A parametric framework for reversible π-calculi

Abstract

This paper presents a study of causality in a reversible, concurrent setting. There exist various notions of causality in π-calculus, which differ in the treatment of parallel extrusions of the same name. Hence, by using a parametric way of bookkeeping the order and the dependencies among extruders it is possible to map different causal semantics into the same framework. Starting from this simple observation, we present a uniform framework for reversible π-calculi that is parametric with respect to a data structure that stores information about the extrusion of a name. Different data structures yield different approaches to the parallel extrusion problem. We map three well-known causal semantics into our framework. We prove causal-consistency for the three instances of our framework. Furthermore, we prove a causal correspondence between the appropriate instances of the framework and the Boreale-Sangiorgi semantics and an operational correspondence with the reversible π-calculus causal semantics.

Introduction

Starting from the 1970s [1] reversible computing has attracted interest in different fields, from thermodynamical physics [2] to systems biology [3], [4], system debugging [5], [6], [7] and quantum computing [8]. Of particular interest is its application to the study of programming abstractions for reliable systems: most fault-tolerant schemes exploiting system recovery techniques [9] rely on some form of undo. Examples of how reversibility can be used to model transactions or transactional memory can be found in [10], [11], [12]. An example of how controlled reversibility in π-calculus [11] can be used to model checkpoint/rollback schemas is given in [13].

A reversible system is able to execute both in the forward (normal) direction and in the backward one. In a sequential setting, there is just one order of reversing a computation: one has just to undo the computation by starting from the last action. In a concurrent system there is no clear notion of last action, since due to concurrency there might be different actions happening at the same time. A good approximation of what is the last action in a concurrent system is given by causally-consistent reversibility, introduced by Danos and Krivine for reversible CCS [14]. Causally-consistent reversibility relates causality and reversibility of a concurrent system in the following way: an action can be reversed, and hence considered as a last one, provided all its consequences have been reversed.

In CCS [15], there exists just one notion of causality: so-called structural causality, which is induced by the prefixing ‘.’ operator and by synchronisations. As a consequence, there is only one way of reversing a CCS trace, and from an abstract point of view there exists only one reversible CCS. Evidence for this has been given first [16], where an equivalence is shown between the two methods for reversing CCS (namely RCCS [14] and CCSK [17]). Lately in [18] it has been shown that RCCS and CCSK are equivalent in terms of LTS isomorphism.

When moving to more expressive calculi with name creation and value passing like the π-calculus, matters are more complex. As in CCS, structural causality in the π-calculus is determined by the nesting of the prefixes; for example, in process $\bar{b}a.\bar{c}e$ the output on channel c structurally depends on the output on b. Extruding (or opening) a name generates an object dependency; for example, in process $\nu a(\bar{b}a|a(z))$ the input action on a depends on the output on b. There are different interpretations of the object dependency which are easily distinguished when the parallel extrusion of the same name and dynamic creation of extruders via name passing is considered. Intuitions about the three approaches will be given using a recurring example throughout the paper. We abstract away from the techniques for keeping track of causality and consider just the order between the actions.

Let us consider a π-calculus process $P=\nu a(\bar{b}a|\bar{c}a|a(x))|b(y).(\bar{y}d|\bar{e}y)$. After the synchronisation on the channel b, we obtain a π-calculus process $P^{\prime }=\nu a(\bar{c}a|a(x)|\bar{a}d|\bar{e}a)$ where the new extruder $\bar{e}a$ of the name a is enabled. Now, we observe the two actions executing on the channel a. We have three different possibilities.

The classical and the most used approach to causality in the π-calculus is the one where the order of extrusions matters, hence the first output executed by process $P^{\prime }$, say $\bar{c}a$, will cause both actions $a(x)$ and $\bar{a}d$. Moreover, the first output will cause the action $\bar{e}a$ as well. The actions $a(x)$ and $\bar{a}d$ can communicate with each other without any constraints. Some of the causal semantics representing this idea are [19], [20], [21] and all of them are defined for standard (forward-only) π-calculus. In [19] the authors claim that, after abstracting away from the technique used to record causal dependences, the final order between the actions in their semantics coincides with the ones introduced in [20], [21]. Hence we group these semantics together as a single approach to causality.

Secondly, in [22], the actions $a(x)$ and $\bar{a}d$ depend on one of the extruders, $\bar{c}a$ and $\bar{e}a$ executed concurrently, but there is no need to keep track of which one exactly. Additionally, the action $\bar{a}d$ is structurally dependent on the communication which happened on channel b. This causal semantics is defined for the forward-only π-calculus.

Finally, [23] introduces another interpretation of parallel extrusion by resorting to a compositional causal semantics for the reversible π-calculus in [23]. Concerning the common example, the extrusions $\bar{c}a$ and $\bar{e}a$ are executed concurrently. If the action $a(x)$ synchronises with the environment, it chooses its cause to be one of the extruders. Otherwise, if it communicates with the process $\bar{a}d$ its cause needs to be the action that instantiates the name a in process $\bar{a}d$, which is the very first action, synchronisation on the channel b. The idea behind this is that the causality of the visible actions is an anticipation of the causality of synchronisations they are involved in. This causal semantics enjoys certain correctness properties which are not satisfied by the other semantics.

Some correctness criteria for causal models have been proposed in [24] where it was shown that the approach of [23] satisfies them while those of [19], [20] do not. However, there is a question about causality and π-calculus which still has to be solved. In [25] it has been shown that the (forward) causal semantics induced by the reversible higher-order π-calculus [26] coincides with the one of [20] when considering reduction semantics (e.g., considering closed systems). That is, the causality considered by [26] coincides with the structural one. One could conclude that while considering closed systems the causal semantics of [26] and [23] are the same, even if [26] does not keep track of causal information about the instantiators. One interpretation of this fact is that [23] uses more causal information than required. But this is still left to be proven. We believe that a common framework will help us compare them.

The novelty of [23] in handling extrusion for reversible π is to endow an extruded name with a “history”, that is, a set of process identifiers which extruded that particular name. In this way it is possible to keep track of all the possible causes and eventually choose one. By starting from this idea, if we had to model the causality of [20], in which the first extruder causes all the subsequent actions, then we could endow the extruded name with an ordered list of extruders, in which naturally the order plays a relevant role. Then by starting from this idea, we present a framework for reversible π-calculi that is parametric with respect to the data structure that stores information about the extrusion of a name. Different data structures will lead to different approaches to the parallel extrusion problem, including the three described above. Our framework allows us to add reversibility to semantics where it was not previously defined. By varying the parameters, different orderings of the causally-consistent backward steps are allowed. For the three instances of the framework, we provide full proof of causal-consistency, which was never provided for reversible semantics using the causality of [20], [22]. Our intention is to develop a causal behavioural theory for the framework, in order to better understand different interpretations of reversibility in the π-calculus, and to use this understanding for causal analysis of concurrent programs.

A preliminary discussion of the framework appeared in [27], where some initial ideas were given. Moreover in [27] it was argued that it was necessary to modify the semantics of [20] in order to add information about silent actions. In this work we fully develop the idea behind the framework and leave the semantics of [20] unchanged, apart from using a late semantics, rather than early as originally given.

Contributions. We present a framework for reversible π-calculi which is parametric in the bookkeeping data structure used to keep track of the object dependency. As reversing technique, we will extend the one introduced by CCSK [17], which is limited to calculi defined with GSOS [28] inference rules (e.g., CCS, CSP), to work with more expressive calculi featuring name passing and binders. This choice allows us to have a compositional semantics which does not rely on any congruence rule (in particular the splitting rule used by [23]). Depending on the bookkeeping data structure used to instantiate the framework, we can obtain different causal semantics (i.e., [23], [20], [22]). We then show that the three corresponding instances enjoy the standard properties for a reversible calculus, namely the loop lemma and causal consistency. In particular, this is a novel result for reversible calculi whose underlying causal semantics is one of [20], [22]. Also, we prove causal correspondence between the causal semantics introduced in [20] and the matching instance of our framework. Also, we prove a correspondence in terms of strong back and forth bisimulation between an instance of our framework and [23]. This is due to the fact that we use a different notion of concurrent/conflicting transitions with respect to [23].

The rest of the paper is structured as follows: an informal presentation of the framework is given in Section 2, while its syntax and operational semantics are given in Sections 3 and 4, respectively. The properties of the framework are given in Section 5 (full proofs can be found in Appendix A). In Section 6, we show how by using different data structures we can encompass different causal semantics. The operational correspondence between the matching instance of our framework and the causal semantics of [23] is presented in Section 6.1.1 (full proofs and additional examples can be found in Appendix B), while the correspondence with the semantics of [20] is given in Section 6.2.3 (full proofs are gathered in Appendix C). Section 7 concludes the paper.

This paper is a revised and enhanced version of [29]. In particular:

• Section 2 has been revised and expanded;

• in Sections 3 and 4 the framework has been extended with recursion. Example 1, Example 2 have been revised and more explanations have been added;

• Section 5 has been extended with Example 3, Example 6, which are not present in [29]. Moreover, a novel notion of concurrent/conflicting transitions is presented, which differs from the one of [23];

• Section 6 has been totally revised: more commentary on the various semantics has been added and Example 8, Example 13, Example 18 have been revised;

• Section 6.1.1 is new. It presents an encoding from our framework to Rπ [23] and then shows a tight correspondence between a term of our framework (instantiated with the causality of Rπ) and its encoding in Rπ;

• the proofs in Section 6.2.3 have been revised and Example 14, Example 17 are added for a better understanding of proofs ideas;

• Appendix A, Appendix B and Appendix C include full proofs.