Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chair of Software EngineeringOOSC – Summer Semester 2005 Object-Oriented Software Construction Bertrand Meyer Lecture 19: SCOOP Simple Concurrent Object-Oriented.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chair of Software EngineeringOOSC – Summer Semester 2005 Object-Oriented Software Construction Bertrand Meyer Lecture 19: SCOOP Simple Concurrent Object-Oriented."— Presentation transcript:

1 Chair of Software EngineeringOOSC – Summer Semester 2005 Object-Oriented Software Construction Bertrand Meyer Lecture 19: SCOOP Simple Concurrent Object-Oriented Programming Piotr Nienaltowski

2 Chair of Software EngineeringOOSC – Summer Semester 2005 2 What we’re going to see today  Some history  Back to the roots: the essence of OO  SCOOP: computational model  Synchronisation  Advanced mechanisms  How does it fit into the OO framework?

3 Chair of Software EngineeringOOSC – Summer Semester 2005 3 The need for concurrency: where  Operating systems  We already forgot the “batch processing” systems from the 60s  Users want multi-tasking  Distributed applications  Modern GUIs  Many applications only make sense in the presence of concurrency  We want to squeeze maximum power from our computers  Use additional CPUs

4 Chair of Software EngineeringOOSC – Summer Semester 2005 4 The need for concurrency: how  Two basic kinds of concurrency  Cooperative  Competitive  Cooperative  several tasks want to achieve a common goal  synchronisation is necessary to achieve the goal  example: producer-consumer  Competitive  several task access resources to do their own job  no common goal; tasks often don’t know about each other  synchronisation is necessary to avoid conflicts  example: flight booking system

5 Chair of Software EngineeringOOSC – Summer Semester 2005 5 The need for concurrency: what  Two kinds of properties of interest  Safety (nothing bad happens)  Liveness (something good eventually happens)  Data races  Deadlocks  Livelocks

6 Chair of Software EngineeringOOSC – Summer Semester 2005 6 A bit of history  Mutex  Semaphore (60s - Dijkstra)  Conditional Critical Region (1968, Hoare)  Monitor (1972, Brinch-Hansen, Hoare)  Rendez-vous (80s, Ada), active objects

7 Chair of Software EngineeringOOSC – Summer Semester 2005 7 SCOOP  Simple Concurrent Object-Oriented Programming  Described in CACM, 1993  OOSC, 2 nd edition, 1997  Prototype implementation at Eiffel Software, 1995  Prototypes by others  Now being done for good at ETH (support from SNF, Hasler Foundation, Microsoft ROTOR)

8 Chair of Software EngineeringOOSC – Summer Semester 2005 8 Basic idea of OO computation To perform a computation is  To apply certain actions  To certain objects  Using certain processors ActionObject Processor x.f (a)

9 Chair of Software EngineeringOOSC – Summer Semester 2005 9 Computational model of SCOOP  Processor: a thread of control supporting sequential execution of instructions on one or several objects.  All actions on a given object are executed by its handling processor. No shared memory!!!  We say that an object is owned by its handling processor  this ownership relation is fixed, i.e. we do not consider migration of objects between processors.  Each processor, together with all object it owns, can be seen as a sequential subsystem.  A (concurrent) software system is composed of such subsystems.

10 Chair of Software EngineeringOOSC – Summer Semester 2005 10 Software system P1 o1 o3 o2o4 P2 o5 o9 o7 P3 o11 o8 o6o12 P1 handles o1, o2, o3, o4 P2 handles o5, o7, o9 P3 handles o6, o8, o11, o12 denotes o1’s owner = P1

11 Chair of Software EngineeringOOSC – Summer Semester 2005 11 Processors  Processor is an abstract concept  Do not confuse it with a CPU!  A processor can be implemented as:  Process  Thread  Web service .NET AppDomain  ???

12 Chair of Software EngineeringOOSC – Summer Semester 2005 12 Feature call - synchronous x: X... x.f (a) o1 o2 (CLIENT )(X) previous_instruction x.f (a) next_instruction P1 f (a: A) require a /= Void do … end P1 o1 o2

13 Chair of Software EngineeringOOSC – Summer Semester 2005 13 Feature call - asynchronous x: X... x.f (a) o1 o2 (CLIENT )(X) previous_instruction x.f (a) next_instruction P1 f (a: A) require a /= Void do … end P1 o1 P2 o2 P2 x: separate X

14 Chair of Software EngineeringOOSC – Summer Semester 2005 14 Separate objects  Calls to non-separate objects are synchronous  Calls to separate objects are asynchronous P1 o1 P2 o2 o3  QUIZ: Which objects are separate?

15 Chair of Software EngineeringOOSC – Summer Semester 2005 15 Separate entities  Separate entities are declared with separate keyword x: separate X  Does a separate entity always denote a separate object? x, y: separate X … y := x.y-- Is y a separate entity? -- Does it denote a separate object?  Separate entities denote potentially separate objects P1 o1 P2 o2 o3 x y y

16 Chair of Software EngineeringOOSC – Summer Semester 2005 16 Synchronisation  Processors are sequential  Concurrency is achieved by interplay of several processors  Processors need to synchronise  Two forms of synchronisation in SCOOP  mutual exclusion  condition synchronisation

17 Chair of Software EngineeringOOSC – Summer Semester 2005 17  Programmer writes: my_stack: separate STACK [INTEGER] … my_stack.push (5) y := my_stack.top-- Are we sure that y = 5 ? We need a critical section to avoid data races. If no mutual exclusion What could have happened here?

18 Chair of Software EngineeringOOSC – Summer Semester 2005 18 Problematic scenario P1 o1 P2 o2 o3 my_stack y P3 o6 o8 y my_stack P1 and P3 execute similar code: -- P1 my_stack.push (5) y := my_stack.top -- P3 my_stack.push (100) y := my_stack.top

19 Chair of Software EngineeringOOSC – Summer Semester 2005 19  Require target of separate call to be formal argument of enclosing routine: push_and_retrieve (s: separate STACK [INTEGER]; value: INTEGER) is -- Push `value’ on top of `s’ then retrieve top of `s’ -- and assign it to `y’. do s.push (value) y := s.top end my_stack: separate STACK [INTEGER] … push_and_retrieve (my_stack, 5) -- Now we are we sure that y=5  Body (do … end) of enclosing routine is a critical section with respect to its separate formal arguments. Mutual exclusion in SCOOP No other processor can access s in the meantime!

20 Chair of Software EngineeringOOSC – Summer Semester 2005 20 Separate argument rule The target of a separate call must be a formal argument of the enclosing routine Separate call: a.f (...) where a is a separate entity

21 Chair of Software EngineeringOOSC – Summer Semester 2005 21 Wait rule A routine call with separate arguments will execute when all corresponding objects are available and hold them exclusively for the duration of the routine

22 Chair of Software EngineeringOOSC – Summer Semester 2005 22 Condition synchronisation  Very often client only wants to execute certain feature if some condition (guard) is true: store (buffer: separate BOUNDED_BUFFER [INTEGER]; value: INTEGER) is -- Store `value’ into `buffer’. require buffer_not_full: not buffer.is_full do buffer.put (value) end my_buffer: separate BOUNDED_BUFFER [INTEGER] … store (my_buffer, 5) Hey, it’s a precondition, not a guard! How should it work?

23 Chair of Software EngineeringOOSC – Summer Semester 2005 23 Contracts strike back store (buffer: BUFFER [INTEGER]; value: INTEGER) is -- Store `value’ into `buffer’. require buffer_not_full: not buffer.is_full value > 0 do buffer.put (value) ensure buffer_not_empty: not buffer.is_empty end... store (my_buffer, 10) Precondition Postcondition

24 Chair of Software EngineeringOOSC – Summer Semester 2005 24 From preconditions to wait-conditions store (buffer: separate BUFFER [INTEGER]; value: INTEGER) is -- Store `value’ into `buffer’. require buffer_not_full: not buffer.is_full value > 0 do buffer.put (value) ensure buffer_not_empty: not buffer.is_empty end... store (my_buffer, 10) On separate target, precondition becomes wait condition

25 Chair of Software EngineeringOOSC – Summer Semester 2005 25 Why new semantics?  Preconditions are obligations that client has to satisfy before the call {Pre r } call r {Post r }  Easy peasy: if precondition store then store (my_buffer, 5) end I know that precondition holds before the call!

26 Chair of Software EngineeringOOSC – Summer Semester 2005 26 Wait rule revisited A routine call with separate arguments will execute when all corresponding objects are available and wait-conditions are satisfied and hold the objects exclusively for the duration of the routine

27 Chair of Software EngineeringOOSC – Summer Semester 2005 27 Re-synchronising clients and suppliers … x.f x.g (a) y.f … Pc Px Py x.f x.g(a) y.f

28 Chair of Software EngineeringOOSC – Summer Semester 2005 28 Wait by necessity  No special mechanism for client to re-synchronise with supplier after separate call.  Client will only wait when it needs to: x.fx.f x.g (a) y.fy.f … value := x.some_query  This is called wait-by-necessity Wait here!

29 Chair of Software EngineeringOOSC – Summer Semester 2005 29 Do we really need to wait?  Can we do better than that? x.fx.f x.g (a) y.fy.f … value := x.some_query x.fx.f y.fy.f z := value value := value + 1  Does not change the basic SCOOP model  Consider it to be an optimisation We only need to wait here!

30 Chair of Software EngineeringOOSC – Summer Semester 2005 30 Summary: computational model  Software system is composed of several processors  Processors are sequential; concurrency is achieved through their interplay  Separate entity denotes a potentially separate object  Calls to non-separate objects are synchronous  Calls to separate objects are asynchronous

31 Chair of Software EngineeringOOSC – Summer Semester 2005 31 Summary: synchronisation  Mutual exclusion  Locking through argument passing  Routine body is critical section  Condition synchronisation  preconditions  Re-synchronisation of client and supplier:  wait-by-necessity

32 Chair of Software EngineeringOOSC – Summer Semester 2005 32 Summary: separate argument rule The target of a separate call must be a formal argument of the enclosing routine Separate call: a.f (...) where a is a separate entity

33 Chair of Software EngineeringOOSC – Summer Semester 2005 33 Summary: wait rule A routine call with separate arguments will execute when all corresponding objects are available and wait-conditions are satisfied and hold the objects exclusively for the duration of the routine

34 Chair of Software EngineeringOOSC – Summer Semester 2005 34 Example: bounded buffer Now that we know (almost) everything, let’s see a short exampleexample

35 Chair of Software EngineeringOOSC – Summer Semester 2005 35 Is that enough to prevent data races?  Data race occurs when two or more clients concurrently apply some feature on the same supplier.  Data races could be caused by so-called traitors, i.e. non-separate entities that denote separate objects.  Kill ’em all!

36 Chair of Software EngineeringOOSC – Summer Semester 2005 36 Traitors -- in class C (client) x: separate X a: A … r (an_x: separate X) is do a := an_x.a end … r (x) a.f -- supplier class X feature a: A end Is this call valid? And this one? TRAITOR!

37 Chair of Software EngineeringOOSC – Summer Semester 2005 37 Consistency rules – first attempt  Four consistency rules  Should prevent data races  eliminate traitors  Written in English  Easy to understand by programmers

38 Chair of Software EngineeringOOSC – Summer Semester 2005 38 SCOOP rules – first attempt Separateness consistency rule (1) If the source of an attachment (assignment instruction or argument passing) is separate, its target entity must be separate too. r (buffer: separate BUFFER [X]; x: X ) is local b1: separate BUFFER [X] b2: BUFFER [X] x2: separate X do b1 := buffer-- valid b2 := b1-- invalid r (b1, x2) -- invalid end

39 Chair of Software EngineeringOOSC – Summer Semester 2005 39 SCOOP rules – first attempt Separateness consistency rule (2) If an actual argument of a separate call is of a reference type, the corresponding formal argument must be declared as separate. store (buffer: separate BUFFER [X]; x: X ) is do buffer.put (x) end -- in class BUFFER [G] put (element: separate G) is...

40 Chair of Software EngineeringOOSC – Summer Semester 2005 40 SCOOP rules – first attempt Separateness consistency rule (3) If the source of an attachment is the result of a separate call to a function returning a reference type, the target must be declared as separate. consume_element (buffer: separate BUFFER [X]) is local element: separate X do element := buffer.item... end -- in class BUFFER [G] item: G is...

41 Chair of Software EngineeringOOSC – Summer Semester 2005 41 SCOOP rules – first attempt Separateness consistency rule (4) If an actual argument of a separate call is of an expanded type, its base class may not include, directly or indirectly, any non-separate attribute of a reference type. store (buffer: separate BUFFER [X]; x: X ) is do buffer.put (x)-- X must be “fully expanded” end -- in class BUFFER [G] put (element: G) is-- G is not declared as separate anymore...

42 Chair of Software EngineeringOOSC – Summer Semester 2005 42 Consistency rules – second attempt  What can a type system do better than a set of informal rules?  Prevent data races  static (compile-time) checks  Integrate expanded types and agents with SCOOP  Ownership-like types  Eiffel types augmented with owner tags  inspired by Peter Mueller’s work on applet isolation in JavaCard  Subtyping rule replaces all previous consistency rules

43 Chair of Software EngineeringOOSC – Summer Semester 2005 43 Type system Let TypeId denote the set of declared type identifiers of a given Eiffel program. We define the set of tagged types for a given class as where OwnerId is a set of owner tags declared in the given class. Each class implicitely declares two owner tags:  (current processor) and  (undefined). The subtype relation on tagged types is the smallest reflexive, transitive relation satisfying the following axioms, where  is a tag, S,T  TypeId, and denotes the subtype relation on TypeId:

44 Chair of Software EngineeringOOSC – Summer Semester 2005 44 False traitors brother friend brother friend brother friend processor 1 processor 2 Ueli Moritz Urs meet_someone_elses_friend (person: separate PERSON) is local a_friend: PERSON do a_friend := person.friend-- Invalid assignment. visit (a_friend) end

45 Chair of Software EngineeringOOSC – Summer Semester 2005 45 meet_someone_elses_friend (person: separate PERSON) is local a_friend: PERSON do a_friend ?= person.friend-- Valid assignment attempt. if a_friend /= void then visit (a_friend) end end Handling false traitors brother friend brother friend brother friend processor 1 processor 2 Ueli Moritz Urs

46 Chair of Software EngineeringOOSC – Summer Semester 2005 46 Interrupts? Can we snatch a shared object from its current holder? Execute holder.r (b)where b is separate Another object executes challenger.s (b) Normally, challenger would wait What if challenger is impatient?

47 Chair of Software EngineeringOOSC – Summer Semester 2005 47 Duels Library features challenger holder normal_serviceimmediate_service retainchallenger waitsexception in challenger yieldchallenger waitsexception in holder; serve challenger

48 Chair of Software EngineeringOOSC – Summer Semester 2005 48 How does it fit within the OO?  Basic mechanism: feature call  Design by Contract  Generalised semantics for preconditions, postconditions, and invariants  Inheritance  No particular restrictions, usual rules apply  Most inheritance anomalies eliminated!  Genericity: full support  Agents: almost full support  Unclear semantics of agents with open target

49 Chair of Software EngineeringOOSC – Summer Semester 2005 49 Genericity my_array: ARRAY [X] my_array: separate ARRAY [X] my_array: ARRAY [separate X] my_array: separate ARRAY [separate X]

50 Chair of Software EngineeringOOSC – Summer Semester 2005 50 Problem: agents a: PROCEDURE [ANY, TUPLE] store (buffer: separate BUFFER [X]; x: X ) is do buffer.put (x) a := agent buffer.put (?) -- Valid! fishy_call (x) end fishy_call (x: X) is do a.call ([x])-- Valid! But a is a traitor! end

51 Chair of Software EngineeringOOSC – Summer Semester 2005 51 Solution: separate agents a: separate PROCEDURE [ANY, TUPLE] store (buffer: separate BUFFER [X]; x: X ) is do buffer.put (x) a := agent buffer.put (?) -- separate agent fishy_call (x) end fishy_call (x: X) is do a.call ([x])-- Invalid: a is not a formal argument. end

52 Chair of Software EngineeringOOSC – Summer Semester 2005 52 Separate agents a: separate PROCEDURE [ANY, TUPLE] store (buffer: separate BUFFER [X]; x: X ) is do buffer.put (x) a := agent buffer.put (?) -- separate agent not_so_fishy_call (a, x) end not_so_fishy_call (an_agent: separate PROCEDURE [ANY, TUPLE]; x: X) is do an_agent.call ([x])-- Valid: a is a formal argument. end different semantics for argument passing: lock an_agent.target

53 Chair of Software EngineeringOOSC – Summer Semester 2005 53 Additional stuff Damn! I was very fast and I need to fill the remaining time with something interesting. Do you want to see another example orsee another example go home?go home

54 Chair of Software EngineeringOOSC – Summer Semester 2005 54 That’s all, folks! Thanks! And don’t forget to SCOOP it up!

Download ppt "Chair of Software EngineeringOOSC – Summer Semester 2005 Object-Oriented Software Construction Bertrand Meyer Lecture 19: SCOOP Simple Concurrent Object-Oriented."

Similar presentations

SCOOP: Simple Concurrent Object-Oriented Programming Extend the pure, strongly typed, object-oriented language Eiffel with a general and powerful concurrency.

SCOOP: Simple Concurrent Object-Oriented Programming Extend the pure, strongly typed, object-oriented language Eiffel with a general and powerful concurrency.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 10: Advanced Object-Oriented Mechanisms (based on.

Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 10: Advanced Object-Oriented Mechanisms (based on.
2 nd Microsoft Rotor Workshop, Pisa, April 23-25, 2003 1 SCOOPLI for.NET: a library for concurrent object-oriented programming Volkan Arslan, Piotr Nienaltowski.

2 nd Microsoft Rotor Workshop, Pisa, April 23-25, SCOOPLI for.NET: a library for concurrent object-oriented programming Volkan Arslan, Piotr Nienaltowski.
SCOOP on.NET Volkan Arslan Chair of Software Engineering ETH Zurich, Switzerland

SCOOP on.NET Volkan Arslan Chair of Software Engineering ETH Zurich, Switzerland
Chapter 6: Process Synchronization

Chapter 6: Process Synchronization
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.
5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.

5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 6: Process Synchronization.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 6: Process Synchronization.
Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.

Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 7: References and Assignment.

Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 7: References and Assignment.
Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 7: SCOOP Type System (based on work with Piotr Nienaltowski)

Chair of Software Engineering Concurrent Object-Oriented Programming Prof. Dr. Bertrand Meyer Lecture 7: SCOOP Type System (based on work with Piotr Nienaltowski)
Chair of Software Engineering PPoPP 2003, 13.06.2003, San Diego SCOOP it up! Piotr Nienaltowski Chair of Software Engineering, ETH Zurich, Switzerland.

Chair of Software Engineering PPoPP 2003, , San Diego SCOOP it up! Piotr Nienaltowski Chair of Software Engineering, ETH Zurich, Switzerland.
Chair of Software Engineering OOSC - Summer Semester 2004 1 Object-Oriented Software Construction Bertrand Meyer.

Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Chair of Software Engineering OOSC Lecture 20 - Concurrency Object-Oriented Software Construction Bertrand Meyer.

Chair of Software Engineering OOSC Lecture 20 - Concurrency Object-Oriented Software Construction Bertrand Meyer.
Chair of Software Engineering Piotr Nienaltowski, 17.05.2005 1 SCOOP Simple Concurrent Object-Oriented Programming.

Chair of Software Engineering Piotr Nienaltowski, SCOOP Simple Concurrent Object-Oriented Programming.
Chair of Software Engineering SCOOP: an introduction Bertrand Meyer Chair of Software Engineering, ETH Zurich, Switzerland

Chair of Software Engineering SCOOP: an introduction Bertrand Meyer Chair of Software Engineering, ETH Zurich, Switzerland
Chair of Software Engineering OOSC - Summer Semester 2004 1 Object-Oriented Software Construction Bertrand Meyer.

Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer.
Chair of Software Engineering OOSC - Summer Semester 2005 1 Object-Oriented Software Construction Bertrand Meyer Lecture 15: Exception handling.

Chair of Software Engineering OOSC - Summer Semester Object-Oriented Software Construction Bertrand Meyer Lecture 15: Exception handling.
-5- Exception handling What is an exception? “An abnormal event” Not a very precise definition Informally: something that you don’t want to happen.

-5- Exception handling What is an exception? “An abnormal event” Not a very precise definition Informally: something that you don’t want to happen.
Chapter 2: Processes Topics –Processes –Threads –Process Scheduling –Inter Process Communication (IPC) Reference: Operating Systems Design and Implementation.

Chapter 2: Processes Topics –Processes –Threads –Process Scheduling –Inter Process Communication (IPC) Reference: Operating Systems Design and Implementation.

Similar presentations

Ads by Google