Distributing read permissions between threads #800
pieter-bos
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
(author: @bobismijnnaam)
A possible use case of read permissions is to distribute read permission between threads:
This results in the following quantifier for the parallel region:
However, because of viper's injectivity requirement, this expression is not well-formed.
The following rewrite rules can be used to resolve this:
Unfortunately, these rules cause some problems. Besides sidestepping this injectivity requirement, using these rewrite rules does not accurately reflect Viper's intended semantics of
read
(see: viperproject/silicon#539). Furthermore, at the time of writing this it is also not allowed to have complex expressions composed of `read (see: viperproject/silicon#569), which would be needed to use more complicated alternative rewrite rules (see below).Currently, the only way of working around this is by using the fact that the number of threads is usually known (in the above example, the number of threads is
N
). This allows permissions to be distributed in portions of1\N
. A downside of this is that when the expressions become more complicated (say, when you have N producers, and one consumer, portions are of size1\(N+1)
), Viper/Z3 can sometimes not deal with the resulting non-linear arithmetic, which can cause long verification times and non-determinism.Alternative formulations of the rewrite rules
Briefly the following alternative formulation was used in vercors:
These leave the value
i
outside of the multiplication, but do keepi
around because it needs to be well-formed. For example, ifi
were1/0
, removing it would be unsound. However, these rules are currently not allowed because of viperproject/silicon#569.Beta Was this translation helpful? Give feedback.
All reactions