| | 1 | == Contract Reduction Language == |
| | 2 | |
| | 3 | Given a process `p` that is at a state that a call to a system function `f` is enabled, |
| | 4 | if `p` is chosen in the ample set, then the following represents the set of processes other than |
| | 5 | `p` that have to be in the ample set as well: |
| | 6 | |
| | 7 | `$ample{ BOOLEAN EXPRESSION }` |
| | 8 | |
| | 9 | where `BOOLEAN EXPRESSION` is composed of the following functions over `f`'s arguments. |
| | 10 | |
| | 11 | - `$reach(a, ...)` |
| | 12 | returns true iff the memory unit of the object `a` (and others if present) is reachable by a given process `p'`. |
| | 13 | |
| | 14 | - `$reach_from(a, ...)` |
| | 15 | returns true iff any of the memory units reachable from the object `a` (and others if present) is reachable by a given process `p'`. |
| | 16 | |
| | 17 | - `$write(a, ...)` |
| | 18 | returns true iff the memory unit of the object `a` (and others if present) is to be written now or in the future by a given process `p'`. |
| | 19 | |
| | 20 | - `$write_from(a, ...)` |
| | 21 | returns true iff any of the memory units reachable from the object `a` (and others if present) is to be written now or in the future by a given process `p'`. |
| | 22 | |
| | 23 | - `$ample{$true}` |
| | 24 | any process exists in the state should be in the ample set |
| | 25 | |
| | 26 | - `$ample{$false}` |
| | 27 | any process other than the current process (`$self`) need NOT be in the ample set. |
| | 28 | |
| | 29 | Conditional amples set: `[COND] $ample{EXPR1} : $ample(EXPR2)` |
| | 30 | if `COND` is satisfied then processes satisfying `EXPR1` should be in the ample set; |
| | 31 | otherwise, `EXPR2` is considered. |
| | 32 | |
| | 33 | Absent ample set (DEFAULT case): if no `$ample` expression is present, then the library enabler needs to calculate the ample set. |
| | 34 | |
| | 35 | |
| | 36 | Examples: |
| | 37 | - The following means that any process that can reach the memory unit of `comm` should be in the ample set if the current process (`$self`) is to be chosen in the ample set. |
| | 38 | {{{ |
| | 39 | $ample{$reach(comm)} |
| | 40 | void comm_deque($comm comm, ....); |
| | 41 | }}} |
| | 42 | |
| | 43 | - The following means that any process that can reach any of the memory units reachable from `a` or write any of the memory units reachable from `a` now or in the future should be in the ample set if the current process (`$self`) is to be chosen in the ample set. |
| | 44 | {{{ |
| | 45 | $ample{$reach_from(a) || $write_from(b)} |
| | 46 | void strcpy(char *a, char *b); |
| | 47 | }}} |
| | 48 | |
| | 49 | - The following means that the current process itself can form the ample set. |
| | 50 | {{{ |
| | 51 | $ample($false) |
| | 52 | int $comm_size($comm, ...); |
| | 53 | }}} |
