Quis Custodiet Ipsos Custodes The Java memory model
|
|
|
- Lambert Sanders
- 5 years ago
- Views:
Transcription
1 Quis Custodiet Ipsos Custodes The Java memory model Andreas Lochbihler funded by DFG Ni491/11, Sn11/10 PROGRAMMING PARADIGMS GROUP = Isabelle λ β HOL α 1 KIT 9University Oct 2012 of the Andreas State of Lochbihler: Baden-Wuerttemberg Quis Custodiet andipsos Custodes? PROGRAMMING PARADIGMS GROUP National Research Center of the Helmholtz Association
2 Quis custodiet ipsos custodes? Joana IFC leak Joana: information flow control for Java 2 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
3 Quis custodiet ipsos custodes? Joana IFC leak Joana: information flow control for Java non-interference program slicing control flow graph formal semantics for Java Quis custodiet: verify IFC algorithm λ = Isabelle β HOL α 2 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
4 Quis custodiet ipsos custodes? Joana IFC leak Joana: information flow control for Java non-interference program slicing control flow graph formal semantics for Java Quis custodiet: verify IFC algorithm λ = Isabelle β HOL α How can we include Java concurrency? 2 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
5 The Java memory model (JMM): beyond interleaving semantics initially: x = y = 0; 3 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
6 The Java memory model (JMM): beyond interleaving semantics interleaving semantics initially: x = y = 0; i == 0 i == 1 j == 0 j == Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
7 The Java memory model (JMM): beyond interleaving semantics interleaving semantics initially: x = y = 0; i == 0 i == 1 j == 0 j == Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
8 The Java memory model (JMM): beyond interleaving semantics interleaving semantics initially: x = y = 0; i == 0 i == 1 j == 0 j == Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
9 The Java memory model (JMM): beyond interleaving semantics interleaving semantics initially: x = y = 0; i == 0 i == 1 j == 0 j == Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
10 The Java memory model (JMM): beyond interleaving semantics interleaving semantics initially: x = y = 0; i == 0 i == 1 j == 0 j == 2 X 3 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
11 The Java memory model (JMM): beyond interleaving semantics interleaving semantics initially: x = y = 0; i == 0 i == 1 j == 0 j == 2 X compiler and hardware reorder statements i == 0 i == 1 j == 0 j == Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
12 The Java memory model (JMM): beyond interleaving semantics Java memory model initially: x = y = 0; i == 0 i == 1 j == 0 j == 2 compiler and hardware reorder statements i == 0 i == 1 j == 0 j == Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
13 The Java memory model (JMM): beyond interleaving semantics data races initially: x = y = 0; Java memory model i == 0 i == 1 j == 0 j == 2 compiler and hardware reorder statements i == 0 i == 1 j == 0 j == Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
14 Problems with data races under the JMM 1. Data races allow time travel. public = x; y = secret; x = y; r1 may contain input(). Time-sensitive analyses do not cover that. 4 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
15 Problems with data races under the JMM 1. Data races allow time travel. public = x; y = secret; x = y; r1 may contain input(). Time-sensitive analyses do not cover that. 4 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
16 Problems with data races under the JMM 1. Data races allow time travel. public = x; y = secret; x = y; r1 may contain input(). Time-sensitive analyses do not cover that. 2. Values appear out of thin air. r1 = y; x = r1; initially: x = y = null; b = false; r2 = null; r3 = x; if (b) r2 = new A(); else r3 = new A(); y = r3; r2 and r3 may alias, but typical points-to analyses compute: They never alias. b = true; 4 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
17 Results Unified model of Java and the JMM First formal link between Java and the Java memory model Proofs about the JMM DRF guarantee: Programs without data races behave as if executed under interleaving semantics Most program analyses assume interleaving semantics Sound for DRF programs Type safety: Java s type safety extends to the JMM, even if there are data races. Crucial for CFG construction (no undefined behaviour) 5 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
18 What is a data race? Data race: In an interleaved (sequentially consistent) executions, two accesses (at least one read) to the same non-volatile location that are unrelated in hb 6 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
19 What is a data race? Data race: In an interleaved (sequentially consistent) executions, two accesses (at least one read) to the same non-volatile location that are unrelated in hb Synchronisation via by spawning threads: y = 1; x.start(); initially: x = new Thread(); y = 0; try { x.start(); } catch (IllegalThreadStateException _) { r = y; } 6 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
20 What is a data race? Data race: In an interleaved (sequentially consistent) executions, two accesses (at least one read) to the same non-volatile location that are unrelated in hb Synchronisation via by spawning threads: y = 1; x.start(); initially: x = new Thread(); y = 0; try { x.start(); } catch (IllegalThreadStateException _) { r = y; } data race? 6 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
21 What is a data race? Data race: In an interleaved (sequentially consistent) executions, two accesses (at least one read) to the same non-volatile location that are unrelated in hb Synchronisation via by spawning threads: y = 1; x.start(); initially: x = new Thread(); y = 0; try { x.start(); } catch (IllegalThreadStateException _) { r = y; } intuition: no data race? JMM: yes 6 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
22 What is a data race? Data race: In an interleaved (sequentially consistent) executions, two accesses (at least one read) to the same non-volatile location that are unrelated in hb Synchronisation via by spawning threads: y = 1; x.start(); initially: x = new Thread(); y = 0; try { x.start(); } catch (IllegalThreadStateException _) { r = y; } disallowed synchronisation data race? 6 9 Oct 2012 Andreas Lochbihler: Quis Custodiet Ipsos Custodes? PROGRAMMING PARADIGMS GROUP
A unified machine-checked model for multithreaded Java
A unified machine-checked model for multithreaded Java Andre Lochbihler IPD, PROGRAMMING PARADIGMS GROUP, COMPUTER SCIENCE DEPARTMENT KIT - University of the State of Baden-Wuerttemberg and National Research
Verifying a Compiler for Java Threads
Verifying a Compiler for Java Threads Andreas Lochbihler IPD, PROGRAMMING PARADIGMS GROUP, COMPUTER SCIENCE DEPARTMENT KIT - University of the State of aden-wuerttemberg and National Research Center of
Mechanising a type-safe model of multithreaded Java with a verified compiler
Mechanising a type-safe model of multithreaded Java with a verified compiler Andreas Lochbihler Digital Asset (Switzerland) GmbH Andreas Lochbihler 2 = Isabelle λ β HOL α Andreas Lochbihler 3 Timeline
The Java Memory Model
Jeremy Manson 1, William Pugh 1, and Sarita Adve 2 1 University of Maryland 2 University of Illinois at Urbana-Champaign Presented by John Fisher-Ogden November 22, 2005 Outline Introduction Sequential
The Java Memory Model
The Java Memory Model Presented by: Aaron Tomb April 10, 2007 1 Introduction 1.1 Memory Models As multithreaded programming and multiprocessor systems gain popularity, it is becoming crucial to define
Speeding up context-, object- and field-sensitive SDG generation
Speeding up context-, object- and field-sensitive SDG generation Jürgen Graf IPD, PROGRAMMING PARADIGMS GROUP, COMPUTER SCIENCE DEPARTMENT KIT - University of the State of Baden-Wuerttemberg and National
Lock-sensitive Interference Analysis for Java: Combining Program Dependence Graphs with Dynamic Pushdown Networks
Lock-sensitive Interference Analysis for Java: Combining Program Dependence Graphs with Dynamic Pushdown Networks Jürgen Graf 1, Martin Hecker 1, Martin Mohr 1, and Benedikt Nordhoff 2 1 Karlsruhe Institute
Safe Optimisations for Shared-Memory Concurrent Programs. Tomer Raz
Safe Optimisations for Shared-Memory Concurrent Programs Tomer Raz Plan Motivation Transformations Semantic Transformations Safety of Transformations Syntactic Transformations 2 Motivation We prove that
Java Memory Model. Jian Cao. Department of Electrical and Computer Engineering Rice University. Sep 22, 2016
Java Memory Model Jian Cao Department of Electrical and Computer Engineering Rice University Sep 22, 2016 Content Introduction Java synchronization mechanism Double-checked locking Out-of-Thin-Air violation
X-Rays, not Passport Checks Information Flow Control Using JOANA
X-Rays, not Passport Checks Information Flow Control Using JOANA Gregor Snelting Presentation at SAP, 14.5.2014 KIT Universita t des Landes Baden-Wu rttemberg und nationales Großforschungszentrum in der
Multicore Programming Java Memory Model
p. 1 Multicore Programming Java Memory Model Peter Sewell Jaroslav Ševčík Tim Harris University of Cambridge MSR with thanks to Francesco Zappa Nardelli, Susmit Sarkar, Tom Ridge, Scott Owens, Magnus O.
Relaxed Memory: The Specification Design Space
Relaxed Memory: The Specification Design Space Mark Batty University of Cambridge Fortran meeting, Delft, 25 June 2013 1 An ideal specification Unambiguous Easy to understand Sound w.r.t. experimentally
The Java Memory Model
The Java Memory Model The meaning of concurrency in Java Bartosz Milewski Plan of the talk Motivating example Sequential consistency Data races The DRF guarantee Causality Out-of-thin-air guarantee Implementation
Advanced MEIC. (Lesson #18)
Advanced Programming @ MEIC (Lesson #18) Last class Data races Java Memory Model No out-of-thin-air values Data-race free programs behave as expected Today Finish with the Java Memory Model Introduction
Foundations of the C++ Concurrency Memory Model
Foundations of the C++ Concurrency Memory Model John Mellor-Crummey and Karthik Murthy Department of Computer Science Rice University johnmc@rice.edu COMP 522 27 September 2016 Before C++ Memory Model
An introduction to weak memory consistency and the out-of-thin-air problem
An introduction to weak memory consistency and the out-of-thin-air problem Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) CONCUR, 7 September 2017 Sequential consistency 2 Sequential
Reasoning about the C/C++ weak memory model
Reasoning about the C/C++ weak memory model Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) 13 October 2014 Talk outline I. Introduction Weak memory models The C11 concurrency model
Program logics for relaxed consistency
Program logics for relaxed consistency UPMARC Summer School 2014 Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) 1st Lecture, 28 July 2014 Outline Part I. Weak memory models 1. Intro
11/19/2013. Imperative programs
if (flag) 1 2 From my perspective, parallelism is the biggest challenge since high level programming languages. It s the biggest thing in 50 years because industry is betting its future that parallel programming
Threads and Java Memory Model
Threads and Java Memory Model Oleg Šelajev @shelajev oleg@zeroturnaround.com October 6, 2014 Agenda Threads Basic synchronization Java Memory Model Concurrency Concurrency - several computations are executing
Taming release-acquire consistency
Taming release-acquire consistency Ori Lahav Nick Giannarakis Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) POPL 2016 Weak memory models Weak memory models provide formal sound semantics
Theoretical Corner: The Non-Interference Property
Theoretical Corner: The Non-Interference Property Marwan Burelle marwan.burelle@lse.epita.fr http://wiki-prog.infoprepa.epita.fr Outline 1 Introduction 2 Theory And Security Models And Policies Non-Interference
Weak Memory Models: an Operational Theory
Opening Weak Memory Models: an Operational Theory INRIA Sophia Antipolis 9th June 2008 Background on weak memory models Memory models, what are they good for? Hardware optimizations Contract between hardware
Timing Analysis of Parallel Software Using Abstract Execution
Timing Analysis of Parallel Software Using Abstract Execution Björn Lisper School of Innovation, Design, and Engineering Mälardalen University bjorn.lisper@mdh.se 2014-09-10 EACO Workshop 2014 Motivation
RELAXED CONSISTENCY 1
RELAXED CONSISTENCY 1 RELAXED CONSISTENCY Relaxed Consistency is a catch-all term for any MCM weaker than TSO GPUs have relaxed consistency (probably) 2 XC AXIOMS TABLE 5.5: XC Ordering Rules. An X Denotes
Formalising Java s Data Race Free Guarantee
Formalising Java s Data Race Free Guarantee David Aspinall and Jaroslav Ševčík LFCS, School of Informatics, University of Edinburgh Abstract. We formalise the data race free (DRF) guarantee provided by
Program Transformations in Weak Memory Models
Program Transformations in Weak Memory Models Jaroslav Ševčík Doctor of Philosophy Laboratory for Foundations of Computer Science School of Informatics University of Edinburgh 2008 Abstract We analyse
The Java Memory Model
The Java Memory Model What is it and why would I want one? Jörg Domaschka. ART Group, Institute for Distributed Systems Ulm University, Germany December 14, 2009 public class WhatDoIPrint{ static int x
Security for Multithreaded Programs under Cooperative Scheduling
Security for Multithreaded Programs under Cooperative Scheduling Alejandro Russo and Andrei Sabelfeld Dept. of Computer Science and Engineering, Chalmers University of Technology 412 96 Göteborg, Sweden,
Motivation & examples Threads, shared memory, & synchronization
1 Motivation & examples Threads, shared memory, & synchronization How do locks work? Data races (a lower level property) How do data race detectors work? Atomicity (a higher level property) Concurrency
The Java Memory Model: a Formal Explanation 1
The Java Memory Model: a Formal Explanation 1 M. Huisman 2 G. Petri 3 INRIA Sophia Antipolis, France Abstract This paper discusses the new Java Memory Model (JMM), introduced for Java 1.5. The JMM specifies
C++ Memory Model. Don t believe everything you read (from shared memory)
C++ Memory Model Don t believe everything you read (from shared memory) The Plan Why multithreading is hard Warm-up example Sequential Consistency Races and fences The happens-before relation The DRF guarantee
Hoare logic. A proof system for separation logic. Introduction. Separation logic
Introduction Hoare logic Lecture 6: Examples in separation logic In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing separation logic.
CSE 160 Lecture 7. C++11 threads C++11 memory model
CSE 160 Lecture 7 C++11 threads C++11 memory model Today s lecture C++ threads The C++11 Memory model 2013 Scott B. Baden / CSE 160 / Winter 2013 2 C++11 Threads Via , C++ supports a threading
High-Level Small-Step Operational Semantics for Software Transactions
High-Level Small-Step Operational Semantics for Software Transactions Katherine F. Moore Dan Grossman The University of Washington Motivating Our Approach Operational Semantics Model key programming-language
CSE 403: Software Engineering, Fall courses.cs.washington.edu/courses/cse403/16au/ Static Analysis. Emina Torlak
CSE 403: Software Engineering, Fall 2016 courses.cs.washington.edu/courses/cse403/16au/ Static Analysis Emina Torlak emina@cs.washington.edu Outline What is static analysis? How does it work? Free and
Static Analysis of Embedded C Code
Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider Relevant features of C code for MCUs Interrupt-driven concurrency Direct hardware access Whole program
7/6/2015. Motivation & examples Threads, shared memory, & synchronization. Imperative programs
Motivation & examples Threads, shared memory, & synchronization How do locks work? Data races (a lower level property) How do data race detectors work? Atomicity (a higher level property) Concurrency exceptions
Parallel Computer Architecture Spring Memory Consistency. Nikos Bellas
Parallel Computer Architecture Spring 2018 Memory Consistency Nikos Bellas Computer and Communications Engineering Department University of Thessaly Parallel Computer Architecture 1 Coherence vs Consistency
Static Detection of Access Anomalies in Ada95
Static Detection of Access Anomalies in Ada95 Bernd Burgstaller, University of Sydney Johann Blieberger, Vienna University of Technology Robert Mittermayr, ARC Seibersdorf research GmbH Static Detection
High-level languages
High-level languages High-level languages are not immune to these problems. Actually, the situation is even worse: the source language typically operates over mixed-size values (multi-word and bitfield);
Formalization of Incremental Simplex Algorithm by Stepwise Refinement
Formalization of Incremental Simplex Algorithm by Stepwise Refinement Mirko Spasić, Filip Marić Faculty of Mathematics, University of Belgrade FM2012, 30. August 2012. Overview 1 Introduction 2 Approach
More Lambda Calculus and Intro to Type Systems
More Lambda Calculus and Intro to Type Systems Plan Heavy Class Participation Thus, wake up! Lambda Calculus How is it related to real life? Encodings Fixed points Type Systems Overview Static, Dyamic
Language- Level Memory Models
Language- Level Memory Models A Bit of History Here is a new JMM [5]! 2000 Meyers & Alexandrescu DCL is not portable in C++ [3]. Manson et. al New shiny C++ memory model 2004 2008 2012 2002 2006 2010 2014
The C/C++ Memory Model: Overview and Formalization
The C/C++ Memory Model: Overview and Formalization Mark Batty Jasmin Blanchette Scott Owens Susmit Sarkar Peter Sewell Tjark Weber Verification of Concurrent C Programs C11 / C++11 In 2011, new versions
Fully Automatic and Precise Detection of Thread Safety Violations
Fully Automatic and Precise Detection of Thread Safety Violations Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation Thread-safe classes: Building blocks for concurrent
Review of last lecture. Peer Quiz. DPHPC Overview. Goals of this lecture. Lock-based queue
Review of last lecture Design of Parallel and High-Performance Computing Fall 2016 Lecture: Linearizability Motivational video: https://www.youtube.com/watch?v=qx2driqxnbs Instructor: Torsten Hoefler &
Simple and Efficient Construction of Static Single Assignment Form
Simple and Efficient Construction of Static Single Assignment Form saarland university Matthias Braun, Sebastian Buchwald, Sebastian Hack, Roland Leißa, Christoph Mallon and Andreas Zwinkau computer science
Weak memory models. Mai Thuong Tran. PMA Group, University of Oslo, Norway. 31 Oct. 2014
Weak memory models Mai Thuong Tran PMA Group, University of Oslo, Norway 31 Oct. 2014 Overview 1 Introduction Hardware architectures Compiler optimizations Sequential consistency 2 Weak memory models TSO
Safe Reactive Programming: the FunLoft Proposal
Safe Reactive Programming: the FunLoft Proposal Frédéric Boussinot MIMOSA Project, Inria Sophia-Antipolis (Joint work with Frédéric Dabrowski) http://www.inria.fr/mimosa/rp With support from ALIDECS SYNCHRON
Formal methods for software security
Formal methods for software security Thomas Jensen, INRIA Forum "Méthodes formelles" Toulouse, 31 January 2017 Formal methods for software security Formal methods for software security Confidentiality
Efficient Processor Support for DRFx, a Memory Model with Exceptions
Efficient Processor Support for DRFx, a Memory Model with Exceptions Abhayendra Singh Daniel Marino Satish Narayanasamy Todd Millstein Madanlal Musuvathi University of Michigan, Ann Arbor University of
Review of last lecture. Goals of this lecture. DPHPC Overview. Lock-based queue. Lock-based queue
Review of last lecture Design of Parallel and High-Performance Computing Fall 2013 Lecture: Linearizability Instructor: Torsten Hoefler & Markus Püschel TA: Timo Schneider Cache-coherence is not enough!
Pre- and post- CS protocols. CS 361 Concurrent programming Drexel University Fall 2004 Lecture 7. Other requirements for a mutual exclusion algorithm
CS 361 Concurrent programming Drexel University Fall 2004 Lecture 7 Bruce Char and Vera Zaychik. All rights reserved by the author. Permission is given to students enrolled in CS361 Fall 2004 to reproduce
Coherence and Consistency
Coherence and Consistency 30 The Meaning of Programs An ISA is a programming language To be useful, programs written in it must have meaning or semantics Any sequence of instructions must have a meaning.
Thread Synchronization: Too Much Milk
Thread Synchronization: Too Much Milk 1 Implementing Critical Sections in Software Hard The following example will demonstrate the difficulty of providing mutual exclusion with memory reads and writes
CSE 307: Principles of Programming Languages
1 / 18 CSE 307: Principles of Programming Languages Statements and Control Flow R. Sekar 2 / 18 Topics If-Then-Else 1. If-Then-Else 3 / 18 Control Statements Structured Control Statements: Case Statements:
EECS 570 Lecture 13. Directory & Optimizations. Winter 2018 Prof. Satish Narayanasamy
Directory & Optimizations Winter 2018 Prof. Satish Narayanasamy http://www.eecs.umich.edu/courses/eecs570/ Slides developed in part by Profs. Adve, Falsafi, Hill, Lebeck, Martin, Narayanasamy, Nowatzyk,
JSR-133: Java TM Memory Model and Thread Specification
JSR-133: Java TM Memory Model and Thread Specification Proposed Final Draft April 12, 2004, 6:15pm This document is the proposed final draft version of the JSR-133 specification, the Java Memory Model
Simply-Typed Lambda Calculus
#1 Simply-Typed Lambda Calculus #2 Back to School What is operational semantics? When would you use contextual (small-step) semantics? What is denotational semantics? What is axiomatic semantics? What
On-the-Fly Data Race Detection in MPI One-Sided Communication
On-the-Fly Data Race Detection in MPI One-Sided Communication Presentation Master Thesis Simon Schwitanski (schwitanski@itc.rwth-aachen.de) Joachim Protze (protze@itc.rwth-aachen.de) Prof. Dr. Matthias
Formal Verification Techniques for GPU Kernels Lecture 1
École de Recherche: Semantics and Tools for Low-Level Concurrent Programming ENS Lyon Formal Verification Techniques for GPU Kernels Lecture 1 Alastair Donaldson Imperial College London www.doc.ic.ac.uk/~afd
Formalising FinFuns Generating Code for Functions as Data from Isabelle/HOL
Formalising FinFuns Generating Code for Functions as Data from Isabelle/HOL Andreas Lochbihler Universität Karlsruhe (TH) 17.8.2009, TPHOLs 2009 Motivation I Quickcheck Andreas Lochbihler (Univ. Karlsruhe
Reinhard v. Hanxleden 1, Michael Mendler 2, J. Aguado 2, Björn Duderstadt 1, Insa Fuhrmann 1, Christian Motika 1, Stephen Mercer 3 and Owen Brian 3
Sequentially Constructive Concurrency * A conservative extension of the Synchronous Model of Computation Reinhard v. Hanxleden, Michael Mendler 2, J. Aguado 2, Björn Duderstadt, Insa Fuhrmann, Christian
From IMP to Java. Andreas Lochbihler. parts based on work by Gerwin Klein and Tobias Nipkow ETH Zurich
From IMP to Java Andreas Lochbihler ETH Zurich parts based on work by Gerwin Klein and Tobias Nipkow 2015-07-14 1 Subtyping 2 Objects and Inheritance 3 Multithreading 1 Subtyping 2 Objects and Inheritance
More Lambda Calculus and Intro to Type Systems
#1 More Lambda Calculus and Intro to Type Systems #2 Plan Heavy Class Participation Thus, wake up! (not actually kidding) Lambda Calculus How is it related to real life? Encodings Fixed points Type Systems
Hoare Logic and Model Checking
Hoare Logic and Model Checking Kasper Svendsen University of Cambridge CST Part II 2016/17 Acknowledgement: slides heavily based on previous versions by Mike Gordon and Alan Mycroft Introduction In the
New description of the Unified Memory Model Proposal for Java
New description of the Unified Memory Model Proposal for Java Jeremy Manson, William Pugh and Sarita Adve April 29, 2004, 9:35pm 0.1 Actions and Executions An action a is described by a tuple t, k, v,
Sharing Objects Ch. 3
Sharing Objects Ch. 3 Visibility What is the source of the issue? Volatile Dekker s algorithm Publication and Escape Thread Confinement Immutability Techniques of safe publication Assignment 1 Visibility
Operational Semantics 1 / 13
Operational Semantics 1 / 13 Outline What is semantics? Operational Semantics What is semantics? 2 / 13 What is the meaning of a program? Recall: aspects of a language syntax: the structure of its programs
The New Java Technology Memory Model
The New Java Technology Memory Model java.sun.com/javaone/sf Jeremy Manson and William Pugh http://www.cs.umd.edu/~pugh 1 Audience Assume you are familiar with basics of Java technology-based threads (
Semantics of programming languages
Semantics of programming languages Informatics 2A: Lecture 28 Mary Cryan School of Informatics University of Edinburgh mcryan@inf.ed.ac.uk 21 November 2018 1 / 18 Two parallel pipelines A large proportion
Verifying Concurrent ML programs
Verifying Concurrent ML programs a research proposal Gergely Buday Eszterházy Károly University Gyöngyös, Hungary Synchron 2016 Bamberg December 2016 Concurrent ML is a synchronous language a CML program
CS510 Advanced Topics in Concurrency. Jonathan Walpole
CS510 Advanced Topics in Concurrency Jonathan Walpole Threads Cannot Be Implemented as a Library Reasoning About Programs What are the valid outcomes for this program? Is it valid for both r1 and r2 to
Applied Unified Ownership. Capabilities for Sharing Across Threads
Applied Unified Ownership or Capabilities for Sharing Across Threads Elias Castegren Tobias Wrigstad DRF transfer parallel programming AppliedUnified Ownership memory management placement in pools (previous
Concurrency. State Models and Java Programs. Jeff Magee and Jeff Kramer. Concurrency: introduction 1. Magee/Kramer
Concurrency State Models and Java Programs Jeff Magee and Jeff Kramer Concurrency: introduction 1 What is a Concurrent Program? A sequential program has a single thread of control. A concurrent program
Dynamic Dependency Monitoring to Secure Information Flow
Dynamic Dependency Monitoring to Secure Information Flow Mark Thober Joint work with Paritosh Shroff and Scott F. Smith Department of Computer Science Johns Hopkins University CSF 07 1 Motivation Information
GPU Concurrency: Weak Behaviours and Programming Assumptions
GPU Concurrency: Weak Behaviours and Programming Assumptions Jyh-Jing Hwang, Yiren(Max) Lu 03/02/2017 Outline 1. Introduction 2. Weak behaviors examples 3. Test methodology 4. Proposed memory model 5.
Lecture 21: Transactional Memory. Topics: consistency model recap, introduction to transactional memory
Lecture 21: Transactional Memory Topics: consistency model recap, introduction to transactional memory 1 Example Programs Initially, A = B = 0 P1 P2 A = 1 B = 1 if (B == 0) if (A == 0) critical section
A Concurrency Semantics for Relaxed Atomics that Permits Optimisation and Avoids Thin-Air Executions
A Concurrency Semantics for Relaxed Atomics that Permits Optimisation and Avoids Thin-Air Executions Jean Pichon-Pharabod Peter Sewell University of Cambridge, United Kingdom first.last@cl.cam.ac.uk Abstract
Building Verified Program Analyzers in Coq
Building Verified Program Analyzers in Coq Lecture 1: Motivations and Examples David Pichardie - INRIA Rennes / Harvard University How do you trust your software? bug finders sound verifiers verified verifiers
Hierarchical Pointer Analysis for Distributed Programs
Hierarchical Pointer Analysis for Distributed Programs Amir Kamil Computer Science Division, University of California, Berkeley kamil@cs.berkeley.edu April 14, 2006 1 Introduction Many distributed, parallel
Advanced Programming Methods. Introduction in program analysis
Advanced Programming Methods Introduction in program analysis What is Program Analysis? Very broad topic, but generally speaking, automated analysis of program behavior Program analysis is about developing
DRFx: A Simple and Efficient Memory Model for Concurrent Programming Languages
DRFx: A Simple and Efficient Memory Model for Concurrent Programming Languages Daniel Marino Abhayendra Singh Todd Millstein Madanlal Musuvathi Satish Narayanasamy University of California, Los Angeles
8. Static Single Assignment Form. Marcus Denker
8. Static Single Assignment Form Marcus Denker Roadmap > Static Single Assignment Form (SSA) > Converting to SSA Form > Examples > Transforming out of SSA 2 Static Single Assignment Form > Goal: simplify
Safety and liveness for critical sections
Safety and liveness for critical sections! At most k threads are concurrently in the critical section A. Safety B. Liveness C. Both! A thread that wants to enter the critical section will eventually succeed
Threads and Locks. Chapter Introduction Locks
Chapter 1 Threads and Locks 1.1 Introduction Java virtual machines support multiple threads of execution. Threads are represented in Java by the Thread class. The only way for a user to create a thread
An Operational and Axiomatic Semantics for Non-determinism and Sequence Points in C
An Operational and Axiomatic Semantics for Non-determinism and Sequence Points in C Robbert Krebbers Radboud University Nijmegen January 22, 2014 @ POPL, San Diego, USA 1 / 16 What is this program supposed
Toward Efficient Strong Memory Model Support for the Java Platform via Hybrid Synchronization
Toward Efficient Strong Memory Model Support for the Java Platform via Hybrid Synchronization Aritra Sengupta Man Cao Michael D. Bond Milind Kulkarni Ohio State University Purdue University {sengupta,caoma,mikebond}@cse.ohio-state.edu
Using file systems at HC3
Using file systems at HC3 Roland Laifer STEINBUCH CENTRE FOR COMPUTING - SCC KIT University of the State of Baden-Württemberg and National Laboratory of the Helmholtz Association www.kit.edu Basic Lustre
Static Analysis of Embedded C
Static Analysis of Embedded C John Regehr University of Utah Joint work with Nathan Cooprider Motivating Platform: TinyOS Embedded software for wireless sensor network nodes Has lots of SW components for
More Lambda Calculus and Intro to Type Systems
More Lambda Calculus and Intro to Type Systems #1 One Slide Summary The lambda calculus is a model of computation or a programming language that is as expressive as a Turing machine. The lambda calculus
Concurrency and Parallelism. CS152: Programming Languages. Lecture 19 Shared-Memory Parallelism and Concurrency. Concurrency vs. Parallelism.
CS152: Programming Languages Lecture 19 Shared-Memory Parallelism and Concurrency Dan Grossman Spring 2011 Concurrency and Parallelism PL support for concurrency/parallelism a huge topic Increasingly important
CS152: Programming Languages. Lecture 19 Shared-Memory Parallelism and Concurrency. Dan Grossman Spring 2011
CS152: Programming Languages Lecture 19 Shared-Memory Parallelism and Concurrency Dan Grossman Spring 2011 Concurrency and Parallelism PL support for concurrency/parallelism a huge topic Increasingly important
C++ Concurrency - Formalised
C++ Concurrency - Formalised Salomon Sickert Technische Universität München 26 th April 2013 Mutex Algorithms At most one thread is in the critical section at any time. 2 / 35 Dekker s Mutex Algorithm
Pierce Ch. 3, 8, 11, 15. Type Systems
Pierce Ch. 3, 8, 11, 15 Type Systems Goals Define the simple language of expressions A small subset of Lisp, with minor modifications Define the type system of this language Mathematical definition using
Functional Programming with Isabelle/HOL
Functional Programming with Isabelle/HOL = Isabelle λ β HOL α Florian Haftmann Technische Universität München January 2009 Overview Viewing Isabelle/HOL as a functional programming language: 1. Isabelle/HOL
Formal Semantics of Programming Languages
Formal Semantics of Programming Languages Mooly Sagiv Reference: Semantics with Applications Chapter 2 H. Nielson and F. Nielson http://www.daimi.au.dk/~bra8130/wiley_book/wiley.html Benefits of formal
Shared Variables and Interference
Illinois Institute of Technology Lecture 24 Shared Variables and Interference CS 536: Science of Programming, Spring 2018 A. Why Parallel programs can coordinate their work using shared variables, but
OOP and S-BPM an analogy observation PowerSpeech
OOP and an analogy observation PowerSpeech Karlsruhe, October 14th 2010 Hagen Buchwald, KIT, Institute AIFB INSTITUTE AIFB COMPLEXITY MANAGEMENT KIT University of the State of Baden-Wuerttemberg and National