Presentation is loading. Please wait.

Presentation is loading. Please wait.

Part IV: Exploiting Purity for Atomicity. Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)

Published byChrystal Barton Modified over 9 years ago

Similar presentations

Presentation on theme: "Part IV: Exploiting Purity for Atomicity. Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)"— Presentation transcript:

1 Part IV: Exploiting Purity for Atomicity

2 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)

3 alloc boolean b[MAX]; // b[i]==true iff block i is free Lock m[MAX]; atomic int alloc() { int i = 0; while (i < MAX) { acquire(m[i]); if (b[i]) { b[i] = false; release(m[i]); return i; } release(m[i]); i++; } return -1; }

4 alloc acq(m[0]) test(b[0]) rel(m[0]) acq(m[1]) test(b[1]) rel(m[1]) b[1]=false

5 Extending Atomicity  Atomicity doesn't always hold for methods that are "intuitively atomic"  Examples –initialization –resource allocation –wait/notify  Want to extend reduction-based tools to check atomicity at an abstract level – caches – commit/retry transactions

6 Pure Code Blocks  Pure block: pure { E } –If E terminates normally, it does not update state visible outside of E –E is reducible

7 Busy Acquire atomic void busy_acquire() { while (true) { pure { if (CAS(m,0,1)) break; } } }

8 (succeeds) Abstract Execution of Busy Acquire atomic void busy_acquire() { while (true) { pure { if (CAS(m,0,1)) break; } } } CAS(m,0,1) (Concrete) (fails) s0s0 s1s1 s2s2 s2s2 s3s3 s4s4 s5s5 s1s1 s1s1 s0s0 s2s2 s3s3 s4s4 s5s5 (Reduced)

9 Purity and Abstraction acq(m) test(x) rel(m) acq(m) test(x) rel(m)  wait(!m && x)  Abstract execution semantics: –pure blocks can be skipped pure { acq(m); if (x) x = false; rel(m); }  skip

10 alloc atomic int alloc() { int i = 0; while (i < MAX) { pure { acquire(m[i]); if (b[i]) { b[i] = false; release(m[i]); return i; } release(m[i]); } i++; } return -1; }

11 Abstract Execution of alloc acq(m[0]) test(b[0]) rel(m[0]) acq(m[1]) test(b[1]) rel(m[1]) b[1]=false skipacq(m[1]) test(b[1]) rel(m[1]) b[1]=false (Abstract) (Reduced Abstract)

12 Abstraction  Abstract semantics admits more executions  Can still reason about most important properties –" alloc returns either the index of a freshly allocated block or -1" skipacq(m[1]) test(b[1]) rel(m[1]) b[1]=false (Abstract)

13 Type Checking atomic void deposit(int n) { acquire(this); int j = bal; bal = j + n; release(this); } RBBLRBBL ((R;B);B);L = (R;B);L = R;L = A atomic void depositLoop() { while (true) { deposit(10); } (A)* = C  ERROR A

14 alloc boolean b[MAX]; Lock m[MAX]; atomic int alloc() { int i = 0; while (i < MAX) { acquire(m[i]); if (b[i]) { b[i] = false; release(m[i]); return i; } release(m[i]); i++; } return -1; } A A* = C

15 Type Checking with Purity atomic int alloc() { int i = 0; while (i < MAX) { pure { acquire(m[i]); if (b[i]) { b[i] = false; release(m[i]); return i; } release(m[i]); } i++; } return -1; } AAAA BABA (B  A)* = B*  (B*;A) = B  A

16 Double Checked Initialization atomic void init() { if (x != null) return; acquire(l); if (x == null) x = new(); release(l); }

17 Double Checked Initialization atomic void init() { if (x != null) return; acquire(l); if (x == null) x = new(); release(l); } conflicting accesses test(x) acq(l) test(x)x=new() rel(l) (Concrete)

18 Double Checked Initialization atomic void init() { pure { if (x != null) return; } acquire(l); if (x == null) x = new(); release(l); } test(x) acq(l) test(x)x=new() rel(l) skip acq(l) test(x)x=new() rel(l) (Abstract) (Reduced Abstract) (Concrete)

19 Modifying local variables in pure blocks  Partition variables into global and local variables  Allow modification of local variables pure { acq(m); x = z; rel(m); }  pure { wait(m == 0)  x = z; }  x = z0; local x; global z; pure { acq(m); x1 = z; x2 = z; rel(m); }  pure { wait(m == 0)  x1 = z; x2 = z; }  x1 = z0; x2 = z0 local x1, x2; global z;

20 Transaction retry atomic void apply_f() { int x, fx; while (true) { acq(m); x = z; rel(m); fx = f(x); acq(m); if (x == z) { z = fx; rel(m); break; } rel(m); } Atomic blocks

21 Transaction retry atomic void apply_f() { int x, fx; while (true) { pure { acq(m); x = z; rel(m); } fx = f(x); pure { acq(m); if (x == z) { z = fx; rel(m); break; } rel(m); }  The pure blocks allow us to prove apply_f abstractly atomic  We can prove on the abstraction that z is updated to f(z) atomically

22 Lock-free synchronization  Load-linked: x = LL(z) –loads the value of z into x  Store-conditional: f = SC(z,v) –if no SC has happened since the last LL by this thread store the value of v into z and set f to true –otherwise set f to false

23 Scenarios x = LL(z) f = SC(z,v) Success f = SC(z,v) Failure x = LL(z) f = SC(z,v) Failure f’ = SC(z,v’) x = LL(z) f = SC(z,v) Failure

24 Lock-free atomic increment atomic void increment() { int x; while (true) { x = LL(z); x = x + 1; if (SC(z,x)) break; }

25 Modeling LL-SC x = LL(z)  x = z; zSet = zSet  { tid }; f = SC(z,v)  if (tid  zSet) { z = v; zSet = { }; f = true; } else { f = false; }  Global variable zSet –contains ids of threads who have performed the operation LL(z) since the last SC(z,v) –initialized to { }

26 Intuition  A successful SC operations is a left mover  The LL operation corresponding to a successful SC operation is a right mover

27 Modeling LL-SC x = LL(z)  if (*) { assume(zSet = {}); x = z; zSet = { tid }; } else { x = z; } f = SC(z,v)  if (*) { assume(tid  zSet); z = v; zSet = { }; f = true; } else { f = false; }  Global variable zSet –contains the id of the unique thread that has performed the operation LL(z) since the last SC(z,v) and whose SC(z,v’) is destined to succeed –initialized to { } LL-Success(z) LL-Failure(z) SC-Success(z,v) SC-Failure(z,v)

28 Modeling LL-SC x = LL(z)  if (*) LL-Success(z); else LL-Failure(z); f = SC(z,v)  if (*) SC-Success(z,v); else SC-Failure(z,v);  Global variable zSet –contains the id of the unique thread that has performed the operation LL(z) since the last SC(z,v) and whose SC(z,v’) is destined to succeed –initialized to { }  LL-Success(z) is a right mover  SC-Success(z,v) is a left mover

29 Lock-free atomic increment atomic void increment() { int x; while (true) { x = LL(z); x = x + 1; if (SC(z,x)) break; } atomic void increment() { int x; while (true) { if (*) x = LL-Success(z); else x = z; x = x + 1; if (SC-Success(z,x)) break; }

30 Lock-free atomic increment atomic void increment() { int x; while (true) { pure { if (*) x = LL-Success(z); else x = z; x = x + 1; if (SC-Success(z,x)) break; }

31 Atomicity and Purity Effect System  Enforces properties for abstract semantics –pure blocks are reducible and side-effect free –atomic blocks are reducible  Leverages other analyses –race-freedom –control-flow –side-effect  Additional notions of abstraction –unstable reads/writes, weak purity,...

32 Related Work  Reduction –[Lipton 75, Lamport-Schneider 89,...] –other applications: model checking [Stoller-Cohen 03, Flanagan- Qadeer 03], procedure summaries [Qadeer et al 04]  Other reduction-based atomicity checkers –Bogor model checker [Hatcliff et al 03]  Beyond reduction –dynamic checking [Wang-Stoller 03] –model-checking atomicity requirements [Flanagan 04] –view consistency [Artho et al. 03]

33 Summary  Atomicity –enables sequential analysis –common in practice  Purity enables reasoning about atomicity at an abstract level –matches programmer intuition –more effective checkers

Download ppt "Part IV: Exploiting Purity for Atomicity. Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)"

Similar presentations

Architecture-aware Analysis of Concurrent Software Rajeev Alur University of Pennsylvania Amir Pnueli Memorial Symposium New York University, May 2010.

Architecture-aware Analysis of Concurrent Software Rajeev Alur University of Pennsylvania Amir Pnueli Memorial Symposium New York University, May 2010.
Ch 7 B.

Ch 7 B.
Programming Languages and Paradigms The C Programming Language.

Programming Languages and Paradigms The C Programming Language.
Reduction, abstraction, and atomicity: How much can we prove about concurrent programs using them? Serdar Tasiran Koç University Istanbul, Turkey Tayfun.

Reduction, abstraction, and atomicity: How much can we prove about concurrent programs using them? Serdar Tasiran Koç University Istanbul, Turkey Tayfun.
Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,

Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,
Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.

Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.
A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.
1 Beyond Reduction.... 2 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else.

1 Beyond Reduction Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else.
Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs Stephen Freund Williams College Cormac Flanagan University of California, Santa Cruz.

Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs Stephen Freund Williams College Cormac Flanagan University of California, Santa Cruz.
Types for Atomicity in Multithreaded Software Shaz Qadeer Microsoft Research (Joint work with Cormac Flanagan)

Types for Atomicity in Multithreaded Software Shaz Qadeer Microsoft Research (Joint work with Cormac Flanagan)
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
C. Flanagan1Types for Atomicity Cormac Flanagan UC Santa Cruz Stephen N. Freund Williams College Shaz Qadeer Microsoft Research Analysis of Concurrent.

C. Flanagan1Types for Atomicity Cormac Flanagan UC Santa Cruz Stephen N. Freund Williams College Shaz Qadeer Microsoft Research Analysis of Concurrent.
/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.

/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.
Atomicity Violation Detection Prof. Moonzoo Kim CS492B Analysis of Concurrent Programs.

Atomicity Violation Detection Prof. Moonzoo Kim CS492B Analysis of Concurrent Programs.
Generalizing Reduction and Abstraction to Simplify Concurrent Programs: The QED Approach Shaz Qadeer Microsoft Research Redmond, WA Serdar Taşıran Serdar.

Generalizing Reduction and Abstraction to Simplify Concurrent Programs: The QED Approach Shaz Qadeer Microsoft Research Redmond, WA Serdar Taşıran Serdar.
Summarizing Procedures in Concurrent Programs Shaz Qadeer Sriram K. Rajamani Jakob Rehof Microsoft Research.

Summarizing Procedures in Concurrent Programs Shaz Qadeer Sriram K. Rajamani Jakob Rehof Microsoft Research.
Threading Part 2 CS221 – 4/22/09. Where We Left Off Simple Threads Program: – Start a worker thread from the Main thread – Worker thread prints messages.

Threading Part 2 CS221 – 4/22/09. Where We Left Off Simple Threads Program: – Start a worker thread from the Main thread – Worker thread prints messages.
1 Lecture 21: Transactional Memory Topics: consistency model recap, introduction to transactional memory.

1 Lecture 21: Transactional Memory Topics: consistency model recap, introduction to transactional memory.
Atomicity: A powerful concept for analyzing concurrent software Shaz Qadeer Microsoft Research.

Atomicity: A powerful concept for analyzing concurrent software Shaz Qadeer Microsoft Research.
C. FlanaganAtomicity for Reliable Concurrent Software - PLDI'05 Tutorial1 Atomicity for Reliable Concurrent Software Part 3a: Types for Race-Freedom and.

C. FlanaganAtomicity for Reliable Concurrent Software - PLDI'05 Tutorial1 Atomicity for Reliable Concurrent Software Part 3a: Types for Race-Freedom and.

Similar presentations

Ads by Google