Concurrency in AdaConcurrency in Ada

Programming Languages 1Programming Languages 1

Robert DewarRobert Dewar

Concurrency in AdaWhat concurrency is all aboutWhat concurrency is all aboutRelation to operating systemsRelation to operating systemsLanguage facilities vs library Language facilities vs library

packagespackagesPOSIX threadsPOSIX threadsAda concurrencyAda concurrencyReal time supportReal time supportDistributed programmingDistributed programming

What Concurrency is all About

Multiple threads of control within one Multiple threads of control within one programprogram

Fairly closely coupled (single address Fairly closely coupled (single address space)space)

Each thread is independentEach thread is independentBut can syncrhonize with other But can syncrhonize with other

threadsthreadsOne program has many threadsOne program has many threads

Relation to Operating Systems

Typical Unix systems provideTypical Unix systems provideMultiple processesMultiple processes

separate address spaces, separate separate address spaces, separate schedulingscheduling

Light weight processes/kernel threadsLight weight processes/kernel threadsshared address space, separate schedulingshared address space, separate scheduling

User level threadsUser level threadsshared address space, no separate shared address space, no separate

schedulingscheduling

Language Feature vs Libraries

Library approach takes a standard Library approach takes a standard sequential language, e.g. Csequential language, e.g. C

And provides a set of packages that And provides a set of packages that provide concurrencyprovide concurrency

The C program makes calls to the The C program makes calls to the library to create tasks etc.library to create tasks etc.

Problems with Library MethodLibraries may not be completely well Libraries may not be completely well

defined and may not be portabledefined and may not be portableLanguage was not defined with Language was not defined with

concurrency in mindconcurrency in minde.g. are library routines “thread-safe”e.g. are library routines “thread-safe”are constructs well definedare constructs well definede.g. what is rule with shared variables?e.g. what is rule with shared variables?

Thread SafetySuppose two threads of control both Suppose two threads of control both

call a routine such as malloc.call a routine such as malloc. In the middle of one malloc call, the In the middle of one malloc call, the

thread is interrupted by a higher thread is interrupted by a higher priority thread, or reaches end of priority thread, or reaches end of time slice.time slice.

Another task calls mallocAnother task calls mallocChaos???Chaos???

Shared VariablesSuppose we have a global variable “a”Suppose we have a global variable “a”One task does VAR := 1;One task does VAR := 1;Another task does VAR := 256;Another task does VAR := 256;Again we have interrupts causing Again we have interrupts causing

statements to get intermingledstatements to get intermingled Is result well defined? or could we end Is result well defined? or could we end

up with VAR having the value 257?up with VAR having the value 257?

POSIX ThreadsA standardized package of thread A standardized package of thread

primitivesprimitivescreate threadcreate threadtimer functionstimer functionssynchronization mechanismssynchronization mechanismsetc.etc.

Several versionsSeveral versionsLots left undefinedLots left undefined

Add Concurrency to Language

Algol-68 had simple semaphores and Algol-68 had simple semaphores and the notion of separate tasks.the notion of separate tasks.

CSP, not really a PL (although CSP, not really a PL (although consider OCCAM derived from CSP) consider OCCAM derived from CSP) had a simple channel mechanismhad a simple channel mechanism

Simula-67 identified tasks with Simula-67 identified tasks with objectsobjects

More on CSP (OCCAM)Program consists of processes and Program consists of processes and

channelschannelsProcess is code containing channel Process is code containing channel

operationsoperationsChannel is a data objectChannel is a data objectAll synchronization is via channelsAll synchronization is via channels

Channel Operations in CSP

Read data item D from channel CRead data item D from channel CD ? CD ? C

Write data item Q to channel CWrite data item Q to channel CQ ! CQ ! C

If reader accesses channel first, wait for If reader accesses channel first, wait for writer, and then both proceed after writer, and then both proceed after transfer.transfer.

If writer accesses channel first, wait for If writer accesses channel first, wait for reader, and both proceed after transfer.reader, and both proceed after transfer.

Tasking in AdaDeclare a task typeDeclare a task typeThe specification gives the entriesThe specification gives the entries

task type T istask type T isentry Put (data : in Integer);entry Put (data : in Integer);

entry Get (result : out Integer); entry Get (result : out Integer);end T;end T;

The entries are used to access the The entries are used to access the tasktask

Declaring Task Body

Task body gives actual code of taskTask body gives actual code of tasktask body T istask body T is

x : integer; -- local per thread x : integer; -- local per thread declarationdeclarationbeginbegin

……accept Put (M : Integer) doaccept Put (M : Integer) do……end Put;end Put;……

end T;end T;

Creating an Instance of a Task

Declare a single taskDeclare a single taskX : T;X : T;

or an array of tasksor an array of tasksP : array (1 .. 50) of T;P : array (1 .. 50) of T;

or a dynamically allocated taskor a dynamically allocated tasktype AT is access T;type AT is access T;P : AT;P : AT;

……P := new T;P := new T;

Task executionEach task executes independently, Each task executes independently,

untiluntilan accept callan accept call

wait for someone to call entry, then proceed wait for someone to call entry, then proceed with rendezvous code, then both tasks go on with rendezvous code, then both tasks go on their waytheir way

an entry callan entry callwait for addressed task to reach wait for addressed task to reach

corresponding accept statement, then corresponding accept statement, then proceed with rendezvous, then both tasks go proceed with rendezvous, then both tasks go on their way.on their way.

More on the RendezvousDuring the Rendezvous, only the During the Rendezvous, only the

called task executes, and data can called task executes, and data can be safely exchanged via the entry be safely exchanged via the entry parametersparameters

If accept does a simple assignment, If accept does a simple assignment, we have the equivalent of a simple we have the equivalent of a simple CSP channel operation, but there is CSP channel operation, but there is no restriction on what can be done no restriction on what can be done within a rendezvouswithin a rendezvous

Termination of TasksA task terminates when it reaches A task terminates when it reaches

the end of the begin-end code of its the end of the begin-end code of its body.body.

Tasks may either be very static Tasks may either be very static (create at start of execution and (create at start of execution and never terminate)never terminate)

Or very dynamic, e.g. create a new Or very dynamic, e.g. create a new task for each new radar trace in a task for each new radar trace in a radar system.radar system.

The Delay StatementDelay statements temporarily pause a Delay statements temporarily pause a

tasktaskDelay xyzDelay xyz

where xyz is an expression of type duration where xyz is an expression of type duration causes execution of the thread to be delayed causes execution of the thread to be delayed for (at least) the given amount of timefor (at least) the given amount of time

Delay until timDelay until timwhere tim is an expression of type time, where tim is an expression of type time,

causes execution of the thread to be delayed causes execution of the thread to be delayed until (at the earliest) the given timuntil (at the earliest) the given tim

Selective AcceptSelect statement allows a choice of Select statement allows a choice of

actionsactionsselectselect

entry1 (…) do .. end;entry1 (…) do .. end;oror when bla entry2 (…);when bla entry2 (…);oror

delay ...ddd...;delay ...ddd...;end select;end select;

Take whichever open entry arrives first, or if Take whichever open entry arrives first, or if none arrives by end of delay, do …ddd…none arrives by end of delay, do …ddd…stmts.stmts.

Timed Entry CallTimed Entry call allows timeout to be Timed Entry call allows timeout to be

setsetselectselect

entry-call-statement entry-call-statement oror

delay xxx;delay xxx;……

end selectend selectWe try to do the entry call, but if the We try to do the entry call, but if the

task won’t accept in xxx time, then do task won’t accept in xxx time, then do the delay stmts.the delay stmts.

Conditional Entry CallMake a call only if it will be acceptedMake a call only if it will be accepted

selectselectentry-call ..entry-call ..

elseelsestatementsstatements

end select;end select;If entry call is accepted immediately, If entry call is accepted immediately,

fine, otherwise execute the else fine, otherwise execute the else statements.statements.

Task AbortUnconditionally terminate a taskUnconditionally terminate a task

abort taskname;abort taskname;task is immediately terminatedtask is immediately terminated(it is allowed to do finalization actions)(it is allowed to do finalization actions)but whatever it was doing remains but whatever it was doing remains

incompleteincompletecode that can be aborted must be code that can be aborted must be

careful to leave things in a coherent careful to leave things in a coherent state if that is important!state if that is important!

Asynchronous Transfer of Control

Execute section of code, aborting Execute section of code, aborting after specified time or eventafter specified time or event

selectselectdelay or accept statementdelay or accept statement

then abortthen abortstatementsstatements

end select;end select;Statements start executing and are Statements start executing and are

immediately aborted if delay or accept immediately aborted if delay or accept completes.completes.

Shared VariablesA shared variable is one accessed by A shared variable is one accessed by

more than one taskmore than one taskif variable is declared atomic, no if variable is declared atomic, no

restrictionsrestrictionsotherwise, we cannot have two tasks otherwise, we cannot have two tasks

access the same variable without access the same variable without synchronizing (e.g. doing a rendezvous).synchronizing (e.g. doing a rendezvous).

model is that variables can normally be model is that variables can normally be in registersin registers

Tasking Is Completely General

Any possible synchronization problem Any possible synchronization problem can be solved using the rendezvouscan be solved using the rendezvous

We know this because it is We know this because it is more more powerfulpowerfulthan CSP/Occam which is itself generalthan CSP/Occam which is itself general

That means that any synchronization That means that any synchronization primitive can be simulated using the RVprimitive can be simulated using the RV

An Example, the Semaphore

The Idea of a (binary) semaphoreThe Idea of a (binary) semaphoreTwo operations, p and vTwo operations, p and v

p grabs semaphore or waits if not p grabs semaphore or waits if not availableavailable

v releases the semaphorev releases the semaphore

Monitor isMonitor isp (sem);p (sem);

statementsstatementsv (sem);v (sem);

A Semaphore using a Task, RV

The specificationThe specificationtask type Semaphore istask type Semaphore is

entry p;entry p;entry v;entry v;

end Semaphore;end Semaphore;

A Semaphore using RVThe body of semaphore is very The body of semaphore is very

simple:simple:task body Semaphore istask body Semaphore is

beginbeginlooploop

accept p;accept p;accept v;accept v;

end loop;end loop;end Semaphore;end Semaphore;

Using the Semaphore Abstraction

Declare an instance of a semaphoreDeclare an instance of a semaphoreLock : Semaphore;Lock : Semaphore;

Now we can use this semaphore to Now we can use this semaphore to create a monitor, usingcreate a monitor, usingLock.P;Lock.P;

code to be protected in monitorcode to be protected in monitorLock.V;Lock.V;

The RV SemaphoreVery neat expressionVery neat expressionNice high level semanticsNice high level semanticsBut awfully heavy if a real task is But awfully heavy if a real task is

involvedinvolvedA case of “abstraction inversion”A case of “abstraction inversion”We expect to see tasks implemented We expect to see tasks implemented

in terms of low level stuff like in terms of low level stuff like semaphores, not the other way round.semaphores, not the other way round.

Protected Types and ObjectsA protected type is a data object with A protected type is a data object with

lockslocksspecification provides data, like a specification provides data, like a

record, and the locked access routinesrecord, and the locked access routinesfunctions (read the data with read lock)functions (read the data with read lock)procedures (read/write the data with write procedures (read/write the data with write

lock)lock)entries (wait till some condition is met, then entries (wait till some condition is met, then

read/write the data with write lock)read/write the data with write lock)

Protected Types and ObjectsThere is conceptually no separate There is conceptually no separate

thread of control.thread of control.Body provides code for the functions, Body provides code for the functions,

procedures and entriesprocedures and entriesThese are executed in the calling These are executed in the calling

thread after obtaining necessary thread after obtaining necessary lockslocks

Semaphore Using Protected Type

Specification has the data and Specification has the data and entries:entries:

protected type Semaphore isprotected type Semaphore isentry P;entry P;procedure V;procedure V;

privateprivateGrabbed : Boolean := False;Grabbed : Boolean := False;

end Semaphore;end Semaphore;P is an entry since we may have to waitP is an entry since we may have to wait

Protected Type Semaphore

The body provides the code of P and The body provides the code of P and VV

protected body Semaphore isprotected body Semaphore isentry P when not Grabbed isentry P when not Grabbed isbeginbegin

Grabbed := True;Grabbed := True;end P;end P;procedure V isprocedure V isbeginbegin

Grabbed := False;Grabbed := False;end;end;

end Semaphore;end Semaphore;

Using the Protected Type Semaphore

Declare an instance of a semaphoreDeclare an instance of a semaphoreLock : Semaphore;Lock : Semaphore;

Now we can use this semaphore to Now we can use this semaphore to create a monitor, usingcreate a monitor, usingLock.P;Lock.P;

code to be protected in monitorcode to be protected in monitorLock.V;Lock.V;

Note: this was cut and paste from the Note: this was cut and paste from the task slidetask slide

Requirements for Real Time

Eliminate non-determinismEliminate non-determinismpragma pragma Dispatching_Policy (FIFO_Within_Priorities);Dispatching_Policy (FIFO_Within_Priorities);

means run till blocked, no time slicingmeans run till blocked, no time slicingreduces non-determinismreduces non-determinismtypical of “real time threads”, e.g. in NTtypical of “real time threads”, e.g. in NT

Define priorities of tasksDefine priorities of tasksexact specs for how priorities are respectedexact specs for how priorities are respected

Define queuing protocolsDefine queuing protocolsfirst in, first out, or by priority of callerfirst in, first out, or by priority of caller

Importance of PrioritiesImportance of Priorities

Proper priority assignment importantProper priority assignment importantUsed to ensure important tasks are Used to ensure important tasks are

completedcompletedUsed to ensure system is schedulableUsed to ensure system is schedulable

Example: Monotonic SchedulingExample: Monotonic SchedulingCollection of cyclic tasksCollection of cyclic tasks

Require servicing at fixed intervalRequire servicing at fixed intervalAssign highest priority to shortest cycleAssign highest priority to shortest cycle

Regardless of “importance” of tasksRegardless of “importance” of tasksEnsures schedulability if possibleEnsures schedulability if possible

Priority InheritanceGuard against priority inversionGuard against priority inversion

low priority task grabs resource Xlow priority task grabs resource Xhigh priority task needs resource X, waitshigh priority task needs resource X, waitsmedium priority task preempts low medium priority task preempts low

priority task, and runs for a long time, priority task, and runs for a long time, holding up high priority taskholding up high priority task

Solution, while high priority task is Solution, while high priority task is waiting, lend high priority to low waiting, lend high priority to low priority taskpriority task