Modern computer systems have intricate memory hierarchies that violate the intuition of a global timeline of interleaved memory accesses. In these so-called relaxed-memory systems, it can be dangerous to use intuition, specifications are universally unreliable, and the outcome of testing is both wildly nondeterministic and dependent on hardware that is getting more permissive of odd behaviour with each generation. These complications pervade the whole system, and have led to bugs in language specifications, deployed processors, compilers, and vendor-endorsed programming idioms – it is clear that current engineering practice is severely lacking.

I will describe my part of a sustained effort in the academic community to tackle these problems by applying a range of techniques, from exhaustive testing to mechanised formal specification and proof. I will focus on a vein of work with strong industrial impact: the formalisation, refinement and validation of the 2011/14/17 C and C++ concurrency design, leading to changes in the ratified international standard, and ultimately uncovering fundamental flaws that lead us to the state of the art in concurrent language specification. This work represents an essential enabling step for verification on modern concurrent systems