Hostname: page-component-797576ffbb-k7d4m Total loading time: 0 Render date: 2023-12-04T03:55:41.470Z Has data issue: false Feature Flags: { "corePageComponentGetUserInfoFromSharedSession": true, "coreDisableEcommerce": false, "useRatesEcommerce": true } hasContentIssue false

Iris from the ground up: A modular foundation for higher-order concurrent separation logic

Published online by Cambridge University Press:  22 November 2018

MPI-SWS, Germany e-mails:,,
Delft University of Technology, The Netherlands e-mail:
MPI-SWS, Germany e-mails:,,
Aarhus University, Denmark e-mails:,
Aarhus University, Denmark e-mails:,
MPI-SWS, Germany e-mails:,,
Rights & Permissions [Opens in a new window]


Core share and HTML view are not possible as this article does not have html content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

Iris is a framework for higher-order concurrent separation logic, which has been implemented in the Coq proof assistant and deployed very effectively in a wide variety of verification projects. Iris was designed with the express goal of simplifying and consolidating the foundations of modern separation logics, but it has evolved over time, and the design and semantic foundations of Iris itself have yet to be fully written down and explained together properly in one place. Here, we attempt to fill this gap, presenting a reasonably complete picture of the latest version of Iris (version 3.1), from first principles and in one coherent narrative.

Regular Paper
Creative Commons
Creative Common License - CCCreative Common License - BY
This is an Open Access article, distributed under the terms of the Creative Commons Attribution licence (, which permits unrestricted re-use, distribution, and reproduction in any medium, provided the original work is properly cited.
© The Author(s) 2018. Published by Cambridge University Press


America, Pierre, & Rutten, Jan. (1989). Solving reflexive domain equations in a category of complete metric spaces. Journal of Computer and System Sciences, 39(3), 343375.CrossRefGoogle Scholar
Appel, Andrew W. (2001). Foundational proof-carrying code. Pages 247–256 of: LICS.Google Scholar
Appel, Andrew W. (ed). (2014). Program Logics for Certified Compilers. Cambridge University Press.CrossRefGoogle Scholar
Appel, Andrew W., & McAllester, David. (2001). An indexed model of recursive types for foundational proof-carrying code. TOPLAS, 23(5), 657683.CrossRefGoogle Scholar
Appel, Andrew W., Melliès, Paul-André, Richards, Christopher, & Vouillon, Jérôme. (2007). A very modal model of a modern, major, general type system. Pages 109–122 of: POPL.Google Scholar
Ashcroft, Edward A. (1975). Proving assertions about parallel programs. Journal of Computer and System Sciences, 10(1), 110135.CrossRefGoogle Scholar
Beringer, Lennart, Stewart, Gordon, Dockins, Robert, & Appel, Andrew W. (2014). Verified compilation for shared-memory C. Pages 107–127 of: ESOP. LNCS, vol. 8410.Google Scholar
Birkedal, Lars, Støvring, Kristian, & Thamsborg, Jacob. (2010). The category-theoretic solution of recursive metric-space equations. TCS, 411(47), 41024122.CrossRefGoogle Scholar
Birkedal, Lars, Møgelberg, Rasmus Ejlers, Schwinghammer, Jan, & Støvring, Kristian. (2011). First steps in synthetic guarded domain theory: step-indexing in the topos of trees. Pages 55–64 of: LICS.Google Scholar
Bizjak, Aleš, & Birkedal, Lars. (2017). On models of higher-order separation logic. MFPS.Google Scholar
Bizjak, Aleš, Gratzer, Daniel, Krebbers, Robbert, & Birkedal, Lars. (2018). Iron: Managing obligations in higher-order concurrent separation logic. Draft.Google Scholar
Bornat, Richard, Calcagno, Cristiano, O’Hearn, Peter W., & Parkinson, Matthew J. (2005). Permission accounting in separation logic. Pages 259–270 of: POPL.Google Scholar
Boyland, John. (2003). Checking interference with fractional permissions. Pages 55–72 of: SAS. LNCS, vol. 2694.Google Scholar
Brookes, Stephen. (2007). A semantics for concurrent separation logic. TCS, 375(1–3), 227270.CrossRefGoogle Scholar
Buisse, Alexandre, Birkedal, Lars, & Støvring, Kristian. (2011). Step-indexed Kripke model of separation logic for storable locks. ENTCS, 276, 121143.Google Scholar
Cao, Qinxiang, Cuellar, Santiago, & Appel, Andrew W. (2017). Bringing order to the separation logic jungle. Pages 190–211 of: APLAS. LNCS, vol. 10695.Google Scholar
Cohen, Ernie, Alkassar, Eyad, Boyarinov, Vladimir, Dahlweid, Markus, Degenbaev, Ulan, Hillebrand, Mark, Langenstein, Bruno, Leinenbach, Dirk, Moskal, Michał, Obua, Steven, Paul, Wolfgang, Pentchev, Hristo, Petrova, Elena, Santen, Thomas, Schirmer, Norbert, Schmaltz, Sabine, Schulte, Wolfram, Shadrin, Andrey, Tobies, Stephan, Tsyban, Alexandra, & Tverdyshev, Sergey. (2009). Invariants, modularity, and rights. Pages 43–55 of: PSI. LNCS, vol. 5947.Google Scholar
da Rocha Pinto, Pedro, Dinsdale-Young, Thomas, & Gardner, Philippa. (2014). TaDA: A logic for time and data abstraction. Pages 207–231 of: ECOOP. LNCS, vol. 8586.Google Scholar
Di Gianantonio, Pietro, & Miculan, Marino. (2002). A unifying approach to recursive and co-recursive definitions. Pages 148–161 of: TYPES. LNCS, vol. 2646.Google Scholar
Dijkstra, Edsger W. (1975). Guarded commands, nondeterminacy and formal derivation of programs. CACM, 18(8), 453457.CrossRefGoogle Scholar
Dinsdale-Young, Thomas, Gardner, Philippa, & Wheelhouse, Mark J. (2010a). Abstraction and refinement for local reasoning. Pages 199–215 of: VSTTE. LNCS, vol. 6217.CrossRefGoogle Scholar
Dinsdale-Young, Thomas, Dodds, Mike, Gardner, Philippa, Parkinson, Matthew J., & Vafeiadis, Viktor. (2010b). Concurrent abstract predicates. Pages 504–528 of: ECOOP. LNCS, vol. 6183.CrossRefGoogle Scholar
Dinsdale-Young, Thomas, Birkedal, Lars, Gardner, Philippa, Parkinson, Matthew J., & Yang, Hongseok. (2013). Views: Compositional reasoning for concurrent programs. Pages 287–300 of: POPL.Google Scholar
Dockins, Robert, Hobor, Aquinas, & Appel, Andrew W. (2009). A fresh look at separation algebras and share accounting. Pages 161–177 of: APLAS. LNCS, vol. 5904.Google Scholar
Dodds, Mike, Feng, Xinyu, Parkinson, Matthew J., & Vafeiadis, Viktor. (2009). Deny-guarantee reasoning. Pages 363–377 of: ESOP. LNCS, vol. 5502.Google Scholar
Dodds, Mike, Jagannathan, Suresh, Parkinson, Matthew J., Svendsen, Kasper, & Birkedal, Lars. (2016). Verifying custom synchronization constructs using higher-order separation logic. TOPLAS, 38(2), 4:14:72.CrossRefGoogle Scholar
Dreyer, Derek, Neis, Georg, Rossberg, Andreas, & Birkedal, Lars. (2010). A relational modal logic for higher-order stateful ADTs. Pages 185–198 of: POPL.Google Scholar
Feng, Xinyu. (2009). Local rely-guarantee reasoning. Pages 315–327 of: POPL.Google Scholar
Feng, Xinyu, Ferreira, Rodrigo, & Shao, Zhong. (2007). On the relationship between concurrent separation logic and assume-guarantee reasoning. Pages 173–188 of: ESOP. LNCS, vol. 4421.Google Scholar
Frumin, Dan, Krebbers, Robbert, & Birkedal, Lars. (2018). ReLoC: A mechanised relational logic for fine-grained concurrency. Pages 442–451 of: LICS.Google Scholar
Fu, Ming, Li, Yong, Feng, Xinyu, Shao, Zhong, & Zhang, Yu. (2010). Reasoning about optimistic concurrency using a program logic for history. Pages 388–402 of: CONCUR. LNCS, vol. 6269.Google Scholar
Garillot, François, Gonthier, Georges, Mahboubi, Assia, & Rideau, Laurence. (2009). Packaging mathematical structures. Pages 327–342 of: TPHOLs. LNCS, vol. 5674.Google Scholar
Gotsman, Alexey, Berdine, Josh, Cook, Byron, Rinetzky, Noam, & Sagiv, Mooly. (2007). Local reasoning about storable locks and threads. Pages 19–37 of: APLAS. LNCS, vol. 4807.Google Scholar
Hobor, Aquinas, Appel, Andrew W., & Zappa Nardelli, Francesco. (2008). Oracle semantics for concurrent separation logic. Pages 353–367 of: ESOP. LNCS, vol. 4960.Google Scholar
Hobor, Aquinas, Dockins, Robert, & Appel, Andrew W. (2010). A theory of indirection via approximation. Pages 171–184 of: POPL.Google Scholar
Iris Team. (2017). The Iris documentation and Coq development. Available on the Iris project website at: Scholar
Ishtiaq, Samin S., & O’Hearn, Peter W. (2001). BI as an assertion language for mutable data structures. Pages 14–26 of: POPL.Google Scholar
Jensen, Jonas Braband, & Birkedal, Lars. (2012). Fictional separation logic. Pages 377–396 of: ESOP. LNCS, vol. 7211.Google Scholar
Jung, Ralf, Swasey, David, Sieczkowski, Filip, Svendsen, Kasper, Turon, Aaron, Birkedal, Lars, & Dreyer, Derek. (2015). Iris: Monoids and invariants as an orthogonal basis for concurrent reasoning. Pages 637–650 of: POPL.Google Scholar
Jung, Ralf, Krebbers, Robbert, Birkedal, Lars, & Dreyer, Derek. (2016). Higher-order ghost state. Pages 256–269 of: ICFP.Google Scholar
Jung, Ralf, Jourdan, Jacques-Henri, Krebbers, Robbert, & Dreyer, Derek. (2018). RustBelt: Securing the foundations of the Rust programming language. PACMPL, 2(POPL), 66:166:34.Google Scholar
Kaiser, Jan-Oliver, Dang, Hoang-Hai, Dreyer, Derek, Lahav, Ori, & Vafeiadis, Viktor. (2017). Strong logic for weak memory: Reasoning about release-acquire consistency in Iris. Pages 17:1–17:29 of: ECOOP. LIPIcs, vol. 74.Google Scholar
Kock, Anders. (1970). Monads on symmetric monoidal closed categories. Archiv der Mathematik, 21(1), 110.CrossRefGoogle Scholar
Kock, Anders. (1972). Strong functors and monoidal monads. Archiv der Mathematik, 23(1), 113120.CrossRefGoogle Scholar
Krebbers, Robbert, Jung, Ralf, Bizjak, Aleš, Jourdan, Jacques-Henri, Dreyer, Derek, & Birkedal, Lars. (2017a). The essence of higher-order concurrent separation logic. Pages 696–723 of: ESOP. LNCS, vol. 10201.CrossRefGoogle Scholar
Krebbers, Robbert, Timany, Amin, & Birkedal, Lars. (2017b). Interactive proofs in higher-order concurrent separation logic. Pages 205–217 of: POPL.CrossRefGoogle Scholar
Krebbers, Robbert, Jourdan, Jacques-Henri, Jung, Ralf, Tassarotti, Joseph, Kaiser, Jan-Oliver, Timany, Amin, Charguéraud, Arthur, & Dreyer, Derek. (2018). MoSeL: A general, extensible modal framework for interactive proofs in separation logic. PACMPL, 2(ICFP), 77:116:30.Google Scholar
Kripke, Saul A. (1965). Semantical analysis of intuitionistic logic I. Formal systems and recursive functions, 92–130.CrossRefGoogle Scholar
Krishnaswami, Neelakantan R., Turon, Aaron, Dreyer, Derek, & Garg, Deepak. (2012). Superficially substructural types. Pages 41–54 of: ICFP.Google Scholar
Krogh-Jespersen, Morten, Svendsen, Kasper, & Birkedal, Lars. (2017). A relational model of types-and-effects in higher-order concurrent separation logic. Pages 218–231 of: POPL.Google Scholar
Leino, K. Rustan, M. (2010). Dafny: An automatic program verifier for functional correctness. Pages 348–370 of: LPAR. LNCS, vol. 6355.Google Scholar
Leino, K. Rustan, M., Müller, Peter, & Smans, Jan. (2009). Verification of concurrent programs with Chalice. Pages 195–222 of: FOSAD. LNCS, vol. 5705.Google Scholar
Ley-Wild, Ruy, & Nanevski, Aleksandar. (2013). Subjective auxiliary state for coarse-grained concurrency. Pages 561–574 of: POPL.Google Scholar
Müller, Peter, Schwerhoff, Malte, & Summers, Alexander J. (2016). Viper: A verification infrastructure for permission-based reasoning. Pages 41–62 of: VMCAI. LNCS, vol. 9583.Google Scholar
Nakano, Hiroshi. (2000). A modality for recursion. Pages 255–266 of: LICS.Google Scholar
Nanevski, Aleksandar, Ley-Wild, Ruy, Sergey, Ilya, & Delbianco, Germán Andrés. (2014). Communicating state transition systems for fine-grained concurrent resources. Pages 290–310 of: ESOP. LNCS, vol. 8410.Google Scholar
O’Hearn, Peter W. (2007). Resources, concurrency, and local reasoning. TCS, 375(1), 271307.CrossRefGoogle Scholar
O’Hearn, Peter W., & Pym, David J. (1999). The logic of bunched implications. Bulletin of Symbolic Logic, 5(2), 215244.CrossRefGoogle Scholar
O’Hearn, Peter W., Reynolds, John C., & Yang, Hongseok. (2001). Local reasoning about programs that alter data structures. Pages 1–18 of: CSL. LNCS, vol. 2142.Google Scholar
Parkinson, Matthew J. (2010). The next 700 separation logics - (Invited paper). Pages 169–182 of: VSTTE. LNCS, vol. 6217.Google Scholar
Pilkiewicz, Alexandre, & Pottier, François. (2011). The essence of monotonic state. Pages 73–86 of: TLDI.Google Scholar
Pottier, François. (2013). Syntactic soundness proof of a type-and-capability system with hidden state. JFP, 23(1), 38144.Google Scholar
Reynolds, John C. (2000). Intuitionistic reasoning about shared mutable data structure. Pages 303–321 of: Millennial Perspectives in Computer Science.Google Scholar
Reynolds, John C. (2002). Separation logic: A logic for shared mutable data structures. Pages 55–74 of: LICS.Google Scholar
Sergey, Ilya, Nanevski, Aleksandar, & Banerjee, Anindya. (2015). Mechanized verification of fine-grained concurrent programs. Pages 77–87 of: PLDI.Google Scholar
Sozeau, Matthieu. (2009). A new look at generalized rewriting in type theory. Journal of formalized reasoning, 2(1), 4162.Google Scholar
Svendsen, Kasper, & Birkedal, Lars. (2014). Impredicative concurrent abstract predicates. Pages 149–168 of: ESOP. LNCS, vol. 8410.Google Scholar
Swasey, David, Garg, Deepak, & Dreyer, Derek. (2017). Robust and compositional verification of object capability patterns. PACMPL, 1(OOPSLA), 89:189:26.Google Scholar
Tassarotti, Joseph, & Harper, Robert. (2018). A separation logic for concurrent randomized programs. Draft.Google Scholar
Tassarotti, Joseph, Jung, Ralf, & Harper, Robert. (2017). A higher-order logic for concurrent termination-preserving refinement. Pages 909–936 of: ESOP. LNCS, vol. 10201.Google Scholar
Timany, Amin, & Birkedal, Lars. (2018). Mechanized relational verification of concurrent programs with continuations. Draft.Google Scholar
Timany, Amin, Stefanesco, Léo, Krogh-Jespersen, Morten, & Birkedal, Lars. (2018). A logical relation for monadic encapsulation of state: Proving contextual equivalences in the presence of runST. PACMPL, 2(POPL), 64:164:28.Google Scholar
Turon, Aaron, Dreyer, Derek, & Birkedal, Lars. (2013). Unifying refinement and Hoare-style reasoning in a logic for higher-order concurrency. Pages 377–390 of: ICFP.Google Scholar
Turon, Aaron, Vafeiadis, Viktor, & Dreyer, Derek. (2014). GPS: Navigating weak memory with ghosts, protocols, and separation. Pages 691–707 of: OOPSLA.Google Scholar
Vafeiadis, Viktor, & Parkinson, Matthew J. (2007). A marriage of rely/guarantee and separation logic. Pages 256–271 of: CONCUR. LNCS, vol. 4703.Google Scholar
Wildmoser, Martin, & Nipkow, Tobias. (2004). Certifying machine code safety: Shallow versus deep embedding. Pages 305–320 of: TPHOLs. LNCS, vol. 3223.Google Scholar
Submit a response


No Discussions have been published for this article.