fcsl previously on this channel previously on this channel
play

FCSL Previously on this channel Previously on this channel letrec - PowerPoint PPT Presentation

Jul 02, 2023 •384 likes •1.27k views

FCSL Previously on this channel Previously on this channel letrec span (x : ptr) : bool = { if x == null then val_ret false; else b CAS(x->m, 0, 1); if b then (r l ,r r ) (span(x->l) || span(x->r)); if r l then x->l :=

  1. FCSL

  2. Previously on this channel…

  3. Previously on this channel… letrec span (x : ptr) : bool = { if x == null then val_ret false; else b ← CAS(x->m, 0, 1); if b then (r l ,r r ) ← (span(x->l) || span(x->r)); if ¬r l then x->l := null; if ¬r r then x->r := null; val_ret true; else val_ret false; }

  4. Previously on this channel… letrec span (x : ptr) : bool = { if x == null then val_ret false; else b ← CAS(x->m, 0, 1); if b then (r l ,r r ) ← (span(x->l) || span(x->r)); if ¬r l then x->l := null; if ¬r r then x->r := null; val_ret true; else val_ret false; } a a a ✔ ✔ ✔ ✔ ✗ b c b c b c ✗ ✔ ✔ d e d e d e a a a ✔ ✔ ✔ ✔ ✗ b c b c b c ✗ ✔ ✔ d e d e d e

  5. Previously on this channel… Definition span_tp (x : ptr) := letrec span (x : ptr) : bool = { {i (g1 : graph (joint i))}, STsep [SpanTree] if x == null then val_ret false; ( fun s1 => i = s1 ⋀ (x == null ⋁ x ∈ dom (joint s1)), else b ← CAS(x->m, 0, 1); fun (r : bool) s2 => exists g2 : graph (joint s2), : if b then subgraph g1 g2 ⋀ (r l ,r r ) ← (span(x->l) || span(x->r)); if r then x != null ⋀ exists (t : set ptr), if ¬r l then x->l := null; self s2 = self i ⊕ t ⋀ if ¬r r then x->r := null; tree g2 x t ⋀ val_ret true; maximal g2 t ⋀ else val_ret false; front g1 t (self s2 ⊕ other s2) else (x == null ⋁ mark g2 x) ⋀ } self s2 = self i). a a a ✔ ✔ ✔ ✔ ✗ b c b c b c ✗ ✔ ✔ d e d e d e a a a ✔ ✔ ✔ ✔ ✗ b c b c b c ✗ ✔ ✔ d e d e d e

  6. Previously on this channel… Definition span_tp (x : ptr) := letrec span (x : ptr) : bool = { {i (g1 : graph (joint i))}, STsep [SpanTree] if x == null then val_ret false; ( fun s1 => i = s1 ⋀ (x == null ⋁ x ∈ dom (joint s1)), else b ← CAS(x->m, 0, 1); fun (r : bool) s2 => exists g2 : graph (joint s2), : if b then subgraph g1 g2 ⋀ (r l ,r r ) ← (span(x->l) || span(x->r)); if r then x != null ⋀ exists (t : set ptr), if ¬r l then x->l := null; self s2 = self i ⊕ t ⋀ if ¬r r then x->r := null; tree g2 x t ⋀ val_ret true; maximal g2 t ⋀ else val_ret false; front g1 t (self s2 ⊕ other s2) else (x == null ⋁ mark g2 x) ⋀ } self s2 = self i). a | {z } a a ✔ ✔ + with {} ✔ ✔ ✗ b c b c b c tree g2 a t ⋀ maximal g2 t ⋀ ✗ ✔ ✔ front g1 t (self s2) ⋀ t = self s2 ⋀ d e d e d e is_root a g1 ⋀ subgraph g1 g2 a a a ✔ ✔ ✔ ✔ ✗ b c b c b c ✗ ✔ ✔ d e d e d e

  7. Previously on this channel… Definition span_tp (x : ptr) := letrec span (x : ptr) : bool = { {i (g1 : graph (joint i))}, STsep [SpanTree] if x == null then val_ret false; ( fun s1 => i = s1 ⋀ (x == null ⋁ x ∈ dom (joint s1)), else b ← CAS(x->m, 0, 1); fun (r : bool) s2 => exists g2 : graph (joint s2), : if b then subgraph g1 g2 ⋀ (r l ,r r ) ← (span(x->l) || span(x->r)); if r then x != null ⋀ exists (t : set ptr), if ¬r l then x->l := null; self s2 = self i ⊕ t ⋀ if ¬r r then x->r := null; tree g2 x t ⋀ val_ret true; maximal g2 t ⋀ else val_ret false; front g1 t (self s2 ⊕ other s2) else (x == null ⋁ mark g2 x) ⋀ } self s2 = self i). a | {z } a a ✔ ✔ + with {} ✔ ✔ ✗ b c b c b c tree g2 a t ⋀ maximal g2 t ⋀ ✗ ✔ ✔ front g1 t (self s2) ⋀ t = self s2 ⋀ d e d e d e is_root a g1 ⋀ subgraph g1 g2 ⇓ a a a ✔ ✔ ✔ ✔ ✗ spanning t g1 b c b c b c ✗ ✔ ✔ d e d e d e

  8. Previously on this channel… Definition span_tp (x : ptr) := letrec span (x : ptr) : bool = { {i (g1 : graph (joint i))}, STsep [SpanTree] if x == null then val_ret false; ( fun s1 => i = s1 ⋀ (x == null ⋁ x ∈ dom (joint s1)), else b ← CAS(x->m, 0, 1); fun (r : bool) s2 => exists g2 : graph (joint s2), : if b then subgraph g1 g2 ⋀ (r l ,r r ) ← (span(x->l) || span(x->r)); if r then x != null ⋀ exists (t : set ptr), if ¬r l then x->l := null; self s2 = self i ⊕ t ⋀ if ¬r r then x->r := null; tree g2 x t ⋀ val_ret true; maximal g2 t ⋀ else val_ret false; front g1 t (self s2 ⊕ other s2) else (x == null ⋁ mark g2 x) ⋀ } self s2 = self i). a | {z } a a ✔ ✔ + with {} ✔ ✔ ✗ b c b c b c tree g2 a t ⋀ maximal g2 t ⋀ ✗ ✔ ✔ front g1 t (self s2) ⋀ t = self s2 ⋀ d e d e d e is_root a g1 ⋀ subgraph g1 g2 ⇓ a a a ✔ ✔ ✔ ✔ ✗ spanning t g1 b c b c b c ✗ ✔ ✔ d e d e d e

  9. Previously on this channel… Definition span_tp (x : ptr) := letrec span (x : ptr) : bool = { {i (g1 : graph (joint i))}, STsep [SpanTree] if x == null then val_ret false; ( fun s1 => i = s1 ⋀ (x == null ⋁ x ∈ dom (joint s1)), else b ← CAS(x->m, 0, 1); fun (r : bool) s2 => exists g2 : graph (joint s2), : if b then subgraph g1 g2 ⋀ (r l ,r r ) ← (span(x->l) || span(x->r)); if r then x != null ⋀ exists (t : set ptr), if ¬r l then x->l := null; self s2 = self i ⊕ t ⋀ if ¬r r then x->r := null; tree g2 x t ⋀ val_ret true; maximal g2 t ⋀ else val_ret false; front g1 t (self s2 ⊕ other s2) else (x == null ⋁ mark g2 x) ⋀ } self s2 = self i). a | {z } a a ✔ ✔ + with {} ✔ ✔ ✗ b c b c b c tree g2 a t ⋀ maximal g2 t ⋀ ✗ ✔ ✔ front g1 t (self s2) ⋀ t = self s2 ⋀ d e d e d e is_root a g1 ⋀ subgraph g1 g2 ⇓ a a a ✔ ✔ ✔ ✔ ✗ spanning t g1 b c b c b c ✗ ✔ ✔ d e d e d e

  10. Anatomy of mechanized reasoning 
 about fine-grained 
 concurrency Ilya Sergey joint work with 
 Aleks Nanevski Anindya Banerjee Ruy Ley-Wild Germán Delbianco

  11. Concurrent Hoare-style specifications

  12. Concurrent Hoare-style specifications { P } { Q } c

  13. Concurrent Hoare-style specifications { P } { Q } c C ⊢

  14. Concurrent Hoare-style specifications Context that specifies expected 
 thread interference { P } { Q } c C ⊢

  15. Concurrent Hoare-style specifications Context that specifies expected 
 thread interference { P } { Q } c C ⊢ aka. rely/guarantee, concurrent resources, regions, protocols, islands, invariants, concurroids, monitors

  16. Owicki-Gries (1976) Rely-Guarantee (1983) CSL (2004) Bornat-al (2005) RGSep (2007) SAGL (2007) Gotsman-al (2007) Deny-Guarantee (2009) LRG (2009) CAP (2010) Jacobs-Piessens (2011) HLRG (2010) HOCAP (2013) RGSim (2012) SCSL (2013) Liang-Feng (2013) iCAP (2014) TaDA (2014) CaReSL (2013) CoLoSL (2015) FCSL (2014) Iris (2015)

  17. Owicki-Gries (1976) Rely-Guarantee (1983) CSL (2004) Bornat-al (2005) RGSep (2007) SAGL (2007) Gotsman-al (2007) Deny-Guarantee (2009) LRG (2009) CAP (2010) Jacobs-Piessens (2011) HLRG (2010) HOCAP (2013) RGSim (2012) SCSL (2013) Liang-Feng (2013) iCAP (2014) TaDA (2014) CaReSL (2013) CoLoSL (2015) FCSL (2014) Iris (2015)

  18. Owicki-Gries (1976) Rely-Guarantee (1983) CSL (2004) Bornat-al (2005) RGSep (2007) SAGL (2007) Gotsman-al (2007) Deny-Guarantee (2009) LRG (2009) CAP (2010) Jacobs-Piessens (2011) HLRG (2010) HOCAP (2013) RGSim (2012) SCSL (2013) Liang-Feng (2013) iCAP (2014) TaDA (2014) CaReSL (2013) CoLoSL (2015) FCSL (2014) Iris (2015)

  19. FCSL: Fine-grained Concurrent Separation Logic Nanevski, Ley-Wild, Sergey, Delbianco [ESOP’14]

  20. FCSL: Fine-grained Concurrent Separation Logic Nanevski, Ley-Wild, Sergey, Delbianco [ESOP’14] • Logic for reasoning with concurroids

  21. FCSL: Fine-grained Concurrent Separation Logic Nanevski, Ley-Wild, Sergey, Delbianco [ESOP’14] • Logic for reasoning with concurroids • Emphasis on subjective specifications

  22. Agenda • Defining concurroids • Atomic actions and stable specifications • Verification layout

  23. Agenda • Defining concurroids • Atomic actions and stable specifications • Verification layout

  24. Concurroids • State-transition systems with subjective state • Coherence predicate defines resource state-space

  25. Demo 1: Definition of a concurroid’s 
 coherence predicate

  26. Concurroids

  27. Concurroids • State-transition systems with subjective state • Coherence predicate defines resource state-space

  28. Concurroids • State-transition systems with subjective state • Coherence predicate defines resource state-space • Transitions describe guarantee (and rely by transposition)

  29. mark-node transition A successful attempt to atomically mark a node and add it to self

  30. mark-node transition A successful attempt to atomically mark a node and add it to self a b c d e

  31. mark-node transition A successful attempt to atomically mark a node and add it to self a a ✔ → b c b c d e d e

  32. nullify-edge transition Atomically pruning of an edge from a node, owned in self

  33. nullify-edge transition Atomically pruning of an edge from a node, owned in self a ✔ ✔ b c ✗ ✔ d e

  34. nullify-edge transition Atomically pruning of an edge from a node, owned in self a a ✔ ✔ ✔ ✔ → b c b c ✗ ✔ ✔ d e d e

  35. Demo 2: Defining concurroid transitions

  36. Agenda • Defining concurroids • Atomic actions and stable specifications • Verification layout

  37. Agenda • Defining concurroids • Atomic actions and stable specifications • Verification layout

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Previously... Joint typical sequences Covering and Packing Lemmas Channel Coding Theorem

Previously... Joint typical sequences Covering and Packing Lemmas Channel Coding Theorem

Lecture 12 Review Previously... Joint typical sequences Covering and Packing Lemmas Channel Coding Theorem Capacity of Gaussian channel Capacity of additive white Gaussian channel Forward proof of Channel Coding Theorem S. Cheng (OU-Tulsa)

2.44k views • 134 slides
CHANNEL ALLOCATION Channel Language Translation Channel Translation Language Channel 1 German

CHANNEL ALLOCATION Channel Language Translation Channel Translation Language Channel 1 German

CHANNEL ALLOCATION Channel Language Translation Channel Translation Language Channel 1 German Kanal 1 Deutsch Channel 2 English Channel 2 English Channel 3 Italian Canale 3 Italiano Channel 4 Spanish Canal 4 Espaol Channel 5

708 views • 34 slides
Channel design Channel coverage Intensive Selective Exclusive Channel

Channel design Channel coverage Intensive Selective Exclusive Channel

PLANNING A B2B MARKETING CHANNEL STRATEGY Channel design Channel coverage Intensive Selective Exclusive Channel management decisions Selecting suitable channel partners Managing and motivating channel partners

560 views • 29 slides
Channel Assignment and Channel Hopping in IEEE 802.11 Operating Channels for 802.11b Europe

Channel Assignment and Channel Hopping in IEEE 802.11 Operating Channels for 802.11b Europe

Channel Assignment and Channel Hopping in IEEE 802.11 Operating Channels for 802.11b Europe (ETSI) channel 1 channel 7 channel 13 2400 2412 2442 2472 2483.5 [MHz] 22 MHz US (FCC)/Canada (IC) channel 1 channel 6 channel 11 2400

572 views • 44 slides
1 Simultaneous interpretation EN channel 1 FR channel 2 ES channel 3 DE channel 4 2 The Future

1 Simultaneous interpretation EN channel 1 FR channel 2 ES channel 3 DE channel 4 2 The Future

EUROPEAN AFFAIRS COMMITTEE The Future of Health in the European Union Brussels, November 15th, 2018 #AIM20yearsBxl #FutureHealthEU 1 Simultaneous interpretation EN channel 1 FR channel 2 ES channel 3 DE channel 4 2 The Future of Health in

299 views • 9 slides
ANNUAL ACCOUNTS PRESS CONFERENCE CHANNEL ALLOCATION. Channel Language Translation Channel

ANNUAL ACCOUNTS PRESS CONFERENCE CHANNEL ALLOCATION. Channel Language Translation Channel

ANNUAL ACCOUNTS PRESS CONFERENCE CHANNEL ALLOCATION. Channel Language Translation Channel Translation Language Channel 1 German Channel 1 Deutsch Channel 2 English Channel 2 English Channel 3 French Canal 3 Franais Channel 4

868 views • 84 slides
The Relaxation Channel CHANNEL DESCRIPTION A new rapidly expanding 24/7 linear channel

The Relaxation Channel CHANNEL DESCRIPTION A new rapidly expanding 24/7 linear channel

The Relaxation Channel CHANNEL DESCRIPTION A new rapidly expanding 24/7 linear channel which features extraordinary scenes of nature fjlmed around the world in 4K and HD, combined with natural sounds and soothing music. No

470 views • 10 slides
HAYMARKET Previously Previously recap the Feb 2017 presentation Presented to scrutiny

HAYMARKET Previously Previously recap the Feb 2017 presentation Presented to scrutiny

25/09/17 HAYMARKET Previously Previously recap the Feb 2017 presentation Presented to scrutiny members in February 2017 Progress and Issues on Site Outlined the key themes of the business plan Completion and Handover Dates

306 views • 5 slides
ANNUAL ACCOUNTS PRESS CONFERENCE LANGUAGE CHANNELS. Channel Language Channel (translation)

ANNUAL ACCOUNTS PRESS CONFERENCE LANGUAGE CHANNELS. Channel Language Channel (translation)

ANNUAL ACCOUNTS PRESS CONFERENCE LANGUAGE CHANNELS. Channel Language Channel (translation) Language (translation) Channel 1 German Kanal 1 Deutsch Channel 2 English Channel 2 English Channel 3 French Canal 3 Franais Channel 4

1.02k views • 54 slides
Yoshimura-Kuh Channel Routing Perform YK channel routing with K = 100 TOP =

Yoshimura-Kuh Channel Routing Perform YK channel routing with K = 100 TOP =

Yoshimura-Kuh Channel Routing Perform YK channel routing with K = 100 TOP = [1,1,4,2,3,4,3,6,5,8,5,9] BOT = [2,3,2,0,5,6,4,7,6,9,8,7] Practical Problems in VLSI Physical Design YK Channel Routing (1/16) Constrained Left-Edge Algorithm

184 views • 16 slides
FIRST GLOBAL TURKISH DRAMA CHANNEL TIMELESS DRAMA CHANNEL TIMELESS DRAMA CHANNEL Love, family,

FIRST GLOBAL TURKISH DRAMA CHANNEL TIMELESS DRAMA CHANNEL TIMELESS DRAMA CHANNEL Love, family,

FIRST GLOBAL TURKISH DRAMA CHANNEL TIMELESS DRAMA CHANNEL TIMELESS DRAMA CHANNEL Love, family, betrayal, intrigue... love, passion, action Emotions know no geographical boundaries. Turkey has produced the highest number of fjctions ranked

423 views • 15 slides
+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel Architectures WAMOS 2015 Advanced Opera3ng Systems Hochschule RheinMain Alexander Baumgrtner and

539 views • 25 slides
Previously in Game Theory Previously in Game Theory decision makers: choices

Previously in Game Theory Previously in Game Theory decision makers: choices

Previously in Game Theory Previously in Game Theory decision makers: choices preferences Previously in Game Theory decision makers: choices preferences solution concepts: best response Nash equilibrium Rock,

872 views • 75 slides
Part V. AWGN Channel Capacity AWGN Capacity Formula; Sphere Packing; Resources in AWGN Channel

Part V. AWGN Channel Capacity AWGN Capacity Formula; Sphere Packing; Resources in AWGN Channel

Part V. AWGN Channel Capacity AWGN Capacity Formula; Sphere Packing; Resources in AWGN Channel 61 Channel coding theorem For every memoryless channel, there is a definite number C (computable) such that: If the data rate R < C ,

910 views • 12 slides
VMS SAN Technology Spring 2002 John Covert 3C01 Fibre Channel Fibre Channel Fibre Channel

VMS SAN Technology Spring 2002 John Covert 3C01 Fibre Channel Fibre Channel Fibre Channel

VMS SAN Technology Spring 2002 John Covert 3C01 Fibre Channel Fibre Channel Fibre Channel ANSI standard network and storage interconnect OpenVMS, and most others, use it for SCSI storage TCI/IP and VIA also possible 1.06

460 views • 19 slides
D1.17A VDES Channel Model Satellite Channel Characteristics Arunas Macikunas 1 , Jan af 2 ,

D1.17A VDES Channel Model Satellite Channel Characteristics Arunas Macikunas 1 , Jan af 2 ,

D1.17A VDES Channel Model Satellite Channel Characteristics Arunas Macikunas 1 , Jan af 2 , Nick Ward 2 1 Waves in Space Corp., Canada 2 General Lighthouse Authorities of the UK and Ireland IALA ENAV20 Meeting 78100 Saint Germain en Laye

291 views • 25 slides
Class 38: Geometry of Conic Sections Class 38: Geometry of Conic Sections Orbital equation

Class 38: Geometry of Conic Sections Class 38: Geometry of Conic Sections Orbital equation

Class 38: Geometry of Conic Sections Class 38: Geometry of Conic Sections Orbital equation 2 Radial : ( r - r ) f(r) r 2 Tangential Tangential : : L L r 1 u r r

556 views • 17 slides
Passive DNS @ CERT.at (pDNS) contact: L. Aaron Kaplan <kaplan@cert.at> Tel: +43 1

Passive DNS @ CERT.at (pDNS) contact: L. Aaron Kaplan <kaplan@cert.at> Tel: +43 1

Passive DNS @ CERT.at (pDNS) contact: L. Aaron Kaplan <kaplan@cert.at> Tel: +43 1 505 64 16 / 78 Idea & credits: Florian Weimer, BFK pDNS @ CERT.at passive DNS: Idea to capture the DNS answers and give them a timestamp.

336 views • 6 slides
Tim McCarthy Tim McCarthy McCarthy Information Systems tmccart1@san.rr.com Agenda Pros/Cons

Tim McCarthy Tim McCarthy McCarthy Information Systems tmccart1@san.rr.com Agenda Pros/Cons

Tim McCarthy Tim McCarthy McCarthy Information Systems tmccart1@san.rr.com Agenda Pros/Cons of application frameworks Refactoring to DDD patterns getting rid of the persistence/plumbing code from the Domain Model My own DDD

779 views • 11 slides
CPU Scheduling Lecture 13 Disclaimer: some slides are adopted from book authors and Dr.

CPU Scheduling Lecture 13 Disclaimer: some slides are adopted from book authors and Dr.

CPU Scheduling Lecture 13 Disclaimer: some slides are adopted from book authors and Dr. Kulkarnis slides with permission 1 Recap Deadlock prevention Break any of four deadlock conditions Mutual exclusion, no preemption, hold

497 views • 38 slides
Scalable Verification of Stateful Networks Aurojit Panda, Ori Lahav, Katerina Argyraki, Mooly

Scalable Verification of Stateful Networks Aurojit Panda, Ori Lahav, Katerina Argyraki, Mooly

Scalable Verification of Stateful Networks Aurojit Panda, Ori Lahav, Katerina Argyraki, Mooly Sagiv, Scott Shenker UC Berkeley, TAU, ICSI Roadmap Why consider stateful networks? The current state of stateful network verification?

1.31k views • 80 slides
de Sitter Vacua Bret Underwood McGill University Pheno 2009 S. Haque, G. Shiu, BU , T . Van

de Sitter Vacua Bret Underwood McGill University Pheno 2009 S. Haque, G. Shiu, BU , T . Van

de Sitter Vacua Bret Underwood McGill University Pheno 2009 S. Haque, G. Shiu, BU , T . Van Riet, Phys. Rev. D79:086005 (2009), arXiv:0810.5328 Does dS space exist classically from a top down construction? dS Space Bottom Up 1 1 H 2 = H 2

481 views • 13 slides
UNDERSTANDING CONVERGENCE IN MPLS VPN NETWORKS Mukhtiar A. Shaikh (mshaikh@cisco.com) Moiz

UNDERSTANDING CONVERGENCE IN MPLS VPN NETWORKS Mukhtiar A. Shaikh (mshaikh@cisco.com) Moiz

UNDERSTANDING CONVERGENCE IN MPLS VPN NETWORKS Mukhtiar A. Shaikh (mshaikh@cisco.com) Moiz Moizuddin (mmoizudd@cisco.com) 1 Agenda Introduction Convergence Definition Expected (Theoretical) Convergence Test Methodology Day

565 views • 34 slides
Motivation Two important points Javier Estrada This issue is on very shaky ground IESE

Motivation Two important points Javier Estrada This issue is on very shaky ground IESE

Emerging Markets (III): Cost of Capital Javier Estrada ADFIN Winter/2014 1. Motivation Two important issues The CAPM in EMs 2. Models Lessard GodfreyEspinosa Goldman Sachs SalomonSmithBarney Motivation Two

333 views • 7 slides

More recommend