skip to main content
research-article

P: safe asynchronous event-driven programming

Published:16 June 2013Publication History
Skip Abstract Section

Abstract

We describe the design and implementation of P, a domain-specific language to write asynchronous event driven code. P allows the programmer to specify the system as a collection of interacting state machines, which communicate with each other using events. P unifies modeling and programming into one activity for the programmer. Not only can a P program be compiled into executable code, but it can also be tested using model checking techniques. P allows the programmer to specify the environment, used to "close" the system during testing, as nondeterministic ghost machines. Ghost machines are erased during compilation to executable code; a type system ensures that the erasure is semantics preserving.

The P language is designed so that a P program can be checked for responsiveness---the ability to handle every event in a timely manner. By default, a machine needs to handle every event that arrives in every state. But handling every event in every state is impractical. The language provides a notion of deferred events where the programmer can annotate when she wants to delay processing an event. The default safety checker looks for presence of unhandled events. The language also provides default liveness checks that an event cannot be potentially deferred forever.

P was used to implement and verify the core of the USB device driver stack that ships with Microsoft Windows 8. The resulting driver is more reliable and performs better than its prior incarnation (which did not use P); we have more confidence in the robustness of its design due to the language abstractions and verification provided by P.

References

  1. A. Adya, J. Howell, M. Theimer, W. J. Bolosky, and J. R. Douceur. Cooperative task management without manual stack management. In USENIX Annual Technical Conference, General Track, pages 289--302, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. T. Andrews, S. Qadeer, S. K. Rajamani, J. Rehof, and Y. Xie. Zing: A model checker for concurrent software. In CAV: International Conference on Computer Aided Verification, pages 484--487, 2004.Google ScholarGoogle ScholarCross RefCross Ref
  3. A. Benveniste, P. L. Guernic, and C. Jacquemot. Synchronous programming with events and relations: the Signal language and its semantics. Sci. Comput. Program., 16(2):103--149, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. G. Berry and G. Gonthier. The Esterel synchronous programming language: design, semantics, implementation. Sci. Comput. Program., 19(2):87--152, Nov. 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. S. Chandra, B. Richards, and J. R. Larus. Teapot: A domain-specific language for writing cache coherence protocols. IEEE Trans. Software Eng., 25(3):317--333, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. M. Emmi, S. Qadeer, and Z. Rakamaric. Delay-bounded scheduling. In POPL: ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 411--422, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. C. Flanagan and S. Qadeer. A type and effect system for atomicity. In PLDI: ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 338--349, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Fournet and G. Gonthier. The reflexive CHAM and the joincalculus. In H.-J. Boehm and G. L. S. Jr., editors, POPL, pages 372--385. ACM Press, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. P. Godefroid. Model checking for programming languages using Verisoft. In POPL: 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 174--186, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. N. Halbwachs, P. Caspi, P. Raymond, and D. Pilaud. The synchronous dataflow programming language Lustre. Proceedings of the IEEE, 79(9):1305--1320, September 1991.Google ScholarGoogle ScholarCross RefCross Ref
  11. D. Harel. Statecharts: A visual formalism for complex systems. Sci. Comput. Program., 8(3):231--274, 1987. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. D. Harel and H. Kugler. The Rhapsody semantics of Statecharts (or, on the executable core of the UML) - preliminary version. In H. Ehrig,W. Damm, J. Desel, M. Große-Rhode,W. Reif, E. Schnieder, and E. Westkämper, editors, SoftSpez Final Report, volume 3147 of Lecture Notes in Computer Science, pages 325--354. Springer, 2004.Google ScholarGoogle Scholar
  13. C. Hewitt, P. Bishop, and R. Steiger. A universal modular actor formalism for artificial intelligence. In Proceedings of the 3rd international joint conference on Artificial intelligence, IJCAI'73, pages 235--245, San Francisco, CA, USA, 1973. Morgan Kaufmann Publishers Inc. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. C. A. R. Hoare. Communicating sequential processes. Commun. ACM, 21(8):666--677, 1978. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. R. J. Lipton. Reduction: a new method of proving properties of systems of processes. In POPL: ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 78--86, 1975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. R. Milner. A Calculus of Communicating Systems, volume 92 of Lecture Notes in Computer Science. Springer, 1980. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. M. Musuvathi, S. Qadeer, T. Ball, G. Basler, P. A. Nainar, and I. Neamtiu. Finding and reproducing Heisenbugs in concurrent programs. In OSDI : USENIX Symposium on Operating Systems Design and Implementation, pages 267--280, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. A. Pnueli. The temporal logic of programs. In FOCS: IEEE Symposium on Foundations of Computer Science, pages 46--67, 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. S. Russell and P. Norvig. Artificial Intelligence: A Modern Approach (3rd edition). Prentice Hall, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. P: safe asynchronous event-driven programming

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!