Concurrency Specification Aliasgar Rampurwala Aditya Garg 11/9/2018

Outline Issues in concurrent systems Programming language support for concurrency Concurrency analysis - A specification based approach Concurrency and other formal methods Deadlock Checker Concurrency and architectures 11/9/2018

Concurrency Coexistence Sharing of resources Issues Solution Results Asynchronicity Non-determinism Solution Locks Results Deadlock and starvation 11/9/2018

Concurrency in various disciplines Databases Transaction serializability Operating Systems Multithreading Electronic circuits Flip flops Real life Gas station example 11/9/2018

Concurrency in architecture implementations 11/9/2018

PL support for concurrency - 1 Fork and join constructs Queue construct and the signal operation Concurrent Pascal The Java synchronized keyword 11/9/2018

PL support for concurrency - 2 Communicating sequential processes [CSP] Producer command : consumer!m Consumer command : producer?n Guarded commands <guard> —› <command-list> guard : list of declarations, boolean expressions or an input command alternative guarded command [ G1 —› C1 ƀ G2 —› C2 ƀ …. ƀ Gn —› Cn] 11/9/2018

From Specification to Implementation - 1 11/9/2018

From Specification to Implementation - 2 Specification Phase Implementation Phase Easy to verify safety Difficult to verify and liveness safety and liveness State spaces small State spaces and manageable large and unmanageable; testing difficult Cost of correcting Cost of correcting flaws is low flaws is high 11/9/2018

Specification-based model - 1 Synchronizer construct set of variables defining the state of shared resources set of operations on these variables (with pre/post conditions) set of invariants safety conditions liveness conditions 11/9/2018

Specification-based model - 2 Process construct independent thread of execution multiple processes coexist control allocation/deallocation of synchronizer controlled resources Example: Web server : synchronizer Web browser : process 11/9/2018

Gas-station model 11/9/2018

Gas-station model - Program spec 11/9/2018

Gas station model - RSTG 11/9/2018

Gas station model - Event expressions Two customers trying to buy gas concurrently 11/9/2018

Gas station model - Reachability graph Identifies the states that can be reached by executing enabled operations in processes and synchronizers Constructed from event expressions and RSTG Nodes represent states of RSTG Edges represent operations from event expressions A deadlock occurs if the graph contains terminal nodes 11/9/2018

Tool support for concurrency analysis INCA(Inequality Necessary Condition Analysis) checks properties of an architectural specification (ex. Mutual exclusion) provides example executions that violate those properties verifies that a modification removes the faults 11/9/2018

Detecting a race condition Customer1 pays before Customer2 but Customer2 takes up the hose before Customer1 thus getting the amount of gas purchased by Customer1 11/9/2018

The INCA query 11/9/2018

INCA results INCA generates a system of inequalities based on the violation of properties specified by the query a consistent inequality implies such a situation is possible an inconsistent inequality implies such a situation is impossible 11/9/2018

Features common with other formal methods RSTG Pre and post conditions State invariants 11/9/2018

Unique Features - 1 Operation execution phases Request phase Enabled phase Service phase only one operation invocation can be in the service phase. Terminate phase Example: Fair scheduler: []<>enabled(o) -> <>service(o) 11/9/2018

Unique Features - 2 Separation of control resources from state variables Event expressions help “walk through” the concurrency aspect Semantics of allocation and deallocation helpful in detecting deadlocks 11/9/2018

Deadlock Checker Performs checks on parallel programs written in CSP in order to prove freedom from deadlock Takes in a network file(.net) that has been compiled from a CSP source file using a tool such as FDR More information : http://users.ox.ac.uk/~jeremy/Deadlock/ 11/9/2018

The Dining Philosophers Problem 5 philosophers and 5 chopsticks All philosophers keep thinking When a philosopher feels hungry, he picks up the chopsticks closest to him, eats rice and keeps the chopsticks back Deadlock : When all philosophers grab their left chopstick simultaneously 11/9/2018

The Dining Philosophers Problem 11/9/2018

Architectures and concurrency Component types: Synchronizer Process units Connector Synchronization connector 11/9/2018

Synchronization Connector 11/9/2018

A simple Binary Semaphore Connector in Java package architecture.connector; import java.lang; import architecture.framework; public class SyncConnector extends Connector { private boolean available; public SyncConnector() { available = true; } public void handle(Request r) { String messageName = r.getName(); if(messageName.equals("AccessResource")) { if(!available) { wait(); if(available) { available = false; super.handle(r); 11/9/2018

A simple Binary Semaphore Connector in Java (contd) public void handle(Notification n) { String messageName = n.getName(); if(messageName.equals("ReleaseResource")) { available = true; notifyAll(); } 11/9/2018

Conclusions and Discussion Analysis of concurrent systems early in the development process reduces complexity and cost of correcting errors A formal analysis will help detect deadlocks and starvation and also in direct code generation Concurrency in software architectures can be represented in terms of CSPs 11/9/2018