creol as formal model for distributed concurrent objects
play

Creol as formal model for distributed, concurrent objects Martin - PowerPoint PPT Presentation

Creol as formal model for distributed, concurrent objects Martin Steffen IfI UiO Flacos, Malta 27. November 2008 Structure [0] Creol Distributed Communication in Creol Basic Language Constructs Open semantics and observable interface


  1. Creol as formal model for distributed, concurrent objects Martin Steffen IfI UiO Flacos, Malta 27. November 2008

  2. Structure [0] Creol Distributed Communication in Creol Basic Language Constructs Open semantics and observable interface behavior Dynamic Class Upgrades Lazy behavioral subtyping Subtyping, late binding, and incremental program development Examples Basic idea Conclusion (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 2 / 32

  3. Creol Creol: a concurrent object model • executable oo modelling language concurrent objects • formal semantics in rewriting logics /Maude • strongly typed • method invocations: synchronous or asynchronous • targets open distributed systems • recently: concurrent objects by (first-class) futures/promises • dynamic reprogramming : class definitions may evolve at runtime • the language design should support verification (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 3 / 32

  4. Creol Object-orientation: remote method calls RMI / RPC method call model • Control threads follow call stack o1 o2 • Derived from sequential setting • Hides / ignores distribution! • Tightly synchronized! Creol : call • Show / exploit distribution! evaluate • Asynchronous method calls • more efficient in distributed environments reply • triggers of concurrent activity • Special cases: • Synchronized communication: the caller decides to wait for the reply • Sequential computation: only synchronized computation (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 4 / 32

  5. Creol Distributed Communication in Creol Object Communication in Creol • Objects communicate through method invocations only • Methods organized in classes, seen externally via interfaces • Different ways to invoke a method m • Decided by caller — not at method declaration • Asynchronous invocation: l ! o . m ( In ) • Passive waiting for method result: await l ? • Active waiting for method result: l ?( Out ) • Guarded invocation: l ! o . m ( In ); . . . ; await l ?; l ?( Out ) (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 5 / 32

  6. Creol Basic Language Constructs Language Constructs Syntactic categories. Definitions . l in Label g ::= wait | φ | l ? | g 1 ∧ g 2 g in Guard p ::= o . m | m p in MtdCall S ::= s | s ; S S in ComList s ::= skip | ( S ) | S 1 ✷ S 2 | S 1 | | | S 2 s in Com | x := e | x := new classname ( e ) x in VarList | if φ then S 1 else S 2 fi e in ExprList | ! p ( e ) | l ! p ( e ) | l ?( x ) | p ( e ; x ) m in Mtd | await g | await l ?( x ) | await p ( e ; x ) o in ObjExpr φ in BoolExpr (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 6 / 32

  7. Creol Basic Language Constructs Futures • introduced in the concurrent Multilisp language [7] [2] • originally: transparent concurrency compiler annotation • future e : • evaluated potentially in parallel with the rest ⇒ 2 threads (producer and consumer) • future variable dynamically generated • when evaluated: future identified with value • wait-by-necessity [3] [4] • supported by Oz, Alice, MultiLisp, . . . (shared state concurrency), Io, Joule, E, and most actor languages (Act1/2/3 . . . , ASP), Java (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 7 / 32

  8. Creol Basic Language Constructs Async. method calls and futures call return call claim/get (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 8 / 32

  9. Creol Basic Language Constructs Syntax • o @ l ( � v ) : asynchronous method call, non-blocking • execution: 1. create a “placeholder”/reference to the eventual result: future reference (“label”) 2. initiate execution of method body 3. continue to execute (= non-blocking, asynchronous) e ::= . . . | o @ l ( v , . . . , v ) | claim @( n , o ) | get @ n | . . . (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 9 / 32

  10. � � � � � � � � � � � Creol Basic Language Constructs Claiming a future claim t 2 = v ���� � ���� ���� ���� ���� ���� claim t 2 � = v grab ⊥ release ���� ���� � ���� ���� get t 2 = v (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 10 / 32

  11. Creol Basic Language Constructs Futures and promises • terminology is not so clear • relation to handled futures • promises [9], I-structures [1] ⇒ 2 aspects of future var: write = value of e “stored” to future • read by the clients • • promises : separating the creation of future-reference from attaching code to it 1 • good for delegation 1 as in for async. calls (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 11 / 32

  12. Creol Basic Language Constructs Syntax (promise) • instead of o @ l ( � v ) • split into create a promise 2 1. 2. fulfill the promise = bind code to it. . . . | promise T | bind o . l ( � e ::= v ) : T ֒ → n | . . . 2 or a handle to the future. (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 12 / 32

  13. Creol Basic Language Constructs n ′ � let x : T ′ = promise T in t � � ν ( n : T ′ ) . ( n ′ � let x : T ′ = n in t � ) P ROM . . . n 1 � let x : T = bind o . l ( � v ) : T 2 ֒ → n 2 in t 1 � τ − → . . . n 1 � let x : T = n 2 in t 1 � B IND i � ( n 2 � let x : T 2 = grab ( o ); M . l ( o )( � v ) in release ( o ); x � ) (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 13 / 32

  14. Open semantics and observable interface behavior Interface description: Task • characterize possible interface behavior • possible = adhering to the restriction of the language well-typed • • basis of a trace logic / interface description • abstraction process: t ⇒ ´ • not C = C ? • rather: consider C in a context / environment t ´ C � ´ C � E = ⇒ E ¯ t for some environment E ⇒ open semantics t ⇒ ´ ∆ ⊢ C : ´ ∆ ⊢ C : Θ = Θ • assumptions ∆ abstracts environments E (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 14 / 32

  15. Open semantics and observable interface behavior One step further: legal traces • open sesmantics t ⇒ ´ ∆ ⊢ C : ´ ∆ ⊢ C : Θ = Θ abstracts the environment • existential abstraction of component, as well: • characterization of principally possible interface behavior t C � ´ ´ C � E = ⇒ E ¯ t for some component C + some environment E ⇒ legal trace ∆ ⊢ t : trace :: Θ (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 15 / 32

  16. Open semantics and observable interface behavior Behavioral interface description • type system for futures, especially resource aware (linear) type system for promises • standard soundness results (subject reduction, . . . ) • formulation of an open semantics plus characterization of possible interface behavior by abstracting the environment • soundness of the abstractions • basis for testing Creol objects/components (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 16 / 32

  17. Dynamic Class Upgrades Dynamic Classes in Creol • Dynamic classes: modular OO upgrade mechanism • asynchronous upgrades propagate B through the dist. system A • Modify class definitions at runtime • Class upgrade affects: Network • All future instances of the class and its subclasses E C • All existing instances of the class D and its subclasses (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 17 / 32

  18. Dynamic Class Upgrades A Dynamic Class Mechanism General case: Modify a class in a class hierarchy Type correctness: Method binding should still succeed! • Attributes may be added (no restrictions) • Methods may be added (no restrictions) • Methods may be redefined (subtyping discipline) • Superclasses may be added • Formal class parameters may not be modified Theorem. Dynamic class extensions are type-safe in Creol’s type system! (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 18 / 32

  19. Dynamic Class Upgrades Example of a Class Upgrade: The Good Bank Customer (1) --- Version 1 class BankAccount implements Account begin var bal : Int = 0 with Any op deposit ( in sum : Nat) == bal := bal + sum op transfer ( in sum : Nat, acc : Account ) == await bal ≥ sum ; bal := bal − sum; acc.deposit(sum) end upgrade class BankAccount begin var overdraft : Nat = 0 with Any op transfer ( in sum : Nat, acc : Account) == await bal ≥ (sum − overdraft); bal := bal − sum; acc.deposit(sum) with Banker op overdraft_open ( in max : Nat) == overdraft := max end (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 19 / 32

  20. Dynamic Class Upgrades Example of a Class Upgrade: The Good Bank Customer (2) --- Version 2 class BankAccount implements Account begin var bal : Int = 0, overdraft : Nat = 0 with Any op deposit ( in sum : Nat) == bal := bal + sum op transfer ( in sum : Nat, acc : Account) == await bal ≥ (sum − overdraft); bal := bal − sum; acc.deposit(sum) with Banker op overdraft_open ( in max : Nat) == overdraft := max end (Flacos’08) Creol as formal model for distributed, concurrent objects 2008 20 / 32

Recommend


More recommend