verification of fine-grained concurrent programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014...
TRANSCRIPT
![Page 1: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/1.jpg)
Verification of Fine-Grained Concurrent Programs
Christian J. Bell
![Page 2: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/2.jpg)
Verification of Fine-Grained Concurrent Programs
• Concurrent programs can be simple
– threads work independently of each other
• Concurrent programs can be complex
– use locks, semaphores, CAS, shared stacks, shared queues, etc. to communicate
– threads follow some protocol
![Page 3: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/3.jpg)
Verification of Fine-Grained Concurrent Programs
• Easiest when we can reason about one thread at a time: local reasoning
• Most powerful when we can reason about all threads at once: global reasoning
![Page 4: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/4.jpg)
Local Reasoning
• Example: Concurrent Separation Logic
• Advantage: modularity
• Disadvantage: cannot reason about many kinds of concurrency
![Page 5: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/5.jpg)
Global Reasoning
• Example: Rely-guarantee
• Disadvantage: not very modular
• Can reason about complex protocols between threads
![Page 6: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/6.jpg)
Examples
{x=v}
acquire(l)
x:= x + n
release(l)
acquire(l)
x:= x + m
release(l)
{x=v+m+n}
parallel increment
![Page 7: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/7.jpg)
Examples
{x>=v}
do
m:= x
while CAS(x,m,m+n)=0
{x>=v+n}
...
monotonically increasing shared variable
![Page 8: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/8.jpg)
Finding a Balance
• Promising approach is to use a protocol to govern the shared state between threads
– state machines
– linear logic
– “concurroids”
– concurrent abstract predicates
– ...
![Page 9: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/9.jpg)
Research Questions
• Representing protocols?
![Page 10: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/10.jpg)
Research Questions
• Representing protocols?
• Composition?
![Page 11: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/11.jpg)
Research Questions
• Representing protocols?
• Composition?
• Encapsulation?
![Page 12: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/12.jpg)
Our Approach
• Formalize our proofs and techniques in a theorem prover from the start
– harness higher-order logic
– automate ugly technical details away
• easy to use in practice vs looking good on paper
![Page 13: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/13.jpg)
Our Approach
• Formalize our proofs and techniques in a theorem prover from the start – harness higher-order logic
– automate ugly technical details away • easy to use in practice vs looking good on paper
• We call our protocols “monitors”: – they observe the actions of all threads
– detect “bad” actions
– and evolve in response to actions
![Page 14: Verification of Fine-Grained Concurrent Programspeople.csail.mit.edu/cj/docs/mit pl offsite 2014 (slides).pdf · –automate ugly technical details away •easy to use in practice](https://reader033.vdocuments.net/reader033/viewer/2022053021/6041520561f71d2bf740d35d/html5/thumbnails/14.jpg)
End
Thanks!