A Revisionist History of Denotational Semantics

Similar documents
A Denotational Semantics for Weak Memory Concurrency

Note that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m.

Introduction to Denotational Semantics. Brutus Is An Honorable Man. Class Likes/Dislikes Survey. Dueling Semantics

Denotational Semantics. Domain Theory

Introduction to Denotational Semantics. Class Likes/Dislikes Survey. Dueling Semantics. Denotational Semantics Learning Goals. You re On Jeopardy!

3.4 Denotational Semantics

COMP Parallel Computing. CC-NUMA (2) Memory Consistency

Denotational Semantics

Application: Programming Language Semantics

Formal Semantics of Programming Languages

Contents. Chapter 1 SPECIFYING SYNTAX 1

Handout 9: Imperative Programs and State

An introduction to weak memory consistency and the out-of-thin-air problem

Overview: Memory Consistency

Formal Semantics of Programming Languages

3.7 Denotational Semantics

Program Analysis: Lecture 02 Page 1 of 32

Definability and full abstraction in lambda-calculi

COS 320. Compiling Techniques

Goals: Define the syntax of a simple imperative language Define a semantics using natural deduction 1

1 A question of semantics

Relaxed Memory: The Specification Design Space

7. Introduction to Denotational Semantics. Oscar Nierstrasz

Formal Syntax and Semantics of Programming Languages

CMSC Computer Architecture Lecture 15: Memory Consistency and Synchronization. Prof. Yanjing Li University of Chicago

Declarative semantics for concurrency. 28 August 2017

Memory Consistency Models. CSE 451 James Bornholt

Compositional Software Model Checking

Lecture 5. Logic I. Statement Logic

A Grainless Semantics for Parallel Programs with Shared Mutable Data

Parallel Computer Architecture Spring Memory Consistency. Nikos Bellas

Formal Syntax and Semantics of Programming Languages

Lectures 20, 21: Axiomatic Semantics

Program logics for relaxed consistency

A unified machine-checked model for multithreaded Java

Beyond Sequential Consistency: Relaxed Memory Models

CONVENTIONAL EXECUTABLE SEMANTICS. Grigore Rosu CS522 Programming Language Semantics

On partial order semantics for SAT/SMT-based symbolic encodings of weak memory concurrency

CONVENTIONAL EXECUTABLE SEMANTICS. Grigore Rosu CS422 Programming Language Semantics

Lecture 13: Consistency Models. Topics: sequential consistency, requirements to implement sequential consistency, relaxed consistency models

A Quick Overview. CAS 701 Class Presentation 18 November Department of Computing & Software McMaster University. Church s Lambda Calculus

Unit 12: Memory Consistency Models. Includes slides originally developed by Prof. Amir Roth

Coherence and Consistency

Introduction to Formal Methods

Designing Memory Consistency Models for. Shared-Memory Multiprocessors. Sarita V. Adve

Modal Logic: Implications for Design of a Language for Distributed Computation p.1/53

Programming Languages Third Edition

EECS 144/244: Fundamental Algorithms for System Modeling, Analysis, and Optimization

Game Semantics: an Overview

Com S 541. Programming Languages I

A Simplified Abstract Syntax for the Dataflow Algebra. A. J. Cowling

Reasoning about the C/C++ weak memory model

CS 351 Design of Large Programs Programming Abstractions

Symmetric Multiprocessors: Synchronization and Sequential Consistency

Atomicity via Source-to-Source Translation

Denotational Semantics

Relaxed Memory-Consistency Models

Introduction to Denotational Semantics

Consider a description of arithmetic. It includes two equations that define the structural types of digit and operator:

Negations in Refinement Type Systems

Handout 10: Imperative programs and the Lambda Calculus

The Formal Semantics of Programming Languages An Introduction. Glynn Winskel. The MIT Press Cambridge, Massachusetts London, England

Taming release-acquire consistency

CS558 Programming Languages

Announcements. ECE4750/CS4420 Computer Architecture L17: Memory Model. Edward Suh Computer Systems Laboratory

1. true / false By a compiler we mean a program that translates to code that will run natively on some machine.

3.4 Deduction and Evaluation: Tools Conditional-Equational Logic

Memory Consistency Models

Foundations of the C++ Concurrency Memory Model

CS 6110 S14 Lecture 38 Abstract Interpretation 30 April 2014

Categorical models of type theory

Brookes is Relaxed, Almost!

Denotational Semantics of a Simple Imperative Language Using Intensional Logic

Formal semantics of loosely typed languages. Joep Verkoelen Vincent Driessen

CS533 Concepts of Operating Systems. Jonathan Walpole

Cover Page. The handle holds various files of this Leiden University dissertation

Topic 1: What is HoTT and why?

The Programming Language Core

More Theories, Formal semantics

NON-BLOCKING DATA STRUCTURES AND TRANSACTIONAL MEMORY. Tim Harris, 31 October 2012

Overview. Probabilistic Programming. Dijkstra s guarded command language: Syntax. Elementary pgcl ingredients. Lecture #4: Probabilistic GCL

More on Operational Semantics

LOGIC AND DISCRETE MATHEMATICS

Semantics and Concurrence Module on Semantic of Programming Languages

In Our Last Exciting Episode

Semantics and Concurrence Module on Semantic of Programming Languages

INCREMENTAL SOFTWARE CONSTRUCTION WITH REFINEMENT DIAGRAMS

CS558 Programming Languages

Last class. CS Principles of Programming Languages. Introduction. Outline

The Essence of Reynolds

Denotational semantics

March 2, Homepage:

Reasoning about modules: data refinement and simulation

Sequential Consistency & TSO. Subtitle

15-819M: Data, Code, Decisions

Using Relaxed Consistency Models

Formal Semantics of Programming Languages

Supplementary Notes on Abstract Syntax

Type Soundness and Race Freedom for Mezzo

Fundamental Algorithms for System Modeling, Analysis, and Optimization

Transcription:

A Revisionist History of Denotational Semantics Stephen Brookes Carnegie Mellon University Domains XIII July 2018 1 / 23

Denotational Semantics Compositionality Principle The meaning of a complex expression is determined by the meanings of its constituent expressions and the rules to combine them. Foundational references: Christopher Strachey, Dana Scott (1971) Toward a Mathematical Semantics for Computer Languages Strachey (1966): Towards a Formal Semantics Historical precursors include: Boole (1815 1864), Frege (1845 1925) 2 / 23

The Denotational Template To give a semantics: Find a suitable mathematical universe of meanings Define, by structural induction, a semantic function that maps phrases to their meanings, or denotations Criteria for suitability: meanings should be abstract from machine details expressive of program behavior capable of compositional definition Scott developed domain theory to underpin this approach, e.g. Scott (1970): Outline of a Mathematical Theory of Computation 3 / 23

Snapshots from History Some landmarks Sequential imperative programs - partial functions from states to states Low-level machine code - continuation semantics Simply-typed functional programs - cartesian-closed categories, continuous functions Sequential functional programs - concrete domains, sequential functions, game semantics Algol-like programs - functor categories, possible-world semantics Concurrent programs - resumptions, trace sets, event structures,... A common thread domains, recursion as fixed-point 4 / 23

Strategy Start with a programming language and a notion of behavior, develop a semantics to support compositional reasoning. Criteria for success: Adequacy (minimum pre-requisite) semantic equivalence implies behavioral indistinguishability Full abstraction (stronger, harder to achieve) semantic equivalence = behavioral indistinguishability By definition, an adequate denotational semantics supports compositional reasoning about program behavior. 5 / 23

Lessons Depending on behavior and programming language, it may be hard to find a suitable semantics capable of compositional definition. Algol-like language: functor category semantics naturality conditions express key behavioral features PCF: long path via concrete domains to game semantics sequential functions are hard to characterize Concurrency: need to include non-sequential traces executions of c1 c 2 not definable compositionally semantics must account for interference between threads 6 / 23

Revisiting concurrency Early semantics assumed sequential consistency (SC):... the result of any execution is the same as if the operations of all the processors were executed in some sequential order... Lamport 1979 A program denotes a set of traces, with parallel composition as interleaving, sequential composition as concatenation. Trace sets form a complete lattice Semantic constructs denote monotone functions Recursion, and fair interleaving, as greatest fixed point 7 / 23

Assessment At the time it was hard enough to deal with concurrency, without trying to handle procedures... - Later we developed Parallel Algol and a trace-based possible-worlds semantics Similarly for concurrency + pointers, mutable state - Later came Concurrent Separation Logic and action traces Trace semantics is robust and adaptable, but inherently SC... Of the many forms of false culture, a premature converse with abstractions is perhaps the most likely to prove fatal... Boole, 1859. 8 / 23

Reassessment... achieving sequential consistency may not be worth the price of slowing down the processors. Lamport 1979 Modern multi-processors do not guarantee SC behavior, and instead provide a relaxed memory model reads may see stale values, because of buffering or caches writes may get re-ordered, for optimized performance There is a wide range of memory models SC, TSO, PSO, RA,... offering a variety of behavioral guarantees Trace semantics is not adequate, except for SC 9 / 23

Beyond trace semantics For a denotational account of relaxed memory, we must abandon SC and embrace true concurrency. In ongoing work with Ryan Kavanagh, we develop a partial-order semantic framework Replace traces (linear orders) with pomsets (partial orders) A recent burst of progress in similar vein, e.g. Jeffrey and Riely (2016), using event structures, has similar aims. We regard our pomset approach as a natural evolutionary successor to trace semantics... Denotational semantics should be more relaxed. 10 / 23

Actions Our semantic framework builds on a set of actions, interpreted as having an effect on state. Here we use the following grammar for actions: λ ::= δ idle i=v read i:=v write Can incorporate synchronization primitives, such as locks, actions tagged with memory levels (na, at, rel, acq,... ), and fence instructions used to limit relaxation. Let A be the set of actions. 11 / 23

Action Pomsets cf. Pratt 1986 An action pomset (P, <, Φ) is a partial order (P, <) with a labelling function Φ : P A. Pomsets are equivalent if they are order-isomorphic. Let Pom(A) be the set of all action pomsets. Parallel Composition Actions of P 1 and P 2 are independent Sequential Composition (P 1, < 1 ) (P 2, < 2 ) = (P 1 P 2, < 1 < 2 ) Actions of P 1 before actions of P 2 (P 1, < 1 ); (P 2, < 2 ) = (P 1 P 2, < 1 < 2 P 1 P 2 ) 12 / 23

Relaxation Rigidity A memory model M has a rigidity relation M A A. An ordered pair (p 1, p 2 ) can be M-relaxed unless p 1 M p 2. SC allows no relaxations: SC = A A TSO allows write/read relaxation on distinct locations: p 1 TSO p 2 iff loc(p 1 ) = loc(p 2 ) or (IsWrite p 1 & IsRead p 2 ) PSO allows write/read and write/write relaxation: p 1 PSO p 2 iff loc(p 1 ) = loc(p 2 ) or IsWrite p 1 Relaxed Composition Actions of P 1 before actions of P 2, modulo M-relaxation (P 1, < 1 ) ; M (P 2, < 2 ) = (P 1 P 2, < 1 < 2 M (P 1 P 2 )) 13 / 23

Pomset Semantics (parameterized by memory model) is defined by structural induction: P M : Com P(Pom(A)) P M (skip) = {{δ}} P M (i:=e) = {P; {i:=v} (P, v) P M (e)} P M (c 1 ; c 2 ) = {P 1 ; M P 2 P 1 P M (c 1 ), P 2 P M (c 2 )} P M (c 1 c 2 ) = {P 1 P 2 P 1 P M (c 1 ), P 2 P M (c 2 )} P M (if b then c 1 else c 2 ) = P M (b) tt ; P M (c 1 ) P M (b) ff ; P M (c 2 ) P M (while b do c) = (P M (b) tt ; P M (c)) ; P M (b) ff We use ; to enforce data dependency or control dependency. We use ; M to allow relaxation of program order. 14 / 23

Store Buffering Pomset semantics (x:=1; z 1 :=y) (y:=1; z 2 :=x) Each SC pomset has the form x:=1 y=v 1 z 1 :=v 1 y:=1 x=v 2 z 2 :=v 2 where v 1, v 2 V int. For TSO: relax (x:=1, y=v 1 ) and (y:=1, x=v 2 ) For PSO: also relax (x:=1, z 1 :=v 1 ) and (y:=1, z 2 :=v 2 ) 15 / 23

Pomset Execution (parameterized by memory model) We define the set E M (P, <) of pomset executions. An M-execution is an ordering < that extends < and fulfills the guarantees of memory model M. SC: < is a read-coherent total order TSO: < is a read-coherent total store order PSO: < is a read-coherent per-location total store order Read-coherence: (i) All initial reads of x see the same value v. (ii) Non-initial reads of x get their value from a maximal write to x that precedes it. The input-output behavior of (P, < ) is (pre(p), post(p)), where pre(p), post(p) are the states formed by the initial reads, maximal writes, respectively. 16 / 23

Results Adequacy For each memory model M we obtain a pomset semantics that is compositional, and adequate for describing execution. Executions cannot by themselves be defined compositionally. This was already the case for SC, requiring use of non-sequential traces. Correctness The input-output behavior of P M (c) is correct: For SC: consistent with trace semantics read-coherent total order = sequentially executable trace For TSO, PSO: consistent with SPARC axioms read-coherent total store order = SPARC-TSO read-coherent per-location total store order = SPARC-PSO Pomset behavior matches litmus test specifications... 17 / 23

Litmus Test 1 Store Buffering SC TSO PSO (x:=1; z 1 :=y) (y:=1; z 2 :=x) Under TSO or PSO this program has an execution from [x : 0, y : 0, z 1 :, z 2 : ] to [x : 1, y : 1, z 1 : 0, z 2 : 0] in which the reads see stale values. Under SC every execution ends with z 1 = 1 and/or z 2 = 1. 18 / 23

Litmus Test 2 Message Passing SC TSO PSO (x:=37; y:=1) (while y = 0 do skip; z:=x) Under SC and TSO, every execution from [x : 0, y : 0, z : ] ends with z = 37. Not true under PSO, which can also end with z = 0. To ensure proper message-passing in PSO use a fence between x:=37 and y:=1, to prevent write/write relaxation. 19 / 23

Litmus Test 3 Independent Reads of Independent Writes SC TSO PSO x:=1 y:=1 (z 1 :=x; z 2 :=y) (w 1 :=y; w 2 :=x) Under PSO there is an execution from [x : 0, y : 0,...] to [x : 1, y : 1, z 1 : 1, z 2 : 0, w 1 : 1, w 2 : 0] in which the threads see the writes in different orders. Not true under SC and TSO, which guarantee a total order on all writes. 20 / 23

Litmus Test 4 Coherence SC TSO PSO x:=1 x:=2 (z 1 :=x; z 2 :=x) (w 1 :=x; w 2 :=x) In all these memory models, there is no execution from ending with [x : 0, y : 0,...] z 1 = 1, z 2 = 2, w 1 = 2, w 2 = 1. Writes to x appear in the same order, to all threads. All models guarantee to a per-location total store order. 21 / 23

Looking back, going forward We are not the first to advocate partial-order semantics. Pratt 1986 Pratt s pomsets were a true concurrency process algebra actions as uninterpreted symbols, no state or execution Mostly concerned with abstract properties, e.g. A poset is representable as the set of its linearizations. Not true for executions: E M (P) {E M (P ) P Lin(P)} Pioneering work by Petri, Greif, Mazurkiewicz, Winskel,... Petri nets,..., event structures Partial-order semantics provide an appropriate denotational setting for exploring relaxed memory... 22 / 23

Conclusions Denotational semantics is alive and kicking, as it turns 50... The estimation of a theory is not simply determined by its truth. It also depends upon the importance of its subject, and the extent of its applications, beyond which something must still be left to the arbitrariness of human opinion. George Boole, 1847. It s useful to revisit, and question, established tradition... The one duty we owe to history is to rewrite it. Oscar Wilde HAPPY BIRTHDAY, DANA 23 / 23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback