View
3
Download
0
Category
Preview:
Citation preview
background Technical Development Case-Study Conclusion
Separation-Based Reasoning for DeterministicChannel-Passing Concurrent Programs
Aimee Borda
December 18, 2013
1 / 23
background Technical Development Case-Study Conclusion
Table of Content
backgroundCompositional ReasoningSeparation Logic
Technical DevelopmentResource ReuseResearch Time-Line
Case-StudyOverviewResource Reuse Patterns
ConclusionFuture Work & ContributionsAppendix
2 / 23
background Technical Development Case-Study Conclusion
Compositional (localized) Proof Systems
A B
C D A
3 / 23
background Technical Development Case-Study Conclusion
Compositional (localized) Proof Systems
A B
C D A
3 / 23
background Technical Development Case-Study Conclusion
Compositional (localized) Proof Systems
A B
C D A
3 / 23
background Technical Development Case-Study Conclusion
Localized Reasoning
sum(l) = sum(l1) sum(l2)+
l = l1 · l2
r1 r2
r1 ∩ r2 = ∅
4 / 23
background Technical Development Case-Study Conclusion
Localized Reasoning
sum(l) = sum(l1) sum(l2)+
l = l1 · l2
r1 r2
r1 ∩ r2 = ∅
4 / 23
background Technical Development Case-Study Conclusion
Localized Reasoning
sum(l) = sum(l1) sum(l2)+
l = l1 · l2
r1 r2
r1 ∩ r2 = ∅
4 / 23
background Technical Development Case-Study Conclusion
Separation Logic [Rey02]
A
r1
5 / 23
background Technical Development Case-Study Conclusion
Separation Logic [Rey02]
A
r1
B
r2⊥
5 / 23
background Technical Development Case-Study Conclusion
Resource Transfer [O’H07]
P1
P2 {r1, r2, r3}
6 / 23
background Technical Development Case-Study Conclusion
Separation-Based Reasoning for Message PassingPrograms [FRS11]
c ↑c ↓
7 / 23
background Technical Development Case-Study Conclusion
Communication Channels as Synchronization Mechanism
c!
P1
c?
P2
{r1, r2, r3}
8 / 23
background Technical Development Case-Study Conclusion
Channel Reuse - Dynamic Resource TransferP1
P2
P3
{r1, r2, r3}
{r4, r5}
9 / 23
background Technical Development Case-Study Conclusion
Multiple-Sender and Single Receiver Pattern
SUM
65
DIFF
65
10 / 23
background Technical Development Case-Study Conclusion
Multiple-Sender and Single Receiver Pattern
SUM
65
= 11 DIFF
65
= 1 or -1
10 / 23
background Technical Development Case-Study Conclusion
Semantic Satisfaction
Γin; Γout ; b ` {ϕ} P {ψ} : ρ
implies
Γin; Γout ; b � {ϕ} P {ψ} : ρ
11 / 23
background Technical Development Case-Study Conclusion
Technical Development Timeline
FRS11 Channel Reuse Multiple-Sender GoalSingle- Receiver
12 / 23
background Technical Development Case-Study Conclusion
Proof of Soundness
(P is deterministic)
(Data Analysis) (Behavioral Analysis)
13 / 23
background Technical Development Case-Study Conclusion
Sorting Networks [Knu98]
7
9
5
3
9
7
5
7
3
9
9
7
3
5
9
7
5
3
14 / 23
background Technical Development Case-Study Conclusion
Sorting Networks [Knu98]
7
9
5
3
9
7
5
7
3
9
9
7
3
5
9
7
5
3
14 / 23
background Technical Development Case-Study Conclusion
Our Implementation of SNs
c2
c1
c4
c3c1?(x1).c2?(x2).
if x1≤x2 then(c3!〈x1〉‖c4!〈x2〉
)else
(c3!〈x2〉‖c4!〈x1〉
)
15 / 23
background Technical Development Case-Study Conclusion
Regular Pattern in SNs
A B
16 / 23
background Technical Development Case-Study Conclusion
Naıve Solution for SNs
c8
c7
c6
c5
c4
c3
c2
c1
d7
d5
d3
d1
d8
d6
d4
d2
e8
e7
e6
e5
e4
e3
e2
e1
f5
f1
f6
f2
f7
f3
f8
f4
g7
g5
g3
g1
g8
g6
g4
g2
h8
h7
h6
h5
h4
h3
h2
h1
i8
i7
i6
i5
i4
i3
i2
i1
17 / 23
background Technical Development Case-Study Conclusion
Horizontal Reuse in SNs
c1 A d1 c1 B e1 d1 c1 C
18 / 23
background Technical Development Case-Study Conclusion
Vertical Reuse in SNs
5
6
5
6c2
c1
c4
c3
19 / 23
background Technical Development Case-Study Conclusion
Vertical Reuse in SNs
5
6
6
5c2
c1
c4
c3
19 / 23
background Technical Development Case-Study Conclusion
Vertical Reuse in SNs
c1
c1
c4
c3
19 / 23
background Technical Development Case-Study Conclusion
Contributions
• Separation-Based Logic for Stable Process for the pre- andpostconditions
• Separation-based Proof System for Message-Passing,Deterministic and Terminating Programs
• Proof of Soundness of Proof System
• Message-passing Implementation of Sorting Network resortingto resource reuse
• Proof of Correctness for the Implementation
• Preliminary Design of Second Proof System where channelscan be shared
• An innovative Proof Technique for proving Soundness
20 / 23
background Technical Development Case-Study Conclusion
Future Work
• More Resource Reuse Pattern
• Enhanced Languages• Name-Passing Channels• Scoping Construct
• Logical Framework Improvement
21 / 23
background Technical Development Case-Study Conclusion
BibliographyAdrian Francalanza, Julian Rathke, and Vladimiro Sassone.
Permission-based separation logic for message-passing concurrency.
Logical Methods in Computer Science, 7(3), 2011.
Donald E. Knuth.
The art of computer programming, volume 3: (2nd ed.) sorting andsearching.
Addison Wesley Longman Publishing Co., Inc., Redwood City, CA,USA, 1998.
Peter W. O’Hearn.
Resources, concurrency, and local reasoning.
Theor. Comput. Sci., 375(1-3):271–307, 2007.
John C. Reynolds.
Separation logic: A logic for shared mutable data structures.
In LICS, pages 55–74, 2002.22 / 23
background Technical Development Case-Study Conclusion
Conclusion Remarks
Questions ?
23 / 23
The lPar Rule
P1
P2
Q1
Q2
R1
R2
T
P1 ‖P2
Q1
Q2
R1
R2
Γi ; Γo\Γ; b ` {ϕ1} P1 {ϕ3 ? ψ1} : ρ1 dom(Γ) ⊆ fn(ϕ3)
Γi\Γ ; Γo ; b ` {ϕ2 ? ϕ3} P2 {ψ2} : ρ2 ϕ2 ⊥ ϕ3 ψ1 ⊥ ψ2
Γi ; Γo ; b ` {ϕ1 ? ϕ2} P1 ‖P2 {ψ1 ? ψ2} : ρ1 ] ρ2
The lPar Rule
P1
P2
ϕ1
ϕ2
ψ1
ψ2
ϕ3
ρ1
ρ2
P1 ‖P2
Q1
Q2
R1
R2
Γi ; Γo\Γ; b ` {ϕ1} P1 {ϕ3 ? ψ1} : ρ1 dom(Γ) ⊆ fn(ϕ3)
Γi\Γ ; Γo ; b ` {ϕ2 ? ϕ3} P2 {ψ2} : ρ2 ϕ2 ⊥ ϕ3 ψ1 ⊥ ψ2
Γi ; Γo ; b ` {ϕ1 ? ϕ2} P1 ‖P2 {ψ1 ? ψ2} : ρ1 ] ρ2
Vertical Reuse - SN
B2
B1
Multiple Sender and Single Receiver Checklist
c!〈5〉 ‖ c!〈6〉 ‖ c?(x).(c?(y).d!〈x + y〉)
• Permissions Analysis• Frozen Permissions• Permission Bags
• Data Analysis• Number of I/O operations• Operation performed on the Data• Frozen Data
Multiple Sender and Single Receiver Checklist
c!〈7〉 ‖ c!〈5〉 ‖ c!〈6〉 ‖ c?(x).(c?(y).d!〈x + y〉)
• Permissions Analysis• Frozen Permissions• Permission Bags
• Data Analysis• Number of I/O operations• Operation performed on the Data• Frozen Data
Multiple Sender and Single Receiver Checklist
c!〈5〉 ‖ c!〈6〉 ‖ c?(x).(c?(y).d!〈x − y〉)
• Permissions Analysis• Frozen Permissions• Permission Bags
• Data Analysis• Number of I/O operations• Operation performed on the Data• Frozen Data
Multiple Sender and Single Receiver Checklist
c!〈5〉 ‖ c!〈6〉 ‖ c?(x).(d!〈x〉‖c?(y).d!〈x + y + y〉)
• Permissions Analysis• Frozen Permissions• Permission Bags
• Data Analysis• Number of I/O operations• Operation performed on the Data• Frozen Data
The lNil Rule
lNilfn(ϕ) ⊆ dom(Γi ∩ Γo)
Γi ; Γo ; b ` {ϕ} nil {ϕ} : ρ
{c〈5〉} nil‖c?(x).c!〈e〉 {c〈5〉}
Nested Permission Environment Update
Γi ; Γo\Γ; b ` {ϕ1} P1 {ϕ3 ? ψ1} : ρ1 dom(Γ) ⊆ fn(ϕ3)
Γi\Γ ; Γo ; b ` {ϕ2 ? ϕ3} P2 {ψ2} : ρ2 ϕ2 ⊥ ϕ3 ψ1 ⊥ ψ2
Γi ; Γo ; b ` {ϕ1 ? ϕ2} P1 ‖P2 {ψ1 ? ψ2} : ρ1 ] ρ2
{c〈5〉} c?(x).(c!‖d!)‖c?(x).d?(y).c!〈5〉 {c〈5〉}
Changes from [FRS11]
• Logical Formula Satisfaction
• Proof of Soundness - from 2 tier to 1 tier
• Removed the Confined Processes Semantics – permissiondescribe the sequent’s footprint rather then the process’s
Sequent Definition
Γi ; Γo ; b
` {ϕ} P {ψ}
: ρ
P,Q , nil | c?(x).P | c!〈e〉 | P ‖ Q | if b thenP else Q | f (~x)
ϕ,ψ , emp | blk(c) | c〈e〉 | ϕ ? ψ
Sequent Definition
Γi ; Γo ; b
` {ϕ} P {ψ} : ρ
E.g., {c ↑, d ↓}
Sequent Definition
Γi ; Γo ;
b ` {ϕ} P {ψ} : ρ
E.g., x = y + 1 ` {c〈x〉} P {c〈y〉}
Sequent Definition
Γi ; Γo ; b ` {ϕ} P {ψ} : ρ
E.g.,c : {c ↑, d ↓}
E.g.,Γi = c : {c ↑, d ↓}Γo = c : {c ↑, e ↑}
Logical Formula Satisfaction
Γ , P , µ � emp iff P ≡ nil
Γ , P , µ � c〈e〉 iff P ≡ c!〈e′〉 and e ⇓ v , e′ ⇓ v and Γ(c) ⊆ µ
Γ , P , µ � ϕ1 ? ϕ2 iff P ≡ P1 ‖P2 and Γ , P1 , µ1 � ϕ1 and
Γ , P2 , µ2 � ϕ2 and µ = µ1 ] µ2
Γ , P , µ � blk(c) iff P ≡ c?(x).P ′ and c ∈ dom(Γ) and c ↓ µ
Semantic Definition
Γin; Γout ; b ` {ϕ} P {ψ} : ρ
implies
Γin; Γout ; b � {ϕ} P {ψ} : ρ
∀σ,Q, µ. Γin,Qσ, µ � ϕσ and ρ ⊥ µ and bσ ⇓ tt
implies (P ‖Q)σ ⇓ Rσ and Γout ,Rσ, µ ] ρ � ψσ
Semantic Definition
Γin; Γout ; b ` {ϕ} P {ψ} : ρ
implies
Γin; Γout ; b � {ϕ} P {ψ} : ρ
∀σ,Q, µ. Γin,Qσ, µ � ϕσ and ρ ⊥ µ and bσ ⇓ tt
implies (P ‖Q)σ ⇓ Rσ and Γout ,Rσ, µ ] ρ � ψσ
Semantic Definition
Γin; Γout ; b ` {ϕ} P {ψ} : ρ
implies
Γin; Γout ; b � {ϕ} P {ψ} : ρ
∀σ,Q, µ. Γin,Qσ, µ � ϕσ and ρ ⊥ µ and bσ ⇓ tt
implies (P ‖Q)σ ⇓ Rσ and Γout ,Rσ, µ ] ρ � ψσ
Semantic Definition
Γin; Γout ; b ` {ϕ} P {ψ} : ρ
implies
Γin; Γout ; b � {ϕ} P {ψ} : ρ
∀σ,Q, µ. Γin,Qσ, µ � ϕσ and ρ ⊥ µ and bσ ⇓ tt
implies (P ‖Q)σ ⇓ Rσ and Γout ,Rσ, µ ] ρ � ψσ
Semantic Definition
Γin; Γout ; b ` {ϕ} P {ψ} : ρ
implies
Γin; Γout ; b � {ϕ} P {ψ} : ρ
∀σ,Q, µ. Γin,Qσ, µ � ϕσ and ρ ⊥ µ and bσ ⇓ tt
implies (P ‖Q)σ ⇓ Rσ and Γout ,Rσ, µ ] ρ � ψσ
Race Conditions in SNs
Race Conditions in SNs
7
6
5
6
7
5
7
6
5
7
5
6
Deadlocks
P1
P2
emp
emp
emp
emp
c〈x〉
d〈x〉
c?(x).d!〈x〉 ‖ d?(y).c!〈y〉
Recommended