Concurrent Separation Logic with Weak Updates

Concurrent Separation Logic (CSL) provides a simple but powerful technique for reasoning about shared-memory concurrent programs. Unfortunately, CSL and separation logic can only support “strong updates,” where mutation to a memory location is safe only if there is a strong memory separation. This severely limits the applicability of CSL since most statically typed languages (e.g., ML, Java, C#) support only “weak updates,” where there is a single global “memory typing” context (which should not be separated) to enforce typepreserving memory updates. In this paper, we attempt to develop a single framework that can support both strong and weak updates. To this end, we present a semantic model of weak updates and then incorporate it into CSL. Our model treats a specification of weakupdate memory as a recursively defined predicate and takes the fixed point of the predicate as the global memory-typing context. We show how this model can be smoothly incorporated into CSL by lifting memory assertions and separating conjunction to parametrize over the memory-typing context. Our extension of CSL is significant since it is the first program logic that can successfully support modular verification of concurrent programs with general ML-style mutable references.