Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Beyond Reduction.... 2 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else.

Published byPhilip Skinner Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Beyond Reduction.... 2 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else."— Presentation transcript:

1 1 Beyond Reduction...

2 2 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else { return false; }

3 3 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)

4 4  Non-Serial Execution:  Serial Execution:  Atomic but not reducible CAS(m,0,1) (fails) (succeeds) CAS(m,0,1) (succeeds)

5 5 alloc boolean b[MAX]; // b[i]==true iff block i is free Lock m[MAX]; atomic int alloc() { int i = 0; while (i < MAX) { acquire(m[i]); if (b[i]) { b[i] = false; release(m[i]); return i; } release(m[i]); i++; } return -1; }

6 6 alloc acq(m[0]) test(b[0]) rel(m[0]) acq(m[1]) test(b[1]) rel(m[1]) b[1]=false

7 7 alloc is not Atomic  There are non-serial executions with no equivalent serial executions

8 8 m[0] = m[1] = 0; b[0] = b[1] = false; t = alloc(); || free(0); free(1); void free(int i) { acquire(m[i]); b[i] = true; release(m[i]); }

9 9  Non-Serial Execution:  Serial Executions: loop for b[0] t = 1 free(0)loop for b[1]free(1) loop for b[0]free(0)loop for b[1]free(1) loop for b[0]free(0)free(1) t = -1 t = 0 loop for b[0]free(0)free(1) t = 0 m[0] = m[1] = 0; b[0] = b[1] = false; t = alloc(); || free(0); free(1);

10 10 Extending Atomicity  Atomicity doesn't always hold for methods that are "intuitively atomic" –serializable but not reducible (busy_acquire) –not serializable (alloc)  Examples –initialization –resource allocation –wait/notify – caches – commit/retry transactions

11 11 Pure Code Blocks  Pure block: pure { E } –If E terminates normally, it does not update state visible outside of E –E is reducible  Example while (true) { pure { acquire(mx); if (x == 0) { x = 1; release(mx); break; } release(mx); } }

12 12 Purity and Abstraction  A pure block's behavior under normal termination is the same as skip  Abstract execution semantics: –pure blocks can be skipped acq(m) test(x) rel(m) acq(m) test(x) rel(m) skip

13 13 Abstraction  Abstract semantics that admits more behaviors –pure blocks can be skipped –hides "irrelevant" details (ie, failed loop iters) –  Program must still be (sequentially) correct in abstract semantics  Abstract semantics make reduction possible

14 14 Busy Acquire atomic void busy_acquire() { while (true) { pure { if (CAS(m,0,1)) break; } } }

15 15 Abstract Execution of Busy Acquire atomic void busy_acquire() { while (true) { pure { if (CAS(m,0,1)) break; } } } CAS(m,0,1) skip CAS(m,0,1) (Concrete) (Abstract) (Reduced Abstract)

16 16 alloc atomic int alloc() { int i = 0; while (i < MAX) { pure { acquire(m[i]); if (b[i]) { b[i] = false; release(m[i]); return i; } release(m[i]); } i++; } return -1; }

17 17 Abstract Execution of alloc acq(m[0]) test(b[0]) rel(m[0]) acq(m[1]) test(b[1]) rel(m[1]) b[1]=false skipacq(m[1]) test(b[1]) rel(m[1]) b[1]=false (Abstract) (Reduced Abstract)

18 18  Abstract semantics admits more executions  Can still reason about important properties –" alloc returns either the index of a freshly allocated block or -1" –cannot guarantee " alloc returns smallest possible index" but what does this really mean anyway??? Abstraction skipacq(m[1]) test(b[1]) rel(m[1]) b[1]=false (Abstract) free(0)free(1)

19 19 To Atomicity and Beyond...

20 20

21 21 Commit-Atomicity  Reduction –Great if can get serial execution via commuting  Reduction + Purity –Great if non-serial execution performs extra pure loops  Commit Atomicity –More heavyweight technique to verify if some corresponding serial execution has same behavior can take different steps

22 22 Checking Commit Atomicity  Run normal and serial executions of program concurrently, on separate stores  Normal execution runs as normal –threads execute atomic blocks –each atomic block has commit point  Serial execution –runs on separate shadow store –when normal execution commits an atomic block, serial execution runs entire atomic block serially  Check two executions yield same behavior

23 23 Commit-Atomic commit atomic block... Normal execution Serial execution compare states

24 24 Preliminary Evaluation  Some small benchmarks –Bluetooth device driver atomicity violation due to error –Busy-waiting lock acquire acquire1: 1 line of code in critical section acquire100: 100 lines of code in critical section  Hand translated to PROMELA code –Two versions, with and without commit-atomic –Model check with SPIN

25 25 Performance: Bluetooth device driver

26 26 Performance: acquire1 and acquire100

27 27 Summary  Atomicity –concise, semantically deep partial specification –aka serializability  Reduction –lightweight technique for verifying atomicity –can verify with types, or dynamically –plus purity, for complex cases  Commit-Atomicity –more general technique

28 28 Summary  Atomicity –concise, semantically deep partial specification  Reduction –lightweight technique for verifying atomicity  Commit-Atomicity –more general technique  Future work –combine reduction and commit-atomic –generalizing atomicity temporal logics for determinism?

Download ppt "1 Beyond Reduction.... 2 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else."

Similar presentations

Concurrent programming for dummies (and smart people too) Tim Harris & Keir Fraser.

Concurrent programming for dummies (and smart people too) Tim Harris & Keir Fraser.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Transactions - Concurrent access & System failures - Properties of Transactions - Isolation Levels 4/13/2015Databases21.

Transactions - Concurrent access & System failures - Properties of Transactions - Isolation Levels 4/13/2015Databases21.
A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.

A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.
Principles of Transaction Management. Outline Transaction concepts & protocols Performance impact of concurrency control Performance tuning.

Principles of Transaction Management. Outline Transaction concepts & protocols Performance impact of concurrency control Performance tuning.
Ch 7 B.

Ch 7 B.
Verifying Executable Object-Oriented Specifications with Separation Logic Stephan van Staden, Cristiano Calcagno, Bertrand Meyer.

Verifying Executable Object-Oriented Specifications with Separation Logic Stephan van Staden, Cristiano Calcagno, Bertrand Meyer.
Reduction, abstraction, and atomicity: How much can we prove about concurrent programs using them? Serdar Tasiran Koç University Istanbul, Turkey Tayfun.

Reduction, abstraction, and atomicity: How much can we prove about concurrent programs using them? Serdar Tasiran Koç University Istanbul, Turkey Tayfun.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
Expressions and Statements. 2 Contents Side effects: expressions and statements Expression notations Expression evaluation orders Conditional statements.

Expressions and Statements. 2 Contents Side effects: expressions and statements Expression notations Expression evaluation orders Conditional statements.
Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.

Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
Chair of Software Engineering Software Verification Stephan van Staden Lecture 10: Model Checking.

Chair of Software Engineering Software Verification Stephan van Staden Lecture 10: Model Checking.
Part IV: Exploiting Purity for Atomicity. Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)

Part IV: Exploiting Purity for Atomicity. Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)
/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.

/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.
Summarizing Procedures in Concurrent Programs Shaz Qadeer Sriram K. Rajamani Jakob Rehof Microsoft Research.

Summarizing Procedures in Concurrent Programs Shaz Qadeer Sriram K. Rajamani Jakob Rehof Microsoft Research.
PARALLEL PROGRAMMING with TRANSACTIONAL MEMORY Pratibha Kona.

PARALLEL PROGRAMMING with TRANSACTIONAL MEMORY Pratibha Kona.
Transaction Processing Lecture 2005 09 22 ACID 2 phase commit.

Transaction Processing Lecture ACID 2 phase commit.
CS510 Concurrent Systems Class 2 A Lock-Free Multiprocessor OS Kernel.

CS510 Concurrent Systems Class 2 A Lock-Free Multiprocessor OS Kernel.
Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space 03-640-760603-640-5358 html://www.cs.tau.ac.il/~msagiv/courses/sem03.html.

Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space html://

Similar presentations

Ads by Google