45,545 research outputs found
Compositional Reasoning for Explicit Resource Management in Channel-Based Concurrency
We define a pi-calculus variant with a costed semantics where channels are
treated as resources that must explicitly be allocated before they are used and
can be deallocated when no longer required. We use a substructural type system
tracking permission transfer to construct coinductive proof techniques for
comparing behaviour and resource usage efficiency of concurrent processes. We
establish full abstraction results between our coinductive definitions and a
contextual behavioural preorder describing a notion of process efficiency
w.r.t. its management of resources. We also justify these definitions and
respective proof techniques through numerous examples and a case study
comparing two concurrent implementations of an extensible buffer.Comment: 51 pages, 7 figure
Permission-Based Separation Logic for Multithreaded Java Programs
This paper presents a program logic for reasoning about multithreaded
Java-like programs with dynamic thread creation, thread joining and reentrant
object monitors. The logic is based on concurrent separation logic. It is the
first detailed adaptation of concurrent separation logic to a multithreaded
Java-like language. The program logic associates a unique static access
permission with each heap location, ensuring exclusive write accesses and
ruling out data races. Concurrent reads are supported through fractional
permissions. Permissions can be transferred between threads upon thread
starting, thread joining, initial monitor entrancies and final monitor exits.
In order to distinguish between initial monitor entrancies and monitor
reentrancies, auxiliary variables keep track of multisets of currently held
monitors. Data abstraction and behavioral subtyping are facilitated through
abstract predicates, which are also used to represent monitor invariants,
preconditions for thread starting and postconditions for thread joining.
Value-parametrized types allow to conveniently capture common strong global
invariants, like static object ownership relations. The program logic is
presented for a model language with Java-like classes and interfaces, the
soundness of the program logic is proven, and a number of illustrative examples
are presented
Operational semantics for signal handling
Signals are a lightweight form of interprocess communication in Unix. When a
process receives a signal, the control flow is interrupted and a previously
installed signal handler is run. Signal handling is reminiscent both of
exception handling and concurrent interleaving of processes. In this paper, we
investigate different approaches to formalizing signal handling in operational
semantics, and compare them in a series of examples. We find the big-step style
of operational semantics to be well suited to modelling signal handling. We
integrate exception handling with our big-step semantics of signal handling, by
adopting the exception convention as defined in the Definition of Standard ML.
The semantics needs to capture the complex interactions between signal handling
and exception handling.Comment: In Proceedings EXPRESS/SOS 2012, arXiv:1208.244
Specifying and Verifying Concurrent Algorithms with Histories and Subjectivity
We present a lightweight approach to Hoare-style specifications for
fine-grained concurrency, based on a notion of time-stamped histories that
abstractly capture atomic changes in the program state. Our key observation is
that histories form a partial commutative monoid, a structure fundamental for
representation of concurrent resources. This insight provides us with a
unifying mechanism that allows us to treat histories just like heaps in
separation logic. For example, both are subject to the same assertion logic and
inference rules (e.g., the frame rule). Moreover, the notion of ownership
transfer, which usually applies to heaps, has an equivalent in histories. It
can be used to formally represent helping---an important design pattern for
concurrent algorithms whereby one thread can execute code on behalf of another.
Specifications in terms of histories naturally abstract granularity, in the
sense that sophisticated fine-grained algorithms can be given the same
specifications as their simplified coarse-grained counterparts, making them
equally convenient for client-side reasoning. We illustrate our approach on a
number of examples and validate all of them in Coq.Comment: 17 page
A Concurrent Perspective on Smart Contracts
In this paper, we explore remarkable similarities between multi-transactional
behaviors of smart contracts in cryptocurrencies such as Ethereum and classical
problems of shared-memory concurrency. We examine two real-world examples from
the Ethereum blockchain and analyzing how they are vulnerable to bugs that are
closely reminiscent to those that often occur in traditional concurrent
programs. We then elaborate on the relation between observable contract
behaviors and well-studied concurrency topics, such as atomicity, interference,
synchronization, and resource ownership. The described
contracts-as-concurrent-objects analogy provides deeper understanding of
potential threats for smart contracts, indicate better engineering practices,
and enable applications of existing state-of-the-art formal verification
techniques.Comment: 15 page
Expressing the Behavior of Three Very Different Concurrent Systems by Using Natural Extensions of Separation Logic
Separation Logic is a non-classical logic used to verify pointer-intensive
code. In this paper, however, we show that Separation Logic, along with its
natural extensions, can also be used as a specification language for
concurrent-system design. To do so, we express the behavior of three very
different concurrent systems: a Subway, a Stopwatch, and a 2x2 Switch. The
Subway is originally implemented in LUSTRE, the Stopwatch in Esterel, and the
2x2 Switch in Bluespec
A Sequent Calculus for Modelling Interferences
A logic calculus is presented that is a conservative extension of linear
logic. The motivation beneath this work concerns lazy evaluation, true
concurrency and interferences in proof search. The calculus includes two new
connectives to deal with multisequent structures and has the cut-elimination
property. Extensions are proposed that give first results concerning our
objectives
Uniqueness Typing for Resource Management in Message-Passing Concurrency
We view channels as the main form of resources in a message-passing
programming paradigm. These channels need to be carefully managed in settings
where resources are scarce. To study this problem, we extend the pi-calculus
with primitives for channel allocation and deallocation and allow channels to
be reused to communicate values of different types. Inevitably, the added
expressiveness increases the possibilities for runtime errors. We define a
substructural type system which combines uniqueness typing and affine typing to
reject these ill-behaved programs
- …