Download presentation
Presentation is loading. Please wait.
1
Concurrency: concurrent execution ©Magee/Kramer Claus Brabrand brabrand@daimi.au.dk University of Aarhus Concurrent Execution Concurrency
2
Concurrency: concurrent execution ©Magee/Kramer Repetition (Concepts, Models, and Practice) Concepts: We adopt a model-based approach for the design and construction of concurrent programs Safe model => safe program Models: We use finite state models to represent concurrent behaviour (Finite State Processes and Labelled Transition Systems) Practice: We use Java for constructing concurrent programs
3
Concurrency: concurrent execution ©Magee/Kramer Repetition (Models; LTS/FSM, FSP) Model = simplified representation of the real world Based on Labelled Transition Systems (LTS ): Described textually as Finite State Processes (FSP ): EngineOff = (engineOn-> EngineOn), EngineOn = (engineOff-> EngineOff |speed->EngineOn). Aka. Finite State Machine (FSM ) Focuses on concurrency aspects (of the program) - everything else abstracted away
4
Concurrency: concurrent execution ©Magee/Kramer Repetition (Finite State Processes; FSP) Finite State Processes (FSP): P:STOP // termination |(x -> P) // action prefix |(when (…) x -> P) // guard |P | P’ // choice |P +{ … } // alphabet extension |X// process variable action indexingx[i:1..N]->P or x[i]->P process parametersP[i:1..N] = … constant definitionsconst N = 3 range definitionsrange R = 0..N Which constructions do not add expressive power? (and are thus only "syntactic sugar").
5
Concurrency: concurrent execution ©Magee/Kramer Repetition (Java Threads) Subclassing java.lang.Thread: Implementing java.lang.Runnable: class MyThread extends Thread { public void run() { //... } class MyRun implements Runnable { public void run() { //... } Thread t = new MyThread(); t.start(); //... Thread t = new Thread(new MyRun()); t.start(); //...
6
Concurrency: concurrent execution ©Magee/Kramer Chapter 3 Concurrent Execution
7
Concurrency: concurrent execution ©Magee/Kramer Concurrent execution Concepts : processes - concurrent execution and interleaving. process interaction. Models :parallel composition of asynchronous processes - interleaving interaction - shared actions process labelling, and action relabelling and hiding structure diagrams Practice : Multithreaded Java programs
8
Concurrency: concurrent execution ©Magee/Kramer Definition: Parallelism Parallelism (aka. Real/True Concurrent Execution) Physically simultaneous processing Involves multiple processing elements (PEs) and/or independent device operations A Time B C
9
Concurrency: concurrent execution ©Magee/Kramer Definition: Concurrency A Time B C Concurrency (aka. Pseudo-Concurrent Execution) Logically simultaneous processing Does not imply multiple processing elements (PEs) Requires interleaved execution on a single PE
10
Concurrency: concurrent execution ©Magee/Kramer Parallelism vs. Concurrency Both concurrency and parallelism require controlled access to shared resources. We use the terms parallel and concurrent interchangeably (and generally do not distinguish between real and pseudo-concurrent execution). Also, creating software independent of the physical setup, makes us capable of deploying it on any platform! Both concurrency and parallelism require controlled access to shared resources. We use the terms parallel and concurrent interchangeably (and generally do not distinguish between real and pseudo-concurrent execution). Also, creating software independent of the physical setup, makes us capable of deploying it on any platform! Parallelism Concurrency A Time B C A B C
11
Concurrency: concurrent execution ©Magee/Kramer 3.1 Modelling Concurrency How do we model concurrency? Arbitrary relative order of actions from different processes (interleaving but preservation of each process order) x Possible execution sequences? y Asynchronous model of execution x ; y y ; x x || y
12
Concurrency: concurrent execution ©Magee/Kramer 3.1 Modelling Concurrency How should we model process execution speed? We choose to abstract away time: Arbitrary speed! +: independent of architecture, processor speed, scheduling policies, … -: we can say nothing of real-time properties a b x y
13
Concurrency: concurrent execution ©Magee/Kramer parallel composition - action interleaving scratch think talk think scratch talk think talk scratch Possible traces as a result of action interleaving? If P and Q are processes then (P||Q) represents the concurrent execution of P and Q. The operator ‘||’ is the parallel composition operator. ITCH = (scratch->STOP). CONVERSE = (think->talk->STOP). ||CONVERSE_ITCH = (ITCH || CONVERSE).
14
Concurrency: concurrent execution ©Magee/Kramer parallel composition - action interleaving 2 states 3 states (0,0)(0,1)(0,2)(1,2) (1,1)(1,0) from CONVERSE from ITCH 2 x 3 states Cartesian product?
15
Concurrency: concurrent execution ©Magee/Kramer parallel composition - algebraic laws Commutative: (P||Q) = (Q||P) Associative: (P||(Q||R))= ((P||Q)||R) = (P||Q||R). Clock radio example: CLOCK = (tick->CLOCK). RADIO = (on->off->RADIO). ||CLOCK_RADIO = (CLOCK || RADIO). LTS? Traces? Number of states?
16
Concurrency: concurrent execution ©Magee/Kramer modeling interaction - shared actions If processes in a composition have actions in common, these actions are said to be shared. Shared actions are the way that process interaction is modelled. While unshared actions may be arbitrarily interleaved, a shared action must be executed at the same time by all processes that participate in the shared action. MAKE1 = (make->ready->STOP). USE1 = (ready->use->STOP). ||MAKE1_USE1 = (MAKE1 || USE1). Shared Actions: MAKE1 synchronizes with USE1 when ready. LTS? Traces? Number of states?
17
Concurrency: concurrent execution ©Magee/Kramer modeling interaction - example 3 states 3 x 3 states? MAKE1 = (make->ready->STOP). USE1 = (ready->use->STOP). ||MAKE1_USE1 = (MAKE1 || USE1). makeready make ready use No…!
18
Concurrency: concurrent execution ©Magee/Kramer modeling interaction - example 3 states MAKE1 = (make->ready->STOP). USE1 = (ready->use->STOP). ||MAKE1_USE1 = (MAKE1 || USE1). make ready use Interaction may constrain the overall behaviour ! 4 states! ready make ready use
19
Concurrency: concurrent execution ©Magee/Kramer Example P = (x -> y -> P). Q = (y -> x -> Q). ||R = (P || Q). LTS? Traces? Number of states? 2 states
20
Concurrency: concurrent execution ©Magee/Kramer modeling interaction - example MAKER = (make->ready->MAKER). USER = (ready->use->USER). ||MAKER_USER = (MAKER || USER). LTS? Traces? Can we make sure the MAKER does not “get ahead of” the USER (i.e. never make before use); and if so, how?
21
Concurrency: concurrent execution ©Magee/Kramer modeling interaction - handshake A handshake is an action acknowledged by another: MAKERv2 = (make->ready->used->MAKERv2). USERv2 = (ready->use->used->USERv2). ||MAKER_USERv2 = (MAKERv2 || USERv2).
22
Concurrency: concurrent execution ©Magee/Kramer modeling interaction - multiple processes Multi-party synchronization: MAKE_A = (makeA->ready->used->MAKE_A). MAKE_B = (makeB->ready->used->MAKE_B). ASSEMBLE = (ready->assemble->used->ASSEMBLE). ||FACTORY = (MAKE_A || MAKE_B || ASSEMBLE).
23
Concurrency: concurrent execution ©Magee/Kramer composite processes A composite process is a parallel composition of primitive processes. These composite processes can be used in the definition of further compositions. ||MAKERS = (MAKE_A || MAKE_B). ||FACTORY = (MAKERS || ASSEMBLE). ||FACTORY = ((MAKE_A || MAKE_B)|| ASSEMBLE). substitution of def’n of MAKERS associativity! ||FACTORY = (MAKE_A || MAKE_B || ASSEMBLE). Further simplification?
24
Concurrency: concurrent execution ©Magee/Kramer process labelling a:P prefixes each action label in the alphabet of P with a. SWITCH = (on->off->SWITCH). ||TWO_SWITCH = (a:SWITCH || b:SWITCH). Two instances of a switch process: LTS? (a:SWITCH)
25
Concurrency: concurrent execution ©Magee/Kramer process labelling a:P prefixes each action label in the alphabet of P with a. SWITCH = (on->off->SWITCH). ||TWO_SWITCH = (a:SWITCH || b:SWITCH). Two instances of a switch process: ||SWITCHES(N=3) = (forall[i:1..N] s[i]:SWITCH). ||SWITCHES(N=3) = (s[i:1..N]:SWITCH). An array of instances of the switch process:
26
Concurrency: concurrent execution ©Magee/Kramer process labelling by a set of prefix labels {a 1,..,a n }::P replaces every action label x in the alphabet of P with the labels a 1.x,…,a n.x. Further, every transition (x->X) in the definition of P is replaced with the transitions ({a 1.x,…,a n.x} ->X). Process prefixing is useful for modeling shared resources: RESOURCE = (acquire->release->RESOURCE). USER = (acquire->use->release->USER). ||RESOURCE_SHARE = (a:USER || b:USER || {a,b}::RESOURCE).
27
Concurrency: concurrent execution ©Magee/Kramer process prefix labels for shared resources How does the model ensure that the user that acquires the resource is the one to release it? RESOURCE = (acquire->release->RESOURCE). USER = (acquire->use->release->USER). ||RESOURCE_SHARE = (a:USER || b:USER || {a,b}::RESOURCE).
28
Concurrency: concurrent execution ©Magee/Kramer Example X = (x -> STOP). LTS? Traces? Number of states? ||SYS_1 = {a,b}:X. ||SYS_2 = {a,b}::X. LTS? Traces? Number of states?
29
Concurrency: concurrent execution ©Magee/Kramer action relabelling Relabeling to ensure that composed processes synchronize on particular actions: Relabelling functions are applied to processes to change the names of action labels. The general form of the relabelling function is: /{newlabel 1 /oldlabel 1,… newlabel n /oldlabel n }. CLIENT = (call->wait->continue->CLIENT). SERVER = (request->service->reply->SERVER).
30
Concurrency: concurrent execution ©Magee/Kramer action relabelling ||C_S = (C || S). CLIENT = (call->wait->continue->CLIENT). SERVER = (request->service->reply->SERVER). CS C_S C = (CLIENT /{reply/wait}). S = (SERVER /{call/request}).
31
Concurrency: concurrent execution ©Magee/Kramer action relabelling - prefix labels SERVERv2 = (accept.request ->service->accept.reply->SERVERv2). CLIENTv2 = (call.request ->call.reply->continue->CLIENTv2). ||CLIENT_SERVERv2 = (CLIENTv2 || SERVERv2) /{call/accept}. An alternative formulation of the client server system is described below using qualified or prefixed labels:
32
Concurrency: concurrent execution ©Magee/Kramer action hiding - abstraction to reduce complexity When applied to a process P, the hiding operator \{a1..ax} removes the action names a1..ax from the alphabet of P and makes these concealed actions "silent". These silent actions are labelled tau. Silent actions in different processes are not shared. USER = (acquire->use->release->USER) \{use}.
33
Concurrency: concurrent execution ©Magee/Kramer action hiding - abstraction to reduce complexity When applied to a process P, the interface operator @{a1..ax} hides all actions in the alphabet of P not labelled in the set a1..ax. Sometimes it is more convenient to specify the set of labels to be exposed.... USER = (acquire->use->release->USER) @{acquire,release}.
34
Concurrency: concurrent execution ©Magee/Kramer action hiding USER = (acquire->use->release->USER) \{use}. USER = (acquire->use->release->USER) @{acquire,release}. The following definitions are equivalent: Minimization removes hidden tau actions to produce an LTS with equivalent observable behavior.
35
Concurrency: concurrent execution ©Magee/Kramer structure diagrams P a b Process P with alphabet {a,b}. P a b Q m Parallel Composition (P||Q) / {m/a,m/b,c/d} P Q a c d c x x x S y x Composite process ||S = (P||Q) @ {x,y}
36
Concurrency: concurrent execution ©Magee/Kramer structure diagrams P a b Process P with alphabet {a,b}. P a b Q m Parallel Composition (P||Q) / {m/a,m/b,c/d} P Q a c d c x x x S y x Composite process ||S = (P||Q) @ {x,y}
37
Concurrency: concurrent execution ©Magee/Kramer structure diagrams P a b Process P with alphabet {a,b}. P a b Q m Parallel Composition (P||Q) / {m/a,m/b,c/d} P Q a c d c x x x S y x Composite process ||S = (P||Q) @ {x,y}
38
Concurrency: concurrent execution ©Magee/Kramer structure diagrams P a b Process P with alphabet {a,b}. P a b Q m Parallel Composition (P||Q) / {m/a,m/b,c/d} P Q a c d c x x x S y x Composite process ||S = (P||Q) @ {x,y}
39
Concurrency: concurrent execution ©Magee/Kramer structure diagrams P a b Process P with alphabet {a,b}. P a b Q m Parallel Composition (P||Q) / {m/a,m/b,c/d} P Q a c d c x x x S y x Composite process ||S = (P||Q) @ {x,y}
40
Concurrency: concurrent execution ©Magee/Kramer structure diagrams P a b Process P with alphabet {a,b}. P a b Q m Parallel Composition (P||Q) / {m/a,m/b,c/d} X Y a c d c x x x S y x Composite process ||S = (X||Y) @ {x,y}
41
Concurrency: concurrent execution ©Magee/Kramer structure diagrams We use structure diagrams to capture the structure of a model expressed by the static combinators: parallel composition, relabeling and hiding. range T = 0..3 BUFF = (in[i:T]->out[i]->BUFF). a:BUFFb:BUFF a.out TWOBUFF out in out in out ||TWOBUF = (a:BUFF || b:BUFF) /{in/a.in, a.out/b.in, out/b.out} @{in,out}.
42
Concurrency: concurrent execution ©Magee/Kramer structure diagrams Structure diagram for CLIENT_SERVER ? CLIENT call request SERVER call replywait reply servicecontinue CLIENT = (call->wait->continue->CLIENT). SERVER = (request->service->reply->SERVER). ||CLIENT_SERVER = (CLIENT||SERVER) /{reply/wait, call/request}.
43
Concurrency: concurrent execution ©Magee/Kramer structure diagrams Structure diagram for CLIENT_SERVERv2 ? CLIENTv2 call accept SERVERv2 call servicecontinue SERVERv2 = (accept.request ->service->accept.reply->SERVERv2). CLIENTv2 = (call.request ->call.reply->continue->CLIENTv2). ||CLIENT_SERVERv2 = (CLIENTv2 || SERVERv2) /{call/accept}.
44
Concurrency: concurrent execution ©Magee/Kramer structure diagrams - resource sharing a:USER printer b:USER printer printer: RESOURCE acquire release PRINTER_SHARE RESOURCE = (acquire->release->RESOURCE). USER = (printer.acquire->use->printer.release->USER). ||PRINTER_SHARE = (a:USER || b:USER || {a,b}::printer:RESOURCE).
45
Concurrency: concurrent execution ©Magee/Kramer ThreadDemo model THREAD = OFF, OFF = (toggle->ON |abort->STOP), ON = (toggle->OFF |output->ON |abort->STOP). ||THREAD_DEMO = (a:THREAD || b:THREAD) /{stop/{a,b}.abort}. Interpret: toggle, abort as inputs; output as output a:Tb:T stop a.toggle a.output b.output b.toggle THREAD_DEMO
46
Concurrency: concurrent execution ©Magee/Kramer ThreadDemo code: MyThread class MyThread extends Thread { private boolean on; MyThread() { super(); this.on = false; } public void toggle() {on = !on; } public void abort() { this.interrupt(); } private void output() { System.out.println(“output”); } public void run() { try { while (true) { if (on) output(); sleep(1000); } } catch(Int’Exc’ _) { System.out.println(“Done!”); }}}
47
Concurrency: concurrent execution ©Magee/Kramer ThreadDemo code: ThreadDemo class ThreadDemo { public static void main(String[] args) { MyThread a = new MyThread(); MyThread b = new MyThread(); a.start(); b.start(); while (true) { switch (readChar()) { case ‘a’: a.toogle(); break; case ‘b’: b.toogle(); break; case ‘i’: stop(a,b); return; } private stop(MyThread a, MyThread b) { a.abort(); b.abort(); } }}}
48
Concurrency: concurrent execution ©Magee/Kramer Summary Concepts concurrent processes and process interaction Models Asynchronous (arbitrary speed) & interleaving (arbitrary order). Parallel composition as a finite state process with action interleaving. Process interaction by shared actions. Process labeling and action relabeling and hiding. Structure diagrams Practice Multiple threads in Java.
49
Concurrency: concurrent execution ©Magee/Kramer Claus Brabrand brabrand@daimi.au.dk University of Aarhus Shared Objects and Mutual Exclusion Concurrency
50
Concurrency: concurrent execution ©Magee/Kramer Repetition (FSP) FSP: P || Q// parallel composition a:P// parameterized parallel composition {…}::P// set prefixing (usually for sharing) P / {x/y}// action relabling P \ {…}// hiding P @ {…}// keeping (hide complement) Structure Diagrams: a:BUFFb:BUFF a.out TWOBUFF out in out in out
51
Concurrency: concurrent execution ©Magee/Kramer Chapter 4 Shared Objects & Mutual Exclusion
52
Concurrency: concurrent execution ©Magee/Kramer Shared Objects & Mutual Exclusion Concepts: Process interference Mutual exclusion Models: Model-checking for interference Modelling mutual exclusion Practice: Thread interference in shared objects in Java Mutual exclusion in Java synchronized objects, methods, and statements
53
Concurrency: concurrent execution ©Magee/Kramer 4.1 Interference People enter an ornamental garden through either of two turnstiles. Management wishes to know how many are in the garden at any time. (Nobody can exit). The ”Ornamental Garden Problem ”: Counter 0 1 2
54
Concurrency: concurrent execution ©Magee/Kramer …and now for something completely different! Der var engang en hytte lang ude i skoven... En fysiker En biolog En matematiker Måleusikkerhed! Reproduktion! Hvis der går 1 person ind i hytten, så er den tom!...og... 3 4
55
Concurrency: concurrent execution ©Magee/Kramer 4.1 Ornamental Garden Problem (cont’d) Java implementation: The concurrent program consists of: two concurrent threads (west & east); and a shared counter object Counter 2
56
Concurrency: concurrent execution ©Magee/Kramer Class Diagram counter 40 20
57
Concurrency: concurrent execution ©Magee/Kramer Ornamental Garden Program The go() method of the Garden applet… …creates the shared Counter object & the Turnstile threads. class Garden extends Applet { NumberCanvas counterD, westD, eastD; Turnstile east, west;... private void go() { counter = new Counter(counterD); west = new Turnstile(westD,counter); east = new Turnstile(eastD,counter); west.start(); east.start(); }
58
Concurrency: concurrent execution ©Magee/Kramer The Turnstile Class class Turnstile extends Thread { NumberCanvas display; Counter counter; public void run() { try { display.setvalue(0); for (int i=1; i<=Garden.MAX; i++) { Thread.sleep(1000); display.setvalue(i); counter.increment(); } } catch (InterruptedException _) {} } The Turnstile thread simulates periodic arrival of visitors by invoking the counter object’s increment() method every second
59
Concurrency: concurrent execution ©Magee/Kramer The Shared Counter Class class Counter { int value; NumberCanvas display; void increment() { value = value + 1; display.setvalue(value); } The increment() method of the Counter class increments its internal value and updates the display.
60
Concurrency: concurrent execution ©Magee/Kramer Running the Applet After the East and West turnstile threads each have incremented the counter 20 times, the garden people counter is not the sum of the counts displayed. Why? 39 20
61
Concurrency: concurrent execution ©Magee/Kramer The Shared Counter Class (cont’d) class Counter { int value; NumberCanvas display; void increment() { value = value + 1; display.setvalue(value); } aload_0 // push “this” onto stack dup // duplicate top stack element getfield #2 // get value of “this.value” iconst_1 // push 1 onto stack iadd // add two top stack elements putfield #2 // put result into “this.value” Thread switch ?
62
Concurrency: concurrent execution ©Magee/Kramer Concurrent Method Activation Thus, threads east and west may be executing the code for the increment method at the same time. east west program counter program counter PC Shared code: Java method activation is not atomic! Counter.class: aload_0 // this dup getfield #2 // x iconst_1 iadd putfield #2 // x return
63
Concurrency: concurrent execution ©Magee/Kramer Pedagogification; the Counter Class (cont’d) class Counter { void increment() { value = value + 1; display.setvalue(value); }
64
Concurrency: concurrent execution ©Magee/Kramer Pedagogification; the Counter Class (cont’d) class Counter { void increment() { int temp = value; // read Simulate.HWinterrupt(); value = temp + 1; // write display.setvalue(value); } } The counter simulates a hardware interrupt during an increment(), between reading and writing to the shared counter value. class Simulate { // randomly force thread switch! public static void HWinterrupt() { if (random()<0.5) Thread.yield(); }
65
Concurrency: concurrent execution ©Magee/Kramer Running the Applet Now the erroneous behaviour occurs all the time!
66
Concurrency: concurrent execution ©Magee/Kramer Garden Model (Structure Diagram) VAR: models read and write access to the shared counter value. TURNSTILE: Increment is modelled inside TURNSTILE, since Java method activation is not atomic (i.e., thread objects east and west may interleave their read and write actions ). GARDEN
67
Concurrency: concurrent execution ©Magee/Kramer Ornamental Garden Model (FSP) const N = 4 range T = 0..N VAR = VAR[0], VAR[u:T] = (read[u] -> VAR[u] | write[v:T] -> VAR[v]). TURNSTILE = (go -> RUN), RUN = (arrive -> INCREMENT | end -> TURNSTILE), INCREMENT = (value.read[x:T] -> value.write[x+1] -> RUN) +{value.write[0]}. ||GARDEN = (east:TURNSTILE || west:TURNSTILE || {east,west,display}::value:VAR) /{ go / {east,west}.go, end / {east,west}.end}. (VAR) ? (TURNSTILE) ? (value:VAR) ? ({east,west,display}::value:VAR) ? (east:TURNSTILE) ?
68
Concurrency: concurrent execution ©Magee/Kramer Checking for Errors - Animation Scenario checking - use animation to produce a trace. Is the model correct? “Never send a human to do a machines job” - Agent Smith (1999)
69
Concurrency: concurrent execution ©Magee/Kramer Checking for Errors - Compose with Error Detector TEST = TEST[0], TEST[v:T] = (when (v TEST[v+1] |when (v TEST[v+1] |end -> CHECK[v]), CHECK[v:T] = (display.value.read[u:T] -> (when (u==v) right -> TEST[v] |when (u!=v) wrong -> ERROR)) +{display.value.write[T]}. Exhaustive checking - compose the model with a TEST process which sums the arrivals and checks against the display value:
70
Concurrency: concurrent execution ©Magee/Kramer Checking for Errors - Exhaustive Analysis ||TESTGARDEN = (GARDEN || TEST). Use LTSA to perform an exhaustive search for ERROR : Trace to property violation in TEST: go east.arrive east.value.read.0 west.arrive west.value.read.0 east.value.write.1 west.value.write.1 end display.value.read.1 wrong LTSA produces the shortest path to reach the ERROR state.
71
Concurrency: concurrent execution ©Magee/Kramer Interference and Mutual Exclusion Interference bugs are extremely difficult to locate. The general solution is: Give methods mutually exclusive access to shared objects. Mutual exclusion can be modelled as atomic actions. Destructive update, caused by the arbitrary interleaving of read and write actions, is termed interference.
72
Concurrency: concurrent execution ©Magee/Kramer 4.2 Mutual Exclusion in Java class SynchronizedCounter extends Counter { SynchronizedCounter(NumberCanvas n) { super(n); } synchronized void increment() { super.increment(); } We correct the Counter class by deriving a class from it and making its increment method synchronized: Concurrent activations of a method in Java can be made mutually exclusive by prefixing the method with the keyword synchronized.
73
Concurrency: concurrent execution ©Magee/Kramer The Garden Class (revisited) If the fixit checkbox is ticked, the go() method creates a SynchronizedCounter: class Garden extends Applet { private void go() { if (!fixit.getState()) counter = new Counter(counterD); else counter = new SynchCounter(counterD); west = new Turnstile(westD,counter); east = new Turnstile(eastD,counter); west.start(); east.start(); }
74
Concurrency: concurrent execution ©Magee/Kramer Mutual Exclusion - The Ornamental Garden Java associates a lock with every object. The Java compiler inserts code to: acquire the lock before executing a synchronized method release the lock after the synchronized method returns. Concurrent threads are blocked until the lock is released.
75
Concurrency: concurrent execution ©Magee/Kramer Java synchronized Statement void increment() { synchronized(counter) { value = value + 1; } display.setvalue(value); } synchronized void increment() { super.increment(); } Synchronized methods: Variant - the synchronized statement : Use synch methods whenever possible. Use synch methods whenever possible. object reference
76
Concurrency: concurrent execution ©Magee/Kramer Java -> Java Bytecode Method void m() >> max_stack=3, max_locals=3 << 0 aload_0 1 dup 2 astore_1 3 monitorenter 4 aload_0 5 dup 6 getfield #2 9 iconst_1 10 iadd 11 putfield #2 14 aload_1 15 monitorexit 16 goto 24 19 astore_2 20 aload_1 21 monitorexit 22 aload_2 23 athrow 24 return Exception table: from to target type 4 16 19 any 19 22 19 any 1 class X { 2 int x; 3 void m() { 4 synchronized(this) { 5 x++; 6 } 7 } 8 } compile
77
Concurrency: concurrent execution ©Magee/Kramer Define a mutual exclusion LOCK process: 4.3 Modeling Mutual Exclusion LOCK = (acq -> rel -> LOCK). TURNSTILE = (go -> RUN), RUN = (arrive -> INCREMENT | end -> TURNSTILE), INCREMENT = (value.acq -> value.read[x:T] -> value.write[x+1] -> value.rel->RUN ) +{value.write[0]} Modify TURNSTILE to acquire and release the lock: ||LOCKVAR = (LOCK || VAR). …and compose it with the shared VAR in the Garden: ||GARDEN = (east:TURNSTILE || west:TURNSTILE || {east,west,display}::value:LOCKVAR)
78
Concurrency: concurrent execution ©Magee/Kramer Revised Ornamental Garden Model - Checking for Errors A sample trace: Use LTSA to perform an exhaustive check: “is TEST satisfied”? go east.arrive east.value.acq east.value.read.0 east.value.write.1 east.value.rel west.arrive west.value.acq west.value.read.1 west.value.write.2 west.value.rel end display.value.read.2 right
79
Concurrency: concurrent execution ©Magee/Kramer Summary Concepts process interference mutual exclusion Models model checking for interference modelling mutual exclusion Practice thread interference in shared Java objects mutual exclusion in Java (synchronized objects/methods).
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.