Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Distributed Data Structures in Coq

Christopher Meiklejohn
May 13, 2013
Programming
2
760

Distributed Data Structures in Coq

RICON East 2013 lightning talk.

Christopher Meiklejohn

May 13, 2013
Tweet

More Decks by Christopher Meiklejohn

See All by Christopher Meiklejohn
Towards a Solution to the Red Wedding Problem
cmeiklejohn
0
320
Language Support for Cloud-Scale Distributed Systems
cmeiklejohn
0
400
Towards a Systems Approach to Distributed Programming
cmeiklejohn
3
260
Scaling a Startup with a 21st Century Programming Language
cmeiklejohn
0
370
Practical Evaluation of the Lasp Programming Model at Scale
cmeiklejohn
4
2.5k
Just-Right Consistency - Closing the CAP Gap
cmeiklejohn
3
230
Declarative, Convergent, Edge Computation
cmeiklejohn
1
170
Just-Right Consistency - Closing the CAP Gap
cmeiklejohn
3
1.1k
A Certain Tendency of the Database Community
cmeiklejohn
0
420

Other Decks in Programming

See All in Programming
PicoRuby から始めるたのしい電子工作
ogom
0
540
pnpm workspace実践ノウハウ
mh4gf
8
970
リアーキテクチャによってどうなりたいか/re-architecture
suzukihoge
2
310
Value and Record Types
hschwentner
0
720
2023/09/23 「AIキャラクターの言動に深みを持たせる」
sr2mg4
1
510
第3回 AWSとGitHub勉強会 - GitHub Actionsを使ったCI環境の構築 -
ogiwarat
0
130
Build Backwards-Compatible REST APIs with Rolling Versions
subomi
0
140
_アニメーション抜き__MVIに基づくStateMachineアーキテクチャ_KMPとJetpack_ComposeとSwiftUIを組み合わせる.pdf
gmvalentino8
5
590
Next.js × AWS App Runner × AWS AppSyncで進めるクライアントファーストのWEB開発
okaharuna
6
2.3k
Migrating From Spring Boot 2 To Spring Boot 3 - What's Jakarta EE Got To Do with It?
ivargrimstad
0
250
Construindo APIs resilientes: práticas de versionamento e documentação
monicaribeiro
0
100
Kotlinハイパフォーマンスプログラミング
ohmae
4
3.1k

Featured

See All Featured
Pencils Down: Stop Designing & Start Developing
hursman
115
10k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
10
1.2k
No one is an island. Learnings from fostering a developers community.
thoeni
14
1.8k
Fashionably flexible responsive web design (full day workshop)
malarkey
395
64k
The Invisible Side of Design
smashingmag
292
49k
Done Done
chrislema
178
15k
It's Worth the Effort
3n
179
27k
The Cost Of JavaScript in 2023
addyosmani
8
1.5k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
101
6.4k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
6
7.1k
[Brighton Ruby 2023] The Magic of Rails
eileencodes
3
270
A Philosophy of Restraint
colly
195
15k

Transcript

  1. DISTRIBUTED DATA
    STRUCTURES IN COQ
    Christopher Meiklejohn
    @cmeik
    Tuesday, May 14, 13

    View Slide

  2. Tuesday, May 14, 13

    View Slide

  3. COQ
    Tuesday, May 14, 13

    View Slide

  4. CRDTs
    Tuesday, May 14, 13

    View Slide

  5. G-COUNTERS
    Tuesday, May 14, 13

    View Slide

  6. Vector Clocks
    Credit: http://en.wikipedia.org/wiki/File:Vector_Clock.svg
    Tuesday, May 14, 13

    View Slide

  7. CLOCKS
    Tuesday, May 14, 13

    View Slide

  8. IMPLEMENTATION
    Tuesday, May 14, 13

    View Slide

  9. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Module ClockMap := FMapWeakList.Make (Nat_as_Legacy_OT).
    Module ClockMapFacts := FMapFacts.Facts (ClockMap).
    Tuesday, May 14, 13

    View Slide

  10. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Definition Clock_merge (n1 n2 : option nat) :=
    match n1, n2 with
    | None, None => None
    | Some n, None => Some n
    | None, Some n => Some n
    | Some n1', Some n2' => Some (max n1' n2')
    end.
    Definition Clock_compare (n1 n2 : option nat) :=
    match n1, n2 with
    | None, None => None
    | Some n, None => Some false
    | None, Some n => Some true
    | Some n1', Some n2' => Some (leb n1' n2')
    end.
    Tuesday, May 14, 13

    View Slide

  11. PROOFS
    Tuesday, May 14, 13

    View Slide

  12. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Lemma Clock_merge_comm : forall n1 n2,
    Clock_merge n1 n2 = Clock_merge n2 n1.
    Proof.
    intros. destruct n1; destruct n2; auto.
    simpl. f_equal. apply Max.max_comm.
    Qed.
    Tuesday, May 14, 13

    View Slide

  13. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Lemma Clock_merge_idempotent : forall n1,
    Clock_merge n1 n1 = n1.
    Proof.
    intros. destruct n1; auto; simpl.
    f_equal. apply Max.max_idempotent.
    Qed.
    Tuesday, May 14, 13

    View Slide

  14. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Lemma Clock_merge_assoc : forall n1 n2 n3,
    Clock_merge n1 (Clock_merge n2 n3) = Clock_merge (Clock_merge n1 n2)
    n3.
    Proof.
    intros. destruct n1; destruct n2; destruct n3; auto.
    unfold Clock_merge. f_equal. apply Max.max_assoc.
    Qed.
    Tuesday, May 14, 13

    View Slide

  15. G-COUNTERS
    Tuesday, May 14, 13

    View Slide

  16. IMPLEMENTATION
    Tuesday, May 14, 13

    View Slide

  17. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Definition G_Counter := ClockMap.t nat.
    Definition G_Counter_init : G_Counter := ClockMap.empty nat.
    Tuesday, May 14, 13

    View Slide

  18. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Definition G_Counter_incr actor clocks :=
    match ClockMap.find actor clocks with
    | None => ClockMap.add actor 1 clocks
    | Some count => (ClockMap.add actor (S count) clocks)
    end.
    Tuesday, May 14, 13

    View Slide

  19. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Definition G_Counter_reveal clocks :=
    ClockMap.fold (fun key elt acc => (plus acc elt)) clocks 0.
    Tuesday, May 14, 13

    View Slide

  20. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Definition G_Counter_merge c1 c2 :=
    ClockMap.map2 Clock_merge c1 c2.
    Tuesday, May 14, 13

    View Slide

  21. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Definition G_Counter_equal (c1 c2 : G_Counter) :=
    ClockMap.Equal c1 c2.
    Tuesday, May 14, 13

    View Slide

  22. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Definition G_Counter_compare (c1 c2 : G_Counter) :=
    ClockMap.Equal
    (ClockMap.map2 Clock_compare c1 c2) (ClockMap.map2 Clock_true c1 c2).
    Tuesday, May 14, 13

    View Slide

  23. PROOFS
    Tuesday, May 14, 13

    View Slide

  24. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Theorem G_Counter_merge_comm : forall c1 c2,
    G_Counter_equal (G_Counter_merge c1 c2) (G_Counter_merge c2 c1).
    Proof.
    intros; unfold G_Counter_merge.
    unfold ClockMap.Equal; intro.
    repeat rewrite ClockMapFacts.map2_1bis; auto.
    apply Clock_merge_comm.
    Qed.
    Tuesday, May 14, 13

    View Slide

  25. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Theorem G_Counter_merge_idempotent : forall clocks,
    G_Counter_equal (G_Counter_merge clocks clocks) clocks.
    Proof.
    intros; unfold G_Counter_merge.
    unfold ClockMap.Equal; intro.
    repeat rewrite ClockMapFacts.map2_1bis; auto.
    apply Clock_merge_idempotent.
    Qed.
    Tuesday, May 14, 13

    View Slide

  26. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Theorem G_Counter_merge_assoc : forall c1 c2 c3,
    G_Counter_equal
    (G_Counter_merge c1 (G_Counter_merge c2 c3))
    (G_Counter_merge (G_Counter_merge c1 c2) c3).
    Proof.
    intros; unfold G_Counter_merge.
    unfold ClockMap.Equal; intro.
    repeat rewrite ClockMapFacts.map2_1bis; auto.
    repeat rewrite <- Clock_merge_assoc; reflexivity.
    Qed.
    Tuesday, May 14, 13

    View Slide

  27. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Theorem G_Counter_incr_mono : forall clocks actor,
    G_Counter_compare clocks (G_Counter_incr actor clocks).
    Proof.
    intros; unfold G_Counter_compare; unfold ClockMap.Equal; intro.
    repeat rewrite ClockMapFacts.map2_1bis; auto.
    elim (eq_nat_dec actor y); intro.
    subst. unfold Clock_compare, Clock_true.
    unfold G_Counter_incr. simpl.
    destruct (ClockMap.find y clocks).
    rewrite ClockMapFacts.add_eq_o. f_equal.
    induction n; auto. reflexivity. reflexivity.
    unfold G_Counter_incr.
    destruct (ClockMap.find actor clocks) eqn:factor.
    rewrite ClockMapFacts.add_neq_o; auto. apply Clock_compare_refl.
    rewrite ClockMapFacts.add_neq_o; auto. apply Clock_compare_refl.
    Qed.
    Tuesday, May 14, 13

    View Slide

  28. 1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    Theorem G_Counter_merge_mono : forall c1 c2,
    G_Counter_compare c1 (G_Counter_merge c1 c2).
    Proof.
    intros; unfold G_Counter_compare.
    unfold ClockMap.Equal; intro.
    unfold Clock_compare, Clock_true, G_Counter_merge.
    repeat rewrite ClockMapFacts.map2_1bis; auto.
    destruct (ClockMap.find y c1);
    destruct (ClockMap.find y c2); simpl; f_equal.
    apply leb_max_mono.
    rewrite leb_correct; auto.
    Qed.
     
    Tuesday, May 14, 13

    View Slide

  29. NEXT STEPS
    Tuesday, May 14, 13

    View Slide

  30. PN-COUNTERS
    Tuesday, May 14, 13

    View Slide

  31. MORE DATA STRUCTURES
    Tuesday, May 14, 13

    View Slide

  32. GITHUB.COM
    CMEIKLEJOHN/DISTRIBUTED-DATA-STRUCTURES
    Tuesday, May 14, 13

    View Slide

  33. QED
    Tuesday, May 14, 13

    View Slide