SteelCore: An Extensible Concurrent Separation Logic for Effectful Dependently Typed Programs

TL;DR

This paper develops an effectful, dependently typed semantics for concurrent separation logic within the F* proof assistant, enabling verified concurrent programming with extensible, domain-specific concurrency constructs.

Contribution

It introduces a novel semantics for CSL in effectful type theory, allowing dependently typed, effectful programs to reason about concurrency within F*.

Findings

Verified libraries for spin locks and channels

Derivation of Hoare rules from semantics

Flexible, extensible concurrency logic in F*

Abstract

Much recent research has been devoted to modeling effects within type theory. Building on this work, we observe that effectful type theories can provide a foundation on which to build semantics for more complex programming constructs and program logics, extending the reasoning principles that apply within the host effectful type theory itself. Concretely, our main contribution is a semantics for concurrent separation logic (CSL) within the F* proof assistant in a manner that enables dependently typed, effectful F* programs to make use of concurrency and to be specified and verified using a full-featured, extensible CSL. In contrast to prior approaches, we directly derive the partial-correctness Hoare rules for CSL from the denotation of computations in the effectful semantics of non-deterministically interleaved atomic actions. Demonstrating the flexibility of our semantics, we build generic, verified libraries that support various concurrency constructs, ranging from dynamically allocated, storable spin locks, to protocol-indexed channels. We conclude that our effectful semantics provides a simple yet expressive basis on which to layer domain-specific languages and logics for verified, concurrent programming.