Starling:** simplerconcurrencyproofs* Ma#$Windsor (1),$ Mike$Dodds - PowerPoint PPT Presentation

Starling:** simpler*concurrency*proofs* Ma#$Windsor (1),$ Mike$Dodds (1) ,$$$$$$$Ma#hew$Parkinson (2)$ (1) University$of$York$$$$$$$$$$$$$$$$$$$$$$$$$(2)$Microso>$Research$

Sturnus'vulgaris' (common$starling)$

Ticketed*Lock global&int&ticket;&&//&The&next&ticket&to&hand&out.& global&int&serving;&//&The&current&ticket&holding&the&lock.& & method&unlock()&{& method&lock()&{& &&<serving++>;& &&<t&=&ticket++>;& } $ &&do&{& &&&&<s&=&serving>;& &&}&while&(s&!=&t);& }& &

Ticketed*Lock method&lock()&{& method&unlock()&{& &&{|&emp&|}& &&{|&holdLock()&|}& &&<t&=&ticket++>;& &&<serving++>;& &&do&{& &&{|&emp&|}& } $ &&&&<s&=&serving>;& &&}&while&(s&!=&t);& &&{|&holdLock()&|}& }& & constraint&holdLock()&&&*&holdLock()&&&G>&false;&

method&lock()&{& method&unlock()&{& &&{|&emp&|}& &&{|&holdLock()&|}& &&<t&=&ticket++>;& &&<serving++>;& &&{|&holdTick(t)&|} ! &&{|&emp&|}& &&do&{& } $ &&&&{|&holdTick(t)&|}& &&&&<s&=&serving>;& &&&&{|&if&s==t&then&holdLock()&else&holdTick(t)&|}& &&}&while&(s&!=&t);& &&{|&holdLock()&|}& }& & constraint&holdLock()&&&*&holdLock()&&&G>&false;& & constraint&emp&&&&&&&&&&&&&&&&&&&&&&&&&G>&ticket&>=&serving;& constraint&holdTick(t)&&&&&&&&&&&&&&&&&G>&ticket&>&t;& constraint&holdLock()&&&&&&&&&&&&&&&&&&G>&ticket&!=&serving;& constraint&holdLock()&&&*&holdTick(t)&&G>&serving&!=&t;& constraint&holdTick(ta)&*&holdTick(tb)&G>&ta&!=&tb;&

Views Establish$post;$ Context$asserGons$ preserve$context$ ReificaGon$ Program$ Hoare$triples$ semanGcs$

method&unlock()&{& method&lock()&{& &&{|&holdLock()&|}& &&{|&emp&|}& &&<t&=&ticket++>;& &&<serving++>;& &&{|&holdTick(t)&|} ! &&{|&emp&|}& &&do&{& } $ &&&&{|&holdTick(t)&|}& &&&&<s&=&serving>;& &&&&{|&if&s==t&then&holdLock()&else&holdTick(t)&|}& &&}&while&(s&!=&t);& &&{|&holdLock()&|}& }& &

method&unlock()&{& method&lock()&{& &&{|&holdLock()&|}& &&{|&emp&|}& &&<t&=&ticket++>;& &&<serving++>;& &&{|&holdTick(t)&|} ! &&{|&emp&|}& &&do&{& } $ &&&&{|&holdTick(t)&|}& &&&&<s&=&serving>;& &&&&{|&if&s==t&then&holdLock()&else&holdTick(t)&|}& &&}&while&(s&!=&t);& &&{|&holdLock()&|}& }& & Views$= ! {&holdTick(1),&&holdTick(2),&&holdTick(1)*holdTick(2),&...}&& U&{&holdLock(),&&holdLock()*holdLock(),&...}&& $ U&{&holdLock()*holdTick(1),&&holdLock()*holdTick(2),&&...}&& U&{&emp&}&& $

method&unlock()&{& method&lock()&{& &&{|&holdLock()&|}& &&{|&emp&|}& &&<t&=&ticket++>;& &&<serving++>;& &&{|&holdTick(t)&|} ! &&{|&emp&|}& &&do&{& } $ &&&&{|&holdTick(t)&|}& &&&&<s&=&serving>;& &&&&{|&if&s==t&then&holdLock()&else&holdTick(t)&|}& &&}&while&(s&!=&t);& &&{|&holdLock()&|}& }& & Axioms$=$$${$ {|&emp&|}&<t&=&ticket++>&{|&holdTick(t)&|},& ! $ {|&holdLock()&|}&<serving++>&{|&emp&|},&& ... } & {|&holdTick(t)&|}&<s&=&serving>&{|&if&s==t&then&holdLock()&else&holdTick(t)&|},&&

method&unlock()&{& method&lock()&{& &&{|&holdLock()&|}& &&{|&emp&|}& &&<t&=&ticket++>;& &&<serving++>;& &&{|&holdTick(t)&|} ! &&{|&emp&|}& &&do&{& } $ &&&&{|&holdTick(t)&|}& &&&&<s&=&serving>;& &&&&{|&if&s==t&then&holdLock()&else&holdTick(t)&|}& &&}&while&(s&!=&t);& &&{|&holdLock()&|}& }& & ReificaGon$=$$ constraint&holdLock()&&&*&holdLock()&&&G>&false;& constraint&emp&&&&&&&&&&&&&&&&&&&&&&&&&G>&ticket&>=&serving;& constraint&holdTick(t)&&&&&&&&&&&&&&&&&G>&ticket&>&t;& constraint&holdLock()&&&&&&&&&&&&&&&&&&G>&ticket&!=&serving;& constraint&holdLock()&&&*&holdTick(t)&&G>&serving&!=&t;& constraint&holdTick(ta)&*&holdTick(tb)&G>&ta&!=&tb;&

Checking*proof*outline Infinite!!!' Eg.&& holdLock()&*&holdTick(1)&*&holdTick(2)&*&holdTick(3)&*&holdTick(4)& *&holdTick(5)&*&holdTick(6)&*&holdTick(7)&*&holdTick(8)&*& holdTick(9)&*&holdTick(10)&*&holdTick(11)&*&holdTick(12)&*&... $ $ $ $

Defining*views constraint&holdLock()&*&holdLock()&&&G>&&&false; $ MulGset$subset$

Defining*views View$adjoint$ (mulGset$minus)$ finite$ ⇒ =

Example Axiom:$$ {|&emp&|}&<t&=&ticket++>&{|&holdTick(t)&|} $ Defining$view:$$ holdLock() $ Proof$obligaGon:$$ J t = ticket + + K b emp ⇤ ( holdLock () \ m holdTick ( t )) c ✓ D ( holdLock ()) J t = ticket + + K b emp ⇤ holdLock () c ✓ D ( holdLock ()) J t = ticket + + K ( ticket � serving ) ✓ ticket 6 = serving

Making*proofs*simpler! Horn$clause!$

Demo*#2

Synergies • More$powerful$backTend$solvers$ needed$to$verify$heap$programs.$ $ • CounterTexample$finding$needed$if$ Starling$is$to$be$used$for$find/fix$loop.$ $$ • Starling$approach$useful$as$a$backT end$for$other$verificaGon$tools?$$

Open*Development Follow$Starling$on$GitHub:$ $h#p://github.com/septract/starlingTtool/$

Proof*of*approximaHon

Starling:** simplerconcurrencyproofs* Ma#$Windsor (1),$ Mike$Dodds - PowerPoint PPT Presentation

Starling:** simplerconcurrencyproofs* Ma#$Windsor (1),$ Mike$Dodds (1) ,$$$$$$$Ma#hew$Parkinson (2)$ (1) University$of$York$$$$$$$$$$$$$$$$$$$$$$$$$(2)$Microso>$Research$ Sturnus'vulgaris' (common$starling)$ Ticketed*Lock

Hello! Denise Rushe Starling & Company Servicing clients across creative, cultural, retail,

Geographical Indication A Testimony STARLING FARM KAMPOT 16 December 2014 PEPPER Starling Farm

Rampant Pragmatism Growth & Change at Starling Bank Dan Osborne - Web Technology Practice

Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt

Rotorua District Council Focusing on Sustainability Kerry Starling Procurement &

Boundary Quotients of Semigroup C*-algebras Charles Starling uOttawa February 5, 2015 Charles

Generalised Stone Dualities Tristan Bice joint work with Charles Starling Institute of

Heavy Vehicle Accreditation and Activity Update Paul Starling Heavy Vehicle Services 2 23

Essay writing Title of essay Please write a short paragraph why you write about the chosen

What serving Disney customers taught me about auto service Alan Starling Kissimmee, FL in the

The Price of Ignoring Employee Mental Health Dr. Andrew Miki, R.Psych Starling Minds CEO &

Conference 2019 Keynote Helen Bierton, Head of Banking, Starling Bank Helping you lead a healthy

Observations of particle acceleration in the blast waves of GRB afterglows Peter A. Curran with

Disrupting the Banking Experience: Building a Mobile-only Bank Yann Del Rey Teresa Ng Easy

Manifest Data S-1 Speculative Sensation Lab www.s-1lab.org #manifestdata S-1 Lab Manifest Data

20/00318/FUL Change of use from landscaped area/public open space to residential garden area

INTERROBANG AGENCY Problem Overview Reliability Issues Organization Navigation Project Goals

Null weak values in quantum dots and beyond OZ , Alessandro Romito, and Yuval Gefen and

Exploring the relationship between AML & Fraud Hosted by: Jesse Hopkins, CeFPro Presenters:

Circuit Court Clerks May 28, 2020 Adams County Circuit Clerk Eva Givens 115 South Wall St.

Broads Authority 20 March 2015 Agenda Item No 9 Broads Reed and Sedge Cutting Association

Starling:** simpler*concurrency*proofs* Ma#$Windsor (1),$ Mike$Dodds - PowerPoint PPT Presentation

Starling:** simpler*concurrency*proofs* Ma#$Windsor (1),$ Mike$Dodds (1) ,$$$$$$$Ma#hew$Parkinson (2)$ (1) University$of$York$$$$$$$$$$$$$$$$$$$$$$$$$(2)$Microso>$Research$ Sturnus'vulgaris' (common$starling)$ Ticketed*Lock

Hello! Denise Rushe Starling &amp; Company Servicing clients across creative, cultural, retail,

Geographical Indication A Testimony STARLING FARM KAMPOT 16 December 2014 PEPPER Starling Farm

Rampant Pragmatism Growth &amp; Change at Starling Bank Dan Osborne - Web Technology Practice

Starling: automating concurrency verification Mike Dodds (1) , Matthew Parkinson (2) , Matt

Rotorua District Council Focusing on Sustainability Kerry Starling Procurement &amp;

Boundary Quotients of Semigroup C*-algebras Charles Starling uOttawa February 5, 2015 Charles

Generalised Stone Dualities Tristan Bice joint work with Charles Starling Institute of

Heavy Vehicle Accreditation and Activity Update Paul Starling Heavy Vehicle Services 2 23

Essay writing Title of essay Please write a short paragraph why you write about the chosen

What serving Disney customers taught me about auto service Alan Starling Kissimmee, FL in the

The Price of Ignoring Employee Mental Health Dr. Andrew Miki, R.Psych Starling Minds CEO &amp;

Conference 2019 Keynote Helen Bierton, Head of Banking, Starling Bank Helping you lead a healthy

Observations of particle acceleration in the blast waves of GRB afterglows Peter A. Curran with

Disrupting the Banking Experience: Building a Mobile-only Bank Yann Del Rey Teresa Ng Easy

Manifest Data S-1 Speculative Sensation Lab www.s-1lab.org #manifestdata S-1 Lab Manifest Data

20/00318/FUL Change of use from landscaped area/public open space to residential garden area

INTERROBANG AGENCY Problem Overview Reliability Issues Organization Navigation Project Goals

Null weak values in quantum dots and beyond OZ , Alessandro Romito, and Yuval Gefen and

Exploring the relationship between AML &amp; Fraud Hosted by: Jesse Hopkins, CeFPro Presenters:

Circuit Court Clerks May 28, 2020 Adams County Circuit Clerk Eva Givens 115 South Wall St.

Broads Authority 20 March 2015 Agenda Item No 9 Broads Reed and Sedge Cutting Association

Starling:** simplerconcurrencyproofs* Ma#$Windsor (1),$ Mike$Dodds - PowerPoint PPT Presentation

Starling:** simplerconcurrencyproofs* Ma#$Windsor (1),$ Mike$Dodds (1) ,$$$$$$$Ma#hew$Parkinson (2)$ (1) University$of$York$$$$$$$$$$$$$$$$$$$$$$$$$(2)$Microso>$Research$ Sturnus'vulgaris' (common$starling)$ Ticketed*Lock

Hello! Denise Rushe Starling & Company Servicing clients across creative, cultural, retail,

Rampant Pragmatism Growth & Change at Starling Bank Dan Osborne - Web Technology Practice

Rotorua District Council Focusing on Sustainability Kerry Starling Procurement &

The Price of Ignoring Employee Mental Health Dr. Andrew Miki, R.Psych Starling Minds CEO &

Exploring the relationship between AML & Fraud Hosted by: Jesse Hopkins, CeFPro Presenters: