Lock Analysis for an Asynchronous Object Calculus Elena Giachino Tudor A. Lascu Focus INRIA - Universit` a di Bologna 19 September 2012 http://www.hats-project.eu Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 0 / 25
programme ◮ define a calculus for objects interacting asynchronously Featherweight Java with futures ( FJf ) ◮ introduce contracts (behavioural types) ⇒ lock analysis for FJf ◮ natural extensions to FJf − → FJf + ◮ design framework evolution for lock analysis of FJf + Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 1 / 25
the world as we see it ◮ objects execute concurrently ◮ an object’s activity ↔ set of tasks ◮ one lock per object – one active task per object ◮ asynchronous interaction Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 2 / 25
scenarios o1 o2 o3 T2 T5 T1 T3 T6 T2 T4 Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 3 / 25
scenarios o1 o2 o3 T2 T5 T1 T3 T6 T2 T4 circularity = dangerous configuration Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 4 / 25
language FJf ◮ based on Featherweight Java ( FJ ) e ::= x | e . f | new C (¯ e ) | e ; e | e!m (¯ e ) | e . get | e . await T ::= C | Fut ( T ) e!m (¯ e ) method invocation is asynchronous retrieve result, keeping lock e.get ◮ features wait for result, releasing lock e.await explicit future type Fut(T) Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 5 / 25
type future a variable X with type Fut(T) is: ◮ a placeholder for a value of type T that will be available (when its computation ends) X = e!m(); ◮ used as a (future) reference to retrieve the actual value when ready return X.get ; ◮ typically used in calculi with asynchronous method calls Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 6 / 25
analysis’ idea ◮ collect object name dependencies in a program ◮ by means of contracts (behavioural types) ◮ (automagically) through type-inference ◮ look for circularities Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 7 / 25
method contracts type inference methods − − − − − − − − → contracts class C { C m() { return new C ; } C r(C x) { return x!m().get ; } } Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 8 / 25
method contracts type inference methods − − − − − − − − → contracts class C { a [ ] ( ) { O } b [ ] C m() { return new C ; } a [ ] ( b [ ]) { C . m b [ ] ( ) . ( a , b ) } d [ ] C r(C x) { return x!m().get ; } } Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 9 / 25
method contracts - structure a [ ] ( b [ ]) { C . m b [ ] ( ) . ( a , b ) } d [ ] s ) { ❝ } r ′ r (¯ r ′ ( ¯ ) { } r s ❝ ���� ���� ���� ���� object record parameter record contract body returned record Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 10 / 25
future records ◮ (made of) object names ◮ used to (statically) track objects in a program a fresh name for every new ◮ grammar r ::= X variable a [¯ f : ¯ r ] object’s structure a � r access to r granted through a Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 11 / 25
more method contracts class A { Object f ; A m() { return new A(this.f) ; } Fut(A) n(A x) { return x!m() ; } A r(A x) { return x!m().await.get ; } } Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 12 / 25
more method contracts class A { Object f ; a [ f : b ] ( ) { O } a ′ [ f : b ] A m() { return new A(this.f) ; } a [ f : X ] ( a ′ [ f : Y ]) { A . m a ′ [ f : Y ]( ) } a ′ [ f : Y ] � a ′′ [ f : Y ] Fut(A) n(A x) { return x!m() ; } a [ f : X ] ( a ′ [ f : Y ]) { A . m a ′ [ f : Y ]( ) . ( a , a ′ ) a } a ′′ [ f : Y ] A r(A x) { return x!m().await.get ; } } Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 13 / 25
expression contracts 1 ◮ core of a method contract → contract body ◮ contains contract associated to expression in method’s body ◮ keeps info on object dependencies ❝ ::= O no info C . m r (¯ s ) method C . m invoked on r with parameters ¯ s s ) . C . m r (¯ ( a , b ) ” plus get operation on result s ) . C . m r (¯ ( a , b ) a ” plus await operation on result ( a , b ) get operation on a field ( a , b ) a await operation on a field sequential composition ❝ � ❝ Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 14 / 25
expression contracts 2 class C { a [ ] ( ) { O } b [ ] C m() { return new C ; } a [ ] ( b [ ]) { C . m b [ ] ( ) . ( a , b ) } d [ ] C r(C x) { return x!m().get ; } } Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 15 / 25
lock analysis for FJf compose ◮ extracted contracts − − − − − → automaton ◮ states are sets of dependencies ◮ transitions model how are dependencies activated and discarded ◮ circularity ⇒ possible dead (or live-)lock (b, a) (a, b) (a, c) lock-free (b, a) (a, b) (a, c) (c, b) potential misbehaviour Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 16 / 25
extensions - FJf + ◮ FJf is a functional language (just as FJ ) (fields only initialized, by constructor) ◮ let’s introduce notion of state by field update ◮ add this . f = e to the syntax of expressions can we adjust previous framework? Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 17 / 25
extensions - intuition ◮ consider x!m(); x!n() where • m() does this.f = e1 • n() does this.f = e2 ◮ no way to know order in which updates take place ◮ static analysis ⇒ keep track of all different possibilities ⇒ future records must contain sets of names r ::= X | a [¯ f : ¯ r ] | a � r old syntax A [¯ r ::= X | f : ¯ r ] | A � r new syntax Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 18 / 25
extensions - side effects 1 now: possible to write pure livelocks ( await -only circularities) o1 o2 t1 t2 before: await -only circularities were non-problematic (by construction) o1 o2 t1 t2 t3 Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 19 / 25
extensions - side effects 2 ◮ essential to distinguish good from bad circularities ◮ need to introduce also names for tasks → dependencies btw. tasks ֒ ◮ create a new task name for every method invocation ◮ future record of invocation tagged by associated task: A � t s ◮ states of the automaton contain also dependencies btw. tasks ( t , t ′ ) Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 20 / 25
extensions - new vs. old judgement the type system must also be tuned . . . old style: Γ ⊢ a e : ( T , r ) , ❝ where: ◮ Γ → environment ◮ a → name of the object this ◮ e → FJf expression ◮ T → expression e ’s (class or future) type ◮ r → expression e ’s future record ◮ ❝ → expression e ’s contract updated version: Γ ⊢ t a e : ( T , r ) , ❝ Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 21 / 25
typing get expressions old rule: Γ ⊢ a e : ( Fut ( T ) , a ′ � s ) , ❝ Γ ⊢ a e . get : ( T , s ) , ❝ ≬ ( a , a ′ ) new rule: Γ ⊢ t a e : ( Fut ( T ) , A � t ′ s ) , ❝ a e . get : ( T , s ) , ❝ ≬ ( t , t ′ ) ≬ ( a , a i ) ∀ a i ∈ A Γ ⊢ t Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 22 / 25
conclusions ◮ start from ABS language (programming lang. developed @HATS project (7 th FP) - Highly Adaptable and Trustworthy Software using Formal Models) ◮ extract core (functional) fragment → FJf (ref. Deadlock and Livelock Analysis in Concurrent Objects with Futures (MSCS’11) - Giachino, Laneve & Lascu) ◮ develop contracts for lock analysis of FJf (ref. same as above) ◮ extend language → FJf + ◮ ideas to adapt framework to FJf + Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 23 / 25
future work ◮ improve analysis’ precision (infinite names dealt with finite approximants) ◮ proof of concept prototype (under construction) ◮ fix analysis’ details with addition of tasks ◮ introduce null value ⇒ circular lists + recursive records ?? ◮ extend analysis to (full) ABS language Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 24 / 25
thanks! Elena Giachino Tudor A. Lascu Lock Analysis for an Asynchronous Object Calculus 19/09/’12 25 / 25
Recommend
More recommend
![Decoupling Lock-Free Data Structures from Memory Reclamation for Static Analysis [POPL'19]](https://c.sambuz.com/795309/decoupling-lock-free-data-structures-from-memory-s.jpg)
