A Model of Cooperative Threads

We develop a model of concurrent imperative programming with threads. We focus on a small imperative language with cooperative threads which execute without interruption until they terminate or explicitly yield control. We define and study a trace-based denotational semantics for this language; this semantics is fully abstract but mathematically elementary. We also give an equational theory for the computational effects that underlie the language, including thread spawning. We then analyze threads in terms of the free algebra monad for this theory.Comment: 39 pages, 5 figure

On CSP and the Algebraic Theory of Effects

We consider CSP from the point of view of the algebraic theory of effects, which classifies operations as effect constructors or effect deconstructors; it also provides a link with functional programming, being a refinement of Moggi's seminal monadic point of view. There is a natural algebraic theory of the constructors whose free algebra functor is Moggi's monad; we illustrate this by characterising free and initial algebras in terms of two versions of the stable failures model of CSP, one more general than the other. Deconstructors are dealt with as homomorphisms to (possibly non-free) algebras. One can view CSP's action and choice operators as constructors and the rest, such as concealment and concurrency, as deconstructors. Carrying this programme out results in taking deterministic external choice as constructor rather than general external choice. However, binary deconstructors, such as the CSP concurrency operator, provide unresolved difficulties. We conclude by presenting a combination of CSP with Moggi's computational {\lambda}-calculus, in which the operators, including concurrency, are polymorphic. While the paper mainly concerns CSP, it ought to be possible to carry over similar ideas to other process calculi

A type-and-effect system for asynchronous, typed events

Implicit concurrency between handlers is important for event driven systems because it helps simultaneously promote modularity and scalability. Knowing the side-effect of the handlers is critical in these systems to avoid concurrency hazards such as data races. As event systems are dynamic because statically known and unknown handlers can register at almost any time during program execution, static effect analyses must reconcile over competing goals such as precision, soundness and modularity. We recently developed asynchronous, typed events, a system that can analyze the effects of the handlers at runtime. This mechanism utilizes runtime information to enable precise effect computation and greatly improves concurrency between handlers. In this paper, we present the formal underpinnings of asynchronous, typed events, and examine the concurrency safety properties it provides. The technical innovations of our system include a novel effect system to soundly approximate the dynamism introduced by runtime handlers registration, a static analysis to precompute the effects and a dynamic analysis that uses the precomputed effects to improve concurrency. Our design simplifies modular concurrency reasoning and avoids concurrency hazards

A Type-and-Effect System for Shared Memory, Concurrent Implicit Invocation Systems

Driven by the need to utilize multicore platforms, recent language designs aim to bring the concurrency advantages of events in distributed publish-subscribe systems to sequential OO programs that utilize the implicit invocation (II) design style. These proposals face two challenges. First, unlike the publish-subscribe paradigm where publisher and subscriber typically don\u27t share state, communicating via shared state is common in II programs. Second, type-and-effect systems that are generally designed for statically reasoning about a program\u27s execution are often too conservative to handle II that typically entails a virtual method invocation on zero or more dynamically registered handlers. To solve these problems, we present a novel hybrid type-and-effect system for exposing concurrency in programs that use II mechanisms. This type-and-effect system provides deadlock and data race freedom in such usage of II mechanisms. We have also implemented this type-and-effect system. An initial study shows its scalability benefits and acceptable costs

Implicit Invocation Meets Safe, Implicit Concurrency

Writing correct and efficient concurrent programs still remains a challenge. Explicit concurrency is difficult, error prone, and creates code which is hard to maintain and debug. This type of concurrency also treats modular program design and concurrency as separate goals, where modularity often suffers. To solve these problems, we are designing a new language that we call Panini. In this work, we focus on Panini\u27s asynchronous, typed events which reconcile the modularity goal promoted by the implicit invocation design style with the concurrency goal of exposing potential concurrency between the execution of subjects and observers. Since modularity is improved and concurrency is implicit in Panini, programs are easier to reason about and maintain. The language incorporates a static analysis to determine potential conflicts between handlers and a dynamic analysis which uses the conflict information to determine a safe order for handler invocation. This mechanism avoids races and deadlocks entirely, yielding programs with a guaranteed deterministic semantics. To evaluate our language design and implementation we show several examples of its usage as well as an empirical study of program performance. We found that not only is developing and understanding programs significantly easier compared to standard concurrent object-oriented programs, but also performance of Panini programs is comparable to their equivalent hand-tuned versions written using Java\u27s fork-join framework

Fine-grained and coarse-grained reactive noninterference

International audienceWe study the security property of noninterference in a core synchronous reactive language that we call CRL. In the synchronous reactive paradigm, programs communicate by means of broadcast events, and their parallel execution is regulated by a notion of instant. We first show that CRL programs are indeed reactive, namely that they always converge to a state of termination or suspension ("end of instant") in a finite number of steps. We define two bisimulation equivalences on CRL programs, corresponding respectively to a fine-grained and to a coarse-grained observation of programs. We show that coarse-grained bisimilarity is more abstract than fine-grained bisimilarity, as it is insensitive to the order of generation of events and to repeated emissions of the same event during an instant. Based on these bisimulations, two properties of Reactive Noninterference (RNI) are introduced, formalising secure information flow. Both properties are time-insensitive and termination-insensitive. Again, coarse-grained RNI is more abstract than fine-grained RNI. Finally, a type system guaranteeing both security properties is presented. Thanks to a design choice of CRL, which offers two separate constructs for loops and iteration, and to refined typing rules, this type system allows for a precise treatment of termination leaks, which are an issue in parallel languages