TaDA Live: Compositional Reasoning for Termination of Fine-grained Concurrent Programs

TL;DR

TaDA Live introduces a compositional logic for reasoning about termination in fine-grained concurrent programs, effectively handling blocking behaviors like busy-waiting through novel specifications and semantic models.

Contribution

It presents a new logic with layered subjective obligations to reason about termination and blocking in concurrent programs without breaking abstraction boundaries.

Findings

Designed abstract specifications capturing blocking as liveness assumptions

Developed a semantic model with layered subjective obligations

Validated approach through several case studies

Abstract

We present TaDA Live, a concurrent separation logic for reasoning compositionally about the termination of blocking fine-grained concurrent programs. The crucial challenge is how to deal with abstract atomic blocking: that is, abstract atomic operations that have blocking behaviour arising from busy-waiting patterns as found in, for example, fine-grained spin locks. Our fundamental innovation is with the design of abstract specifications that capture this blocking behaviour as liveness assumptions on the environment. We design a logic that can reason about the termination of clients which use such operations without breaking their abstraction boundaries, and the correctness of the implementations of the operations with respect to their abstract specifications. We introduce a novel semantic model using layered subjective obligations to express liveness invariants, and a proof system that is sound with respect to the model. The subtlety of our specifications and reasoning is illustrated using several case studies.