with the guarded action language
play

with the Guarded Action Language Quentin Meunier, Yann Thierry-Mieg, - PowerPoint PPT Presentation

Oct 01, 2023 •11 likes •191 views

Modeling a Cache Coherence Protocol with the Guarded Action Language Quentin Meunier, Yann Thierry-Mieg, Emmanuelle Encrenaz Laboratoire dInformatique de Paris 6, Sorbonne Universit, Paris. The TeraScale Architecture TSAR Hardware

  1. Modeling a Cache Coherence Protocol with the Guarded Action Language Quentin Meunier, Yann Thierry-Mieg, Emmanuelle Encrenaz Laboratoire d’Informatique de Paris 6, Sorbonne Université, Paris.

  2. The TeraScale Architecture TSAR  Hardware architecture designed to scale to up to 1024 core  Hardware enabled cache coherence, logically a single address space, NUCA characteristics

  3. Architecture  Asynchronous process communicating over unidirectional shared channels  Separate channels for direct and coherence transactions

  4. Accessing memory  Five independent networks in V5, six in V4 Channel Source Dest. Messages Adr. Id PL1DTREQ Proc L1 DT_RD 1 / DT_WR L1PDTACK L1 Proc ACK_DT_RD 1 / ACK_DT_WR L1MCDTREQ L1 L2 RD 1 1 WR MCL1DTACK L2 L1 ACK_RD 1 1 ACK_WR

  5. Distributed Hybrid Cache Coherence Protocol DHCCP  L2 cache maintains a directory of L1 copies of the data  Directory is physically distributed  Inclusive : any data in a L1 is necessarily in L2  Write through : L2 version is always the latest  Direct transactions  Read, Write, Load-Linked/Store Conditional LL/SC, Compare and Swap CAS  Coherence transactions  Update or evince L2 => update/invalidate all copies, wait for ACK  Multicast update if few copies  Broadcast an invalidate request if above the DHCCP threshold  Count the responses in both cases  Hybrid Multicast/Broadcast policy based on DHCCP threshold

  6. Design issues  Separate Networks, Asynchronous behaviors …  Errors are easy to make, hard to detect by simulation and testing  This V4 example deadlocks …

  7. Applying model-checking  Could formal verification help gain more confidence in the design ?  Challenges :  Abstract from the real system faithfully  Wide configuration space :  Number of cores/threads, Number of addresses, DHCCP threshold  Several versions of the protocol (V4 and V5)  Smallest complete behavior : 3 cores, 2 addresses, threshold=2  Observe both broadcast and multicast  Goal is automatic verification => model-checking  Counter-example traces help debug

  8. Verifying the protocol  Extract manually from the code + specifications  Communicating automata over channels  Components : Processor, L1 cache, L2 cache, Memory

  9. Building a model with Promela/SPIN  Two Master 1 students : M. Najem 2011, A. Mansour 2012  Build the Promela model  Formalisms of Communicating process matches the need :: L1MCCUREQ ? m.type, eval(line_addr), m.cache_id -> do // Delete the cache id that did the request from the list of copies :: (cpt == CACHE_TH) -> break ; :: ((cpt < CACHE_TH) && (v_c_id[cpt] == VALID) && (c_id[cpt] == m.cache_id)) -> v_c_id[cpt] = INVALID; n_copies = n_copies - 1; break; :: else -> cpt = cpt + 1; od;

  10. Results with SPIN  Initial models are too detailed  Observation automata are encoded into the model to check it’s properties  Cumbersome/intrusive observation mechanism for channels  Incremental modeling of each component + verification in isolation is possible  Parametric features are good  Simulator and traces as sequence diagrams are very useful  Two versions of the protocol modeled  More aggressive data abstraction in the second version  Some extensions explored e.g. LL/SC  Full verification only possible for very small configurations  Unable to obtain full formal verification  POR reductions limited by heavy channel usage

  11. Modeling and Verification in DiViNe  Master 2 student: Z. Gharbi  DiViNe is both a language and a model checker  Several versions, now focused on code verification  BEEM benchmark (2007) -> LTSmin, ITS-tools , Divine…  Similar in concept, but much more basic than Promela  Parametric constructions with m4 preprocessor  Channel support proved inadequate : use global variables  Properties encoded as LTL with fairness  Only Divine itself supports the keyword !  Able to reproduce the deadlock + patch  Still unable to model-check truly relevant configurations  Integration of other tools a bit limited

  12. Modeling in Guarded Action Language  Master 2 student : D. Zhao  GAL is an intermediate pivot language for concurrent semantics  Integers, and fixed size arrays of integers  Parametric and compositional features  Initially supported by a powerful SDD engine (lots of MCC medals)  Additional support now for LTSMin+POR  Some SMT based verification SMT LTSmin

  13. 13 A simple GAL gal simple { int a = 5 ; int b = - 2 ; array [3] tab = (0, 8, - 6); transition t1 [ a < tab [2] ] { a = (b + 3) * 255; Sequential b = a * tab [1]; Nondetermism, self ."act"; semantics synchronization self ."act"; } transition t2 [ true ] label "act" { tab [0] = (tab [0] - 1) | ((tab [0] == 255) * 255); } Indexes, bitwise operators… transition t3 [ true ] label "act" { } } property goal [ reachable ] : tab[0] == 8; Embedded properties

  14. Composite and Parametric features  Instantiation of components  Parameters over finite range  For loop  Parametric transitions and labels

  15. Modeling with GAL  Explicit models of channels  T wo variants depending on data  Automata directly expressed with a « state » variable  Labels used to describe channel operations  Description is hierarchical and parametric  Composite description makes use of arrays of cores+L1; arrays of L2 …  Fine control over atomicity semantics  Fusion of REQ/ACK in some scenarios  No simulator  « Unit » verification used to debug model behavior

  16. « Unit verifying »

  17. Verification with ITS-Tools  Performance sensitive to the description  Decomposition/recomposition heuristics still WIP  With appropriate descriptions and hierarchy, full verification is possible  First full result on the minimal target configuration 3/2/2  Scale up is still limited, largest configurations 3/3/3, 4/2/2, 6/1/2… even with 24h and sizeable RAM  No deadlocks reported in any configuration  Full LTL with fairness results still incomplete  Data abstraction prevents verification of memory model consistency in this version

  18. Conclusion  Formal modeling/verification is still a costly proposition  Manual abstraction is not very trustworthy , but…  Modeling all the implementation details swamps the model  Protocol issues are not necessarily in the routing/transport details  Different solution engines/tools have different strengths and weaknesses  Lack of a more uniform description language, well supported by several tools (e.g. SMT equivalent)  Model-checking was part of the result  A lot of confidence and understanding was also gained purely by building the formal descriptions themselves and debugging them

Recommend

GAIL: A DESIGN AND IMPLEMENTATION OF A CONSTRAINED GUARDED ACTION INTERMEDIATE LANGUAGE SUITABLE

GAIL: A DESIGN AND IMPLEMENTATION OF A CONSTRAINED GUARDED ACTION INTERMEDIATE LANGUAGE SUITABLE

GAIL: A DESIGN AND IMPLEMENTATION OF A CONSTRAINED GUARDED ACTION INTERMEDIATE LANGUAGE SUITABLE FOR REWRITE-BASED OPTIMIZATION Tim Zwiebel Northwestern University 2 Overview GAIL Rewriting Code Generator User Interface Future Work

577 views • 36 slides
Rewrite Semantics for Guarded Recursion in Type Theory Patrick Bahr IT University of Copenhagen

Rewrite Semantics for Guarded Recursion in Type Theory Patrick Bahr IT University of Copenhagen

Rewrite Semantics for Guarded Recursion in Type Theory Patrick Bahr IT University of Copenhagen joint work with Rasmus Mgelberg and Hans Bugge Grathwohl Overview Guarded Recursive Types Dependent Types Reduction Semantics 2 / 21 Guarded

488 views • 45 slides
Productive Coprogramming with Guarded Recursion Jeroen Slot en Ilse Pool First slide Last time

Productive Coprogramming with Guarded Recursion Jeroen Slot en Ilse Pool First slide Last time

Productive Coprogramming with Guarded Recursion Jeroen Slot en Ilse Pool First slide Last time we saw that corecursive functions have to be guarded. But guarded recur- sion does not always work, so we need something else, which we will be

783 views • 5 slides
Checking Extended CTL Properties Using Guarded Quotient Structure Xiaodong Wang advised by:

Checking Extended CTL Properties Using Guarded Quotient Structure Xiaodong Wang advised by:

Checking Extended CTL Properties Using Guarded Quotient Structure Xiaodong Wang advised by: Professor Sistla Outline Part I: Symmetry based method Part II: CCTL logic Part III: Input language Part IV: Model checking algorithm

630 views • 60 slides
The Clocks Are Ticking: No More Delays! Reduction Semantics for Type Theory with Guarded

The Clocks Are Ticking: No More Delays! Reduction Semantics for Type Theory with Guarded

The Clocks Are Ticking: No More Delays! Reduction Semantics for Type Theory with Guarded Recursion Patrick Bahr 1 Hans Bugge Grathwohl 2 Rasmus Mgelberg 1 1 IT University of Copenhagen 2 Aarhus University What is guarded recursion?

710 views • 48 slides
Guarded Traced Categories Sergey Goncharov and Lutz Schr oder Friedrich-Alexander-Universit

Guarded Traced Categories Sergey Goncharov and Lutz Schr oder Friedrich-Alexander-Universit

Guarded Traced Categories Sergey Goncharov and Lutz Schr oder Friedrich-Alexander-Universit at Erlangen-N urnberg FoSSaCS 2018, 16-19 April 2018, Thessaloniki, Greece Guarded Traced (Symmetric Monoidal) Categories Sergey Goncharov and

696 views • 34 slides
A model of PCF in Guarded Type Theory Marco Paviotti 1 Rasmus Mgelberg 1 Lars Birkedal 2 1 IT

A model of PCF in Guarded Type Theory Marco Paviotti 1 Rasmus Mgelberg 1 Lars Birkedal 2 1 IT

A model of PCF in Guarded Type Theory Marco Paviotti 1 Rasmus Mgelberg 1 Lars Birkedal 2 1 IT University of Copenhagen 2 Aarhus University June 23th, 2015 MFPS 2015 Nijmegen, Netherlands 1 / 20 Guarded Type Theory Birkedal and Mgelberg

838 views • 38 slides
Best Practice Plain Language Amy Bunk Plain Language Action and Information Network Plain

Best Practice Plain Language Amy Bunk Plain Language Action and Information Network Plain

Best Practice Plain Language Amy Bunk Plain Language Action and Information Network Plain language History History 1970s: President Nixon the Federal Register be written in layman's terms. Federal Communications

505 views • 29 slides
Multimodal Corpus for Integrated language and action Rishabh Nigam 10598 Cognitive Sciences

Multimodal Corpus for Integrated language and action Rishabh Nigam 10598 Cognitive Sciences

Multimodal Corpus for Integrated language and action Rishabh Nigam 10598 Cognitive Sciences Multimodal Corpus for Integrated language and action Multimodal Corpus for Integrated language and action Abstract: Collected data from audio,

1.04k views • 18 slides
Language and Thought Lecture 25 1 Language in Cognition Language as a Tool for

Language and Thought Lecture 25 1 Language in Cognition Language as a Tool for

Language and Thought Lecture 25 1 Language in Cognition Language as a Tool for Communication Experience, Thought, and Action Language as a Tool for Thought Labels for Objects, Events, Attributes, Concepts Reasoning,

1.2k views • 32 slides
Using Action Research Methods to Early childhood language abilities are strongly associated with

Using Action Research Methods to Early childhood language abilities are strongly associated with

The Problem Using Action Research Methods to Early childhood language abilities are strongly associated with subsequent Infuse Evidence-Based Language academic success Facilitation Practices in Head Start Two populations served through Head

311 views • 6 slides
Dichotomies in Ontology-Mediated Querying with the Guarded Fragment Frank Wolter University of

Dichotomies in Ontology-Mediated Querying with the Guarded Fragment Frank Wolter University of

Dichotomies in Ontology-Mediated Querying with the Guarded Fragment Frank Wolter University of Liverpool Based on joint work with A. Hernich, C. Lutz and F . Papacchini (PODS 2017) Dichotomy Theorems Given a class of problems, we would like

772 views • 62 slides
Guarded monoidal traces, Hoare logic and the Grothendieck construction Sergey Goncharov

Guarded monoidal traces, Hoare logic and the Grothendieck construction Sergey Goncharov

Guarded monoidal traces, Hoare logic and the Grothendieck construction Sergey Goncharov Oberseminar, TCS, FAU, Erlangen, 27.06.2017 Salvador Dal , Portrait of Gala with two lamb chops balanced on her shoulder, 1933 They immediately

1.15k views • 34 slides
Conservative Extensions in Guarded and Two-Variable Fragments Mauricio Martel Universitt

Conservative Extensions in Guarded and Two-Variable Fragments Mauricio Martel Universitt

Conservative Extensions in Guarded and Two-Variable Fragments Mauricio Martel Universitt Bremen, Germany Joint work with Jean Christoph Jung, Carsten Lutz, Thomas Schneider, and Frank Wolter Logic Tea ILLC, Amsterdam Mauricio Martel

1.14k views • 93 slides
Plan of Action Foreign Language Department 2014-2021 Planning for Program Evaluation In

Plan of Action Foreign Language Department 2014-2021 Planning for Program Evaluation In

Plan of Action Foreign Language Department 2014-2021 Planning for Program Evaluation In 2007-2008 the foreign language teachers grades 5-12 met to: - Identify questions we had about the language program - Identify ways to gather data to

461 views • 21 slides
Guarded Traced Categories for Recursion and Iteration Sergey Goncharov a oder a and Paul Blain

Guarded Traced Categories for Recursion and Iteration Sergey Goncharov a oder a and Paul Blain

Guarded Traced Categories for Recursion and Iteration Sergey Goncharov a oder a and Paul Blain Levy b ) (joint ongoing work with Lutz Schr April 2, 2019, Reykjavik TCS Seminar a Friedrich-Alexander-Universit at Erlangen-N urnberg b

1.08k views • 54 slides
Guarded Kleene Algebra with Tests Verification of Uninterpreted Programs in Nearly Linear Time

Guarded Kleene Algebra with Tests Verification of Uninterpreted Programs in Nearly Linear Time

Guarded Kleene Algebra with Tests Verification of Uninterpreted Programs in Nearly Linear Time Steffen Smolka 1 Nate Foster 1 Justin Hsu 2 e 3 Dexter Kozen 1 Alexandra Silva 3 Tobias Kapp 1 Cornell University 2 University of Wisconsin-Madison 3

1.15k views • 80 slides
Total (Co)Programming with Guarded Recursion Andrea Vezzosi Department of Computer Science and

Total (Co)Programming with Guarded Recursion Andrea Vezzosi Department of Computer Science and

Total (Co)Programming with Guarded Recursion Andrea Vezzosi Department of Computer Science and Engineering Chalmers University of Technology, Gothenburg, Sweden Types for Proofs and Programs Annual Meeting 2015 Tallinn, Estonia 18 May 2015

412 views • 26 slides
A Metalanguage for Guarded Iteration Sergey Goncharov Christoph Rauch Lutz Schr oder

A Metalanguage for Guarded Iteration Sergey Goncharov Christoph Rauch Lutz Schr oder

A Metalanguage for Guarded Iteration Sergey Goncharov Christoph Rauch Lutz Schr oder Friedrich-Alexander-Universit at Erlangen-N urnberg ICTAC 2018, October 15-19, Stellenbosch Two Flavors of Computations Domain theory

600 views • 33 slides
Decidable Fragments of First-Order and Fixed-Point Logic From prefix-vocabulary classes to guarded

Decidable Fragments of First-Order and Fixed-Point Logic From prefix-vocabulary classes to guarded

Decidable Fragments of First-Order and Fixed-Point Logic From prefix-vocabulary classes to guarded logics Erich Grdel graedel@rwth-aachen.de. Aachen University The classical decision problem part of Hilberts formalist programme for the

878 views • 76 slides
MetaBorg in Action Examples of Domain-specific Language Embedding and Assimilation using

MetaBorg in Action Examples of Domain-specific Language Embedding and Assimilation using

MetaBorg in Action Examples of Domain-specific Language Embedding and Assimilation using Stratego/XT Martin Bravenboer, Ren e de Groot, Eelco Visser Department of Information &amp; Computing Sciences Utrecht University, The Netherlands July

2.05k views • 171 slides
A Proof of MITM Vulnerability in Public WLANs Guarded by Captive Portal Author: Wei-Lin Chen

A Proof of MITM Vulnerability in Public WLANs Guarded by Captive Portal Author: Wei-Lin Chen

A Proof of MITM Vulnerability in Public WLANs Guarded by Captive Portal Author: Wei-Lin Chen Po-Kang Chen Quincy Wu Outline Introduction Motivation Related Works Authentication of Public WLAN Implementation &amp;

426 views • 30 slides
PUTTING LANGUAGE AND DATA STANDARDS AND BEST PRACTICES INTO ACTION: THE FREME FRAMEWORK

PUTTING LANGUAGE AND DATA STANDARDS AND BEST PRACTICES INTO ACTION: THE FREME FRAMEWORK

Co-funded by the Horizon 2020 Framework Programme of the European Union Grant Agreement Number 644771 PUTTING LANGUAGE AND DATA STANDARDS AND BEST PRACTICES INTO ACTION: THE FREME FRAMEWORK META-FORUM, 5 JULY 2016 Presented by Felix Sasaki

668 views • 20 slides
Towards Coherence for Guarded Traces Sergey Goncharov a oder a Paul Blain Levy b Lutz Schr

Towards Coherence for Guarded Traces Sergey Goncharov a oder a Paul Blain Levy b Lutz Schr

Towards Coherence for Guarded Traces Sergey Goncharov a oder a Paul Blain Levy b Lutz Schr January, 7, 2019, Birmingham TCS Seminar a Friedrich-Alexander-Universit at Erlangen-N urnberg b University of Birmingham Introduction

717 views • 36 slides

More recommend