control over …
Iris from the ground up: A modular foundation for higher-order concurrent separation logic
Iris is a framework for higher-order concurrent separation logic, which has been
implemented in the Coq proof assistant and deployed very effectively in a wide variety of …
implemented in the Coq proof assistant and deployed very effectively in a wide variety of …
'Cause I'm strong enough: Reasoning about consistency choices in distributed systems
Large-scale distributed systems often rely on replicated databases that allow a programmer
to request different data consistency guarantees for different operations, and thereby control …
to request different data consistency guarantees for different operations, and thereby control …
Concurrent abstract predicates
Abstraction is key to understanding and reasoning about large computer systems.
Abstraction is simple to achieve if the relevant data structures are disjoint, but rather difficult …
Abstraction is simple to achieve if the relevant data structures are disjoint, but rather difficult …
The essence of higher-order concurrent separation logic
Concurrent separation logics (CSLs) have come of age, and with age they have
accumulated a great deal of complexity. Previous work on the Iris logic attempted to reduce …
accumulated a great deal of complexity. Previous work on the Iris logic attempted to reduce …
TaDA: A logic for time and data abstraction
P da Rocha Pinto, T Dinsdale-Young… - ECOOP 2014–Object …, 2014 - Springer
To avoid data races, concurrent operations should either be at distinct times or on distinct
data. Atomicity is the abstraction that an operation takes effect at a single, discrete instant in …
data. Atomicity is the abstraction that an operation takes effect at a single, discrete instant in …
Views: compositional reasoning for concurrent programs
Compositional abstractions underly many reasoning principles for concurrent programs: the
concurrent environment is abstracted in order to reason about a thread in isolation; and …
concurrent environment is abstracted in order to reason about a thread in isolation; and …
GPS: Navigating weak memory with ghosts, protocols, and separation
Weak memory models formalize the inconsistent behaviors that one can expect to observe
in multithreaded programs running on modern hardware. In so doing, however, they …
in multithreaded programs running on modern hardware. In so doing, however, they …
Deny capabilities for safe, fast actors
S Clebsch, S Drossopoulou, S Blessing… - Proceedings of the 5th …, 2015 - dl.acm.org
Combining the actor-model with shared memory for performance is efficient but can
introduce data-races. Existing approaches to static data-race freedom are based on …
introduce data-races. Existing approaches to static data-race freedom are based on …
Diaframe: automated verification of fine-grained concurrent programs in Iris
Fine-grained concurrent programs are difficult to get right, yet play an important role in
modern-day computers. We want to prove strong specifications of such programs, with …
modern-day computers. We want to prove strong specifications of such programs, with …