Rely-Guarantee Reasoning for Causally Consistent Shared Memory (Extended Version)

TL;DR

This paper extends rely-guarantee reasoning to causally consistent shared memory, introducing Piccolo, a new logic for reasoning about concurrent programs under this memory model.

Contribution

It generalizes rely-guarantee to any memory model and develops Piccolo, the first logic for causally consistent memory using a novel assertion language.

Findings

Successfully reasoned about litmus tests under causal consistency.

Adapted Peterson's algorithm for mutual exclusion in causally consistent memory.

Demonstrated the applicability of Piccolo to real concurrent algorithms.

Abstract

Rely-guarantee (RG) is a highly influential compositional proof technique for concurrent programs, which was originally developed assuming a sequentially consistent shared memory. In this paper, we first generalize RG to make it parametric with respect to the underlying memory model by introducing an RG framework that is applicable to any model axiomatically characterized by Hoare triples. Second, we instantiate this framework for reasoning about concurrent programs under causally consistent memory, which is formulated using a recently proposed potential-based operational semantics, thereby providing the first reasoning technique for such semantics. The proposed program logic, which we call Piccolo, employs a novel assertion language allowing one to specify ordered sequences of states that each thread may reach. We employ Piccolo for multiple litmus tests, as well as for an adaptation of Peterson's algorithm for mutual exclusion to causally consistent memory.