Operational semantics for signal handling

Signals are a lightweight form of interprocess communication in Unix. When a process receives a signal, the control flow is interrupted and a previously installed signal handler is run. Signal handling is reminiscent both of exception handling and concurrent interleaving of processes. In this paper, we investigate different approaches to formalizing signal handling in operational semantics, and compare them in a series of examples. We find the big-step style of operational semantics to be well suited to modelling signal handling. We integrate exception handling with our big-step semantics of signal handling, by adopting the exception convention as defined in the Definition of Standard ML. The semantics needs to capture the complex interactions between signal handling and exception handling.Comment: In Proceedings EXPRESS/SOS 2012, arXiv:1208.244

A Deductive Proof System for Multithreaded Java with Exceptions

Besides the features of a class-based object-oriented language, Java integrates concurrency via its thread-classes, allowing for a multithreaded flow of control.Besides that, the language offers a flexible exception mechanism for handling errors or exceptional program conditions. To reason about safety-properties Java-programs and extending previous work on the proof theory for monitor synchronization, we introduce in this report an assertional proof method for JavaMT (Multi-Threaded Java), a small concurrent sublanguage of Java, covering concurrency and especially (exception handling). We show soundness and relative completeness of the proof method

Techniques for Implementing Concurrent Exceptions in C++

In recent years, concurrent programming has become more and more important. Multi-core processors and distributed programming allow the use of real-world parallelism for increased computing power. Graphical user interfaces in modern applications benefit from concurrency which allows them to stay responsive in all situations. Concurrency support has been added to many programming languages, libraries and frameworks. While exceptions are widely used in sequential programming, many concurrent programming languages and libraries provide little or no support for concurrent exception handling. This is also true for the C++ programming language, which is widely used in the industry for system programming, mobile and embedded applications, as well as high-performance computing, server and traditional desktop applications. The 2003 version of the C++ standard provides no support for concurrency, and the new C++11 standard only supports thread-based concurrency in a shared address space. Procedure and method calls across address space boundaries require support for serialisation. Such C++ libraries exist for serialisation of parameters and return values, but serialisation of exceptions is more complicated. Types of passed exceptions are not known at compile-time, and the exceptions may be thrown by third-party code. Concurrency also complicates exception handling itself. It makes it possible for several exceptions to be thrown concurrently and end up in the same process. This scenario is not supported in most current programming languages, especially C++. This thesis analyses problems in concurrent exception handling and presents mechanisms for solving them. The solution includes automatic serialisation of C++ exceptions for RPC, and exception reduction, future groups and compound exceptions for concurrent exception handling. The usability and performance of the mechanisms are measured and discussed using a use case application. Mechanisms for concurrent exception handling are provided using a library approach (i.e., without extending the language itself). Template metaprogramming is used in the solutions to automate mechanisms as much as possible. Solutions to the problems given in this thesis can be used in other programming languages as well

Instantaneous Transitions in Esterel

Esterel is an imperative synchronous programming language for the specification of deterministic concurrent reactive systems. While providing the usual control-flow constructs—sequences, loops, conditionals, and exceptions—its lack of a goto instruction makes the programming of arbitrary finite state machines awkward and hinders the design of source-to-source program transformations. We previously introduced to Esterel a non-instantaneous gotopause instruction, which prevents the synchronous execution of code before and code after the transition. Here, we tackle instantaneous transitions. Concurrency demands we assign scopes and priorities to gotos, so we extend Esterel's exception handling mechanism to allow exception handlers in arbitrary locations. We advocate for and formalize the resulting language. We observe that instantaneous gotos complement but do not replace non-instantaneous gotopauses

cmUML - A UML based framework for formal specification of concurrent, reactive systems

Complex software systems possess concurrent and reactive behaviors requiring precise specifications prior to development. Lamport's transition axiom method is a formal specification method which combines axiomatic and operational approaches. On the other hand Unified Modeling Language (UML), a de facto industry standard visual language, lacks suitable constructs and semantics regarding concurrency aspects. Though UML includes action semantics, its higher level constructs and object semantics are inconsistent. Motivated by Lamport's approach, this paper proposes a UML based specification framework 'cmUML' ('cm' for concurrent modules) for formal specification of concurrent, reactive systems without object level diagrams and OCL. The framework integrates higher level diagrams of UML and addresses various concurrency issues including exception handling. It combines UML-RT and UML// SPT profile as the latter defines a core package for concurrency and causality. Further the framework includes the characteristic safety and liveness aspects of concurrent systems. The proposed framework is in contrast with existing approaches based on low level primitives (semaphore, monitors). The paper includes several specification examples validating the proposed framework

An operational approach to semantics and translation for concurrent programming languages

The problems of semantics and translation for concurrent programming languages are studied in this thesis. A structural operational approach is introduced to specify the semantics of parallelism and communication. Using this approach, semantics for the concurrent programming languages CSP (Hoare's Communicating Sequential Processes), multitasking and exception handling in Ada, Brinch-Hansen's Edison and CCS (Milner's Calculus of Communicating Systems) are defined and some of their properties are studied. An operational translation theory for concurrent programming languages is given. The concept of the correctness of a translation is formalised, the problem of composing transitions is studied and a composition theorem is proved. A set of sufficient conditions for proving the correctness of a translation is given. A syntax-directed translation from CSP to CCS is given and proved correct. Through this example the proof techniques of this approach is demonstrated. Finally, as an application of operational semantics and translation, a proposal for implementing multitasking in Ada is given via a two-step syntax-directed translation

Implementing atomic actions in Ada 95

Atomic actions are an important dynamic structuring technique that aid the construction of fault-tolerant concurrent systems. Although they were developed some years ago, none of the well-known commercially-available programming languages directly support their use. This paper summarizes software fault tolerance techniques for concurrent systems, evaluates the Ada 95 programming language from the perspective of its support for software fault tolerance, and shows how Ada 95 can be used to implement software fault tolerance techniques. In particular, it shows how packages, protected objects, requeue, exceptions, asynchronous transfer of control, tagged types, and controlled types can be used as building blocks from which to construct atomic actions with forward and backward error recovery, which are resilient to deserter tasks and task abortion

Typed concurrent functional programming with channels, actors and sessions

The age of writing single-threaded applications is over. To develop scalable applications, developers must make use of concurrency and parallelism. Nonetheless, introducing concurrency and parallelism is difficult: naïvely implemented, concurrent code is prone to issues such as race conditions and deadlocks. Moving to the distributed setting introduces yet more issues, in particular the possibility of failure. To cope with many of the problems of concurrent programming, language designers have proposed a class of programming languages known as communication-centric programming languages, which provide lightweight processes which do not share memory, but instead communicate using explicit message passing. The focus of this thesis is on typed communication-centric functional programming languages, using type systems to provide static guarantees about the runtime behaviour of concurrent programs. We investigate two strands of work: the relationship between typed channel- and actor-based languages, and the integration of asynchrony, exception handling, and session types in a functional programming language. In the first strand, we investigate two particular subclasses of communication-centric languages: channel-based languages such as Go, and languages based on the actor model, such as Erlang. We distil the essence of the languages into two concurrent λ-calculi: λch for simply-typed channels, and lact for simply-typed actors, and provide type- and semantics-preserving translations between them. In doing so, we clear up confusion between the two models, give theoretical foundations for recent implementations of type-parameterised actors, and also provide a theoretical grounding for frameworks which emulate actors in channel-based languages. Furthermore, by extending the core calculi, we note that actor synchronisation drastically simplifies the translation from channels into actors, and show that Erlang’s selective receive mechanism can be implemented without specialised constructs. In the second strand, we integrate session types, asynchrony, and exception handling in a functional programming language. Session types are a behavioural type system for communication channel endpoints, allowing conformance to protocols to be checked statically. We provide the first integration of exception handling and asynchronous session types in a core functional language, Exceptional GV, and prove that it satisfies preservation, global progress, and that it is confluent and terminating. We demonstrate the practical applicability of the approach by extending the Links tierless web programming language with exception handling, in turn providing the first implementation of exception handling in the presence of session types in a functional language. As a result, we show the first application of session types to web programming, providing examples including a two-factor authentication workflow and a chat application

Easier Debugging of Multithreaded Software

Software activation is a technique designed to avoid illegal use of a licensed software. This is achieved by having a legitimate user enter a software activation key to validate the purchase of the software. Generally, a software is a single-threaded program. From an attacker’s perspective, who does not wish to pay for this software, it is not hard to reverse engineer such a single threaded program and trace its path of execution. With tools such as OllyDbg, the attacker can look into the disassembled code of this software and find out where the verification logic is being performed and then patch it to skip the verification altogether. In order to make the attacker’s task difficult, a multi-threaded approach towards software development was proposed [1]. According to this approach, you should break the verification logic into several pieces, each of which should run in a separate thread. Any debugger, such as OllyDbg, is capable of single-stepping through only one thread at a time, although it is aware of the existence of other threads. This makes it difficult for an attacker to trace the verification logic. Not just for an attacker, it is also difficult for any ethical developer to debug a multithreaded program. The motivation behind this project is to develop the prototype of a debugger that will make it easer to trace the execution path of a multi-threaded program. The intended debugger has to be able to single-step through all of the threads in lockstep