1 / 42

Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer

Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer. Lecture 2: an overview of SCOOP. put ( b : [ G ] ; v : G ) -- Store v into b . require not b . is_full do … ensure not b . is_empty end. put. my_queue : [ T ] … if not my_queue . is_full then

lydie
Download Presentation

Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 2: an overview of SCOOP

  2. put (b: [G ] ; v: G) -- Storevintob. require not b.is_full do … ensure notb.is_empty end put my_queue:[T ] … if not my_queue.is_full then put (my_queue, t) end QUEUE BUFFER item, remove QUEUE BUFFER

  3. The issue • Concurrency everywhere: • Multithreading • Multitasking • Networking, Web services, Internet • Multicore Can we bring concurrent programmingto the same levelof abstraction and convenienceas sequential programming?

  4. Previous advances in programming “Object technology” “Structured programming”   Use higher-level abstractions   Helps avoid bugs   Transfers tasks to implementation  Lets you do stuff you couldn’t before NO NO  Removes restrictions   Adds restrictions   Has well-understood math basis   Doesn’t require understanding that basis   Permits less operational reasoning

  5. Then and now • Sequential programming: • Used to be messy • Still hard but key improvements: • Structured programming • Data abstraction & object technology • Design by Contract • Genericity, multiple inheritance • Architectural techniques Concurrent programming: Used to be messy Still messy Example: threading models in most popular approaches Development level: sixties/seventies Only understandable through operational reasoning

  6. The chasm • Theoretical models, process calculi… Elegant theoretical basis, but • Little connection with practice (some exceptions, e.g. BPEL) • Handle concurrency aspects only • Practice of concurrent & multithreaded programming • Little influenced by above • Low-level, e.g. semaphores • Poorly connected with rest of programming model

  7. Wrong (in my opinion) assumptions • “Objects are naturally concurrent” (Milner) • Many attempts, often based on “Active objects” (a self-contradictory notion) • Lead to artificial issue of “Inheritance anomaly” • “Concurrency is the basic scheme, sequential programming a special case ” (many) • Correct in principle, but in practice we understand sequential best

  8. SCOOP mechanism • Simple Concurrent Object-Oriented Programming • Evolved through last decade; CACM (1993) and chap. 32 of Object-Oriented Software Construction, 2nd edition, 1997 • Implemented at ETH, ongoing integration into EiffelStudio • Current state is described in Piotr Nienaltowski’s 2007 ETH PhD dissertation

  9. Dining philosophers • class PHILOSOPHERinherit • PROCESS • rename • setupasgetup • redefinestep end • feature {BUTLER} • step • do • think ;eat (left, right) • end • eat (l, r: separateFORK) • -- Eat, having grabbed land r. • do … end • end

  10. Typical traditional code

  11. Actions Object-oriented computation • To perform a computation is • To apply certainactions • To certainobjects • Using certainprocessors Objects Processor

  12. Actions Processor What makes an application concurrent? • Processor:Thread of control supporting sequential execution of instructions on one or more objects • Can be implemented as: • Computer CPU • Process • Thread • AppDomain (.NET) … • Will be mapped to computational resources Objects

  13. put (b: [G ] ; v: G) -- Storevintob. require not b.is_full do … ensure notb.is_empty end put my_queue:[T ] … if not my_queue.is_full then put (my_queue, t) end BUFFER item, remove BUFFER

  14. Reasoning about objects: sequential • {INV andPrer}bodyr {INV andPostr} • ___________________________________ • {Prer’ } x.r (a) {Postr’ } Priming represents actual-formal argument substitution Onlynproofsifnexported routines!

  15. In a concurrent context • Onlynproofsifnexported routines? • {INV andPrer}bodyr {INV andPostr} • ___________________________________ • {Prer’} x.r (a) {Postr’} Client 3 Client 2 Client 1 r3 r2 r1 No overlapping!

  16. SCOOP rules • One processor per object: “handler” • At most one feature (operation) active on an object at any time

  17. x.r (a) Feature call: sequential Client Supplier previous x.r (a) next r (x : A) do … end Processor

  18. Feature call: asynchronous Client Supplier previous x.r (a) next r (x : A) do … end Supplier’s handler Client’s handler

  19. The fundamental difference • To wait or not to wait: • If same processor, synchronous • If different processor, asynchronous • Difference must be captured by syntax: • x: X • x:separateX -- potentially different processor • Fundamental semantic rule: x.r (a) waits for non-separate x, doesn’t wait for separate x.

  20. Consistency rules: avoiding traitors nonsep: T sep:separateT nonsep := sep nonsep.p (a) Traitor!

  21. Trusting what you read • my_stack:separateSTACK [T] • … • my_stack.push (a) • … Instructions not affecting the stack… • y := my_stack.top

  22. Access control policy • Require target of separate call to be formal argument of enclosing routine: • push (stack:separate STACK [T]; value: T) • -- Addvalueon top ofstack. • do • stack.push (value) • end

  23. Access control policy • Target of a separate call must be formal argument of enclosing routine: • put (buffer :separateBUFFER [T]; value : T) • -- Storevalueintobuffer. • do • buffer.put (value) • end • To use separate object: • my_buffer:separateBUFFER [INTEGER] • createmy_buffer • put (my_buffer, 10)

  24. Separate argument rule The target of a separate call must be an argument of the enclosing routine Separate call: x.f (...) where x is separate

  25. Wait rule A routine call with separate arguments will execute when all corresponding processors are available and hold them exclusivelyfor the duration of the routine

  26. Dining philosophers • class PHILOSOPHERinherit • PROCESS • rename • setupasgetup • redefinestep end • feature {BUTLER} • step • do • think ;eat (left, right) • end • eat (l, r: separateFORK) • -- Eat, having grabbed land r. • do … end • end

  27. Resynchronization • No explicit mechanism needed for client to resynchronize with supplier after separate call. • The client will wait only when it needs to: x.f x.g (a) y.f … value := x.some_query • Lazy wait (Denis Caromel, wait by necessity) Wait here!

  28. Contracts put (buf : BUFFER [INTEGER ] ; v : INTEGER) -- Storevinto buffer. require not buf.is_full v > 0 do buf.put (v) ensure notbuf.is_empty end ... put (my_buffer, 10 )

  29. put (b: [G ] ; v: G) -- Storevintob. require not b.is_full do … ensure notb.is_empty end put my_queue:[T ] … ifnot my_queue.is_full then put (my_queue, t) end BUFFER item, remove BUFFER

  30. Contracts put (buf : BUFFER [INTEGER ] ; v : INTEGER) -- Storevinto buffer. require not buf.is_full v > 0 do buf.put (v) ensure notbuf.is_empty end ... put (my_buffer, 10 ) Precondition becomes wait condition

  31. Full synchronization rule • A call with separate arguments waits until: • The corresponding objects are all available • Preconditions hold x.f (a) where a is separate

  32. Which semantics applies? put (buf:separateBUFFER [INTEGER]; i :INTEGER) require notbuf.is_full i > 0 do buf.put(i) end Wait condition Correctness condition my_buffer:separateBUFFER[INTEGER] put (my_buffer, 10)

  33. Generalized semantics of preconditions Sequentiality is a special case of concurrency. Wait semantics always applies. Wait semantics boils down to correctness semantics for non-separate preconditions. Smart compiler can detect some cases Other cases detected at run time Distinction between controlled and uncontrolled rather than separate and non-separate.

  34. What about postconditions? zurich, palaiseau :separate LOCATION spawn_two_activities (loc1, loc2:separateLOCATION) do loc1.do_job loc2.do_job ensure loc1.is_ready loc2.is_ready end spawn_two_activities(zurich, palo_alto) do_local_stuff get_result (zurich) Should we wait for zurich.is_ready?

  35. Reasoning about objects: sequential • {INV andPrer}bodyr {INV andPostr} • ___________________________________ • {Prer’ } x.r (a) {Postr’ } Onlynproofsifnexported routines!

  36. Refined proof rule (partial correctness) • {INVPrer (x)}bodyr {INVPostr (x)} {Prer (acont)} e.r (a) {Postr (acont)} • Hoare-style sequential reasoning • Controlled expressions (known statically as part of the type system) are: • Attached (statically known to be non-void) • Handled by processor locked in current context

  37. Elevator example architecture Client Inheritance For maximal concurrency, all objects are separate

  38. Other aspects • What if a separate call, e.g. in • r (a : separate T) • do • a.f • a.g • a.h • end • causes an exception?

  39. Implementation: two-level architecture • Adaptable to many environments • Currently implemented for native Windows (using POSIX threads) and .NET SCOOPLI platform-independent .NET Threading POSIX threads …

  40. Status • All of SCOOP except exceptions and duels implemented • Preprocessor and library available for download • Numerous examples available for download • se.ethz.ch/research/scoop.html

  41. Current developments • Implementation: integrating into EiffelStudio • Performance evaluation • Theory: • Deadlock prevention and detection • Less restrictive model (see STM) • Transactions • Full-fledged semantics • Distributed SCOOP, Web Services

  42. Why SCOOP? • Simple (one new keyword) yet powerful • Easier and safer than common concurrent techniques, e.g. Java Threads • Full concurrency support • Full use of O-O and Design by Contract • Retains ordinary thought patterns, modeling power of O-O • Supports wide range of platforms and concurrency architectures • Programmers need to sleep better!

More Related