General Lessons from a Rely/Guarantee Development
Decomposing the design (or documentation) of large systems is a practical necessity; this prompts the need for a notion of compositional development methods; finding such methods for concurrent software is technically challenging because of the interference that characterises concurrency. This paper outlines the development of a difficult example in order to draw out lessons about such development methods. Although the “rely/guarantee” approach is employed in the example, the intuitions are more general.
We have benefited from productive discussions with researchers including José Nuno Oliviera and attendees at the January 2017 Northern Concurrency Working Group held at Teesside University. In particular, Simon Doherty pointed out that GC is a nasty challenge for any compositional approach because the mutator/collector were clearly thought out together; this is true but looking at an example at the fringe of R/G expressivity has informed the notion of compositional development.
Our colleagues in Newcastle, Leo Freitas and Diego Machado Dias are currently formalising proofs of the lemmas and POs using Isabelle.
The authors gratefully acknowledge funding for their research from EPSRC grant Taming Concurrency.
- [CJ00]Collette, P., Jones, C.B.: Enhancing the tractability of rely/guarantee specifications in the development of interfering operations. In: Plotkin, G., Stirling, C., Tofte, M. (eds.) Proof, Language and Interaction, Chap. 10, pp. 277–307. MIT Press (2000)Google Scholar
- [Col08]Coleman, J.W.: Constructing a Tractable Reasoning Framework upon a Fine-Grained Structural Operational Semantics. Ph.D. thesis, Newcastle University, January 2008Google Scholar
- [Din00]Jürgen Dingel. Systematic Parallel Programming. Ph.D. thesis, Carnegie Mellon University (2000). CMU-CS-99-172Google Scholar
- [HJC14]Hayes, I.J., Jones, C.B., Colvin, R.J.: Laws and semantics for rely-guarantee refinement. Technical Report CS-TR-1425, Newcastle University, July 2014Google Scholar
- [Hoa72]Hoare, C.A.R.: Towards a theory of parallel programming. In: Operating System Techniques, pp. 61–71. Academic Press (1972)Google Scholar
- [Jon81]Jones,C.B.: Development Methods for Computer Programs including a Notion of Interference. Ph.D. thesis, Oxford University, June 1981. Oxford University Computing Laboratory (now Computer Science) Technical Monograph PRG-25Google Scholar
- [Owi75]Owicki, S.: Axiomatic Proof Techniques for Parallel Programs. Ph.D. thesis, Department of Computer Science, Cornell University (1975)Google Scholar
- [Pie09]Pierce, K.: Enhancing the Useability of Rely-Guaranteee Conditions for Atomicity Refinement. Ph.D. thesis, Newcastle University (2009)Google Scholar
- [Pre01]Nieto, L.P.: Verification of parallel programs with the owicki-gries and rely-guarantee methods in Isabelle/HOL. Ph.D. thesis, Institut für Informatic der Technischen Universitaet München (2001)Google Scholar
- [STER11]Schellhorn, G., Tofan, B., Ernst, G., Reif, W.: Interleaved programs and rely-guarantee reasoning with ITL. In: TIME, pp. 99–106 (2011)Google Scholar
- [Stø90]Stølen, K.: Development of Parallel Programs on Shared Data-Structures. Ph.D. thesis, Manchester University (1990). UMCS-91-1-1Google Scholar
- [Vaf07]Vafeiadis, V.: Modular fine-grained concurrency verification. Ph.D. thesis, University of Cambridge (2007)Google Scholar
- [VYB06]Vechev, M.T., Yahav, E., Bacon, D.F.: Correctness-preserving derivation of concurrent garbage collection algorithms. In: PLDI, pp. 341–353 (2006)Google Scholar
- [Xu92]Xu, Q.: A Theory of State-based Parallel Programming. Ph.D. thesis, Oxford University (1992)Google Scholar