Affiliation:
1. MPI-SWS, Germany
2. LRI, France / CNRS, France / University of Paris-Saclay, France
Abstract
The Rust programming language supports safe systems programming by means of a strong ownership-tracking type system. In their prior work on RustBelt, Jung et al. began the task of setting Rust’s safety claims on a more rigorous formal foundation. Specifically, they used Iris, a Coq-based separation logic framework, to build a machine-checked proof of semantic soundness for a λ-calculus model of Rust, as well as for a number of widely-used Rust libraries that internally employ unsafe language features. However, they also made the significant simplifying assumption that the language is sequentially consistent. In this paper, we adapt RustBelt to account for the relaxed-memory operations that concurrent Rust libraries actually use, in the process uncovering a data race in the Arc library. We focus on the most interesting technical problem: how to reason about
resource reclamation under relaxed memory
, using a logical construction we call
synchronized ghost state
.
Funder
Horizon 2020 Framework Programme
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,Software
Cited by
46 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Taming shared mutable states of operating systems in Rust;Science of Computer Programming;2024-12
2. Unifying Weak Memory Verification Using Potentials;Lecture Notes in Computer Science;2024-09-11
3. A Logical Approach to Type Soundness;Journal of the ACM;2024-07-10
4. A Proof Recipe for Linearizability in Relaxed Memory Separation Logic;Proceedings of the ACM on Programming Languages;2024-06-20
5. When Is Parallelism Fearless and Zero-Cost with Rust?;Proceedings of the 36th ACM Symposium on Parallelism in Algorithms and Architectures;2024-06-17