Sequentializing Parameterized Programs

We exhibit assertion-preserving (reachability preserving) transformations from parameterized concurrent shared-memory programs, under a k-round scheduling of processes, to sequential programs. The salient feature of the sequential program is that it tracks the local variables of only one thread at any point, and uses only O(k) copies of shared variables (it does not use extra counters, not even one counter to keep track of the number of threads). Sequentialization is achieved using the concept of a linear interface that captures the effect an unbounded block of processes have on the shared state in a k-round schedule. Our transformation utilizes linear interfaces to sequentialize the program, and to ensure the sequential program explores only reachable states and preserves local invariants.Comment: In Proceedings FIT 2012, arXiv:1207.348

Improving live debugging of concurrent threads through thread histories

Concurrency issues are inherently harder to identify and fix than issues in sequential programs, due to aspects like indeterminate order of access to shared resources and thread synchronisation. Live debuggers are often used by developers to gain insights into the behaviour of concurrent programs by exploring the call stacks of threads. Nevertheless, contemporary live debuggers for concurrent programs are usually sequential debuggers augmented with the ability to display different threads in isolation. To these debuggers every thread call stack begins with a designated start routine and the calls that led to the creation of the thread are not visible, as they are part of a different thread. This requires developers to manually link stack traces belonging to related but distinct threads, adding another burden to the already difficult act of debugging concurrent programs. To improve debugging of concurrent programs we address the problem of incomplete call stacks in debuggers through a thread and debugger model that enables live debugging of child threads within the context of their parent threads. The proposed debugger operates on a virtual thread that merges together multiple relevant threads. To better understand the features of debuggers for concurrent programs we present an in-depth discussion of the concurrency related features in current live debuggers. We test the applicability of the proposed model by instantiating it for simple threads, local and remote promises, and a remote object-oriented database. Starting from these use cases we further discuss implementation details ensuring a practical approach

Capsule-oriented Programming in the Panini Language

Sequentially-trained programmers, i.e. programmers with little or no training in concurrent program design, remain an important subset of today\u27s IT workforce. Inherent concurrency in modern software together with prevalence of multiple hardware threads due to multicore processors is increasing pressure on these programmers to become adept at concurrency, but they continue to find writing and reasoning about concurrent programs difficult. The difficulties originate from having to write and reason about programs that have a multitude of possible execution orders. We present a novel implicitly-concurrent programming model called capsule-oriented programming that is designed for sequentially-trained programmers. Capsule-oriented programming solves these problems by introducing a new module-like abstraction called capsule that (1) guarantees sequential reasoning within its boundary, and (2) makes those program locations where interleavings may occur explicit. The former property allows programmers to (a) reuse existing sequential code as is and (b) use sequential reasoning for most of their code, and the latter property helps by (c) precisely showing program locations where programmers must reason about concurrent interleavings, and (d) creating opportunities for helping reasoning. We present a realization of this programming model in an extension of Java called Panini. The Panini compiler compiles capsule-oriented programs to standard Java Bytecode

Safe and Verifiable Design of Concurrent Java Programs

The design of concurrent programs has a reputation for being difficult, and thus potentially dangerous in safetycritical real-time and embedded systems. The recent appearance of Java, whilst cleaning up many insecure aspects of OO programming endemic in C++, suffers from a deceptively simple threads model that is an insecure variant of ideas that are over 25 years old [1]. Consequently, we cannot directly exploit a range of new CASE tools -- based upon modern developments in parallel computing theory -- that can verify and check the design of concurrent systems for a variety of dangers\ud such as deadlock and livelock that otherwise plague us during testing and maintenance and, more seriously, cause catastrophic failure in service. \ud Our approach uses recently developed Java class\ud libraries based on Hoare's Communicating Sequential Processes (CSP); the use of CSP greatly simplifies the design of concurrent systems and, in many cases, a parallel approach often significantly simplifies systems originally approached sequentially. New CSP CASE tools permit designs to be verified against formal specifications\ud and checked for deadlock and livelock. Below we introduce CSP and its implementation in Java and develop a small concurrent application. The formal CSP description of the application is provided, as well as that of an equivalent sequential version. FDR is used to verify the correctness of both implementations, their\ud equivalence, and their freedom from deadlock and livelock

ProcessJ: The JVMCSP Code Generator

We as a society have achieved greatness because we work together. There is power in numbers. However, when it comes to programming we have not been able to achieve the same level of symbiosis. This is because concurrent programming has been stigmatized as an advance and ab- stract subject allegedly harder than sequential programming. Additionally, traditional approaches to solving concurrent problems using sequential programming become unnecessarily difficult be- cause most of what newcomers are taught when it comes to concurrent programming (e.g., message passing and threads), while being technically correct, is completely irrelevant to the problems at hand. Rather than examining the preconceived notions of the problem, we stubbornly try to fix it using thread-and-lock models or non-shared memory and message passing models, making rea- soning about the concurrent behavior of the problem extremely complicated if at all even possible. Exploiting threads effectively depends on the concurrency model supported by the program- ming language being used. What is also needed is fine-grained parallelism without the explicit use of locks and without asynchronicity so programs can be made easy to reason about. I believe that ProcessJ can be the programming language that provides a bridge from todays languages to tomorrows concurrent programs. This thesis introduces ProcessJ, a new process-oriented language with Java-like syntax and CSP-based communication that uses synchronous channels. ProcessJ is cooperatively scheduled, runs on the Java Virtual Machine (JVM), and allows hundreds of millions of concurrent processes on a single core. Next, I describe its implementation and features. Follow- ing this, I explain the translation scheme of ProcessJ source code to Java, and how the generated code is used to create processes that correctly cooperate in scheduling without using the Thread or Runnable Java classes

Improved concurrent Java processes

The rise in the number of cores in a processor has resulted in computer programmers needing to write concurrent programs to utilize the extra available processors. Concurrent programming can utilize the extra processors available in a multi-core architecture. However, writing concurrent programs introduces complexities that are not encountered in sequential programming (race conditions, deadlocks, starvation, liveness, etc., are some of the complexities that come with concurrent programming). These complexities require programming languages to provide functionality to help programmers with writing concurrent programs. The Java language is designed to support concurrent programming, mostly through threads. The support is provided through the Java programming language itself and Java class libraries. Although concurrent processes are important and have their own advantages over concurrent threads Java has limited support for concurrent processes. In this thesis we attempt to provide the same support that Java has for threads through the java.util.concurrent library to processes. This is attempted to be done through a Java library (za.co.jcp). The library will provide synchronisation methods of multiple processes, Java process shared variables, atomic variables, process-safe data structures, and a process executors framework similar to that of the executor framework provided by Java for threads. The two libraries' similarities, and performance is analyzed. The analysis between the two libraries is performed to compare the code portability, ease of use, and performance difference between the two libraries. The results from the project have shown that it is possible for Java to provide support for concurrency through processes and not only threads. In addition from the benchmarks performed the performance of the za.co.jcp library is not significantly slower than the current java.util.concurrent thread library. This means that Java concurrent applications will also now be able to use cooperating processes rather than be confined to using threads.Thesis (MSc) -- Faculty of Science, Computer Science, 202

Deductive Verification of Concurrent Programs

Verification of concurrent programs still poses one of the major challenges in computer science. Several techniques to tackle this problem have been proposed. However, they often do not scale. We present an adaptation of the rely/guarantee methodology in dynamic logic. Rely/guarantee uses functional specification to symbolically describe the behavior of concurrently running threads: while each thread guarantees adherence to a specified property at any point in time, all other threads can rely on this property being established. This allows to regard threads largely in isolation--only w.r.t. an environment constrained by these specifications. While rely/guarantee based approaches often suffer from a considerable specification overhead, we complement functional thread specifications with frame conditions. We will explain our approach using a simple, but concurrent programing language. Besides the usual constructs for sequential programs, it caters for dynamic thread creation. We define semantics of concurrent programs w.r.t. an underspecified deterministic scheduling function. To formally reason about programs of this language, we introduce a novel multi-modal logic, Concurrent Dynamic Trace Logic (CDTL). It combines the strengthes of dynamic logic with those of linear temporal logic and allows to express temporal properties about symbolic program traces. We first develop a sound and complete sequent calculus for the logic subset that uses the sequential part of the language, based on symbolic execution. In a second step, we extend this to a calculus for the complete logic by adding symbolic execution rules for concurrent interleavings and dynamic thread creation based on the rely/guarantee methodology. Again, this calculus is proven sound and complete

Communicating Java Threads

The incorporation of multithreading in Java may be considered a significant part of the Java language, because it provides udimentary facilities for concurrent programming. However, we belief that the use of channels is a fundamental concept for concurrent programming. The channel approach as described in this paper is a realization of a systematic design method for concurrent programming in Java based on the CSP paradigm. CSP requires the availability of a Channel class and the addition of composition constructs for sequential, parallel and alternative processes. The Channel class and the constructs have been implemented in Java in compliance with the definitions in CSP. As a result, implementing communication between processes is facilitated, enabling the programmer to avoid deadlock more easily, and freeing the programmer from synchronization and scheduling constructs. The use of the Channel class and the additional constructs is illustrated in a simple application