当前位置:
X-MOL 学术
›
Form. Methods Syst. Des.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
From non-preemptive to preemptive scheduling using synchronization synthesis
Formal Methods in System Design ( IF 0.8 ) Pub Date : 2016-09-27 , DOI: 10.1007/s10703-016-0256-5 Pavol Černý 1 , Edmund M Clarke 2 , Thomas A Henzinger 3 , Arjun Radhakrishna 4 , Leonid Ryzhyk 5 , Roopsha Samanta 6 , Thorsten Tarrach 3
Formal Methods in System Design ( IF 0.8 ) Pub Date : 2016-09-27 , DOI: 10.1007/s10703-016-0256-5 Pavol Černý 1 , Edmund M Clarke 2 , Thomas A Henzinger 3 , Arjun Radhakrishna 4 , Leonid Ryzhyk 5 , Roopsha Samanta 6 , Thorsten Tarrach 3
Affiliation
We present a computer-aided programming approach to concurrency. The approach allows programmers to program assuming a friendly, non-preemptive scheduler, and our synthesis procedure inserts synchronization to ensure that the final program works even with a preemptive scheduler. The correctness specification is implicit, inferred from the non-preemptive behavior. Let us consider sequences of calls that the program makes to an external interface. The specification requires that any such sequence produced under a preemptive scheduler should be included in the set of sequences produced under a non-preemptive scheduler. We guarantee that our synthesis does not introduce deadlocks and that the synchronization inserted is optimal w.r.t. a given objective function. The solution is based on a finitary abstraction, an algorithm for bounded language inclusion modulo an independence relation, and generation of a set of global constraints over synchronization placements. Each model of the global constraints set corresponds to a correctness-ensuring synchronization placement. The placement that is optimal w.r.t. the given objective function is chosen as the synchronization solution. We apply the approach to device-driver programming, where the driver threads call the software interface of the device and the API provided by the operating system. Our experiments demonstrate that our synthesis method is precise and efficient. The implicit specification helped us find one concurrency bug previously missed when model-checking using an explicit, user-provided specification. We implemented objective functions for coarse-grained and fine-grained locking and observed that different synchronization placements are produced for our experiments, favoring a minimal number of synchronization operations or maximum concurrency, respectively.
中文翻译:
使用同步合成从非抢占式调度到抢占式调度
我们提出了一种用于并发的计算机辅助编程方法。该方法允许程序员在假设友好的非抢占式调度程序的情况下进行编程,并且我们的综合过程插入同步以确保最终程序即使使用抢占式调度程序也能正常工作。正确性规范是隐式的,是从非抢占行为推断出来的。让我们考虑程序对外部接口的调用序列。该规范要求在抢占式调度程序下产生的任何此类序列都应包含在非抢占式调度程序下产生的序列集中。我们保证我们的综合不会引入死锁,并且插入的同步对于给定的目标函数是最佳的。该解决方案基于有限抽象,一种以独立关系为模的有界语言包含算法,并在同步位置上生成一组全局约束。全局约束集的每个模型对应于确保正确性的同步放置。选择给定目标函数的最佳位置作为同步解决方案。我们将该方法应用于设备驱动程序编程,其中驱动程序线程调用设备的软件接口和操作系统提供的 API。我们的实验证明我们的合成方法是精确和有效的。隐式规范帮助我们找到了以前在使用用户提供的显式规范进行模型检查时遗漏的并发错误。
更新日期:2016-09-27
中文翻译:
使用同步合成从非抢占式调度到抢占式调度
我们提出了一种用于并发的计算机辅助编程方法。该方法允许程序员在假设友好的非抢占式调度程序的情况下进行编程,并且我们的综合过程插入同步以确保最终程序即使使用抢占式调度程序也能正常工作。正确性规范是隐式的,是从非抢占行为推断出来的。让我们考虑程序对外部接口的调用序列。该规范要求在抢占式调度程序下产生的任何此类序列都应包含在非抢占式调度程序下产生的序列集中。我们保证我们的综合不会引入死锁,并且插入的同步对于给定的目标函数是最佳的。该解决方案基于有限抽象,一种以独立关系为模的有界语言包含算法,并在同步位置上生成一组全局约束。全局约束集的每个模型对应于确保正确性的同步放置。选择给定目标函数的最佳位置作为同步解决方案。我们将该方法应用于设备驱动程序编程,其中驱动程序线程调用设备的软件接口和操作系统提供的 API。我们的实验证明我们的合成方法是精确和有效的。隐式规范帮助我们找到了以前在使用用户提供的显式规范进行模型检查时遗漏的并发错误。
京公网安备 11010802027423号