1 / 51

Reduction: A Method of Proving Properties of Parallel Programs

Reduction: A Method of Proving Properties of Parallel Programs. By Richard J. Lipton Presented at the Second ACM Symposium of Principles of Programming Languages, Palo Alto, Calif. 1975. acq(this). X. j=bal. bal=j+n. Z. Y. rel(this). S 1. S 0. S 2. S 3. S 5. S 6. S 4. S 7.

iren
Download Presentation

Reduction: A Method of Proving Properties of Parallel Programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Reduction: A Method of Proving Properties of Parallel Programs By Richard J. Lipton Presented at the Second ACM Symposium of Principles of Programming Languages, Palo Alto, Calif. 1975

  2. acq(this) X j=bal bal=j+n Z Y rel(this) S1 S0 S2 S3 S5 S6 S4 S7 Motivation Prove that a Parallel Program does not halt

  3. acq(this) X j=bal bal=j+n Z Y rel(this) S1 S0 S2 S3 S5 S6 S4 S7 X Y acq(this) bal=j+n rel(this) j=bal Z S0 T1 T2 T3 S5 T6 S4 S7 Motivation Prove that a Parallel Program does not halt

  4. Goal • When proving that a system of processes has a given property it is often convenient to assume that a routine is atomic • The paper presents a reduction that preserves basic properties such as halting.  • Thus correctness proofs of a system of processes can often be greatly simplified

  5. Definitions

  6. X Y inc r Z S0 T1 T2 T3 S5 S4 S7 uninterruptible • A statement is atomic provided it is never interleaved with the rest of the program. • For instance: A statement might be the three actions: Assuming it is uninterruptible reduces it to the single action:

  7. Reduction of P by R • Reduction of P by R is defined to be the parallel program obtained from P by reducing R to one uninterruptible action. • Notation: P/R • Two ways in which the reduced Q=P/R program is simpler than P: • Q has fewer actions than P • Assertions about Q are often simpler than assertions about P.

  8. parbegin…parend • parbeginparend is to interleave the statements in some arbitrary order until no further execution is possible. • The statement of each form a distinct process

  9. A computation • A computation is a sequence of statements such that is executed first, then is executed, and so on until the last statement is executed. Since an may be a compound statement, m>k is possible. • For example if is: then might be the statement or the statement or even “part” of these statements.

  10. Indivisible statement • Notation: • We assume S has a single entry and a single exit. • The semantics of are: • In a given state of the parallel program, can execute provided in this state control is ready to enter S and after S is applied control has left S • In a given state of the parallel program, the effect of the applying provided it can execute, is the same as that of S. • The key to the definition of is that we can never apply it when we cannot fully complete its execution

  11. P(a), V(a) • P(a) = • V(a) = • Without closing in brackets is it possible to “lose counts”. • Example: value of a can be 1 or 2.

  12. When is a computation? • is a computation provided is a computation and can execute in the state that results after is executed.

  13. a=0 a=0 a=0 B:V(a) B:V(a) A:P(a) B:V(a) A:P(a) S0 S0 S0 T1 T1 T1 T2 T2 T2 T3 T3 When is a computation? – cont. • Example:

  14. Halt • Intuitively halt is like deadlock • Usually want to show that a program does not halt. • A program halts if there is some computation such that is not a computation for all statements f.

  15. What is the relationship between P and P/S?

  16. P/S halts iff P halts? • This is false. • Consider: • This program halts: Let both repeat’s execute their first P’s; then a=b=0 and the program has halted.

  17. P/S halts iff P halts? – cont. • Now consider the following program P/S: • leaves both a and b fixed.

  18. Why is the assertion false? • It is possible to enter S and not to ever be able to leave it. • This leads to one restriction on statement S: • (R1) If a statement S is ever entered, then it must be possible eventually to exit S.

  19. Is (R1) enough? • No. • Consider: • The program halts. • Also, the statement satisfies (R1)

  20. Is (R1) enough? – cont. • The program P/S is: • always sets y to 1. • This program does not halt.

  21. Why is the assertion false? • This example fails to satisfy assertion because the effect and when separated and when together is not the same. • This observation leads to further restriction: • (R2) The effect of the statement in S when together and separated must be the same.

  22. Right Mover b c c b b is right mover

  23. Right Mover ACQ(l,t) c c ACQ(l,t)

  24. Left Mover b c c b c is left mover

  25. Left Mover b REL(l,t) REL(l,t) b

  26. acq(this) X j=bal bal=j+n Z Y rel(this) S1 S0 S2 S3 S5 S6 S4 S7 Red thread holds lock  Blue thread does not hold lock  operation y does not access balance (assuming balance protected by lock)  operations commute Right and Left Movers

  27. acq(this) X j=bal bal=j+n Z Y rel(this) S1 S0 S2 S3 S5 S6 S4 S7 acq(this) X Y bal=j+n Z j=bal rel(this) S1 S0 S2 T3 S5 S6 S4 S7 Red thread holds lock after acquire  operation x does not modify lock  operations commute Right and Left Movers

  28. acq(this) X j=bal bal=j+n Z Y rel(this) S1 S0 S2 S3 S5 S6 S4 S7 acq(this) X Y bal=j+n Z j=bal rel(this) S1 S0 S2 T3 S5 S6 S4 S7 X acq(this) Y bal=j+n Z j=bal rel(this) T1 S0 S2 T3 S5 S6 S4 S7 Right and Left Movers

  29. acq(this) X j=bal bal=j+n Z Y rel(this) S1 S0 S2 S3 S5 S6 S4 S7 acq(this) X Y bal=j+n Z j=bal rel(this) S1 S0 S2 T3 S5 S6 S4 S7 X acq(this) Y bal=j+n Z j=bal rel(this) T1 S0 S2 T3 S5 S6 S4 S7 X Y acq(this) bal=j+n Z j=bal rel(this) T1 S0 T2 T3 S5 S6 S4 S7 Right and Left Movers

  30. acq(this) X j=bal bal=j+n Z Y rel(this) S1 S0 S2 S3 S5 S6 S4 S7 acq(this) X Y bal=j+n Z j=bal rel(this) S1 S0 S2 T3 S5 S6 S4 S7 X acq(this) Y bal=j+n Z j=bal rel(this) T1 S0 S2 T3 S5 S6 S4 S7 X Y acq(this) bal=j+n Z j=bal rel(this) T1 S0 T2 T3 S5 S6 S4 S7 X Y acq(this) bal=j+n rel(this) j=bal Z S0 T1 T2 T3 S5 T6 S4 S7 Right and Left Movers

  31. Right and left movers • f is a right mover provided • for any a computation where f and h lie in different processes, then is also a computation • The values of all the program variables in and are the same. • f is a left mover provided • For any a computation where h and g lie in different processes, then is also a computation • The values of all the program variables in and are the same.

  32. PV parallel program • A program is a PV parallel program provided there is a distinguished subset of the program variables called semaphores with integer values such that they can be used only in either or .

  33. D-reduction • Replacing with is a D-reduction provided, for some i, are right movers and are left movers ( is unconstrained) and each can always execute.

  34. Theorem 1. In any PV parallel program all P(a)’s are right movers, and all V(a)’s are left movers. Theorem 2. Suppose that S is a D-reduction in P. Then P halts iff P/S halts.

  35. Proof of Theorem 2 • If P/S halts then P halts • This is true because for every scheduling in which P/S halts, p halts since the same scheduling can be applied to it.

  36. Proof of Theorem 2 • If P halts then P/Shalts • Proof outline: • Assume P halts • Let be a computation that halts in P. • Assume that • Construct a computation such that all the program variables agree after and are executed, and always occur atomically in . • Assume that there are no goto’s in

  37. Proof of Theorem 2 • LEMMA 1. Suppose that is a computation in P with i>1. Then where no statement from the process of is in . • This follows because S has a single entry and no goto’s.

  38. Proof of Theorem 2 • LEMMA 2. Suppose that is a computation that halts in P with i<n. Then where no statement from the process of is in . • This follows because: • If any f occurs in where f is in the process of then the first such f must be . • Assume that no such f is in . In control must be ready to enter ; therefore is a computation (because by definition D-reduction can always execute), which is a contradiction because halts.

  39. A X C Z Y D S1 S0 S2 S3 S5 S6 S4 S7 Proof of Theorem 2 • If no is in then is already in the desired form. (let )

  40. S1 S1 S1 S1 S1 S0 S0 S0 S0 S2 S2 S2 S2 S2 S3 S3 S3 S3 S3 S5 S5 S5 S5 S6 S6 S6 S4 S4 S4 S4 S4 S7 S7 S7 Proof of Theorem 2 Thus suppose that some is in . By definition of D-reduction

  41. Proof of Theorem 2 • This can be repeated to for the desired computation . Now is a computation where no is in any and and agree on all program variables. • If halts in P\S then the theorem is proved. • Assume that does not halt in P\S, and that is a computationin P\S. • Then is a computation in P, since and agree on all program variables. This is a contradiction.

  42. Applications

  43. Example 1 • By theorem 1 and 2, the aforementioned halts iff the following program halts:

  44. Example 1 – cont. • Therefore Example 1 halts iff the following halts:

  45. Example 1 – cont. • Once again theorem 1 and 2 can be applied; hence the aforementioned halts iff the following halts:

  46. Example 1 – cont. • Therefore the aforementioned halts iff the following halts: • This program never halts! Thus Example 1 never halts

  47. Example 2 • After applying theorem 1 and 2, Example 2 halts iff the following halts:

  48. Example 2 – cont. • The effect of is to decrement a by 1 and increment b by 1. • The effect of is to decrement b by 1 and increment a by 1. • Thus a+b is conserved and is always equal to N.

  49. Example 2 – cont. • can execute iff a>0 and can execute iff b>0. • Since a+b=N>0, it is not possible for the program to halt. • Hence Example 2 does not halt.

  50. Conclusion • In a wide number of nontrivial instances reduction preserves important properties. • Reduction aids in correctness proof • Note theorem 2 proved that for every computation that halts in P there’s a computation that halts in P/S that agrees on all program variables. • Thus if S is a D-reduction the final states of P equal the final states of P/S • D-reduction then preserves any property that depends only on a program’s final state.

More Related