contracts for concurrency - contracts & inheritance

27
Contracts for Concurrency - Contracts & Inheritance Aryabrata Basu University of Georgia

Upload: daphne

Post on 24-Feb-2016

45 views

Category:

Documents


0 download

DESCRIPTION

Contracts for Concurrency - Contracts & Inheritance. Aryabrata Basu University of Georgia. Preconditions. In sequential context: precondition is correctness condition In concurrent context: feature call and feature application do not usually coincide - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Contracts for Concurrency - Contracts & Inheritance

Contracts for Concurrency- Contracts & Inheritance

Aryabrata BasuUniversity of Georgia

Page 2: Contracts for Concurrency - Contracts & Inheritance

PreconditionsIn sequential context: precondition

is correctness conditionIn concurrent context: feature call

and feature application do not usually coincide

“A supplier cannot assume that a property satisfied at the call time still holds at the execution time”.

Page 3: Contracts for Concurrency - Contracts & Inheritance

Preconditions

Page 4: Contracts for Concurrency - Contracts & Inheritance

PreconditionsA precondition expresses the necessary

requirements fora correct feature application.

Precondition viewed as synchronization mechanism:A called feature cannot be executed unless the

preconditions holdsA violated precondition delays the feature’s

executionThe guarantee given to the supplier is exactly

the same as with the traditional semantics.

Page 5: Contracts for Concurrency - Contracts & Inheritance

Post-conditionsA post-condition describes the

result of a feature’s application.Post-conditions are evaluated

asynchronously; wait by necessity does not apply.

Post-condition clauses that do not involve calls on objects handled by the same processors are evaluated independently.

Page 6: Contracts for Concurrency - Contracts & Inheritance

Post-conditions

Page 7: Contracts for Concurrency - Contracts & Inheritance

Invariants Standard Eiffel semantics applies to class invariants in

SCOOP because all the calls appearing in invariants must be non-separate.

from x := 0invariantx<= 10until x= 10loopx := x+1end

Page 8: Contracts for Concurrency - Contracts & Inheritance

Loop Invariants, Loop Variants and CheckAsynchronous semantics is

applied to loop variants, loop invariants, and check instruction.

Check/Loop Execution

Variants

Invariants

Page 9: Contracts for Concurrency - Contracts & Inheritance

Loop Invariants and Loop Variants

Page 10: Contracts for Concurrency - Contracts & Inheritance

Reasoning about Objects: Sequential

Page 11: Contracts for Concurrency - Contracts & Inheritance

Reasoning about Objects: ConcurrentHoare-style sequential reasoningControlled expressions (known statically

as part of the type system) are both:- Attached (statically known to be non void)- Handled by processor locked in current context

Page 12: Contracts for Concurrency - Contracts & Inheritance

InheritanceCan we use inheritance as in the

sequential world?Is multiple inheritance allowed?Does SCOOP suffer from

inheritance anomalies?

Page 13: Contracts for Concurrency - Contracts & Inheritance

Example: Dining Philosophers

Page 14: Contracts for Concurrency - Contracts & Inheritance

Dining Philosophers

Page 15: Contracts for Concurrency - Contracts & Inheritance

Dining Philosophers

Page 16: Contracts for Concurrency - Contracts & Inheritance

InheritanceFull support for inheritance

(including multiple inheritance)Most inheritance anomalies

eliminated thanks to the proper use of OO mechanisms

What’s about Active objects?

Page 17: Contracts for Concurrency - Contracts & Inheritance

Inheritance and ContractsPreconditions may be kept or

weakened.- Less waiting

Post-conditions may me kept or strengthened.- More guarantees to the client

Invariants may be kept or strengthened- More consistency conditions

See “Contracts for concurrency” paper.

Page 18: Contracts for Concurrency - Contracts & Inheritance

Inheritance: Result re-declaration

• Covariant result re-declaration causes no problems.• The client waits less.

Page 19: Contracts for Concurrency - Contracts & Inheritance

Inheritance: formal argument re-declaration

Formal argument types may be redefined contra-variant w.r.t processor tag.

The client may only use non-separate actual arguments in polymorphic calls, so no additional blocking will happen.

Page 20: Contracts for Concurrency - Contracts & Inheritance

Inheritance: formal argument re-declaration

Formal argument types may be redefined contra-variant w.r.t detachable tags. The client waits less.

Page 21: Contracts for Concurrency - Contracts & Inheritance

Impact on contractsInherited precondition and post-condition

clauses that involve calls on the redefined arguments may become invalid.

Page 22: Contracts for Concurrency - Contracts & Inheritance

Impact on ContractsThe re-declaring feature cannot

rely on the precondition clauses involving the formal argument.

Inherited precondition clauses involving calls on detachable formal arguments hold vacuously (trivially true).

Post-conditions involving detachable formal arguments cannot be allowed.

Page 23: Contracts for Concurrency - Contracts & Inheritance

Feature Re-declarationThe redefinition rules for the individual

components of a type are now clarified◦ Class types may be redefined covariant both in result

types and argument types but the redefinition of a formal argument forces it to become detachable. For example, assuming that Y conforms to X, an argument x: X may be redefined into x: detachable Y but not x: Y. An attribute may be redefined from my_x: X into my_x: Y.

◦ Detachable tags may be redefined from ? to ! in result types. They may be changed from ! to ? in argument types, provided that no call on the redefined argument occurs in the original post-condition.

◦ Processor tags may be redefined from T to something more specific in result types, and from more specific to T in argument types.

Page 24: Contracts for Concurrency - Contracts & Inheritance

Problems with Precursor CallsUse of Precursor is not always possible.

Page 25: Contracts for Concurrency - Contracts & Inheritance

Solution for Precursor CallsNeed object test (downcast):

Page 26: Contracts for Concurrency - Contracts & Inheritance

References -

http://se.ethz.ch/teaching/index.html

Page 27: Contracts for Concurrency - Contracts & Inheritance

Questions ?!