Observations on the assured evolution of concurrent Java programs

Evolving and refactoring concurrent Java software can be error-prone, resulting in race conditions and other concurrency difficulties. We suggest that there are two principal causes: concurrency design intent is often not explicit in code and, additionally, consistency of intent and code cannot easily be established through either testing or inspection.We explore several aspects of this issue in this paper. First, we describe a tool-assisted approach to modeling and assurance for concurrent programs. Second, we give an account of recent case study experience on larger-scale production Java systems. Third, we suggest an approach to scalable co-evolution of code and models that is designed to support working programmers without special training or incentives. Fourth, we propose some concurrency-related refactorings that, with suitable analysis and tool support, can potentially offer assurances of soundness.

[1]  David F. Bacon,et al.  Guava: a dialect of Java without data races , 2000, OOPSLA '00.

[2]  William L. Scherlis Systematic Change of Data Representation: Program Manipulations and a Case Study , 1998, ESOP.

[3]  Martin C. Rinard,et al.  Compositional pointer and escape analysis for Java programs , 1999, OOPSLA '99.

[4]  Doug Lea,et al.  Concurrent Programming In Java , 1996 .

[5]  Emin Gün Sirer,et al.  Comprehensive synchronization elimination for Java , 2003, Sci. Comput. Program..

[6]  John Tang Boyland,et al.  Alias burying: Unique variables without destructive reads , 2001, Softw. Pract. Exp..

[7]  Jong-Deok Choi,et al.  Escape analysis for Java , 1999, OOPSLA '99.

[8]  Cormac Flanagan,et al.  A type and effect system for atomicity , 2003, PLDI.

[9]  Andrew A. Chien,et al.  Obtaining sequential efficiency for concurrent object-oriented languages , 1995, POPL '95.

[10]  Bruno Blanchet,et al.  Escape analysis for object-oriented languages: application to Java , 1999, OOPSLA '99.

[11]  Aaron Greenhouse,et al.  An Object-Oriented Effects System , 1999, ECOOP.

[12]  David Holmes,et al.  Exclusion for composite objects , 2000, OOPSLA '00.

[13]  Aaron Greenhouse,et al.  The code of many colors: relating threads to code and shared state , 2002, PASTE '02.

[14]  John Tang Boyland,et al.  Promises: limited specifications for analysis and manipulation , 1998, Proceedings of the 20th International Conference on Software Engineering.

[15]  James Gosling,et al.  The Real-Time Specification for Java , 2000, Computer.

[16]  Aaron Greenhouse,et al.  Assuring and evolving concurrent programs: annotations and policy , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[17]  Martin Rinard,et al.  Synchronization transformations for parallel computing , 1999, ACM-SIGACT Symposium on Principles of Programming Languages.

[18]  Aaron Greenhouse,et al.  Using Eclipse to demonstrate positive static assurance of Java program concurrency design intent , 2003, eclipse '03.

[19]  Alfred Z. Spector,et al.  Synchronizing shared abstract types , 1984, TOCS.

[20]  Stephen N. Freund,et al.  Type-based race detection for Java , 2000, PLDI '00.

[21]  William F. Opdyke,et al.  Refactoring object-oriented frameworks , 1992 .

[22]  Thomas Gross,et al.  A programmer-oriented approach to safe concurrency , 2003 .

[23]  Urs Hölzle,et al.  Removing unnecessary synchronization in Java , 1999, OOPSLA '99.

[24]  Martin C. Rinard,et al.  Lock Coarsening: Eliminating Lock Overhead in Automatically Parallelized Object-Based Programs , 1996, LCPC.

[25]  Per Brinch Hansen,et al.  Java's insecure parallelism , 1999, SIGP.