SLIDE 1
Reversible event structures, and Controlled and Uncontrolled Reversibility in CCSK
Eva Graversen & Nobuko Yoshida April 29
1
http://mrg.doc.ic.ac.uk
M
- b
y R e c G
-
Reversible event structures, and Controlled and Uncontrolled - - PowerPoint PPT Presentation
Reversible event structures, and Controlled and Uncontrolled - - PowerPoint PPT Presentation
Reversible event structures, and Controlled and Uncontrolled Reversibility in CCSK Eva Graversen & Nobuko Yoshida April 29 1 http://mrg.doc.ic.ac.uk o p c G y R e M o b
SLIDE 2
SLIDE 3
SLIDE 4
ECOOP’16 E C O O P ’ 1 7 CC’18
SLIDE 5
SLIDE 6
POPL’17
SLIDE 7
ICSE’18
SLIDE 8
[CC’18] Rumyana Neykova , Raymond Hu, NY, Fahd Abdeljallal: Session Type Providers: Compile-time API Generation for Distributed Protocols with Interaction Refinements in F#. [FoSSaCS’18] Bernardo Toninho, NY: Depending On Session Typed Process. [ESOP’18] Bernardo Toninho, NY: On Polymorphic Sessions And Functions: A Talk of Two (Fully Abstract) Encodings. [ESOP’18] Malte Viering, Tzu-Chun Chen, Patrick Eugster, Raymond Hu , Lukasz Ziarek: A Typing Discipline for Statically Verified Crash Failure Handling in Distributed Systems. [ICSE’18] Julien Lange, Nicholas Ng, Bernardo Toninho, NY : A Static Verification Framework for Message Passing in Go using Behavioural Types [ECOOP’17] Alceste Scala, Raymond Hu, Ornela Darda, NY: A Linear Decomposition
- f Multiparty Sessions for Safe Distributed Programming..
[COORDINATION’17] Keigo Imai, NY, Shoji Yuen: Session-ocaml: a session-based library with polarities and lenses. [FoSSaCS’17] Julien Lange, NY: On the Undecidability of Asynchronous Session Subtyping. [FASE’17] Raymond Hu, NY: Explicit Connection Actions in Multiparty Session Types. [CC’17] Rumyana Neykova, NY: Let It Recover: Multiparty Protocol-Induced Recovery. [POPL’17] Julien Lange, Nicholas Ng, Bernardo Toninho, NY: Fencing off Go: Liveness and Safety for Channel-based Programming.
Selected Publications 2017/2018
SLIDE 9
[CC’18] Rumyana Neykova , Raymond Hu, NY, Fahd Abdeljallal: Session Type Providers: Compile-time API Generation for Distributed Protocols with Interaction Refinements in F#. [FoSSaCS’18] Bernardo Toninho, NY: Depending On Session Typed Process. [ESOP’18] Bernardo Toninho, NY: On Polymorphic Sessions And Functions: A Talk of Two (Fully Abstract) Encodings. [ESOP’18] Malte Viering, Tzu-Chun Chen, Patrick Eugster, Raymond Hu , Lukasz Ziarek: A Typing Discipline for Statically Verified Crash Failure Handling in Distributed Systems. [ICSE’18] Julien Lange, Nicholas Ng, Bernardo Toninho, NY : A Static Verification Framework for Message Passing in Go using Behavioural Types. [ECOOP’17] Alceste Scala, Raymond Hu, Ornela Darda, NY: A Linear Decomposition
- f Multiparty Sessions for Safe Distributed Programming.
[COORDINATION’17] Keigo Imai, NY, Shoji Yuen: Session-ocaml: a session-based library with polarities and lenses. [FoSSaCS’17] Julien Lange, NY: On the Undecidability of Asynchronous Session Subtyping. [FASE’17] Raymond Hu, NY: Explicit Connection Actions in Multiparty Session Types. [CC’17] Rumyana Neykova, NY: Let It Recover: Multiparty Protocol-Induced Recovery. [POPL’17] Julien Lange, Nicholas Ng, Bernardo Toninho, NY: Fencing off Go: Liveness and Safety for Channel-based Programming.
Selected Publications 2017/2018
SLIDE 10
Motivation
- Reversibility can be used for:
- Modelling naturally reversible systems
- Debugging
- State-space exploration
- Event structures have been used to define semantics for CCS,
π-calculus, LOTOS, etc. in forwards-only setting.
- Categorical definitions can help define choice and parallel
composition.
2
SLIDE 11
CCSK
CCSK (Phillips et al. 06) uses keys to denote past actions and which actions they have synchronised with: a.b ⑤ a
τrms
Ý Ý Ý Ñ arms.b ⑤ arms
brns
Ý Ý Ñ arms.brns ⑤ arms
brns
arms.b ⑤ arms
3
SLIDE 12
Forwards CCS Process as Prime Event Structure (Winskel 1982)
a.b ⑤ b Ñ E ✏ ta, b, b, τ✉ a ➔ b a ➔ τ b ✼ τ τ ✼ b Ñ ❍ ta✉ ta, b✉ tb✉ ta, b✉ ta, τ✉ ta, b, b✉
Process Event Structure Configurations
4
SLIDE 13
Forwards-only Category Overview
PrimeES BundleES StableES generalES AsymmetricES ExtendedBundleES B I A Ba Be Eb 5
SLIDE 14
Category Overview
PES BES SES ES ReversiblePES RBES SRES RES AES RAES EBES REBES SConfigurationSystems FinitelyEnabledCS Pp ✪ Pb ✪ Pe ✪ B Br I I Pr Pr Ar Bar Ber A Ba Be Pa ✪ I Cr ✪ ✪ Cr Cer Φp Φb Φe Φa ✪ R✶ R✶ R Eb Eer
Previously defined Morphisms defined by us Entirely defined by us
6
SLIDE 15
Outline
Configuration Systems Reversible Bundle Event Structures Event structure semantics of CCSK Roll-CCSK
7
SLIDE 16
Configuration Systems
SLIDE 17
Configuration System
A configuration system has a set of events E ✏ ta, b✉, a set of reversible events F ✏ ta, b✉, which can be undone a, b, a set C ❸ 2E configurations of events, and a set Ñ❸ C ✂ ♣E ❨ Fq ✂ C transitions between them: ❍ ta✉ tb✉ ta, b✉ a b a b b a a b, a
8
SLIDE 18
Morphism
Definition (Configuration system-morphism) Let ♣E0, F0, C0, Ñ0q and ♣E1, F1, C1, Ñ1q be configuration systems. A configuration system morphism is a partial function f : E0 Ñ E1 such that
- 1. for any X, Y P C0, A ❸ E0, and B ❸ F0, if X
A❨B
Ý Ý Ý Ñ0 Y then f ♣Xq
f ♣Aq❨f ♣Bq
Ý Ý Ý Ý Ý Ý Ñ1 f ♣Y q
- 2. for any X P C0, f ♣Xq P C1
- 3. for all e0, e✶
0 P E0, if f ♣e0q ✏ f ♣e✶ 0q ✘ ❑ and e0 ✘ e✶ 0 then there
exists no X P C0 such that e0, e✶
0 P X 9
SLIDE 19
Coproduct (Choice)
❍ ta✉ tb✉ ta, b✉
- ❍
tc✉ td✉ tc, d✉
✏
❍ ta✉ tb✉ ta, b✉ tc✉ td✉ tc, d✉
10
SLIDE 20
Partially Synchronous Product (Parallel Composition)
❍ ta✉ tb✉ ta, b✉
✂
❍ tc✉ ✏ ❍ t♣a, ✝q✉ t♣b, ✝q✉ t♣a, cq✉ t♣b, cq✉ t♣✝, cq✉ t♣a, ✝q, ♣b, ✝q✉ t♣a, ✝q, ♣b, cq✉ t♣a, ✝q, ♣✝, cq✉ t♣a, cq, ♣b, ✝q✉ t♣b, ✝q, ♣✝, cq✉ t♣a, ✝q, ♣b, ✝q, ♣✝, cq✉
11
SLIDE 21
Reversible Bundle Event Structures
SLIDE 22
Reversible Bundle Event Structure
E ✏ ♣E, F, Ðß , #, ⊲q where E ✏ ta, b, c✉, F ✏ ta, b✉, tc, b✉ Ðß a, ta✉ Ðß c, b#c, ta✉ Ðß b, c ⊲ a ❍ ta✉ tb✉ tc✉ ta, b✉ ta, c✉ b b c a a a b a
12
SLIDE 23
Causal
If a CS or RBES is causal, an event can be reversed if and only if every event caused by it has been reversed. In a causal CS any reachable configuration is forwards-reachable. Most reversible process calculi are causal. The previous RBES and CS were not causal.
13
SLIDE 24
Causal CS and RBES
E ✏ ♣E, F, ÞÑ, ✼, ⊲q where E ✏ ta, b✉ F ✏ ta, b✉ ta✉ Ðß b, b ⊲ a ❍ ta✉ tb✉ ta, b✉ a b a b a, b b a
14
SLIDE 25
Event structure semantics of CCSK
SLIDE 26
CCSK
CCSK uses keys to denote past actions and which actions they have synchronised with: a.b ⑤ a
τrms
Ý Ý Ý Ñ arms.b ⑤ arms
brns
Ý Ý Ñ arms.brns ⑤ arms
brns
arms.b ⑤ arms
15
SLIDE 27
CCSK Process as Reversible Bundle Event Structure
arms.b ⑤ arms Ñ E ✏ ta, a, τ, b✉ ta, τ✉ Ðß b a ✼ τ ✼ a b ⊲ a b ⊲ τ
Ñ
❍ ta✉ ta✉ tτ✉ ta, b✉ tτ, b✉ ta, a✉ ta, a, b✉
Process Event Structure Configurations
16
SLIDE 28
Roll-CCSK
SLIDE 29
Rollback
Rollback (Lanese et al., 11) is a way to control when the process reverses, only letting tagged actions and actions caused by them reverse when the roll is reached: arms.brns ⑤ aγrms.crosroll γ
roll γ
a.b ⑤ aγ.c.roll γ ♣ ♣ ⑤ q ⑤
✶ ♣
⑤
✶q ⑤
⑤ q③t ✉
17
SLIDE 30
Rollback
Rollback (Lanese et al., 11) is a way to control when the process reverses, only letting tagged actions and actions caused by them reverse when the roll is reached: arms.brns ⑤ aγrms.crosroll γ
roll γ
a.b ⑤ aγ.c.roll γ Using this method, ♣aγ.♣d.0 ⑤ c.roll γq ⑤ bγ✶.♣c ⑤ d.roll γ✶q ⑤ a ⑤ bq③ta, b, c, d✉ is not able to roll all the way back to the beginning, as executing
- ne roll undoes an action preceding the other.
17
SLIDE 31
We split the roll into two actions, one triggering the roll, which is reversed when a previous action is rolled back, and one executing the roll:
♣aγrms.♣drns.0 ⑤ cros.roll γq ⑤ bγ✶rps.♣cros ⑤ drns.roll γ✶q ⑤ arms ⑤ brpsq③ta, b, c, d✉
start roll γ
♣aγrms.♣drns.0 ⑤ cros.rolling γq ⑤ bγ✶rps.♣cros ⑤ drns.roll γ✶q ⑤ arms ⑤ brpsq③ta, b, c, d✉
start roll γ✶
♣aγrms.♣drns.0 ⑤ cros.rolling γq ⑤ bγ✶rps.♣cros ⑤ drns.rolling γ✶q ⑤ arms ⑤ brpsq③ta, b, c, d✉
roll γ✶
♣aγrms.♣d.0 ⑤ c.rolling γq ⑤ bγ✶.♣c ⑤ d.roll γ✶q ⑤ arms ⑤ bq③ta, b, c, d✉
roll γ
♣aγ.♣d.0 ⑤ c.roll γq ⑤ bγ✶.♣c ⑤ d.roll γ✶q ⑤ a ⑤ bq③ta, b, c, d✉ 18
SLIDE 32
Roll-CCSK Process as Event Structure
aγ.roll γ Ñ E ✏ ta, start roll γ, roll γ✉ ta✉ Ðß start roll γ tstart roll γ✉ Ðß roll γ troll γ✉ Ðß start roll γ troll γ✉ Ðß a a ⊲ roll γ start roll γ ⊲ a roll γ ⊲ a roll γ ⊲ start roll γ
Ñ
❍ ta✉ ta, start roll γ✉ ta, start roll γ, roll γ✉ troll γ✉ ta, roll γ✉
Process Event Structure Configurations
19
SLIDE 33
Splitting events in Roll-CCSK
Sometimes reversal of events is caused by multiple events
- combining. To model this, events must be spilt.
arms.brns ⑤ aγrms.rolling γ
roll γ
Ý Ý Ý Ñ a.b ⑤ aγ.roll γ arm✶s.brns ⑤ aγrms.rolling γ
roll γ
Ý Ý Ý Ñ arm✶s.brns ⑤ aγ.roll γ t ✉ Ðß t ✉ Ðß t ✉ Ðß
20
SLIDE 34
Splitting events in Roll-CCSK
Sometimes reversal of events is caused by multiple events
- combining. To model this, events must be spilt.
arms.brns ⑤ aγrms.rolling γ
roll γ
Ý Ý Ý Ñ a.b ⑤ aγ.roll γ arm✶s.brns ⑤ aγrms.rolling γ
roll γ
Ý Ý Ý Ñ arm✶s.brns ⑤ aγ.roll γ This requires splitting b as it is only rolled back by roll γ if the as synchronised, meaning ta✉ Ðß ba tτ✉ Ðß bτ troll γ✉ Ðß bτ
20
SLIDE 35
Result
Given a process P, which generates an event structure E and an initial state Init,
- 1. P
µ
Ý Ñ P✶ for a P✶ which generates an event structure E✶ and initial state Init✶, if and only if there exists an isomorphism f : E Ñ E✶ and an event e in E that is enabled in Init and labelled µ, such that f ♣Init ❨ te✉q ✏ Init✶
- 2. P
roll γ
Ý Ý Ý Ñ P✶ for a P✶ which generates an event structure E✶ and initial state Init✶, if and only if there exists an isomorphism f : E Ñ E✶ and a sequence of transitions in the configuration system of E, Init e0 Ý Ñ X0
e1 . . . Xn✁1 en Xn e0 X such that e0
is labelled roll γ and f ♣Xq ✏ Init✶
21
SLIDE 36
Conclusion
- Causal reversible bundle event structures can describe the
semantics of CCSK
- Roll-CCSK extends CCSK to control reversibility by using
rollback
- Non-causal reversible extended bundle event structures can
model Roll-CCSK.
22
SLIDE 37
Future Work
π-calculus: ♣νnq♣a①n② ⑤ b①n② ⑤ n♣yqq
- Non-structural causation
- Traditionally non-stable
- Past actions must be stored in separate memories
23