• Publications
  • Influence
Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning
We present Iris, a concurrent separation logic with a simple premise: monoids and invariants are all you need. Partial commutative monoids enable us to express---and invariants enable us toExpand
  • 178
  • 27
  • Open Access
State-dependent representation independence
Mitchell's notion of representation independence is a particularly useful application of Reynolds' relational parametricity -- two different implementations of an abstract data type can be shownExpand
  • 178
  • 16
  • Open Access
Repairing sequential consistency in C/C++11
The C/C++11 memory model defines the semantics of concurrent memory accesses in C/C++, and in particular supports racy "atomic" accesses at a range of different consistency levels, from very weakExpand
  • 87
  • 16
  • Open Access
A promising semantics for relaxed-memory concurrency
Despite many years of research, it has proven very difficult to develop a memory model for concurrent programming languages that adequately balances the conflicting desiderata of programmers,Expand
  • 77
  • 14
  • Open Access
Iris from the ground up: A modular foundation for higher-order concurrent separation logic
Iris is a framework for higher-order concurrent separation logic, which has been implemented in the Coq proof assistant and deployed very effectively in a wide variety of verification projects. IrisExpand
  • 85
  • 13
  • Open Access
Lightweight verification of separate compilation
Major compiler verification efforts, such as the CompCert project, have traditionally simplified the verification problem by restricting attention to the correctness of whole-program compilation,Expand
  • 35
  • 12
  • Open Access
The impact of higher-order state and control effects on local relational reasoning
Reasoning about program equivalence is one of the oldest problems in semantics. In recent years, useful techniques have been developed, based on bisimulations and logical relations, for reasoningExpand
  • 115
  • 11
Unifying refinement and hoare-style reasoning in a logic for higher-order concurrency
Modular programming and modular verification go hand in hand, but most existing logics for concurrency ignore two crucial forms of modularity: *higher-order functions*, which are essential forExpand
  • 120
  • 10
  • Open Access
RustBelt: securing the foundations of the rust programming language
Rust is a new systems programming language that promises to overcome the seemingly fundamental tradeoff between high-level safety guarantees and low-level control over resource management.Expand
  • 90
  • 10
  • Open Access
Pilsner: a compositionally verified compiler for a higher-order imperative language
Compiler verification is essential for the construction of fully verified software, but most prior work (such as CompCert) has focused on verifying whole-program compilers. To support separateExpand
  • 61
  • 10
  • Open Access