Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 29 March 2007.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 29 March 2007."— Presentation transcript:

1 Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 29 March 2007

2 Dan Grossman, Software Transactions2 Atomic An easier-to-use and harder-to-implement primitive lock acquire/release(behave as if) no interleaved computation; no unfair starvation void deposit(int x){ synchronized(this){ int tmp = balance; tmp += x; balance = tmp; }} void deposit(int x){ atomic { int tmp = balance; tmp += x; balance = tmp; }}

3 29 March 2007Dan Grossman, Software Transactions3 Viewpoints Software transactions good for: Software engineering (avoid races & deadlocks) Performance (optimistic “no conflict” without locks) Research should be guiding: New hardware with transactional support Inevitable software support –Legacy/transition –Semantic mismatch between a PL and an ISA –May be fast enough Prediction: hardware for the common/simple case

4 29 March 2007Dan Grossman, Software Transactions4 PL Perspective Key complement to the focus on “transaction engines” and low-level optimizations Language design: interaction with rest of the language –Not just I/O and exceptions (not this talk) Language implementation: interaction with the compiler and today’s hardware –Plus new needs for high-level optimizations

5 29 March 2007Dan Grossman, Software Transactions5 Not today “Across the lake” my students are busy with a variety of ongoing projects related to PL/TM Formal semantics Parallelism within transactions Interaction with first-class continuations “Transactional events” in the presence of mutation … Happy to return in a year and tell you more; today focus on more mature results/questions

6 29 March 2007Dan Grossman, Software Transactions6 Today Issues in language design and semantics 1.Transactions for software evolution 2.Transactions for strong isolation [PLDI07] * 3.The need for a memory model [MSPC06a] ** Software-implementation techniques 1.On one core [ICFP05] 2.Without changing the virtual machine [MSPC06b] 3.Static optimizations for strong isolation [PLDI07]* * Joint work with Intel PSL ** Joint work with Manson and Pugh

7 29 March 2007Dan Grossman, Software Transactions7 Code evolution Having chosen “self-locking” today, hard to add a correct transfer method tomorrow void deposit(…) { synchronized(this) { … }} void withdraw(…) { synchronized(this) { … }} int balance(…) { synchronized(this) { … }} void transfer(Acct from, int amt) { synchronized(this) { //race if(from.balance()>=amt && amt < maxXfer) { from.withdraw(amt); this.deposit(amt); }

8 29 March 2007Dan Grossman, Software Transactions8 Code evolution Having chosen “self-locking” today, hard to add a correct transfer method tomorrow void deposit(…) { synchronized(this) { … }} void withdraw(…) { synchronized(this) { … }} int balance(…) { synchronized(this) { … }} void transfer(Acct from, int amt) { synchronized(this) { synchronized(from) { //deadlock (still) if(from.balance()>=amt && amt < maxXfer) { from.withdraw(amt); this.deposit(amt); } }} }

9 29 March 2007Dan Grossman, Software Transactions9 Code evolution Having chosen “self-locking” today, hard to add a correct transfer method tomorrow void deposit(…) { atomic { … }} void withdraw(…) { atomic { … }} int balance(…) { atomic { … }} void transfer(Acct from, int amt) { //race if(from.balance()>=amt && amt < maxXfer) { from.withdraw(amt); this.deposit(amt); } }

10 29 March 2007Dan Grossman, Software Transactions10 Code evolution Having chosen “self-locking” today, hard to add a correct transfer method tomorrow void deposit(…) { atomic { … }} void withdraw(…) { atomic { … }} int balance(…) { atomic { … }} void transfer(Acct from, int amt) { atomic { //correct if(from.balance()>=amt && amt < maxXfer){ from.withdraw(amt); this.deposit(amt); }

11 29 March 2007Dan Grossman, Software Transactions11 Lesson Locks do not compose; transactions do

12 29 March 2007Dan Grossman, Software Transactions12 Today Issues in language design and semantics 1.Transactions for software evolution 2.Transactions for strong isolation [PLDI07] * 3.The need for a memory model [MSPC06a] ** Software-implementation techniques 1.On one core [ICFP05] 2.Without changing the virtual machine [MSPC06b] 3.Static optimizations for strong isolation [PLDI07]* * Joint work with Intel PSL ** Joint work with Manson and Pugh

13 29 March 2007Dan Grossman, Software Transactions13 “Weak” atomicity Widespread misconception: “Weak” atomicity violates the “all-at-once” property of transactions only when the corresponding lock code has a data race (May still be a bad thing, but smart people disagree.) atomic { y = 1; x = 3; y = x; } x = 2; print(y); //1? 2? 85? initially y==0

14 29 March 2007Dan Grossman, Software Transactions14 Segregation Segregation is not necessary in lock-based code –Even under relaxed memory models (Example adapted from [Rajwar/Larus] and [Hudson et al]) sync(lk) { r = ptr; ptr = new C(); } assert(r.f==r.g); sync(lk) { ++ptr.f; ++ptr.g; } initially ptr.f == ptr.g ptr f g

15 29 March 2007Dan Grossman, Software Transactions15 It’s worse But every published weak-atomicity system allows the assertion to fail! Eager- or lazy-update (Example adapted from [Rajwar/Larus] and [Hudson et al]) atomic { r = ptr; ptr = new C(); } assert(r.f==r.g); atomic { ++ptr.f; ++ptr.g; } initially ptr.f == ptr.g ptr f g

16 29 March 2007Dan Grossman, Software Transactions16 “Weak” atomicity redux “Weak” really means nontransactional code bypasses the transaction mechanism… Weak STMs violate isolation on example: Eager-updates (one update visible before abort) Lazy-updates (one update visible after commit) Imposes correctness burdens on programmers that locks do not

17 29 March 2007Dan Grossman, Software Transactions17 More examples (see paper for more) With eager-update, speculative dirty read: atomic { if(y==0) x=1; /* abort */ } assert(x==1); if(x==1) y=1; initially x==0 and y==0

18 29 March 2007Dan Grossman, Software Transactions18 More examples (see paper for more) With weak-update, can miss an initialization (e.g., a readonly field) atomic { t = new C(); t.f = 42; x=t; } if(x!=null) assert(x.f==42); initially x==null

19 29 March 2007Dan Grossman, Software Transactions19 Lesson “Weak” is worse than most think; it can require segregation where locks do not Corollary: “Strong” has easier semantics –especially for a safe language

20 29 March 2007Dan Grossman, Software Transactions20 Today Issues in language design and semantics 1.Transactions for software evolution 2.Transactions for strong isolation [PLDI07] * 3.The need for a memory model [MSPC06a] ** Software-implementation techniques 1.On one core [ICFP05] 2.Without changing the virtual machine [MSPC06b] 3.Static optimizations for strong isolation [PLDI07]* * Joint work with Intel PSL ** Joint work with Manson and Pugh

21 29 March 2007Dan Grossman, Software Transactions21 Relaxed memory models Modern languages don’t provide sequential consistency 1.Lack of hardware support 2.Prevents otherwise sensible & ubiquitous compiler transformations (e.g., copy propagation) So safe languages need two complicated definitions 1.What is “properly synchronized”? 2.What can compiler and hardware do with “bad code”? (Unsafe languages need (1)) A flavor of simplistic ideas and the consequences…

22 29 March 2007Dan Grossman, Software Transactions22 Simplistic ideas “Properly synchronized”  All thread-shared mutable memory accessed in transactions Consequence: Data-handoff code deemed “bad” //Producer tmp1=new C(); tmp1.x=42; atomic { q.put(tmp1); } //Consumer atomic { tmp2=q.get(); } tmp2.x++;

23 29 March 2007Dan Grossman, Software Transactions23 Ordering Can get “strange results” for bad code –Need rules for what is “good code” x = 1; y = 1; r = y; s = x; assert(s>=r);//invalid initially x==0 and y==0

24 29 March 2007Dan Grossman, Software Transactions24 Ordering Can get “strange results” for bad code –Need rules for what is “good code” x = 1; sync(lk){} y = 1; r = y; sync(lk){} //same lock s = x; assert(s>=r);//valid initially x==y==0initially x==0 and y==0

25 29 March 2007Dan Grossman, Software Transactions25 Ordering Can get “strange results” for bad code –Need rules for what is “good code” x = 1; atomic{} y = 1; r = y; atomic{} s = x; assert(s>=r);//??? If this is good code, existing STMs are wrong initially x==0 and y==0

26 29 March 2007Dan Grossman, Software Transactions26 Ordering Can get “strange results” for bad code –Need rules for what is “good code” x = 1; atomic{z=1;} y = 1; r = y; atomic{tmp=0*z;} s = x; assert(s>=r);//??? “Conflicting memory” a slippery ill-defined slope initially x==0 and y==0

27 29 March 2007Dan Grossman, Software Transactions27 Lesson It is not clear when transactions are ordered, but languages need memory models Corollary: This could/should delay adoption of transactions in well-specified languages Shameless provocation: What is the C# memory model?

28 29 March 2007Dan Grossman, Software Transactions28 Today Issues in language design and semantics 1.Transactions for software evolution 2.Transactions for strong isolation [PLDI07] * 3.The need for a memory model [MSPC06a] ** Software-implementation techniques 1.On one core [ICFP05] 2.Without changing the virtual machine [MSPC06b] 3.Static optimizations for strong isolation [PLDI07]* * Joint work with Intel PSL ** Joint work with Manson and Pugh

29 29 March 2007Dan Grossman, Software Transactions29 Interleaved execution The “uniprocessor (and then some)” assumption: Threads communicating via shared memory don't execute in “true parallel” Important special case: Uniprocessors still exist Many language implementations assume it (e.g., OCaml, DrScheme) Multicore may assign one core to an application

30 29 March 2007Dan Grossman, Software Transactions30 Implementing atomic Key pieces: Execution of an atomic block logs writes If scheduler pre-empts a thread in atomic, rollback the thread Duplicate code so non-atomic code is not slowed by logging Smooth interaction with GC

31 29 March 2007Dan Grossman, Software Transactions31 Logging example Executing atomic block: build LIFO log of old values: y:0z:?x:0y:2 Rollback on pre-emption: Pop log, doing assignments Set program counter and stack to beginning of atomic On exit from atomic: drop log int x=0, y=0; void f() { int z = y+1; x = z; } void g() { y = x+1; } void h() { atomic { y = 2; f(); g(); }

32 29 March 2007Dan Grossman, Software Transactions32 Logging efficiency Keep the log small: Don’t log reads (key uniprocessor advantage) Need not log memory allocated after atomic entered –Particularly initialization writes Need not log an address more than once –To keep logging fast, switch from array to hashtable after “many” (50) log entries y:0z:?x:0y:2

33 29 March 2007Dan Grossman, Software Transactions33 Duplicating code Duplicate code so callees know to log or not: For each function f, compile f_atomic and f_normal Atomic blocks and atomic functions call atomic functions Function pointers compile to pair of code pointers int x=0, y=0; void f() { int z = y+1; x = z; } void g() { y = x+1; } void h() { atomic { y = 2; f(); g(); }

34 29 March 2007Dan Grossman, Software Transactions34 Representing closures/objects Representation of function-pointers/closures/objects an interesting (and pervasive) design decision OCaml: headercode ptrfree variables… add 3, push, …

35 29 March 2007Dan Grossman, Software Transactions35 Representing closures/objects Representation of function-pointers/closures/objects an interesting (and pervasive) design decision One approach: bigger closures headercode ptr1free variables… add 3, push, … code ptr2 add 3, push, … Note: atomic is first-class, so it is just one of these too!

36 29 March 2007Dan Grossman, Software Transactions36 Representing closures/objects Representation of function-pointers/closures/objects an interesting (and pervasive) design decision Alternate approach: slower calls in atomic headercode ptr1free variables… add 3, push, … code ptr2 add 3, push, … Note: Same overhead as OO dynamic dispatch

37 29 March 2007Dan Grossman, Software Transactions37 Interaction with GC What if GC occurs mid-transaction? The log is a root (in case of rollback) Moving objects is fine –Rollback produces equivalent state –Naïve hardware solutions may log/rollback GC! What about rolling back the allocator? Don’t bother: after rollback, objects allocated in transaction are unreachable –Naïve hardware solutions may log/rollback initialization writes!

38 29 March 2007Dan Grossman, Software Transactions38 Evaluation Strong atomicity for Caml at little cost –Already assumes a uniprocessor –See the paper for “in the noise” performance Mutable data overhead Rare rollback not in atomicin atomic readnone writenonelog (2 more writes)

39 29 March 2007Dan Grossman, Software Transactions39 Lesson Implementing (strong) atomicity in software for a uniprocessor is so efficient it deserves special-casing Note: Don’t run other multicore services on a uni either

40 29 March 2007Dan Grossman, Software Transactions40 Today Issues in language design and semantics 1.Transactions for software evolution 2.Transactions for strong isolation [PLDI07] * 3.The need for a memory model [MSPC06a] ** Software-implementation techniques 1.On one core [ICFP05] 2.Without changing the virtual machine [MSPC06b] 3.Static optimizations for strong isolation [PLDI07]* * Joint work with Intel PSL ** Joint work with Manson and Pugh

41 29 March 2007Dan Grossman, Software Transactions41 … … System Architecture foo.ajava Polyglot Our compiler javac class files AThread. java AThread. java Our “run-time” Note: Preserves separate compilation

42 29 March 2007Dan Grossman, Software Transactions42 Key pieces A field read/write first acquires ownership of object –In transaction, a write also logs the old value –No synchronization if already own object Polling for releasing ownership –Transactions rollback before releasing Read/write barriers via method calls (JIT can inline them later) Some Java cleverness for efficient logging Lots of details for other Java features

43 29 March 2007Dan Grossman, Software Transactions43 Acquiring ownership All objects have an owner field class AObject extends Object { Thread owner; //who owns the object void acq(){ //owner=caller (blocking) if(owner==currentThread()) return; … // complicated slow-path } Synchronization only when contention With “owner=currentThread()” in constructor, thread- local objects never incur synchronization

44 29 March 2007Dan Grossman, Software Transactions44 Releasing ownership Must “periodically” check “to release” set –If in transaction, first rollback Retry later (backoff to avoid livelock) –Set owners to null Source-level “periodically” –Insert call to check() on loops and non-leaf calls –Trade-off synchronization and responsiveness: int count = 1000; //thread-local void check(){ if(--count >= 0) return; count=1000; really_check(); }

45 29 March 2007Dan Grossman, Software Transactions45 But what about…? Modern, safe languages are big… See paper & tech. report for: constructors, primitive types, static fields, class initializers, arrays, native calls, exceptions, condition variables, library classes, …

46 29 March 2007Dan Grossman, Software Transactions46 Lesson Transactions for high-level programming languages do not need low-level implementations But good performance does tend to need parallel readers, which is future work for this system. 

47 29 March 2007Dan Grossman, Software Transactions47 Today Issues in language design and semantics 1.Transactions for software evolution 2.Transactions for strong isolation [PLDI07] * 3.The need for a memory model [MSPC06a] ** Software-implementation techniques 1.On one core [ICFP05] 2.Without changing the virtual machine [MSPC06b] 3.Static optimizations for strong isolation [PLDI07]* * Joint work with Intel PSL ** Joint work with Manson and Pugh

48 29 March 2007Dan Grossman, Software Transactions48 Strong performance problem Recall uniprocessor overhead: not in atomicin atomic readnone writenonesome With parallelism: not in atomicin atomic readnone iff weaksome writenone iff weaksome

49 29 March 2007Dan Grossman, Software Transactions49 Optimizing away barriers Thread local Immutable Not accessed in transaction New: static analysis for not-accessed-in-transaction …

50 29 March 2007Dan Grossman, Software Transactions50 Not-accessed-in-transaction Revisit overhead of not-in-atomic for strong atomicity, given information about how data is used in atomic Yet another client of pointer-analysis in atomic no atomic access no atomic write atomic write readnone some writenonesome not in atomic

51 29 March 2007Dan Grossman, Software Transactions51 Analysis details Whole-program, context-insensitive, flow-insensitive –Scalable, but needs whole program Can be done before method duplication –Keep lazy code generation without losing precision Given pointer information, just two more passes 1.How is an “abstract object” accessed transactionally? 2.What “abstract objects” might a non-transactional access use?

52 29 March 2007Dan Grossman, Software Transactions52 Static counts Not the point, but good evidence Usually better than thread-local analysis AppAccessTotalNAIT or TLNAIT onlyTL only SpecJVM98Read12671 8796 0 Write 9885 7961 0 TspRead 106 93 89 0 Write 36 17 16 0 JBBRead 804 798 364 24 Write 621 575 131 344 Barrier removed by

53 29 March 2007Dan Grossman, Software Transactions53 Experimental Setup UW: static analysis using whole-program pointer analysis Scalable (context- and flow-insensitive) using Paddle/Soot Intel PSL: high-performance strong STM via compiler and run-time StarJIT –IR and optimizations for transactions and isolation barriers –Inlined isolation barriers ORP –Transactional method cloning –Run-time optimizations for strong isolation McRT –Run-time for weak and strong STM

54 29 March 2007Dan Grossman, Software Transactions54 Benchmarks Tsp

55 29 March 2007Dan Grossman, Software Transactions55 Benchmarks JBB

56 29 March 2007Dan Grossman, Software Transactions56 Lesson The cost of strong isolation is in nontransactional barriers and compiler optimizations help a lot

57 29 March 2007Dan Grossman, Software Transactions57 Credit Uniprocessor: Michael Ringenburg Source-to-source: Benjamin Hindman Barrier-removal: Steven Balensiefer, Kate Moore Memory-model issues: Jeremy Manson, Bill Pugh High-performance strong STM: Tatiana Shpeisman, Vijay Menon, Ali-Reza Adl-Tabatabai, Richard Hudson, Bratin Saha wasp.cs.washington.edu

58 29 March 2007Dan Grossman, Software Transactions58 Lessons 1.Locks do not compose; transactions do 2.“Weak” is worse than most think and sometimes worse than locks 3.It is unclear when transactions should be ordered, but languages need memory models 4.Implementing atomicity in software for a uniprocessor is so efficient it deserves special-casing 5.Transactions for high-level programming languages do not need low-level implementations 6.The cost of strong isolation is in nontransactional barriers and compiler optimizations help a lot

Download ppt "Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 29 March 2007."

Similar presentations

Design and Implementation Issues for Atomicity Dan Grossman University of Washington Workshop on Declarative Programming Languages for Multicore Architectures.

Design and Implementation Issues for Atomicity Dan Grossman University of Washington Workshop on Declarative Programming Languages for Multicore Architectures.
Pay-to-use strong atomicity on conventional hardware Martín Abadi, Tim Harris, Mojtaba Mehrara Microsoft Research.

Pay-to-use strong atomicity on conventional hardware Martín Abadi, Tim Harris, Mojtaba Mehrara Microsoft Research.
Enabling Speculative Parallelization via Merge Semantics in STMs Kaushik Ravichandran Santosh Pande College.

Enabling Speculative Parallelization via Merge Semantics in STMs Kaushik Ravichandran Santosh Pande College.
D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.

D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.
Chapter 6: Process Synchronization

Chapter 6: Process Synchronization
Programming-Language Approaches to Improving Shared-Memory Multithreading: Work-In-Progress Dan Grossman University of Washington Microsoft Research, RiSE.

Programming-Language Approaches to Improving Shared-Memory Multithreading: Work-In-Progress Dan Grossman University of Washington Microsoft Research, RiSE.
Concurrency 101 Shared state. Part 1: General Concepts 2.

Concurrency 101 Shared state. Part 1: General Concepts 2.
Pessimistic Software Lock-Elision Nir Shavit (Joint work with Yehuda Afek Alexander Matveev)

Pessimistic Software Lock-Elision Nir Shavit (Joint work with Yehuda Afek Alexander Matveev)
CS 5204 – Operating Systems 1 Scheduler Activations.

CS 5204 – Operating Systems 1 Scheduler Activations.
Parallel Inclusion-based Points-to Analysis Mario Méndez-Lojo Augustine Mathew Keshav Pingali The University of Texas at Austin (USA) 1.

Parallel Inclusion-based Points-to Analysis Mario Méndez-Lojo Augustine Mathew Keshav Pingali The University of Texas at Austin (USA) 1.
Transactional Memory (TM) Evan Jolley EE 6633 December 7, 2012.

Transactional Memory (TM) Evan Jolley EE 6633 December 7, 2012.
Summer School on Language-Based Techniques for Concurrent and Distributed Software Software Transactions: Software Implementations Dan Grossman University.

Summer School on Language-Based Techniques for Concurrent and Distributed Software Software Transactions: Software Implementations Dan Grossman University.
Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 28 February 2008.

Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 28 February 2008.
The Why, What, and How of Software Transactions for More Reliable Concurrency Dan Grossman University of Washington 8 September 2006.

The Why, What, and How of Software Transactions for More Reliable Concurrency Dan Grossman University of Washington 8 September 2006.
Atomicity via Source-to-Source Translation Benjamin Hindman Dan Grossman University of Washington 22 October 2006.

Atomicity via Source-to-Source Translation Benjamin Hindman Dan Grossman University of Washington 22 October 2006.
STM in Managed Runtimes: High-Level Language Semantics (MICRO 07 Tutorial) Dan Grossman University of Washington 2 December 2007.

STM in Managed Runtimes: High-Level Language Semantics (MICRO 07 Tutorial) Dan Grossman University of Washington 2 December 2007.
My programming-languages view of TM: Research and Conjectures Dan Grossman University of Washington June 2008.

My programming-languages view of TM: Research and Conjectures Dan Grossman University of Washington June 2008.
Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 27 March 2008.

Software Transactions: A Programming-Languages Perspective Dan Grossman University of Washington 27 March 2008.
CS510 Advanced OS Seminar Class 10 A Methodology for Implementing Highly Concurrent Data Objects by Maurice Herlihy.

CS510 Advanced OS Seminar Class 10 A Methodology for Implementing Highly Concurrent Data Objects by Maurice Herlihy.
Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.

Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.

Similar presentations

Ads by Google