an algorithmic framework for synthesis of concurrent
play

An Algorithmic Framework for Synthesis of Concurrent Programs E. - PowerPoint PPT Presentation

Preliminaries Solution framework Correctness Conclusion An Algorithmic Framework for Synthesis of Concurrent Programs E. Allen Emerson and Roopsha Samanta The University of Texas at Austin Oct 12, 2011 E. Allen Emerson and Roopsha Samanta


  1. Preliminaries Solution framework Correctness Conclusion An Algorithmic Framework for Synthesis of Concurrent Programs E. Allen Emerson and Roopsha Samanta The University of Texas at Austin Oct 12, 2011 E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 1 / 23

  2. Preliminaries Solution framework Correctness Conclusion Let’s begin with an example Reader P 1 � Writer P 2 E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 2 / 23

  3. Preliminaries Solution framework Correctness Conclusion Let’s begin with an example Reader P 1 � Writer P 2 P 1 () { P 2 () { while(true) { while(true) { Execute code region IDLE 1 ; Execute code region IDLE 2 ; Execute code region TRY 1 ; Execute code region TRY 2 ; Execute code region CS 1 ; Execute code region CS 2 ; }} }} E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 2 / 23

  4. Preliminaries Solution framework Correctness Conclusion Let’s begin with an example Reader P 1 � Writer P 2 P 1 () { P 2 () { while(true) { while(true) { Execute code region IDLE 1 ; Execute code region IDLE 2 ; Execute code region TRY 1 ; Execute code region TRY 2 ; Execute code region CS 1 ; Execute code region CS 2 ; }} }} Mutual exclusion: AG ( ¬ ( CS 1 ∧ CS 2 )) . Absence of starvation for reader P 1 , provided writer P 2 remains idle: AG ( TRY 1 ⇒ AF ( CS 1 ∨ ¬ IDLE 2 )) . Absence of starvation for writer: AG ( TRY 2 ⇒ AF CS 2 ) . Priority of writer over reader for outstanding requests to enter the critical section: AG (( TRY 1 ∧ TRY 2 ) ⇒ A [ TRY 1 U CS 2 ]) . E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 2 / 23

  5. Preliminaries Solution framework Correctness Conclusion Let’s begin with an example Reader P 1 � Writer P 2 P 1 () { P 2 () { while(true) { while(true) { Execute code region IDLE 1 ; Execute code region IDLE 2 ; Execute code region TRY 1 ; Execute code region TRY 2 ; Execute code region CS 1 ; Execute code region CS 2 ; }} }} φ E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 2 / 23

  6. Preliminaries Solution framework Correctness Conclusion Let’s begin with an example Reader P 1 � Writer P 2 �| = φ E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 2 / 23

  7. Preliminaries Solution framework Correctness Conclusion Problem definition Given unsynchronized P 1 , P 2 and φ such that P 1 � P 2 �| = φ , automatically generate P 1 , P 2 such that P 1 � P 2 | = φ . E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 3 / 23

  8. Preliminaries Solution framework Correctness Conclusion Our solution main() { P 1 () � P 2 () ; } P 1 () { P 2 () { while(true) { while(true) { Execute code region IDLE 1 ; Execute code region IDLE 2 ; Execute code region TRY 1 ; Execute code region TRY 2 ; Execute code region CS 1 ; Execute code region CS 2 ; }} }} E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 4 / 23

  9. Preliminaries Solution framework Correctness Conclusion Our solution main() { boolean idle 1 := 1 , try 1 := 0 , cs 1 := 0 , idle 2 := 1 , try 2 := 0 , cs 2 := 0 ; lock l , condition variables cv cs 1 , cv cs 2 ; P 1 () � P 2 () ; } P 1 () { P 2 () { while(true) { while(true) { Execute code region I D L E 1 ; Execute code region I D L E 2 ; lock( l ) { lock( l ) { idle 1 , try 1 := 0 , 1 ; idle 2 , try 2 := 0 , 1 ; notify( cv cs 2 ); } } Execute code region T R Y 2 ; Execute code region T R Y 1 ; lock( l ) { lock( l ) { while ( !( idle 1 ∨ try 1 ) ) while ( ! idle 2 ) wait( cv cs 2 , l ); wait( cv cs 1 , l ); try 2 , cs 2 := 0 , 1 ; try 1 , cs 1 := 0 , 1 ; } } Execute code region C S 2 ; Execute code region C S 1 ; lock( l ) { lock( l ) { cs 2 , idle 2 := 0 , 1 ; cs 1 , idle 1 := 0 , 1 ; notify( cv cs 1 ); notify( cv cs 2 ); }}} }}} E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 4 / 23

  10. Preliminaries Solution framework Correctness Conclusion Our solution Reader P 1 � Writer P 2 | = φ E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 5 / 23

  11. Preliminaries Solution framework Correctness Conclusion Outline Preliminaries Solution framework Correctness Conclusion E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 6 / 23

  12. Preliminaries Solution framework Correctness Conclusion Motivation Problem: Shared memory concurrent programs Ubiquitous Hard to write Harder to verify (safety, liveness) Proposal: Automatically synthesize synchronization code Only write unsynchronized skeletons Correct-by-construction synchronization code No further verification needed E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 7 / 23

  13. Preliminaries Solution framework Correctness Conclusion Motivation Problem: Shared memory concurrent programs Ubiquitous Hard to write Harder to verify (safety, liveness) Proposal: Automatically synthesize synchronization code Only write unsynchronized skeletons Correct-by-construction synchronization code No further verification needed E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 7 / 23

  14. Preliminaries Solution framework Correctness Conclusion Motivation Problem: Shared memory concurrent programs Ubiquitous Hard to write Harder to verify (safety, liveness) Proposal: Automatically synthesize synchronization code Only write unsynchronized skeletons Correct-by-construction synchronization code No further verification needed E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 7 / 23

  15. Preliminaries Solution framework Correctness Conclusion Motivation Problem: Shared memory concurrent programs Ubiquitous Hard to write Harder to verify (safety, liveness) Proposal: Automatically synthesize synchronization code Only write unsynchronized skeletons Correct-by-construction synchronization code No further verification needed E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 7 / 23

  16. Preliminaries Solution framework Correctness Conclusion Groundwork Unsynchronized skeletons �→ state-machines Code regions �→ states (atomic propositions) Control-flow �→ transition relation P 1 () { while(true) { IDLE 1 TRY 1 CS 1 Execute code region IDLE 1 ; Execute code region TRY 1 ; Execute code region CS 1 ; }} E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 8 / 23

  17. Preliminaries Solution framework Correctness Conclusion Groundwork Unsynchronized skeletons �→ state-machines Code regions �→ states (atomic propositions) Control-flow �→ transition relation Interleaved, asynchronous computation CTL specification Safety: AG ( ¬ ( CS 1 ∧ CS 2 )) Liveness: AG ( TRY 2 ⇒ AF CS 2 ) E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 8 / 23

  18. Preliminaries Solution framework Correctness Conclusion Recall problem definition Given skeletons P 1 , P 2 and φ such that P 1 � P 2 �| = φ , automatically generate P 1 , P 2 such that P 1 � P 2 | = φ . E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 9 / 23

  19. Preliminaries Solution framework Correctness Conclusion Solution framework Step 1: Synthesize synchronization skeletons , P s 1 , P s 2 High-level synchronization actions Guarded commands P s 1 � P s 2 | = φ Step 2: Mechanically translate P s 1 , P s 2 into P 1 , P 2 Low-level synchronization code Monitors ( wait and notify ), mutex locks Correctness-preserving translation, i.e., P 1 � P 2 | = φ E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 10 / 23

  20. Preliminaries Solution framework Correctness Conclusion Solution framework Step 1: Synthesize synchronization skeletons , P s 1 , P s 2 High-level synchronization actions Guarded commands P s 1 � P s 2 | = φ Step 2: Mechanically translate P s 1 , P s 2 into P 1 , P 2 Low-level synchronization code Monitors ( wait and notify ), mutex locks Correctness-preserving translation, i.e., P 1 � P 2 | = φ E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 10 / 23

  21. Preliminaries Solution framework Correctness Conclusion Step 1: High-level synchronization [EmersonClarke82] Reader P 1 : Writer P 2 : IDLE 1 TRY 1 CS 1 IDLE 2 TRY 2 CS 2 φ E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 11 / 23

  22. Preliminaries Solution framework Correctness Conclusion Step 1: High-level synchronization M | = phi : 1 2 IDLE 1 IDLE 2 1 2 TRY 1 IDLE 2 IDLE 1 TRY 2 2 1 1 2 TRY 1 TRY 2 CS 1 IDLE 2 IDLE 1 CS 2 2 2 1 2 1 CS 1 TRY 2 TRY 1 CS 2 E. Allen Emerson and Roopsha Samanta An Algorithmic Framework for Synthesis of Concurrent Programs 11 / 23

Recommend


More recommend