### Synchronous Languages—Lecture 13

Prof. Dr. Reinhard von Hanxleden

Christian-Albrechts Universität Kiel Department of Computer Science Real-Time Systems and Embedded Systems Group

15 Dec. 2016

Last compiled: January 15, 2017, 21:34 hrs



Sequentially Constructive Concurrency

Slide 1

1. How do SCCharts and SyncCharts differ?

- 1. How do SCCharts and SyncCharts differ?
- 2. What does the initialize-update-read protocol refer to?

- 1. How do SCCharts and SyncCharts differ?
- 2. What does the initialize-update-read protocol refer to?
- 3. What is the SCG?

- 1. How do SCCharts and SyncCharts differ?
- 2. What does the initialize-update-read protocol refer to?
- 3. What is the SCG?
- 4. What are basic blocks?

- 1. How do SCCharts and SyncCharts differ?
- 2. What does the initialize-update-read protocol refer to?
- 3. What is the SCG?
- 4. What are basic blocks? What are scheduling blocks?

CAL

- 1. How do SCCharts and SyncCharts differ?
- 2. What does the *initialize-update-read protocol* refer to?
- 3. What is the SCG?
- 4. What are basic blocks? What are scheduling blocks?
- 5. When compiling from the SCG, what types of *low-level synthesis* do we distinguish? How do they compare?

CAIU



Embedded systems often safety-critical



- Embedded systems often safety-critical
- Safety-critical systems must react deterministically



- Embedded systems often safety-critical
- Safety-critical systems must react deterministically
- Computations often exploit concurrency



- Embedded systems often safety-critical
- Safety-critical systems must react deterministically
- Computations often exploit concurrency
- Key challenge: Concurrency must be deterministic!

Thanks to Michael Mendler (U Bamberg) for support with these slides

► C, Java, etc.:

- C, Java, etc.:
  - Familiar

- C, Java, etc.:
  - Second Second
  - © Expressive sequential paradigm

- C, Java, etc.:
  - © Familiar
  - © Expressive sequential paradigm
  - © Concurrent threads unpredictable in functionality and timing

- C, Java, etc.:
  - Familiar
  - Expressive sequential paradigm
  - © Concurrent threads unpredictable in functionality and timing
- Synchronous Programming

- C, Java, etc.:
  - © Familiar
  - © Expressive sequential paradigm
  - © Concurrent threads unpredictable in functionality and timing
- Synchronous Programming:
  - predictable by construction

- C, Java, etc.:
  - © Familiar
  - © Expressive sequential paradigm
  - © Concurrent threads unpredictable in functionality and timing
- Synchronous Programming:
  - predictable by construction
    - ⇒ Constructiveness

- C, Java, etc.:
  - Second Familiar
  - © Expressive sequential paradigm
  - © Concurrent threads unpredictable in functionality and timing
- Synchronous Programming:
  - predictable by construction
    - ⇒ Constructiveness
  - © Unfamiliar to most programmers

- C, Java, etc.:
  - Second Familiar
  - © Expressive sequential paradigm
  - © Concurrent threads unpredictable in functionality and timing

#### Synchronous Programming:

- predictable by construction
  - ⇒ Constructiveness
- Unfamiliar to most programmers
- ② Restrictive in practice

- C, Java, etc.:
  - © Familiar
  - © Expressive sequential paradigm
  - © Concurrent threads unpredictable in functionality and timing
- Synchronous Programming:
  - predictable by construction
    - ⇒ Constructiveness
  - Unfamiliar to most programmers
  - Restrictive in practice

**Aim:** Deterministic concurrency with synchronous foundations, but without synchronous restrictions.

#### **Sequential Languages**

► C, Java, ...

### Synchronous Languages

Esterel, Lustre, Signal, SCADE, SyncCharts ...

#### **Sequential Languages**

- ► C, Java, ...
- Asynchronous schedule

- Esterel, Lustre, Signal, SCADE, SyncCharts ...
- Clocked, cyclic schedule

#### **Sequential Languages**

- C, Java, ...
- Asynchronous schedule
  - o By default: Multiple concurrent readers/writers

- Esterel, Lustre, Signal, SCADE, SyncCharts ...
- Clocked, cyclic schedule
  - By default: Single writer per cycle, all reads initialized

#### **Sequential Languages**

- ► C, Java, ...
- Asynchronous schedule
  - By default: Multiple concurrent readers/writers
  - On demand: Single assignment synchronization (locks, semaphores)

- Esterel, Lustre, Signal, SCADE, SyncCharts ...
- Clocked, cyclic schedule
  - By default: Single writer per cycle, all reads initialized
  - o On demand: Separate multiple assignments by clock barrier (pause, wait)

#### **Sequential Languages**

- ► C, Java, ...
- Asynchronous schedule
  - o By default: Multiple concurrent readers/writers
  - On demand: Single assignment synchronization (locks, semaphores)
- Imperative

- Esterel, Lustre, Signal, SCADE, SyncCharts ...
- Clocked, cyclic schedule
  - By default: Single writer per cycle, all reads initialized
  - On demand: Separate multiple assignments by clock barrier (pause, wait)
- Declarative

#### **Sequential Languages**

- ► C, Java, ...
- Asynchronous schedule
  - By default: Multiple concurrent readers/writers
  - On demand: Single assignment synchronization (locks, semaphores)
- Imperative
  - All sequential control flow prescriptive

- Esterel, Lustre, Signal, SCADE, SyncCharts ...
- Clocked, cyclic schedule
  - By default: Single writer per cycle, all reads initialized
  - On demand: Separate multiple assignments by clock barrier (pause, wait)
- Declarative
  - All micro-steps sequential control flow descriptive

#### **Sequential Languages**

- ► C, Java, ...
- Asynchronous schedule
  - By default: Multiple concurrent readers/writers
  - On demand: Single assignment synchronization (locks, semaphores)
- Imperative
  - All sequential control flow prescriptive
  - Resolved by programmer

- Esterel, Lustre, Signal, SCADE, SyncCharts ...
- Clocked, cyclic schedule
  - By default: Single writer per cycle, all reads initialized
  - On demand: Separate multiple assignments by clock barrier (pause, wait)
- Declarative
  - All micro-steps sequential control flow descriptive
  - Resolved by scheduler

#### **Sequential Languages**

Asynchronous schedule

#### Synchronous Languages

Clocked, cyclic schedule

# Sequential Languages

- Asynchronous schedule
  - No guarantees of determinism or deadlock freedom

- Clocked, cyclic schedule
  - © Deterministic concurrency and deadlock freedom

# Sequential Languages

- Asynchronous schedule
  - No guarantees of determinism or deadlock freedom
  - Intuitive programming paradigm

- Clocked, cyclic schedule
  - Deterministic concurrency and deadlock freedom
  - Heavy restrictions by constructiveness analysis

### Sequential Languages

- Asynchronous schedule
  - No guarantees of determinism or deadlock freedom
  - Intuitive programming paradigm

#### Synchronous Languages

- Clocked, cyclic schedule
  - Deterministic concurrency and deadlock freedom
  - Heavy restrictions by constructiveness analysis



### Sequentially Constructive Model of Computation (SC MoC)

- © Deterministic concurrency and deadlock freedom
- Intuitive programming paradigm

Concurrent micro-step control flow

- ► **Concurrent** micro-step control flow:
  - ② Descriptive

- Concurrent micro-step control flow:
  - ② Descriptive
  - Resolved by scheduler

- ► Concurrent micro-step control flow:
  - ② Descriptive
  - © Resolved by scheduler
  - © ⇒ Deterministic concurrency and deadlock freedom

- Concurrent micro-step control flow:
  - ② Descriptive
  - © Resolved by scheduler
  - Deterministic concurrency and deadlock freedom
- Sequential micro-step control flow

- ► Concurrent micro-step control flow:
  - ② Descriptive
  - Resolved by scheduler
  - ⊕ Deterministic concurrency and deadlock freedom
- Sequential micro-step control flow:
  - Prescriptive

- ► Concurrent micro-step control flow:
  - ② Descriptive
  - © Resolved by scheduler
  - ⊕ Deterministic concurrency and deadlock freedom
- ► **Sequential** micro-step control flow:
  - Prescriptive
  - © Resolved by the programmer

- ► Concurrent micro-step control flow:
  - ② Descriptive
  - © Resolved by scheduler
  - ⊕ Deterministic concurrency and deadlock freedom
- Sequential micro-step control flow:
  - ② Prescriptive
  - Resolved by the programmer
  - Signature
    Intuitive programming paradigm

### A Sequentially Constructive Program





Slide 9



```
Req_entry:

pend = false;

if req then

pend = true;

checkReq = req;

if pend && grant then

pend = false;

pend = false;

pause;

goto Dis_entry;

T

goto Req_entry;
```

Imperative program order (sequential access to shared variables)



Imperative program order (sequential access to shared variables)

"write-after-write" can change value sequentially



Imperative program order (sequential access to shared variables)

- "write-after-write" can change value sequentially
- Prescribed by programmer



### Imperative program order (sequential access to shared variables)

- "write-after-write" can change value sequentially
- Prescribed by programmer
  - Accepted in SC MoC
  - Not permitted in standard synchronous MoC

```
Req_entry:
pend = false;
                                  Dis_entry:
if req then
                           wr
                                   grant = false;
       pend = true;
                                  if checkReg && free then
                           wr
checkReg = reg;
                                          grant = true;
if pend && grant then
                                    pause :
                           wr
       pend = false:
                                  goto Dis_entry;
pause;
goto Reg_entry;
```

**Concurrency** scheduling constraints (access to shared variables):

```
Req_entry:
pend = false;
                                  Dis_entry:
if req then
                           wr
                                   grant = false;
       pend = true;
                                  if checkReq && free then
                           wr
checkReg = reg;
                                          grant = true;
if pend && grant then
                                    pause :
                           wr
       pend = false:
                                  goto Dis_entry;
pause;
goto Reg_entry;
```

**Concurrency** scheduling constraints (access to shared variables):

"write-before-read" for concurrent write/reads

```
Req_entry:
pend = false:
                                   Dis_entry:
if req then
                           wr
                                   grant = false ;
       pend = true;
                                  if checkReg && free then
                           wr
checkReg = reg;
                                          grant = true;
if pend && grant then
                                    pause :
                           wr
       pend = false:
                                   goto Dis_entry;
pause;
goto Reg_entry;
```

### **Concurrency** scheduling constraints (access to shared variables):

- "write-before-read" for concurrent write/reads
- "write-before-write" (i. e., conflicts!) for concurrent & non-confluent writes

```
Req_entry:
pend = false:
                                   Dis entry:
if req then
                           wr
                                   grant = false ;
       pend = true;
                                  if checkReg && free then
                           wr
checkReg = reg;
                                          grant = true;
if pend && grant then
                                    pause :
                           wr
       pend = false:
                                   goto Dis_entry;
pause;
goto Reg_entry;
```

### **Concurrency** scheduling constraints (access to shared variables):

- "write-before-read" for concurrent write/reads
- "write-before-write" (i. e., conflicts!) for concurrent & non-confluent writes
- Micro-tick thread scheduling prohibits race conditions

```
Req_entry:
pend = false:
                                  Dis entry:
if req then
                           wr
                                   grant = false;
       pend = true;
                                  if checkReg && free then
                           wr
checkReg = reg;
                                          grant = true;
if pend && grant_then
                                    pause :
                           wr
       pend = false:
                                  goto Dis_entry;
pause;
goto Reg_entry;
```

### **Concurrency** scheduling constraints (access to shared variables):

- "write-before-read" for concurrent write/reads
- "write-before-write" (i. e., conflicts!) for concurrent & non-confluent writes
- Micro-tick thread scheduling prohibits race conditions
- Implemented by the SC compiler

Slide 12

logically reactive program



#### Programmer

- ▶ Defines the rules
- Prescribes sequential execution order
- Leaves concurrency to compiler and run-time
- "Free Schedules"

#### logically reactive program









#### Programmer

- Defines the rules
- Prescribes sequential execution order
- Leaves concurrency to compiler and run-time
- "Free Schedules"

### Compiler = Player

- Determines winning strategy
- Restricts concurrency to ensure determinacy and deadlock freedom
- "Admissible Schedules"

#### logically reactive program



Programmer















#### Programmer

- Defines the rules
- Prescribes sequential execution order
- Leaves concurrency to compiler and run-time
- "Free Schedules"

#### Compiler = Player

- Determines winning strategy
- Restricts concurrency to ensure determinacy and deadlock freedom
- "Admissible Schedules"

#### Run-time = Opponent

 Tries to choose a spoiling execution from admissible schedules



#### Programmer

- Defines the rules
- Prescribes sequential execution order
- Leaves concurrency to compiler and run-time
- "Free Schedules"

### Compiler = Player

- Determines winning strategy
- Restricts concurrency to ensure determinacy and deadlock freedom
- "Admissible Schedules"

#### Run-time = Opponent

 Tries to choose a spoiling execution from admissible schedules

C, Java vs. Synchronous Programming The Control Example A Constructive Game of Schedulability



Sequentially ordered variable accesses

- Sequentially ordered variable accesses
  - Are enforced by the programmer

- Sequentially ordered variable accesses
  - Are enforced by the programmer
  - Cannot be reordered by compiler or run-time platform

- Sequentially ordered variable accesses
  - Are enforced by the programmer
  - ▶ Cannot be reordered by compiler or run-time platform
  - Exhibit no races

- Sequentially ordered variable accesses
  - Are enforced by the programmer
  - Cannot be reordered by compiler or run-time platform
  - Exhibit no races
- Only concurrent writes/reads to the same variable

- Sequentially ordered variable accesses
  - Are enforced by the programmer
  - Cannot be reordered by compiler or run-time platform
  - Exhibit no races
- Only concurrent writes/reads to the same variable
  - Generate potential data races

- Sequentially ordered variable accesses
  - Are enforced by the programmer
  - ► Cannot be reordered by compiler or run-time platform
  - Exhibit no races
- Only concurrent writes/reads to the same variable
  - Generate potential data races
  - Must be resolved by the compiler

- Sequentially ordered variable accesses
  - Are enforced by the programmer
  - ► Cannot be reordered by compiler or run-time platform
  - Exhibit no races
- Only concurrent writes/reads to the same variable
  - Generate potential data races
  - Must be resolved by the compiler
  - Can be ordered under multi-threading and run-time

- Sequentially ordered variable accesses
  - Are enforced by the programmer
  - Cannot be reordered by compiler or run-time platform
    - Exhibit no races
- Only concurrent writes/reads to the same variable
  - Generate potential data races
  - Must be resolved by the compiler
  - ▶ Can be ordered under multi-threading and run-time

The following applies to concurrent variable accesses only ...

SC Concurrent Memory Access Protocol (per macro tick)



concurrent, multi-writer, multi-reader variables











## SC Concurrent Memory Access Protocol (per macro tick)



## SC Concurrent Memory Access Protocol (per macro tick)



Confluent Statements (per macro tick)

## SC Concurrent Memory Access Protocol (per macro tick)



## Confluent Statements (per macro tick)



Slide 15

## SC Concurrent Memory Access Protocol (per macro tick)



## Confluent Statements (per macro tick)

For all memories

Mem, reachable
in macro tick:

Mem1 stmt2 stmt1, stmt2

Mem concurrent

Slide 15

C, Java vs. Synchronous Programming The Control Example A Constructive Game of Schedulability

# Goals and Challenges

The idea behind SC is simple

The idea behind SC is simple – but getting it "right" not so!

C, Java vs. Synchronous Programming The Control Example A Constructive Game of Schedulability

# Goals and Challenges

The idea behind SC is simple – but getting it "right" not so!

The idea behind SC is simple – but getting it "right" not so!

- 1. Want to be conservative wrt "Berry constructiveness"
  - An Esterel program should also be SC

The idea behind SC is simple – but getting it "right" not so!

- Want to be conservative wrt "Berry constructiveness"
  - An Esterel program should also be SC
- 2. Want maximal freedom without compromising determinacy
  - A determinate program should also be SC
  - An SC program must be determinate

The idea behind SC is simple – but getting it "right" not so!

- 1. Want to be conservative wrt "Berry constructiveness"
  - An Esterel program should also be SC
- 2. Want maximal freedom without compromising determinacy
  - A determinate program should also be SC
  - An SC program must be determinate
- Want to exploit sequentiality as much as possible
  - But what exactly is sequentiality?

The idea behind SC is simple – but getting it "right" not so!

- Want to be conservative wrt "Berry constructiveness"
  - An Esterel program should also be SC
- 2. Want maximal freedom without compromising determinacy
  - A determinate program should also be SC
  - An SC program must be determinate
- 3. Want to exploit sequentiality as much as possible
  - But what exactly is sequentiality?
- Want to define not only the exact concept of SC, but also a practical strategy to implement it
  - ▶ In practice, this requires conservative approximations
  - Compiler must not accept Non-SC programs
  - Compiler may reject SC programs

#### References

### Most of the material here draws from this reference [TECS]:



R. von Hanxleden, M. Mendler, J. Aguado, B. Duderstadt, I. Fuhrmann, C. Motika, S. Mercer, O. O'Brien, and P. Roop.

Sequentially Constructive Concurrency – A Conservative Extension of the Synchronous Model of Computation.

ACM Transactions on Embedded Computing Systems, Special Issue on Applications of Concurrency to System Design, July 2014, 13(4s). http://rtsys.informatik.uni-kiel.de/~biblio/downloads/papers/tecs14.pdf

Unless otherwise noted, the numberings of definitions, sections etc. refer to this.

### There is also an extended version [TR]:



R. von Hanxleden, M. Mendler, J. Aguado, B. Duderstadt, I. Fuhrmann, C. Motika, S. Mercer, O. O'Brien, and P. Roop.

Sequentially Constructive Concurrency – A Conservative Extension of the Synchronous Model of Computation.

Christian-Albrechts-Universität zu Kiel, Department of Computer Science, Technical Report 1308, ISSN 2192-6247, Aug. 2013, 13(4s). http://rtsys.informatik.uni-kiel.de/~biblio/downloads/

http://rtsys.informatik.uni-kiel.de/~biblio/downloads/papers/report-1308.pdf

### Overview

#### Motivation

```
Formalizing Sequential Constructiveness (SC)
```

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3]

The SC Model of Computation [Sec. 4]

Wrap-Up

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3] The SC Model of Computation [Sec. 4]

# The Sequentially Constructive Language (SCL) [Sec. 2.1]

Foundation for the SC MoC

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3] The SC Model of Computation [Sec. 4]

# The Sequentially Constructive Language (SCL) [Sec. 2.1]

- Foundation for the SC MoC
- Minimal Language

# The Sequentially Constructive Language (SCL) [Sec. 2.1]

- Foundation for the SC MoC
- Minimal Language
- Adopted from C/Java and Esterel

CAL

# The Sequentially Constructive Language (SCL) [Sec. 2.1]

- Foundation for the SC MoC
- Minimal Language
- Adopted from C/Java and Esterel

$$s ::= x = e \mid s; s \mid \text{if } (e) s \text{ else } s \mid l : s \mid \text{goto } l \mid \text{fork } s \text{ par } s \text{ join } \mid \text{pause}$$

- Statement
- X Variable
- e Expression
- / Program label

# The SC Graph (SCG) [Sec. 2.3]



The concurrent and sequential control flow of an SCL program is given by an SC Graph (SCG)

# The SC Graph (SCG) [Sec. 2.3]



The concurrent and sequential control flow of an SCL program is given by an SC Graph (SCG)

Internal representation for

- Semantic foundation
- Analysis
- Code generation

# The SC Graph (SCG) [Sec. 2.3]



The concurrent and sequential control flow of an SCL program is given by an SC Graph (SCG)

Internal representation for

- Semantic foundation
- Analysis
- Code generation

#### SC Graph:

Labeled graph G = (N, E)

- Nodes N correspond to statements of sequential program
- ► Edges E reflect sequential execution control flow

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3] The SC Model of Computation [Sec. 4]

# Node Types in the SCG

Node  $n \in N$  has statement type n.st

# Node Types in the SCG

Node  $n \in N$  has statement type n.st

```
▶ n.st \in {entry, exit, goto, x = ex, if (ex), fork, join, surf, depth}
```

x: variable, ex: expression.

## Define edge types:

• iur-edges  $\alpha_{iur} =_{def} \{ww, iu, ur, ir\}$ 

- ▶ iur-edges  $\alpha_{iur} =_{def} \{ww, iu, ur, ir\}$
- ▶ instantaneous edges  $\alpha_{ins} =_{def} \{seq\} \cup \alpha_{iur}$

- ightharpoonup iur-edges  $\alpha_{iur} =_{def} \{ww, iu, ur, ir\}$
- ▶ instantaneous edges  $\alpha_{ins} =_{def} \{seq\} \cup \alpha_{iur}$
- ▶ arbitrary edges  $\alpha_a =_{\text{def}} \{ tick \} \cup \alpha_{ins}$

- ▶ iur-edges  $\alpha_{iur} =_{def} \{ww, iu, ur, ir\}$
- ▶ instantaneous edges  $\alpha_{ins} =_{def} \{seq\} \cup \alpha_{iur}$
- ▶ arbitrary edges  $\alpha_a =_{\text{def}} \{ tick \} \cup \alpha_{ins}$
- flow edges  $\alpha_{flow} =_{\text{def}} \{seq, tick\}$

- Specifies the nature of the particular ordering constraint expressed by e
- ► For  $e.type = \alpha$ , write  $e.src \rightarrow_{\alpha} e.tgt$ , pronounced "e.src  $\alpha$ -precedes e.tgt"

- Specifies the nature of the particular ordering constraint expressed by e
- ► For  $e.type = \alpha$ , write  $e.src \rightarrow_{\alpha} e.tgt$ , pronounced "e.src  $\alpha$ -precedes e.tgt"
- ▶  $n_1 \rightarrow_{seq} n_2$ : sequential successors
- $ightharpoonup n_1 
  ightharpoonup n_{tick} n_2$ : tick successors
- ▶  $n_1 \rightarrow_{seq} n_2$ ,  $n_1 \rightarrow_{tick} n_2$ : flow successors, induced directly from source program

- ► Specifies the nature of the particular ordering constraint expressed by *e*
- ► For  $e.type = \alpha$ , write  $e.src \rightarrow_{\alpha} e.tgt$ , pronounced "e.src  $\alpha$ -precedes e.tgt"
- ▶  $n_1 \rightarrow_{seq} n_2$ : sequential successors
- ▶  $n_1 \rightarrow_{tick} n_2$ : tick successors
- ▶  $n_1 \rightarrow_{seq} n_2$ ,  $n_1 \rightarrow_{tick} n_2$ : flow successors, induced directly from source program
- $\longrightarrow$   $\longrightarrow$  seq: reflexive and transitive closure of  $\longrightarrow$  seq

- Specifies the nature of the particular ordering constraint expressed by e
- ► For e.type =  $\alpha$ , write e.src  $\rightarrow_{\alpha}$  e.tgt, pronounced "e.src  $\alpha$ -precedes e.tgt"
- ▶  $n_1 \rightarrow_{seq} n_2$ : sequential successors
- ▶  $n_1 \rightarrow_{tick} n_2$ : tick successors
- ▶  $n_1 \rightarrow_{seq} n_2$ ,  $n_1 \rightarrow_{tick} n_2$ : flow successors, induced directly from source program
- $\longrightarrow$   $\longrightarrow$  seq: reflexive and transitive closure of  $\rightarrow$  seq.
- ▶ Note:  $n_1 \rightarrow_{sea} n_2$  does not imply fixed run-time ordering between  $n_1$  and  $n_2$

- Specifies the nature of the particular ordering constraint expressed by e
- ► For  $e.type = \alpha$ , write  $e.src \rightarrow_{\alpha} e.tgt$ , pronounced "e.src  $\alpha$ -precedes e.tgt"
- ▶  $n_1 \rightarrow_{seq} n_2$ : sequential successors
- $ightharpoonup n_1 
  ightharpoonup n_{tick} n_2$ : tick successors
- ▶  $n_1 \rightarrow_{seq} n_2$ ,  $n_1 \rightarrow_{tick} n_2$ : flow successors, induced directly from source program
- $\longrightarrow$   $\longrightarrow$  seq: reflexive and transitive closure of  $\longrightarrow$  seq
- Note:  $n_1 \rightarrow_{seq} n_2$  does not imply fixed run-time ordering between  $n_1$  and  $n_2$  (consider loops)

# Mapping SCL & SCG

|     | Thread<br>(Region) | Concurrency<br>(Superstate)                 | Conditional<br>(Trigger)  | Assignment<br>(Effect) | Delay<br>(State) |
|-----|--------------------|---------------------------------------------|---------------------------|------------------------|------------------|
| SCG | entry              | fork                                        | c true                    | x = e                  | surface          |
| SCL | t                  | fork t <sub>1</sub> par t <sub>2</sub> join | if $(c)$ $s_1$ else $s_2$ | x = e                  | pause            |

Plus ";" (Sequence) and "goto" to specify sequential successors (solid edges)

## SCL & SCG – The Control Example



```
module Control
    input bool free, req;
    output bool grant, pend;
      bool checkReg:
      fork {
        // Thread Request
        Request entry:
10
        pend = false;
11
        if (req)
12
         pend = true;
13
        checkReg = reg;
14
        if (pend && grant)
15
         pend = false;
16
        pause;
17
        goto Request entry;
18
19
      par {
20
        // Thread Dispatch
21
        Dispatch entry:
22
        grant = false:
23
        if (checkReg && free)
24
         grant = true:
25
        pause;
26
        goto Dispatch entry;
27
28
      join;
29
```

# Sequentiality vs. Concurrency Static vs. Dynamic Threads

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

# Sequentiality vs. Concurrency Static vs. Dynamic Threads

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

But what do "sequential" / "concurrent" mean?

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

But what do "sequential" / "concurrent" mean?

This distinction is not as easy to formalize as it may seem ...

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

But what do "sequential" / "concurrent" mean?

This distinction is not as easy to formalize as it may seem . . .

To get started, distinguish

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

But what do "sequential" / "concurrent" mean?

This distinction is not as easy to formalize as it may seem ...

To get started, distinguish

Static threads

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

But what do "sequential" / "concurrent" mean?

This distinction is not as easy to formalize as it may seem ...

To get started, distinguish

Static threads: Structure of a program (based on SCG)

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

But what do "sequential" / "concurrent" mean?

This distinction is not as easy to formalize as it may seem ...

To get started, distinguish

- Static threads: Structure of a program (based on SCG)
- Dynamic thread instance

Recall: We want to distinguish between *sequential* and *concurrent* control flow.

But what do "sequential" / "concurrent" mean?

This distinction is not as easy to formalize as it may seem ...

To get started, distinguish

- Static threads: Structure of a program (based on SCG)
- ▶ Dynamic thread instance: thread in execution

- Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*

- Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- ► T includes a top-level Root thread

- Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as

- Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- ► T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - ▶ exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as
  - ▶ Immediately enclosing thread  $t \in T$

- ▶ Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - ▶ exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as
  - ▶ Immediately enclosing thread  $t \in T$
  - such that there is a flow path to n

- Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - ▶ exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as
  - ▶ Immediately enclosing thread  $t \in T$
  - such that there is a flow path to n that originates in  $t_{en}$ ,

- ▶ Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - ▶ exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as
  - ▶ Immediately enclosing thread  $t \in T$
  - such that there is a flow path to n that originates in t<sub>en</sub>, does not traverse t<sub>ex</sub>,<sup>1</sup>

<sup>&</sup>lt;sup>1</sup>Added to definition in paper!

- Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as
  - ▶ Immediately enclosing thread t ∈ T
  - such that there is a flow path to n that originates in  $t_{en}$ , does not traverse  $t_{ex}$ , and does not traverse any other entry node  $t_{en}'$

<sup>&</sup>lt;sup>1</sup>Added to definition in paper!

- ▶ Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as
  - ▶ Immediately enclosing thread t ∈ T
  - ▶ such that there is a flow path to n that originates in  $t_{en}$ , does not traverse  $t_{ex}$ ,  $^1$  and does not traverse any other entry node  $t'_{en}$ , unless that flow path subsequently traverses  $t'_{ex}$  also

<sup>&</sup>lt;sup>1</sup>Added to definition in paper!

- Given: SCG G = (N, E)
- ▶ Let *T* denote the set of threads of *G*
- T includes a top-level Root thread
- ▶ With each thread  $t \in T$ , associate unique
  - ▶ entry node  $t_{en} \in N$
  - exit node  $t_{ex} \in N$
- ▶ Each  $n \in N$  belongs to a thread th(n) defined as
  - ▶ Immediately enclosing thread t ∈ T
  - such that there is a flow path to n that originates in  $t_{en}$ , does not traverse  $t_{ex}$ , and does not traverse any other entry node  $t'_{en}$ , unless that flow path subsequently traverses  $t'_{ex}$  also
- For each thread t, define sts(t) as the set of statement nodes n ∈ N such that th(n) = t

<sup>&</sup>lt;sup>1</sup>Added to definition in paper!

```
module Control
    input bool free, req;
    output bool grant, pend;
      bool checkReg;
6
 7
      fork {
       // Thread Request
       Request entry:
10
       pend = false;
11
       if (reg)
12
        pend = true;
13
       checkReg = reg;
14
       if (pend && grant)
15
        pend = false;
16
       pause;
17
       goto Request entry:
18
```

```
par {
20
       // Thread Dispatch
21
        Dispatch entry:
22
       grant = false;
23
        if (checkReq && free)
24
         grant = true;
25
       pause;
26
        goto Dispatch entry;
27
28
      join;
29
```



```
module Control
     input bool free, req;
     output bool grant, pend;
                                                                                   Request
                                             par {
       bool checkReg;
                                     20
                                               // Thread Dispatch
                                                                                  _10,2: pend = false
 6
                                               Dispatch entry:
                                                                                   111,2: req.
 7
       fork {
                                               grant = false;
         // Thread Request
                                                                                                     Dispatch
                                     23
                                               if (checkReq && free)
                                                                                  L12,2: pend = true
         Request entry:
                                     24
                                                 grant = true;
10
         pend = false;
                                                                                L13.2: checkReg=reg
                                                                                                L22,1: grant = false
                                     25
                                               pause;
11
         if (reg)
                                      26
                                               goto Dispatch entry;
12
          pend = true;
                                                                                                   L23.1: checkRea
                                     27
                                                                                   L14.0: pend
                                                                                    && grant
13
         checkReg = reg;
                                     28
                                             join;
14
         if (pend && grant)
                                     29
                                                                                               L24,1: grant = true
15
          pend = false;
                                                                                  L15.0: pend = false
                                                                                                   L25s,0
16
         pause;
                                                                                    L16s,0
17
         goto Request entry:
                                                                                    L16d,2
                                                                                                   L25d,1
18
                                                                               L17,2 (L18,0)
                                                                                                    (L27,0)
                                                                                                           L26,1
```

ightharpoonup Threads T =

```
module Control
     input bool free, req;
     output bool grant, pend;
                                                                                   Request
                                             par {
       bool checkReg;
                                     20
                                               // Thread Dispatch
                                                                                  .10,2: pend = fals
 6
                                               Dispatch entry:
                                                                                   L11,2: req.
 7
       fork {
                                               grant = false;
                                                                                                     Dispatch
         // Thread Request
                                     23
                                               if (checkReq && free)
                                                                                  L12,2: pend = true
         Request entry:
                                     24
                                                 grant = true;
10
         pend = false;
                                                                                 L13.2: checkReg=reg
                                                                                                L22,1: grant = false
                                               pause;
11
         if (reg)
                                      26
                                               goto Dispatch entry;
12
         pend = true;
                                                                                                   L23.1: checkRea
                                     27
                                                                                    L14.0: pend
                                                                                    && grant
13
         checkReg = reg;
                                     28
                                             join;
14
         if (pend && grant)
                                     29
                                                                                               L24,1: grant = true
15
          pend = false;
                                                                                  L15.0: pend = false
                                                                                                   L25s,0
16
         pause;
                                                                                    L16s,0
17
         goto Request entry:
                                                                                    L16d,2
                                                                                                   L25d,1
18
                                                                               L17,2 (L18,0)
                                                                                                           L26,1
```

► Threads *T* = {*Root*, *Request*, *Dispatch*}

```
module Control
     input bool free, reg;
     output bool grant, pend;
                                                                                   Request
                                             par {
       bool checkReg;
                                     20
                                               // Thread Dispatch
                                                                                  10.2: pend = fals
 6
                                               Dispatch entry:
                                                                                   L11,2: req.
 7
       fork {
                                               grant = false;
                                                                                                     Dispatch
         // Thread Request
                                     23
                                               if (checkReq && free)
                                                                                  L12,2: pend = true
         Request entry:
                                      24
                                                 grant = true;
10
         pend = false;
                                                                                 L13.2: checkRea=rea
                                                                                                L22.1: grant = false
                                               pause;
11
         if (reg)
                                      26
                                               goto Dispatch entry;
12
         pend = true;
                                                                                                   L23.1: checkRea
                                     27
                                                                                    && grant
13
         checkReg = reg;
                                     28
                                             join;
14
         if (pend && grant)
                                     29
                                                                                               L24,1: grant = true
15
          pend = false;
                                                                                   L15.0: pend = false
                                                                                                   L25s,0
16
         pause;
                                                                                    L16s,0
17
         goto Request entry:
                                                                                    L16d,2
                                                                                                   L25d,1
18
                                                                               L17.2 (L18.0)
                                                                                                    (L27.0)
                                                                                                           L26,1
```

- ▶ Threads T = {Root, Request, Dispatch}
- ▶ Root thread consists of the statement nodes

```
module Control
     input bool free, reg;
     output bool grant, pend;
                                                                                   Request
                                             par {
       bool checkReg;
                                     20
                                               // Thread Dispatch
                                                                                  10.2: pend = fals
 6
                                               Dispatch entry:
                                                                                   111,2: reg
 7
       fork {
                                               grant = false;
                                                                                                     Dispatch
         // Thread Request
                                     23
                                               if (checkReq && free)
                                                                                  L12,2: pend = true
         Request entry:
                                     24
                                                grant = true;
10
         pend = false;
                                                                                 L13.2: checkRea=rea
                                                                                               L22.1: grant = false
                                               pause;
11
         if (reg)
                                     26
                                               goto Dispatch entry;
12
         pend = true;
                                                                                                   L23.1: checkRea
                                     27
13
         checkReg = reg;
                                     28
                                             join;
14
         if (pend && grant)
                                     29
                                                                                               L24,1: grant = true
15
          pend = false;
                                                                                  L15.0: pend = false
                                                                                                   L25s,0
16
         pause;
                                                                                    L16s,0
17
         goto Request entry:
                                                                                   L16d,2
                                                                                                   L25d,1
18
                                                                               L17.2 (L18.0)
                                                                                                    (L27.0)
                                                                                                           L26,1
```

- ▶ Threads  $T = \{Root, Request, Dispatch\}$
- ► Root thread consists of the statement nodes sts(Root) = {L0, L7, L28, L29}

```
module Control
     input bool free, reg;
     output bool grant, pend;
                                                                                    Request
                                             par {
       bool checkReg;
                                      20
                                               // Thread Dispatch
                                                                                   .10.2: pend = fals
                                               Dispatch entry:
                                                                                    111,2: reg
 7
       fork {
                                               grant = false;
                                                                                                      Dispatch
         // Thread Request
                                      23
                                               if (checkReq && free)
                                                                                   L12,2: pend = true
         Request entry:
                                      24
                                                 grant = true;
10
         pend = false;
                                                                                 L13.2: checkRea=rea
                                                                                                L22.1: grant = false
                                      25
                                               pause;
11
         if (req)
                                      26
                                               goto Dispatch entry;
12
          pend = true;
                                                                                                    L23.1: checkRea
                                      27
13
         checkReg = reg;
                                      28
                                              join;
14
         if (pend && grant)
                                      29
                                                                                                L24,1: grant = true
15
           pend = false:
                                                                                   _15.0: pend = false
                                                                                                    L25s,0
16
         pause;
                                                                                     L16s,0
17
         goto Request entry:
                                                                                    L16d,2
                                                                                                    L25d,1
18
                                                                                L17.2 (L18.0)
                                                                                                     (L27.0)
                                                                                                            L26,1
```

- ► Threads *T* = {*Root*, *Request*, *Dispatch*}
- ► Root thread consists of the statement nodes sts(Root) = {L0, L7, L28, L29}
- ► The remaining statement nodes of *N* are partitioned into sts(Dispatch) and sts(Request)

Let t,  $t_1$ ,  $t_2$  be threads in T

•  $fork(t) =_{def} fork node immediately preceding t_{en}$ 

- $fork(t) =_{def} fork node immediately preceding t_{en}$
- For every thread  $t \neq \text{Root}$ :  $p(t) =_{def} th(fork(t))$ , the parent thread

- $fork(t) =_{def} fork node immediately preceding t_{en}$
- For every thread  $t \neq \text{Root}$ :  $p(t) =_{def} th(fork(t))$ , the parent thread
- ▶  $p^*(t) =_{def} \{t, p(t), p(p(t)), ..., \text{Root}\}$ , the recursively defined set of ancestor threads of t

- $fork(t) =_{def} fork node immediately preceding t_{en}$
- For every thread  $t \neq \text{Root}$ :  $p(t) =_{def} th(fork(t))$ , the parent thread
- ▶  $p^*(t) =_{def} \{t, p(t), p(p(t)), ..., \text{Root}\}$ , the recursively defined set of ancestor threads of t
- ▶  $t_1$  is subordinate to  $t_2$ , written  $t_1 \prec t_2$ , if  $t_1 \neq t_2 \land t_1 \in p^*(t_2)$

- $fork(t) =_{def} fork node immediately preceding t_{en}$
- For every thread  $t \neq \text{Root}$ :  $p(t) =_{def} th(fork(t))$ , the parent thread
- ▶  $p^*(t) =_{def} \{t, p(t), p(p(t)), ..., \text{Root}\}$ , the recursively defined set of ancestor threads of t
- ▶  $t_1$  is subordinate to  $t_2$ , written  $t_1 \prec t_2$ , if  $t_1 \neq t_2 \land t_1 \in p^*(t_2)$
- ▶  $t_1$  and  $t_2$  are (statically) concurrent, denoted  $t_1 || t_2$ , iff  $t_1$  and  $t_2$  are descendants of distinct threads sharing a common fork node, *i. e.*:

- $fork(t) =_{def} fork node immediately preceding t_{en}$
- ► For every thread  $t \neq \text{Root}$ :  $p(t) =_{def} th(fork(t))$ , the parent thread
- ▶  $p^*(t) =_{def} \{t, p(t), p(p(t)), \dots, \text{Root}\}$ , the recursively defined set of ancestor threads of t
- ▶  $t_1$  is subordinate to  $t_2$ , written  $t_1 \prec t_2$ , if  $t_1 \neq t_2 \land t_1 \in p^*(t_2)$
- ▶ t<sub>1</sub> and t<sub>2</sub> are (statically) concurrent, denoted t<sub>1</sub> || t<sub>2</sub>, iff t<sub>1</sub> and t<sub>2</sub> are descendants of distinct threads sharing a common fork node, i. e.:

$$\exists t_1' \in p^*(t_1), t_2' \in p^*(t_2): t_1' \neq t_2' \land \mathit{fork}(t_1') = \mathit{fork}(t_2')$$

Let t,  $t_1$ ,  $t_2$  be threads in T

- ▶  $fork(t) =_{def} fork node immediately preceding <math>t_{en}$
- For every thread  $t \neq \text{Root}$ :  $p(t) =_{def} th(fork(t))$ , the parent thread
- ▶  $p^*(t) =_{def} \{t, p(t), p(p(t)), ..., \text{Root}\}$ , the recursively defined set of ancestor threads of t
- ▶  $t_1$  is subordinate to  $t_2$ , written  $t_1 \prec t_2$ , if  $t_1 \neq t_2 \land t_1 \in p^*(t_2)$
- ▶  $t_1$  and  $t_2$  are (statically) concurrent, denoted  $t_1 || t_2$ , iff  $t_1$  and  $t_2$  are descendants of distinct threads sharing a common fork node, *i. e.*:

$$\exists t_1' \in p^*(t_1), t_2' \in p^*(t_2): t_1' \neq t_2' \land \mathit{fork}(t_1') = \mathit{fork}(t_2')$$

 Denote this common fork node as lcafork(t<sub>1</sub>, t<sub>2</sub>), the least common ancestor fork

- $fork(t) =_{def} fork node immediately preceding t_{en}$
- For every thread  $t \neq \text{Root}$ :  $p(t) =_{def} th(fork(t))$ , the parent thread
- ▶  $p^*(t) =_{def} \{t, p(t), p(p(t)), \dots, \text{Root}\}$ , the recursively defined set of ancestor threads of t
- ▶  $t_1$  is subordinate to  $t_2$ , written  $t_1 \prec t_2$ , if  $t_1 \neq t_2 \land t_1 \in p^*(t_2)$
- ▶ t<sub>1</sub> and t<sub>2</sub> are (statically) concurrent, denoted t<sub>1</sub> || t<sub>2</sub>, iff t<sub>1</sub> and t<sub>2</sub> are descendants of distinct threads sharing a common fork node, i. e.:

$$\exists t_1' \in p^*(t_1), t_2' \in p^*(t_2): t_1' \neq t_2' \land \mathit{fork}(t_1') = \mathit{fork}(t_2')$$

- Denote this common fork node as lcafork(t<sub>1</sub>, t<sub>2</sub>), the least common ancestor fork
- ▶ Lift (static) concurrency notion to nodes:  $n_1 || n_2 \Leftrightarrow th(n_1) || th(n_2) \Leftrightarrow lcafork(n_1, n_2) = lcafork(th(n_1), th(n_2))$

```
module Control
    input bool free, reg;
    output bool grant, pend;
      bool checkReg;
6
 7
      fork {
       // Thread Request
       Request entry:
10
       pend = false;
11
       if (req)
12
       pend = true;
13
       checkReq = req;
14
       if (pend && grant)
15
        pend = false:
16
       pause;
17
       goto Request entry;
18
```

```
par {
20
       // Thread Dispatch
21
        Dispatch entry:
22
       grant = false;
23
        if (checkReq && free)
24
         grant = true;
        pause;
26
        goto Dispatch entry;
27
28
      join;
29
```



```
module Control
      input bool free, req;
      output bool grant, pend;
                                                                                    Request
                                             par {
       bool checkReg;
                                      20
                                               // Thread Dispatch
                                                                                  L10.2: pend = fals
 6
                                      21
                                                Dispatch entry:
       fork {
                                      22
                                               grant = false;
         // Thread Request
                                                                                                     Dispatch
                                      23
                                                if (checkReq && free)
         Request entry:
                                                                                   L12,2: pend = true
                                      24
                                                 grant = true;
10
         pend = false;
                                                                                 L13.2: checkRea=rea
                                                                                                L22.1: grant = false
                                                pause;
11
         if (rea)
                                      26
                                                goto Dispatch entry:
12
         pend = true;
                                                                                     .14,0: pend
                                                                                                   L23,1: checkReq
                                      27
                                                                                     && grant
13
         checkReq = req;
                                      28
                                              join;
14
         if (pend && grant)
                                      29
                                                                                               L24,1: grant = true
                                                                                   L15,0: pend = false
15
          pend = false:
                                                                                                   L25s.0
16
         pause;
                                                                                     L16s.0
                                                                                                   L25d,1
17
         goto Request entry;
18
                                                                                (L17,2) (L18,0)
                                                                                                           (L26,1)
```

▶ Root  $\prec$  Request and Root  $\prec$  Dispatch

```
module Control
      input bool free, reg;
      output bool grant, pend;
                                                                                    Request
                                              par {
       bool checkReg;
                                      20
                                               // Thread Dispatch
                                                                                  L10.2: pend = fals
                                      21
                                                Dispatch entry:
       fork {
                                      22
                                               grant = false;
         // Thread Request
                                                                                                     Dispatch
                                      23
                                                if (checkReq && free)
         Request entry:
                                                                                   L12,2: pend = true
                                      24
                                                 grant = true;
10
         pend = false;
                                                                                  L13.2: checkRea=rea
                                                                                                L22.1: grant = false
                                                pause;
11
         if (rea)
                                      26
                                                goto Dispatch entry:
12
         pend = true;
                                                                                     .14,0: pend
                                                                                                   L23,1: checkReq
                                      27
                                                                                     && grant
13
         checkReq = req;
                                      28
                                              join;
14
         if (pend && grant)
                                      29
                                                                                                L24,1: grant = true
                                                                                    L15,0: pend = false
15
          pend = false:
                                                                                                   L258.0
16
         pause;
                                                                                      L16s.0
17
         goto Request entry;
                                                                                                   L25d,1
18
                                                                                (L17.2) (L18.0)
                                                                                                           (L26,1)
```

- ► Root ≺ Request and Root ≺ Dispatch
- ► Request || Dispatch

```
module Control
     input bool free, reg;
     output bool grant, pend;
                                                                                    Request
                                             par {
       bool checkReg;
                                      20
                                               // Thread Dispatch
 6
                                                                                  L10.2: pend = fals
                                      21
                                               Dispatch entry:
       fork {
                                      22
                                               grant = false;
         // Thread Request
                                                                                                     Dispatch
                                      23
                                               if (checkReq && free)
         Request entry:
                                                                                   L12,2: pend = true
                                      24
                                                 grant = true;
10
         pend = false;
                                                                                 L13.2: checkRea=rea
                                                                                               L22.1: grant = false
                                               pause;
11
         if (rea)
                                      26
                                               goto Dispatch entry:
12
         pend = true;
                                                                                     .14,0: pend
                                                                                                   L23,1: checkReq
                                      27
13
         checkReq = req;
                                      28
                                              ioin:
14
         if (pend && grant)
                                      29
                                                                                   L15,0: pend = false
                                                                                               L24,1: grant = true
15
          pend = false:
                                                                                                   L25s.0
16
         pause;
                                                                                     L16s.0
17
         goto Request entry;
                                                                                                   L25d,1
18
                                                                                (L17.2) (L18.0)
                                                                                                          (L26,1)
```

- ► Root ≺ Request and Root ≺ Dispatch
- ▶ Request || Dispatch, Root is not concurrent with any thread

```
module Control
     input bool free, reg;
     output bool grant, pend;
                                                                                   Request
                                             par {
       bool checkReg;
                                     20
                                               // Thread Dispatch
                                                                                  .10.2: pend = fals
                                               Dispatch entry:
       fork {
                                     22
                                               grant = false;
         // Thread Request
                                                                                                    Dispatch
                                     23
                                               if (checkReq && free)
         Request entry:
                                                                                  L12,2: pend = true
                                     24
                                                 grant = true;
10
         pend = false;
                                                                                L13.2: checkReg=reg
                                                                                              L22.1: grant = false
                                               pause;
11
         if (rea)
                                     26
                                               goto Dispatch entry:
12
         pend = true;
                                                                                                  L23,1: checkReq
                                     27
13
         checkRea = rea:
                                     28
                                             ioin:
14
         if (pend && grant)
                                     29
                                                                                  L15,0: pend = false
                                                                                              L24,1: grant = true
15
          pend = false:
                                                                                                  L25s.0
16
         pause;
                                                                                    L16s.0
17
         goto Request entry;
                                                                                                  L25d,1
18
                                                                                    (L18.0)
                                                                                                         L26.1
```

- ► Root ≺ Request and Root ≺ Dispatch
- ▶ Request || Dispatch, Root is not concurrent with any thread

**Note:** Concurrency on threads, in contrast to concurrency on node instances, is purely static and can be checked with a simple, syntactic analysis of the program structure.

#### Thread Trees [TR, Sec. 3.7]

A Thread Tree illustrates the static thread relationships.

- Contains subset of SCG nodes:
  - 1. Entry nodes, labeled with names of their threads
  - 2. Fork nodes, attached to the entry nodes of their threads
- Similar to the AND/OR tree of Statecharts

### Thread Trees [TR, Sec. 3.7]

A Thread Tree illustrates the static thread relationships.

- Contains subset of SCG nodes:
  - 1. Entry nodes, labeled with names of their threads
  - 2. Fork nodes, attached to the entry nodes of their threads
- Similar to the AND/OR tree of Statecharts

Thread tree for Control example:

### Thread Trees [TR, Sec. 3.7]

A Thread Tree illustrates the static thread relationships.

- Contains subset of SCG nodes:
  - 1. Entry nodes, labeled with names of their threads
  - 2. Fork nodes, attached to the entry nodes of their threads
- Similar to the AND/OR tree of Statecharts

Thread tree for Control example:



### Thread Trees - The Reinc2 Example

```
module Reinc2
    output int x, y;
     loop:
      fork { // Thread T1
       x = 1; 
      par { // Thread T2
        fork { // Thread T21
         v = 1;  }
10
        par { // Thread T22
11
         pause;
12
         y = 2; }
13
        join;
14
        fork { // Thread T23
15
         y = 3; }
16
        par { // Thread T24
17
         x = 2;
18
        join}
19
    ioin:
20
    goto loop;
21
```





# Alternative definition for static thread concurrency:

► Threads are concurrent iff

### Thread Trees - The Reinc2 Example

```
module Reinc2
    output int x, y;
     loop:
      fork { // Thread T1
       x = 1; 
      par { // Thread T2
        fork { // Thread T21
         v = 1; }
10
        par { // Thread T22
11
         pause;
12
         v = 2; }
13
        join;
14
        fork { // Thread T23
15
         y = 3; }
16
        par { // Thread T24
17
         x = 2;
18
        ioin)
19
     ioin:
20
    goto loop;
21
```





# Alternative definition for static thread concurrency:

► Threads are concurrent iff their least common ancestor (Ica) in thread tree is

### Thread Trees - The Reinc2 Example

```
module Reinc2
    output int x, y;
     loop:
      fork { // Thread T1
       x = 1; 
      par { // Thread T2
        fork { // Thread T21
         v = 1; }
10
        par { // Thread T22
11
         pause;
12
         v = 2; }
13
        join;
14
        fork { // Thread T23
15
         y = 3; }
16
        par { // Thread T24
17
         x = 2;
18
        ioin)
19
     ioin:
20
    goto loop;
21
```





# Alternative definition for static thread concurrency:

 Threads are concurrent iff their least common ancestor (Ica) in thread tree is a fork node

```
module Reinc
     output int x, v;
     loop:
      fork {
       // Thread T1
       x = 1:
     par
       // Thread T2
10
11
       pause;
12
       x = 2:
13
14
      join;
15
     goto loop:
16
```



Are interested in run-time concurrency, *i. e.*, whether ordering is up to discretion of a scheduler.

```
module Reinc
     output int x, v;
     loop:
      fork {
       // Thread T1
       x = 1:
     par
       // Thread T2
10
11
       pause;
12
       x = 2:
13
14
      join;
15
     goto loop:
16
```



Are interested in run-time concurrency, *i. e.*, whether ordering is up to discretion of a scheduler.

Observations:

```
module Reinc
     output int x, v;
     loop:
     fork {
       // Thread T1
       x = 1:
     par
       // Thread T2
10
11
       pause;
12
       x = 2:
13
14
      join;
15
     goto loop:
16
```



Are interested in run-time concurrency, *i. e.*, whether ordering is up to discretion of a scheduler

#### Observations:

T2 exhibits thread reincarnation

```
module Reinc
     output int x, v;
     loop:
      fork (
       // Thread T1
       x = 1:
     par
10
       // Thread T2
11
       pause;
12
       x = 2:
13
14
      join;
15
     goto loop:
16
```



Are interested in run-time concurrency, *i. e.*, whether ordering is up to discretion of a scheduler.

#### Observations:

- ► T2 exhibits thread reincarnation
- Assignments to x are both executed in the same tick, yet are sequentialized

```
module Reinc
     output int x, v;
     loop:
      fork (
       // Thread T1
       x = 1:
      par
10
       // Thread T2
11
       pause:
12
       x = 2:
13
14
      ioin:
15
     goto loop:
16
```



Are interested in run-time concurrency, *i. e.*, whether ordering is up to discretion of a scheduler

#### Observations:

- ► T2 exhibits thread reincarnation
- Assignments to x are both executed in the same tick, yet are sequentialized
- Thus, static thread concurrency not sufficient to capture run-time concurrency!



```
module InstLoop
    output int x = 0, y = 0;
    loop:
     fork {
      // Thread T1
      x += 1;
     par {
10
      // Thread T2
11
      y = x;
12
13
     join;
14
     if (y < 2)
15
      goto loop;
16
```



```
module InstLoop
    output int x = 0, y = 0;
    loop:
     fork {
      // Thread T1
      x += 1;
     par {
10
      // Thread T2
11
      y = x;
12
13
     join;
14
     if (y < 2)
15
      goto loop;
16
```

- ► Accesses to *x* in *L*7 and *L*11 executed twice within tick
- Denote this as statement reincarnation



```
module InstLoop
    output int x = 0, y = 0;
    loop:
     fork {
      // Thread T1
      x += 1;
10
      // Thread T2
11
      y = x;
12
13
     join;
14
     if (y < 2)
15
      goto loop;
16
```

- ► Accesses to *x* in *L*7 and *L*11 executed twice within tick
- Denote this as statement reincarnation
- Accesses are (statically) concurrent



```
module InstLoop
     output int x = 0, y = 0;
     loop:
     fork {
      // Thread T1
      x += 1;
10
      // Thread T2
11
      y = x;
12
13
     join;
14
     if (y < 2)
15
      goto loop;
16
```

- ► Accesses to *x* in *L*7 and *L*11 executed twice within tick
- Denote this as statement reincarnation
- Accesses are (statically) concurrent
- ▶ Data dependencies ⇒ Must schedule L7 before L11



```
module InstLoop
     output int x = 0, y = 0;
     loop:
     fork {
      // Thread T1
      x += 1;
10
      // Thread T2
11
      y = x;
12
13
     join;
14
     if (y < 2)
15
      goto loop;
16
```

- ► Accesses to *x* in *L*7 and *L*11 executed twice within tick
- Denote this as statement reincarnation
- Accesses are (statically) concurrent
- ▶ Data dependencies ⇒ Must schedule L7 before L11
  - But only within the same loop iteration!



```
module InstLoop
     output int x = 0, y = 0;
     loop:
     fork {
      // Thread T1
      x += 1:
10
      // Thread T2
      v = x;
12
13
     ioin:
14
     if (y < 2)
15
      goto loop;
16
```

- Accesses to x in L7 and L11 executed twice within tick
- Denote this as statement reincarnation
- Accesses are (statically) concurrent
- ▶ Data dependencies ⇒ Must schedule L7 before L11
  - But only within the same loop iteration!

Not enough to impose an order on the program statements ⇒ Need to distinguish statement instances



```
module InstLoop
    output int x = 0, y = 0;
    loop:
     fork {
      // Thread T1
      x += 1;
     par {
10
      // Thread T2
11
      y = x;
12
13
     join;
14
     if (y < 2)
15
      goto loop;
16
```



```
module InstLoop
    output int x = 0, y = 0;
    loop:
     fork {
      // Thread T1
      x += 1;
     par {
      // Thread T2
10
11
      y = x;
12
13
     join;
14
     if (y < 2)
15
      goto loop;
16
```

Traditional synchronous languages: Reject



```
module InstLoop
     output int x = 0, y = 0;
     loop:
     fork {
      // Thread T1
      x += 1;
     par {
      // Thread T2
10
11
      y = x;
12
13
     join;
     if (y < 2)
14
15
      goto loop;
16
```

- Traditional synchronous languages: Reject
  - Instantaneous loops traditionally forbidden



```
module InstLoop
     output int x = 0, y = 0;
     loop:
     fork {
      // Thread T1
      x += 1;
     par {
10
      // Thread T2
11
      y = x;
12
13
     join;
     if (y < 2)
14
15
      goto loop;
16
```

- Traditional synchronous languages: Reject
  - Instantaneous loops traditionally forbidden
- SC: Determinate  $\Rightarrow$  Accept



```
module InstLoop
     output int x = 0, y = 0;
     loop:
      fork {
      // Thread T1
      x += 1;
      par {
10
      // Thread T2
11
      y = x;
12
13
      join;
      if (y < 2)
14
15
      goto loop;
16
```

- Traditional synchronous languages: Reject
  - Instantaneous loops traditionally forbidden
- $\odot$  SC: Determinate  $\Rightarrow$  Accept
  - One might still want to ensure that a program always terminates



```
module InstLoop
     output int x = 0, y = 0;
     loop:
      fork {
      // Thread T1
      x += 1;
10
      // Thread T2
11
      v = x;
12
13
      join;
14
      if (y < 2)
15
      goto loop;
16
```

- Traditional synchronous languages: Reject
  - Instantaneous loops traditionally forbidden
- $\odot$  SC: Determinate  $\Rightarrow$  Accept
  - One might still want to ensure that a program always terminates
  - But this issue is orthogonal to determinacy and having a well-defined semantics.

- Given: SCG G = (N, E)
- ▶ (Macro) tick R, of length  $len(R) \in \mathbb{N}_{\geq 1}$ : mapping from micro tick indices  $1 \leq j \leq len(R)$ , to nodes  $R(j) \in N$

- ▶ Given: SCG G = (N, E)
- ▶ (Macro) tick R, of length  $len(R) \in \mathbb{N}_{\geq 1}$ : mapping from micro tick indices  $1 \leq j \leq len(R)$ , to nodes  $R(j) \in N$

A macro tick is also: Linearly ordered set of node instances

- ▶ Given: SCG G = (N, E)
- ▶ (Macro) tick R, of length  $len(R) \in \mathbb{N}_{\geq 1}$ : mapping from micro tick indices  $1 \leq j \leq len(R)$ , to nodes  $R(j) \in N$

A macro tick is also: Linearly ordered set of node instances

Node instance: ni = (n, i), with statement node  $n \in N$ , micro tick count  $i \in \mathbb{N}$ 

- Given: SCG G = (N, E)
- ▶ (Macro) tick R, of length  $len(R) \in \mathbb{N}_{\geq 1}$ : mapping from micro tick indices  $1 \leq j \leq len(R)$ , to nodes  $R(j) \in N$

A macro tick is also: Linearly ordered set of node instances

- Node instance: ni = (n, i), with statement node  $n \in N$ , micro tick count  $i \in \mathbb{N}$
- ► Can identify macro tick R with set  $\{(n, i) \mid 1 \le i \le len(R), n = R(i)\}$

Given: macro tick R, index  $1 \le i \le len(R)$ , node  $n \in N$ Def.:  $last(n, i) = max\{j \mid j \le i, R(j) = n\}$ , retrieves last occurrence of n in R at or before index i. If it does not exist,  $last_R(n, i) = 0$ .

Given: macro tick R, index  $1 \le i \le len(R)$ , node  $n \in N$  Def.:  $last(n, i) = max\{j \mid j \le i, R(j) = n\}$ , retrieves last occurrence of n in R at or before index i. If it does not exist,  $last_R(n, i) = 0$ .

Given: macro tick R,  $i_1, i_2 \in \mathbb{N}_{\leq len(R)}$ , and  $n_1, n_2 \in N$ . Def.: Two node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  are (run-time) concurrent in R, denoted  $ni_1 \mid_R ni_2$ , iff

Given: macro tick R, index  $1 \le i \le len(R)$ , node  $n \in N$  Def.:  $last(n, i) = max\{j \mid j \le i, R(j) = n\}$ , retrieves last occurrence of n in R at or before index i. If it does not exist,  $last_R(n, i) = 0$ .

Given: macro tick R,  $i_1, i_2 \in \mathbb{N}_{\leq len(R)}$ , and  $n_1, n_2 \in N$ . Def.: Two node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  are (run-time) concurrent in R, denoted  $ni_1 \mid_R ni_2$ , iff

1. they appear in the micro ticks of R, i.e.,  $n_1 = R(i_1)$  and  $n_2 = R(i_2)$ ,

Given: macro tick R, index  $1 \le i \le len(R)$ , node  $n \in N$  Def.:  $last(n, i) = max\{j \mid j \le i, R(j) = n\}$ , retrieves last occurrence of n in R at or before index i. If it does not exist,  $last_R(n, i) = 0$ .

Given: macro tick R,  $i_1, i_2 \in \mathbb{N}_{\leq len(R)}$ , and  $n_1, n_2 \in N$ . Def.: Two node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  are (run-time) concurrent in R, denoted  $ni_1 \mid_R ni_2$ , iff

- 1. they appear in the micro ticks of R, i.e.,  $n_1 = R(i_1)$  and  $n_2 = R(i_2)$ ,
- 2. they belong to statically concurrent threads, *i. e.*,  $th(n_1) \mid\mid th(n_2)$ , and

Given: macro tick R, index  $1 \le i \le len(R)$ , node  $n \in N$  Def.:  $last(n, i) = max\{j \mid j \le i, R(j) = n\}$ , retrieves last occurrence of n in R at or before index i. If it does not exist,  $last_R(n, i) = 0$ .

Given: macro tick R,  $i_1, i_2 \in \mathbb{N}_{\leq len(R)}$ , and  $n_1, n_2 \in N$ . Def.: Two node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  are (run-time) concurrent in R, denoted  $ni_1 \mid_R ni_2$ , iff

- 1. they appear in the micro ticks of R, i.e.,  $n_1 = R(i_1)$  and  $n_2 = R(i_2)$ ,
- 2. they belong to statically concurrent threads, *i. e.*,  $th(n_1) \mid\mid th(n_2)$ , and
- 3. their threads have been instantiated by the same instance of the associated least common ancestor fork, *i. e.*,  $last(n, i_1) = last(n, i_2)$  where  $n = lcafork(n_1, n_2)$

#### Overview

#### Motivation

```
Formalizing Sequential Constructiveness (SC)
```

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2]

Free Scheduling of SCGs [Sec. 3]

The SC Model of Computation [Sec. 4]

### Wrap-Up

# Continuations & Thread Execution States [Def. 3.1] A continuation c consists of

## Continuations & Thread Execution States [Def. 3.1]

A continuation c consists of

1. Node  $c.node \in N$ , denoting the current state of each thread

### Continuations & Thread Execution States [Def. 3.1]

A continuation c consists of

 Node c.node ∈ N, denoting the current state of each thread, i. e., the node (statement) that should be executed next, similar to a program counter

### Continuations & Thread Execution States [Def. 3.1]

A continuation c consists of

- Node c.node ∈ N, denoting the current state of each thread, i. e., the node (statement) that should be executed next, similar to a program counter
- 2. Status  $c.status \in \{active, waiting, pausing\}$

## Continuations & Thread Execution States [Def. 3.1]

A continuation c consists of

- Node c.node ∈ N, denoting the current state of each thread, i. e., the node (statement) that should be executed next, similar to a program counter
- 2. Status  $c.status \in \{active, waiting, pausing\}$



In a trace (see later slide), round/square/no parentheses around n = c.node denote c.status, for enabled continuations c

Continuation pool: finite set *C* of continuations



Continuation pool: finite set *C* of continuations

C is valid if C meets some coherence properties (see [TECS]),

#### Continuation pool: finite set *C* of continuations

▶ C is valid if C meets some coherence properties (see [TECS]), e. g., threads in C adhere to thread tree structure

#### Continuation pool: finite set *C* of continuations

C is valid if C meets some coherence properties (see [TECS]),
 e. g., threads in C adhere to thread tree structure

```
Configuration: pair (C, M)
```

#### Continuation pool: finite set *C* of continuations

▶ C is valid if C meets some coherence properties (see [TECS]), e. g., threads in C adhere to thread tree structure

### Configuration: pair (C, M)

C is continuation pool

#### Continuation pool: finite set *C* of continuations

C is valid if C meets some coherence properties (see [TECS]),
 e. g., threads in C adhere to thread tree structure

### Configuration: pair (C, M)

- C is continuation pool
- ▶ *M* is memory assigning values to variables accessed by *G*

#### Continuation pool: finite set *C* of continuations

▶ C is valid if C meets some coherence properties (see [TECS]), e. g., threads in C adhere to thread tree structure

### Configuration: pair (C, M)

- C is continuation pool
- M is memory assigning values to variables accessed by G

A configuration is called valid if C is valid







Now define free scheduling, to set the stage for later defining "initialize-update-read" protocol  $(\rightarrow SC\text{-admissible scheduling})$ 

Now define free scheduling, to set the stage for later defining "initialize-update-read" protocol

 $(\rightarrow \mathsf{SC}\text{-}\mathsf{admissible}\;\mathsf{scheduling})$ 

Only restrictions:

Now define free scheduling, to set the stage for later defining "initialize-update-read" protocol  $(\rightarrow SC\text{-admissible scheduling})$ 

#### Only restrictions:

- 1. Execute only ≺-maximal threads
  - ▶ If there is at least one continuation in  $C_{cur}$ , then there also is a  $\prec$ -maximal one, because of the finiteness of the continuation pool

Now define free scheduling, to set the stage for later defining "initialize-update-read" protocol

 $(\rightarrow \mathsf{SC}\text{-}\mathsf{admissible}\;\mathsf{scheduling})$ 

#### Only restrictions:

- 1. Execute only ≺-maximal threads
  - ▶ If there is at least one continuation in  $C_{cur}$ , then there also is a  $\prec$ -maximal one, because of the finiteness of the continuation pool
- 2. Do so in an interleaving fashion

Micro step: transition  $(C_{cur}, M_{cur}) \stackrel{c}{\rightarrow}_{\mu s} (C_{nxt}, M_{nxt})$  between two micro ticks

- $ightharpoonup (C_{cur}, M_{cur})$ : current configuration
- c: continuation selected for execution
- $ightharpoonup (C_{n\times t}, M_{n\times t})$ : next configuration

Micro step: transition  $(C_{cur}, M_{cur}) \stackrel{c}{\rightarrow}_{\mu s} (C_{nxt}, M_{nxt})$  between two micro ticks

- $ightharpoonup (C_{cur}, M_{cur})$ : current configuration
- c: continuation selected for execution
- $ightharpoonup (C_{n\times t}, M_{n\times t})$ : next configuration

The free schedule is permitted to pick any one of the  $\prec$ -maximal continuations  $c \in C_{cur}$  with c.status = active and execute it in the current memory  $M_{cur}$ 

(Recall:) Micro step: transition  $(C_{cur}, M_{cur}) \stackrel{c}{\rightarrow}_{\mu s} (C_{nxt}, M_{nxt})$ 

Executing c yields a new memory  $M_{nxt} = \mu M(c, M_{cur})$  and a (possibly empty) set of new continuations  $\mu C(c, M_{cur})$  by which c is replaced,  $i. e., C_{nxt} = C_{cur} \setminus \{c\} \cup \mu C(c, M_{cur})$ 

- Executing c yields a new memory  $M_{nxt} = \mu M(c, M_{cur})$  and a (possibly empty) set of new continuations  $\mu C(c, M_{cur})$  by which c is replaced,  $i. e., C_{nxt} = C_{cur} \setminus \{c\} \cup \mu C(c, M_{cur})$
- ▶ If  $\mu C(c, M_{cur}) = \emptyset$ : status flags set to active for all  $c' \in C_{nxt}$  that become  $\prec$ -maximal by eliminating c from C

- Executing c yields a new memory  $M_{nxt} = \mu M(c, M_{cur})$  and a (possibly empty) set of new continuations  $\mu C(c, M_{cur})$  by which c is replaced,  $i. e., C_{nxt} = C_{cur} \setminus \{c\} \cup \mu C(c, M_{cur})$
- ▶ If  $\mu C(c, M_{cur}) = \emptyset$ : status flags set to active for all  $c' \in C_{nxt}$  that become  $\prec$ -maximal by eliminating c from C
- Actions  $\mu M$  and  $\mu C$  (made precise in paper) depend on the statement *c.node.st* to be executed

- Executing c yields a new memory  $M_{nxt} = \mu M(c, M_{cur})$  and a (possibly empty) set of new continuations  $\mu C(c, M_{cur})$  by which c is replaced,  $i. e., C_{nxt} = C_{cur} \setminus \{c\} \cup \mu C(c, M_{cur})$
- ▶ If  $\mu C(c, M_{cur}) = \emptyset$ : status flags set to active for all  $c' \in C_{nxt}$  that become  $\prec$ -maximal by eliminating c from C
- Actions  $\mu M$  and  $\mu C$  (made precise in paper) depend on the statement *c.node.st* to be executed
- $(C_{nxt}, M_{nxt})$  uniquely determined by c, thus may write  $(C_{nxt}, M_{nxt}) = c(C_{cur}, M_{cur})$

Quiescent configuration (C, M):

▶ No active  $c \in C$ 

### Quiescent configuration (C, M):

- ▶ No active  $c \in C$
- ▶ All  $c \in C$  pausing or waiting

Quiescent configuration (C, M):

- ▶ No active  $c \in C$
- ▶ All  $c \in C$  pausing or waiting

If 
$$C = \emptyset$$
:

### Quiescent configuration (C, M):

- ▶ No active  $c \in C$
- ▶ All  $c \in C$  pausing or waiting

#### If $C = \emptyset$ :

Main program terminated

### Quiescent configuration (C, M):

- ▶ No active  $c \in C$
- ▶ All  $c \in C$  pausing or waiting

#### If $C = \emptyset$ :

Main program terminated

#### Otherwise:

#### Quiescent configuration (C, M):

- ▶ No active  $c \in C$
- ▶ All  $c \in C$  pausing or waiting

#### If $C = \emptyset$ :

Main program terminated

#### Otherwise:

Scheduler can perform a global clock step

```
Global clock step V_I: (C_{cur}, M_{cur}) \rightarrow_{tick} (C_{nxt}, M_{nxt})
```

- ► Transition between last micro tick of the current macro tick to first micro tick of the subsequent macro tick
- V<sub>I</sub> is external input

```
Global clock step V_I: (C_{cur}, M_{cur}) \rightarrow_{tick} (C_{nxt}, M_{nxt})
```

- Transition between last micro tick of the current macro tick to first micro tick of the subsequent macro tick
- V<sub>I</sub> is external input
- ▶ All pausing continuations of *C* advance from their surf node to the associated depth node:

```
C_{nxt} = \{c[\text{active} :: tick(n)] \mid c[\text{pausing} :: n] \in C_{cur}\} \cup \{c[\text{waiting} :: n] \mid c[\text{waiting} :: n] \in C_{cur}\}
```

Global clock step updates the memory:

Let  $I = \{x_1, x_2, \dots, x_n\}$  be the designated input variables of the SCG, including input/output variables

#### Global clock step updates the memory:

- Let  $I = \{x_1, x_2, \dots, x_n\}$  be the designated input variables of the SCG, including input/output variables
- Memory is updated by a new set of external input values  $V_I = [x_1 = v_1, \dots, x_n = v_n]$  for the next macro tick

#### Global clock step updates the memory:

- Let  $I = \{x_1, x_2, \dots, x_n\}$  be the designated input variables of the SCG, including input/output variables
- Memory is updated by a new set of external input values  $V_1 = [x_1 = v_1, \dots, x_n = v_n]$  for the next macro tick
- All other memory locations persist unchanged into the next macro tick.

Global clock step updates the memory:

- Let  $I = \{x_1, x_2, \dots, x_n\}$  be the designated input variables of the SCG, including input/output variables
- Memory is updated by a new set of external input values  $V_1 = [x_1 = v_1, \dots, x_n = v_n]$  for the next macro tick
- All other memory locations persist unchanged into the next macro tick.

Formally,

$$M_{nxt}(x) = \begin{cases} v_i, & \text{if } x = x_i \in I, \\ M_{cur}(x), & \text{if } x \notin I. \end{cases}$$

#### Macro Ticks

Scheduler runs through sequence

$$(C_0^a, M_0^a) \xrightarrow{c_1^a}_{\mu_s} (C_1^a, M_1^a) \xrightarrow{c_2^a}_{\mu_s} \cdots \xrightarrow{c_{k(a)}^a}_{\mu_s} (C_{k(a)}^a, M_{k(a)}^a)$$
(1)

to reach final quiescent configuration  $(C_{k(a)}^a, M_{k(a)}^a)$ 

#### Macro Ticks

Scheduler runs through sequence

$$(C_0^a, M_0^a) \xrightarrow{c_1^a}_{\mu s} (C_1^a, M_1^a) \xrightarrow{c_2^a}_{\mu s} \cdots \xrightarrow{c_{k(a)}^a}_{\mu s} (C_{k(a)}^a, M_{k(a)}^a)$$
(1)

to reach final quiescent configuration  $(C_{k(a)}^a, M_{k(a)}^a)$ 

Sequence (1) is macro tick (synchronous instant) a:

$$(R^a, V_I^a): (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a)$$
 (2)

- ▶  $V_I^a$ : projects the initial input,  $V_I^a(x) = M_0^a(x)$  for  $x \in I$
- $ightharpoonup M_{k(a)}^a$ : response of a

#### Macro Ticks

Scheduler runs through sequence

$$(C_0^a, M_0^a) \stackrel{c_1^a}{\to}_{\mu s} (C_1^a, M_1^a) \stackrel{c_2^a}{\to}_{\mu s} \cdots \stackrel{c_{k(a)}^a}{\to}_{\mu s} (C_{k(a)}^a, M_{k(a)}^a)$$
(1)

to reach final quiescent configuration  $(C_{k(a)}^a, M_{k(a)}^a)$ 

Sequence (1) is macro tick (synchronous instant) a:

$$(R^a, V_I^a): (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a)$$
 (2)

- $V_I^a$ : projects the initial input,  $V_I^a(x) = M_0^a(x)$  for  $x \in I$
- $ightharpoonup M_{k(a)}^a$ : response of a

 $R^a$ : sequence of statement nodes executed during a

- ▶  $len(R^a) = k(a)$  is length of a
- ▶  $R^a$  is function mapping each micro tick index  $1 \le j \le k(a)$  to node  $R^a(j) = c_i^a$ .node executed at index j

Run of G: sequence of macro ticks  $R^a$  and external inputs  $V_I^a$ , with

Run of G: sequence of macro ticks  $R^a$  and external inputs  $V_I^a$ , with

▶ initial continuation pool  $C_0^0 = \{c_0\}$  activates the entry node of the G's Root thread, i.e.,  $c_0.node = \text{Root.}en$  and  $c_0.status = \text{active}$ 

Run of G: sequence of macro ticks  $R^a$  and external inputs  $V_I^a$ , with

- ▶ initial continuation pool  $C_0^0 = \{c_0\}$  activates the entry node of the G's Root thread, i.e.,  $c_0.node = \text{Root.}en$  and  $c_0.status = \text{active}$
- ▶ all macro tick configurations are connected by clock steps, i.e.,  $(C_{k(a)}^a, M_{k(a)}^a) \rightarrow_{tick} (C_0^{a+1}, M_0^{a+1})$

Run of G: sequence of macro ticks  $R^a$  and external inputs  $V_I^a$ , with

- ▶ initial continuation pool  $C_0^0 = \{c_0\}$  activates the entry node of the G's Root thread, i.e.,  $c_0.node = \text{Root.}en$  and  $c_0.status = \text{active}$
- ▶ all macro tick configurations are connected by clock steps, i.e.,  $(C_{k(a)}^a, M_{k(a)}^a) \rightarrow_{tick} (C_0^{a+1}, M_0^{a+1})$

Trace: externally visible output values at each macro tick R [TR, Sec. 3.9]

#### Recall:

$$(C_0^a, M_0^a) \stackrel{c_1^a}{\to}_{\mu s} (C_1^a, M_1^a) \stackrel{c_2^a}{\to}_{\mu s} \cdots \stackrel{c_{k(a)}^a}{\to}_{\mu s} (C_{k(a)}^a, M_{k(a)}^a)$$
(1)

$$(R^a, V_I^a): (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a)$$
 (2)

Recall:

$$(C_0^a, M_0^a) \xrightarrow{c_1^a}_{\mu_s} (C_1^a, M_1^a) \xrightarrow{c_2^a}_{\mu_s} \cdots \xrightarrow{c_{k(a)}^a}_{\mu_s} (C_{k(a)}^a, M_{k(a)}^a) \qquad (1)$$

$$(R^a, V_I^a) : (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a) \qquad (2)$$

- ► Macro (tick) configuration: end points of a macro tick (2)
- ▶ Micro (tick) configuration: all other intermediate configurations  $(C_i^a, M_i^a)$ , 0 < i < k(a) seen in (1)

#### Recall:

$$(C_0^a, M_0^a) \xrightarrow{c_1^a}_{\mu_s} (C_1^a, M_1^a) \xrightarrow{c_2^a}_{\mu_s} \cdots \xrightarrow{c_{k(a)}^a}_{\mu_s} (C_{k(a)}^a, M_{k(a)}^a)$$
(1)  
$$(R^a, V_I^a) : (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a)$$
(2)

- ► Macro (tick) configuration: end points of a macro tick (2)
- ▶ Micro (tick) configuration: all other intermediate configurations ( $C_i^a$ ,  $M_i^a$ ), 0 < i < k(a) seen in (1)

#### Synchrony hypothesis:

 only macro configurations are observable externally (in fact, only the memory component of those)

#### Recall:

$$(R^a, V_I^a): (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a)$$
 (2)

- ▶ Macro (tick) configuration: end points of a macro tick (2)
- ▶ Micro (tick) configuration: all other intermediate configurations ( $C_i^a$ ,  $M_i^a$ ), 0 < i < k(a) seen in (1)

#### Synchrony hypothesis:

- only macro configurations are observable externally (in fact, only the memory component of those)
- ➤ Suffices to ensure that sequence of macro ticks ⇒ is determinate

#### Recall:

$$(C_0^a, M_0^a) \xrightarrow{c_1^a}_{\mu_s} (C_1^a, M_1^a) \xrightarrow{c_2^a}_{\mu_s} \cdots \xrightarrow{c_{k(a)}^a}_{\mu_s} (C_{k(a)}^a, M_{k(a)}^a)$$
(1)  
$$(R^a, V_I^a) : (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a)$$
(2)

$$(R^a, V_I^a): (C_0^a, M_0^a) \Longrightarrow (C_{k(a)}^a, M_{k(a)}^a)$$
 (2)

- Macro (tick) configuration: end points of a macro tick (2)
- ▶ Micro (tick) configuration: all other intermediate configurations  $(C_i^a, M_i^a)$ , 0 < i < k(a) seen in (1)

#### Synchrony hypothesis:

- only macro configurations are observable externally (in fact, only the memory component of those)
- Suffices to ensure that sequence of macro ticks  $\implies$  is determinate
- Micro tick behavior  $\rightarrow_{\mu s}$  may well be non-determinate

Slide 51

## Active and Pausing Continuations are Concurrent [TR, Prop. 2]

#### Given:

- ightharpoonup (C, M), reachable (micro or macro tick) configuration
- ▶  $c_1, c_2 \in C$ , active or pausing continuations with  $c_1 \neq c_2$

## Active and Pausing Continuations are Concurrent [TR, Prop. 2]

#### Given:

- $\triangleright$  (C, M), reachable (micro or macro tick) configuration
- ▶  $c_1, c_2 \in C$ , active or pausing continuations with  $c_1 \neq c_2$

#### Then:

- $ightharpoonup c_1.node 
  eq c_2.node$
- $\blacktriangleright$  th(c<sub>1</sub>.node) || th(c<sub>2</sub>.node)
- No instantaneous sequential path from c<sub>1</sub>.node to c<sub>2</sub>.node or vice versa

(Proof: see [TR])

## Concurrency vs. Sequentiality Revisited I

Recall: Want to exploit sequentiality as much as possible

► Thus, consider only run-time concurrent data dependencies

### Concurrency vs. Sequentiality Revisited I

Recall: Want to exploit sequentiality as much as possible

Thus, consider only run-time concurrent data dependencies

Recall: Static concurrency  $\Rightarrow$  run-time concurrency

- Consider Reinc example
- ▶ Thus, can ignore some statically concurrent data dependencies

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2]
Free Scheduling of SCGs [Sec. 3]
The SC Model of Computation [Sec. 4]

## Concurrency vs. Sequentiality Revisited II Question: Does (static) sequentiality preclude runtime concurrency?

► Then we could ignore data dependencies between nodes that are sequentially ordered

- Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

- Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

#### Counterexample:

- Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

Counterexample: Reinc3 (SCG shown on right)

Assignments to x run-time concurrent?



- Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

Counterexample: Reinc3 (SCG shown on right)

Assignments to x run-time concurrent? Yes!



- Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

Counterexample: Reinc3 (SCG shown on right)

- Assignments to x run-time concurrent? Yes!
- Assignments to x sequentially ordered?



- Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

Counterexample: Reinc3 (SCG shown on right)

- Assignments to x run-time concurrent? Yes!
- Assignments to x sequentially ordered? Yes!



- ► Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

Counterexample: Reinc3 (SCG shown on right)

- Assignments to x run-time concurrent? Yes!
- Assignments to x sequentially ordered? Yes!

Thus, concurrency and (static) sequentiality are not **mutually exclusive**, **but orthogonal**!



- ► Then we could ignore data dependencies between nodes that are sequentially ordered
- But the answer is: no

Counterexample: Reinc3 (SCG shown on right)

- Assignments to x run-time concurrent? Yes!
- ► Assignments to x sequentially ordered? Yes!

Thus, concurrency and (static) sequentiality are not **mutually exclusive**, **but orthogonal**! However, (instantaneous) *run-time* sequentiality (on node *instances*) does exclude run-time concurrency



The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3] The SC Model of Computation [Sec. 4]

### Notes on Free Scheduling I

Key to determinacy:

## Notes on Free Scheduling I

#### Key to determinacy:

rule out uncertainties due to unknown scheduling mechanism

### Notes on Free Scheduling I

#### Key to determinacy:

rule out uncertainties due to unknown scheduling mechanism

- Like the synchronous MoC, the SC MoC ensures macro-tick determinacy by inducing certain scheduling constraints on variable accesses
- Unlike the synchronous MoC, the SC MoC tries to take maximal advantage of the execution order already expressed by the programmer through sequential commands
- ► A scheduler can only affect the order of variable accesses through **concurrent** threads

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3] The SC Model of Computation [Sec. 4]

## Notes on Free Scheduling II Recall:

## Notes on Free Scheduling II

#### Recall:

- If variable accesses (within tick) are already sequentialized by →<sub>seq</sub>, they cannot appear simultaneously in the active continuation pool
- Hence, no way for thread scheduler to reorder them and thus lead to a non-determinate outcome

### Notes on Free Scheduling II

#### Recall:

- If variable accesses (within tick) are already sequentialized by →<sub>seq</sub>, they cannot appear simultaneously in the active continuation pool
- Hence, no way for thread scheduler to reorder them and thus lead to a non-determinate outcome

Similarly, threads are not concurrent with parent thread

### Notes on Free Scheduling II

#### Recall:

- If variable accesses (within tick) are already sequentialized by →<sub>seq</sub>, they cannot appear simultaneously in the active continuation pool
- ► Hence, no way for thread scheduler to reorder them and thus lead to a non-determinate outcome

Similarly, threads are not concurrent with parent thread

- ▶ Because of path ordering ≺, a parent thread is always suspended when a child thread is in operation
- Thus, not up to scheduler to decide between parent and child thread
- No race conditions between variable accesses performed by parent and child threads; no source of non-determinacy

Want to find a suitable restriction on the "free" scheduler which is

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2]
Free Scheduling of SCGs [Sec. 3]
The SC Model of Computation [Sec. 4]

#### The Aim

Want to find a suitable restriction on the "free" scheduler which is

1. easy to compute

Want to find a suitable restriction on the "free" scheduler which is

- 1. easy to compute
- 2. leaves sufficient room for concurrent implementations

Want to find a suitable restriction on the "free" scheduler which is

- 1. easy to compute
- 2. leaves sufficient room for concurrent implementations
- still (predictably) sequentializes any concurrent variable accesses that may conflict and produce unpredictable responses

Want to find a suitable restriction on the "free" scheduler which is

- 1. easy to compute
- 2. leaves sufficient room for concurrent implementations
- still (predictably) sequentializes any concurrent variable accesses that may conflict and produce unpredictable responses

In the following, will define such a restriction:

#### The Aim

Want to find a suitable restriction on the "free" scheduler which is

- 1. easy to compute
- 2. leaves sufficient room for concurrent implementations
- still (predictably) sequentializes any concurrent variable accesses that may conflict and produce unpredictable responses

In the following, will define such a restriction: the SC-admissible schedules

### Guideline for SC-admissibility

- Initialize-Update-Read protocol, for concurrent accesses
- Want to conservatively extend Esterel's "Write-Read protocol" (must do emit before testing)
- But does Esterel always follow write-read protocol?

```
module WriteAfterRead
output x, y, z;
emit x;
present x then
 emit y
 end
 present y then
 emit z
 end;
 emit x
end
```

#### Esterel version

```
module WriteAfterRead
output x, y, z;
emit x;
present x then
 emit y
end
 present y then
 emit z
 end;
 emit x
end
```

```
module WriteAfterRead
output int x, y, z;
{
    x = 1;
    fork
       y = x;
    par
    z = y;
    x = 1;
    join
}
```

SCL version

#### Esterel version

```
module WriteAfterRead
output x, y, z;
emit x;
present x then
 emit y
 end
 present y then
 emit z
 end;
 emit x
end
```

```
module WriteAfterRead
output int x, y, z;
 x = 1;
 fork
 y = x;
 par
 z = y;
  x = 1;
 join
SCI version
```

Esterel version



```
module WriteAfterRead
output x, y, z;
emit x:
 present x then
 emit y
 end
 present y then
 emit z
 end;
 emit x
end
```

```
module WriteAfterRead
output int x, y, z;
 x = 1;
 fork
  y = x;
 par
  z = y;
  x = 1;
 join
```

SCL version



#### Esterel version

Concurrent emit after present test

```
module WriteAfterRead
output x, y, z;
emit x:
 present x then
 emit y
 end
 present y then
 emit z
 end:
 emit x
end
```

```
module WriteAfterRead
output int x, y, z;
 x = 1;
 fork
  y = x;
 par
  z = y;
  x = 1;
 ioin
```

SCL version

# entry entry y = x x = 1 exit

entry

x = 1

exit

#### Esterel version

- Concurrent emit after present test
- But WriteAfterRead is BC

```
module WriteAfterRead
output x, y, z;
emit x:
 present x then
 emit y
 end
 present y then
 emit z
 end:
 emit x
end
```

```
module WriteAfterRead
output int x, y, z;
 x = 1;
 fork
  y = x;
 par
  z = y;
  x = 1;
 ioin
SCI version
```

entry x = 1 entry entry y = xexit exit

Esterel version

- Concurrent emit after present test
- ▶ But WriteAfterRead is BC hence should also be SC!

```
module WriteAfterRead
output x, y, z;
emit x:
 present x then
 emit y
 end
 present y then
 emit z
 end:
 emit x
end
```

```
module WriteAfterRead
output int x, y, z;
 x = 1;
 fork
   y = x;
 par
  z = y;
  x = 1;
 ioin
```

entry x = 1 entry entry y = xexit exit

SCI version

#### Esterel version

- Concurrent emit after present test
- But WriteAfterRead is BC hence should also be SC!
- ▶ Observation: second emit is ineffective, i. e., does not change value

```
module WriteAfterRead
output x, y, z;
emit x:
 present x then
 emit y
 end
 present y then
 emit z
 end:
 emit x
end
```

```
module WriteAfterRead
output int x, y, z;
 x = 1:
 fork
   y = x;
 par
  z = y;
  x = 1;
 ioin
SCI version
```



Esterel version

- Concurrent emit after present test
- ▶ But WriteAfterRead is BC hence should also be SC!
- ► Observation: second emit is ineffective, *i. e.*, does not change value
- ▶ One approach: permit concurrent ineffective writes after read

```
module InEffective1
   output int x = 2;
3
    int y;
4
5
6
7
8
9
    fork
     if (x == 2) {
      y = 1;
10
    else
11
      y = 0
12
    par
13
    x = 7
14
     join
15
```

If L13 is scheduled before L6:

```
module InEffective1
   output int x = 2;
3
    int y;
4
5
6
7
8
9
    fork
     if (x == 2) {
      y = 1;
10
    else
11
       v = 0
12
    par
13
    x = 7
14
     join
15
```

```
module InEffective1
   output int x = 2;
3
     int y;
4
5
     fork
6
7
8
9
     if (x == 2) {
      y = 1;
      x = 7
10
    else
11
       v = 0
12
    par
13
    x = 7
14
     join
15
```

If L13 is scheduled before L6:

- ► L13 is effective
- No out-of-order write
- ► y = 0

```
module InEffective1
   output int x = 2;
3
     int y;
4
5
     fork
6
7
8
9
     if (x == 2) {
       y = 1;
      x = 7
10
    else
11
       v = 0
12
    par
13
     x = 7
14
     join
15
```

If L13 is scheduled before L6:

- ► L13 is effective
  - No out-of-order write
  - ► y = 0

```
module InEffective1
   output int x = 2;
3
     int y;
5
     fork
6
     if (x == 2) {
       v = 1;
       x = 7
10
    else
11
        v = 0
12
    par
13
     x = 7
14
     join
15
```

```
If L13 is scheduled before L6:
```

- ► L13 is effective
  - No out-of-order write
  - v = 0

- ▶ L13 is out-of-order write
  - ► However, L13 is ineffective

```
module InEffective1
   output int x = 2;
3
     int y;
5
     fork
6
     if (x == 2) {
       v = 1;
       x = 7
10
    else
11
       v = 0
12
    par
13
    x = 7
14
     join
15
```

```
If L13 is scheduled before L6:
```

- ► L13 is effective
- ► No out-of-order write
- ► y = 0

- ▶ L13 is out-of-order write
- ► However, L13 is ineffective
- $ightharpoonup y = 1 (\rightarrow non-determinacy!)$

```
module InEffective1
    output int x = 2;
3
     int v;
4
5
     fork
      if (x == 2) {
6
        v = 1;
8
       x = 7
10
     else
11
        v = 0
12
     par
13
     x = 7
14
     ioin
15
```

```
If L13 is scheduled before L6:
```

- ► L13 is effective
- ► No out-of-order write
- ▶ y = 0

- ▶ L13 is out-of-order write
- ► However, L13 is ineffective
- $y = 1 (\rightarrow non-determinacy!)$
- ► The problem: L8 hides the potential effectiveness of L13 wrt. L6!

```
module InEffective1
   output int x = 2;
3
     int y;
5
     fork
6
      if (x == 2) {
        v = 1;
8
       x = 7
10
    else
11
        v = 0
12
     par
13
     x = 7
14
     ioin
15
```

If L13 is scheduled before L6:

- ▶ L13 is effective
- ▶ No out-of-order write
- ▶ y = 0

- ▶ L13 is out-of-order write
- ► However, L13 is ineffective
- $y = 1 (\rightarrow non-determinacy!)$
- ► The problem: L8 hides the potential effectiveness of L13 wrt. L6!
- ▶ Both schedules would be permitted under a scheduling regime that permits ineffective writes

```
module InEffective1
   output int x = 2;
3
     int y;
5
     fork
     if (x == 2) {
6
        v = 1;
8
       x = 7
10
    else
11
        v = 0
12
     par
13
     x = 7
14
     ioin
15
```

If L13 is scheduled before L6:

- ▶ L13 is effective
- ▶ No out-of-order write
- ▶ y = 0

- ▶ L13 is out-of-order write
- ► However, L13 is ineffective
- $y = 1 (\rightarrow non-determinacy!)$
- ► The problem: L8 hides the potential effectiveness of L13 wrt. L6!
- ▶ Both schedules would be permitted under a scheduling regime that permits ineffective writes
- ➤ Strengthen notion of "ineffective writes":

```
module InEffective1
   output int x = 2;
3
     int y;
5
     fork
6
     if (x == 2) {
       v = 1;
8
       x = 7
10
    else
11
        v = 0
12
     par
13
     x = 7
14
     ioin
15
```

If L13 is scheduled before L6:

- ▶ L13 is effective
- ▶ No out-of-order write
- y = 0

- ▶ L13 is out-of-order write
- ▶ However, L13 is ineffective
- ▶ y = 1 (→ non-determinacy!)
- ► The problem: L8 hides the potential effectiveness of L13 wrt. L6!
- ▶ Both schedules would be permitted under a scheduling regime that permits ineffective writes
- ightharpoonup Strengthen notion of "ineffective writes":
- ► Consider writes "ineffective" only if they do not change read!

```
module InEffective2
   output bool x = false;
3
    int y;
4
5
    fork
6
    if (!x) {
7
8
9
    y = 1;
      x = x xor true
10
   else
11
    y = 0
12
   par
13
    x = x xor true;
14
    join
15
```

```
module InEffective2
   output bool x = false;
3
     int y;
4
5
    fork
6
      if (!x) {
7
      v = 1;
8
      x = x xor true
9
10
    else
11
      v = 0
12
    par
13
    x = x xor true;
14
    ioin
15
```

```
"x = x xor true"
```

- Relative writes
- ► Equivalent to "x = !x"
- Sequence L13; L6; L11:
  - y = 0

```
module InEffective2
   output bool x = false;
3
     int y;
4
5
    fork
6
      if (!x) {
7
      v = 1;
8
      x = x xor true
9
10
    else
11
      v = 0
12
    par
13
    x = x xor true;
14
    ioin
15
```

```
"x = x xor true"
```

- Relative writes
- ► Equivalent to "x = !x"
- Sequence L13; L6; L11:
  - y = 0

Sequence L6; L7; L8; L13:

Q: Is L13 ineffective relative to L6?

```
module InEffective2
   output bool x = false;
3
     int y;
4
5
    fork
6
      if (!x) {
7
      v = 1;
8
      x = x xor true
9
10
    else
11
      v = 0
12
    par
13
    x = x xor true;
14
    ioin
15
```

```
"x = x xor true"
```

- Relative writes
  - ► Equivalent to "x = !x"
- Sequence L13; L6; L11:
  - ► y = 0

- Q: Is L13 ineffective relative to L6?
  - A: Yes!

```
module InEffective2
   output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      v = 1;
8
      x = x xor true
9
10
    else
11
      v = 0
12
    par
13
    x = x xor true;
14
    ioin
15
```

```
"x = x xor true"
```

- Relative writes
  - ► Equivalent to "x = !x"
- Sequence L13; L6; L11:
  - ▶ y = 0

- ▶ Q: Is L13 ineffective *relative to L6*?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = true, which is what L6 read!
- $y = 1 (\rightarrow again non-determinacy!)$

```
module InEffective2
    output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      v = 1;
8
       x = x xor true
9
10
    else
11
       v = 0
12
    par
13
      x = x xor true;
14
    ioin
15
```

```
"x = x xor true"
```

- Relative writes
- ► Equivalent to "x = !x"

Sequence L13; L6; L11:

▶ y = 0

- ▶ Q: Is L13 ineffective *relative to L6*?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = true, which is what L6 read!
- $y = 1 (\rightarrow again non-determinacy!)$
- Again, both schedules would be permitted under a scheduling regime that permits ineffective writes

```
module InEffective2
    output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      v = 1;
8
       x = x xor true
9
10
    else
11
       v = 0
12
    par
13
      x = x xor true;
14
    ioin
15
```

```
"x = x xor true"
```

- Relative writes
  - ► Equivalent to "x = !x"

#### Sequence L13; L6; L11:

► y = 0

- ▶ Q: Is L13 ineffective *relative to L6*?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = true, which is what 16 read!
- $y = 1 (\rightarrow again non-determinacy!)$
- Again, both schedules would be permitted under a scheduling regime that permits ineffective writes
- ➤ Applace "ineffectiveness" by "confluence"

#### Overview

#### Motivation

```
Formalizing Sequential Constructiveness (SC)
```

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3]

The SC Model of Computation [Sec. 4]

Wrap-Up

Combination function *f* :

#### Combination function f:

- ►  $f(f(x, e_1), e_2) = f(f(x, e_2), e_1)$ for all x and all side-effect free expressions  $e_1, e_2$
- Sufficient condition:

#### Combination function f:

- ►  $f(f(x, e_1), e_2) = f(f(x, e_2), e_1)$ for all x and all side-effect free expressions  $e_1, e_2$
- ▶ Sufficient condition: f is commutative and associative
- Examples:

#### Combination function f:

- ▶  $f(f(x, e_1), e_2) = f(f(x, e_2), e_1)$ for all x and all side-effect free expressions  $e_1, e_2$
- ▶ Sufficient condition: f is commutative and associative
- ► Examples: \*, +, -, max, and, or

## Relative and Absolute Writes [Def. 4.2]

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

▶ f must be a combination function

## Relative and Absolute Writes [Def. 4.2]

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- f must be a combination function
- Evaluation of e must be free of side effects

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)$$
 and  $x = f(x, e_2); x = f(x, e_1)$  yield same result for  $x = f(x, e_1)$ 

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)$$
 and  $x = f(x, e_2); x = f(x, e_1)$  yield same result for  $x = f(x, e_1)$ 

Thus, writes are

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)$$
 and  $x = f(x, e_2); x = f(x, e_1)$  yield same result for  $x = f(x, e_1)$ 

Thus, writes are confluent

- ▶ f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)$$
 and  $x = f(x, e_2); x = f(x, e_1)$  yield same result for  $x = f(x, e_1)$ 

- Thus, writes are confluent
- ► E.g., x++

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)$$
 and  $x = f(x, e_2); x = f(x, e_1)$  yield same result for  $x = f(x, e_1)$ 

- Thus, writes are confluent
- ► E.g., x++, x = 5\*x

- ▶ f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)$$
 and  $x = f(x, e_2); x = f(x, e_1)$  yield same result for  $x = f(x, e_1)$ 

- Thus, writes are confluent
- ► E.g., x++, x = 5\*x, x = x-10

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)'$$
 and  $x = f(x, e_2); x = f(x, e_1)'$  yield same result for  $x = f(x, e_1)$ 

- Thus, writes are confluent
- ► E.g., x++, x = 5\*x, x = x-10

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)'$$
 and  $x = f(x, e_2); x = f(x, e_1)'$  yield same result for  $x = f(x, e_1)$ 

- ► Thus, writes are confluent
- ► E.g., x++, x = 5\*x, x = x-10

Absolute writes ("write" / "initialize"): x = e

Writes that are not relative

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)'$$
 and  $x = f(x, e_2); x = f(x, e_1)'$  yield same result for  $x = f(x, e_1)$ 

- ► Thus, writes are confluent
- ► E.g., x++, x = 5\*x, x = x-10

- Writes that are not relative
- ▶ E.g., x = 0

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)'$$
 and  $x = f(x, e_2); x = f(x, e_1)'$  yield same result for  $x = f(x, e_1)$ 

- ► Thus, writes are confluent
- ► E.g., x++, x = 5\*x, x = x-10

- Writes that are not relative
- ► E.g., x = 0, x = 2\*y+5

Relative writes, of type f ("increment" / "modify"): x = f(x, e)

- ▶ f must be a combination function
- Evaluation of e must be free of side effects
- ► Thus, schedules

$$x = f(x, e_1); x = f(x, e_2)'$$
 and  $x = f(x, e_2); x = f(x, e_1)'$  yield same result for  $x = f(x, e_1)$ 

- ► Thus, writes are confluent
- ► E.g., x++, x = 5\*x, x = x-10

- Writes that are not relative
- ► E.g., x = 0, x = 2\*y+5, x = f(z)

Given two statically concurrent accesses  $n_1 \parallel n_2$  on some variable x, we define the iur relations

Given two statically concurrent accesses  $n_1 \parallel n_2$  on some variable x, we define the iur relations

- ▶  $n_1 \rightarrow_{ww} n_2$  iff  $n_1$  and  $n_2$  both initialize x or both perform updates of different type. We call this a www conflict
- ▶  $n_1 \rightarrow_{iu} n_2$  iff  $n_1$  initializes x and  $n_2$  updates x
- ▶  $n_1 \rightarrow_{ur} n_2$  iff  $n_1$  updates x and  $n_2$  reads x
- ▶  $n_1 \rightarrow_{ir} n_2$  iff  $n_1$  initializes x and  $n_2$  reads x

Given two statically concurrent accesses  $n_1 \parallel n_2$  on some variable x, we define the iur relations

- ▶  $n_1 \rightarrow_{ww} n_2$  iff  $n_1$  and  $n_2$  both initialize x or both perform updates of different type. We call this a www conflict
- ▶  $n_1 \rightarrow_{iu} n_2$  iff  $n_1$  initializes x and  $n_2$  updates x
- ▶  $n_1 \rightarrow_{ur} n_2$  iff  $n_1$  updates x and  $n_2$  reads x
- ▶  $n_1 \rightarrow_{ir} n_2$  iff  $n_1$  initializes x and  $n_2$  reads x

Since  $n_1 \rightarrow_{ww} n_2$  implies  $n_2 \rightarrow_{ww} n_1$ :

▶ abbreviate the conjunction of  $n_1 \rightarrow_{ww} n_2$  and  $n_2 \rightarrow_{ww} n_1$  with  $n_1 \leftrightarrow_{ww} n_2$ 

Given two statically concurrent accesses  $n_1 \parallel n_2$  on some variable x, we define the iur relations

- ▶  $n_1 \rightarrow_{ww} n_2$  iff  $n_1$  and  $n_2$  both initialize x or both perform updates of different type. We call this a www conflict
- ▶  $n_1 \rightarrow_{iu} n_2$  iff  $n_1$  initializes x and  $n_2$  updates x
- ▶  $n_1 \rightarrow_{ur} n_2$  iff  $n_1$  updates x and  $n_2$  reads x
- ▶  $n_1 \rightarrow_{ir} n_2$  iff  $n_1$  initializes x and  $n_2$  reads x

Since  $n_1 \rightarrow_{ww} n_2$  implies  $n_2 \rightarrow_{ww} n_1$ :

- ▶ abbreviate the conjunction of  $n_1 \rightarrow_{ww} n_2$  and  $n_2 \rightarrow_{ww} n_1$  with  $n_1 \leftrightarrow_{ww} n_2$
- by symmetry  $\rightarrow_{ww}$  implies  $\leftrightarrow_{ww}$

### Given:

- ▶ Valid configuration (C, M) of SCG
- ▶ Nodes  $n_1, n_2 \in N$

 $n_1, n_2$  are conflicting in (C, M) iff

#### Given:

- ▶ Valid configuration (C, M) of SCG
- ▶ Nodes  $n_1, n_2 \in N$

 $n_1, n_2$  are conflicting in (C, M) iff

1.  $n_1$ ,  $n_2$  active in C

#### Given:

- ▶ Valid configuration (C, M) of SCG
- ▶ Nodes  $n_1, n_2 \in N$

 $n_1, n_2$  are conflicting in (C, M) iff

1.  $n_1, n_2$  active in C,  $i. e., \exists c_1, c_2 \in C$  with  $c_i.status = active$  and  $n_i = c_i.node$ 

#### Given:

- ▶ Valid configuration (C, M) of SCG
- ▶ Nodes  $n_1, n_2 \in N$

 $n_1, n_2$  are conflicting in (C, M) iff

- 1.  $n_1, n_2$  active in C, i. e.,  $\exists c_1, c_2 \in C$  with  $c_i.status = active$  and  $n_i = c_i.node$
- 2.  $c_1(c_2(C, M)) \neq c_2(c_1(C, M))$

#### Given:

- ▶ Valid configuration (C, M) of SCG
- ▶ Nodes  $n_1, n_2 \in N$

 $n_1, n_2$  are conflicting in (C, M) iff

- 1.  $n_1, n_2$  active in C, i. e.,  $\exists c_1, c_2 \in C$  with  $c_i.status = active$  and  $n_i = c_i.node$
- 2.  $c_1(c_2(C,M)) \neq c_2(c_1(C,M))$

 $n_1$ ,  $n_2$  are confluent with each other in (C, M), written:  $n_1 \sim_{(C, M)} n_2$ , iff

#### Given:

- ▶ Valid configuration (C, M) of SCG
- ▶ Nodes  $n_1, n_2 \in N$

 $n_1, n_2$  are conflicting in (C, M) iff

- 1.  $n_1, n_2$  active in C, i. e.,  $\exists c_1, c_2 \in C$  with  $c_i.status = active$  and  $n_i = c_i.node$
- 2.  $c_1(c_2(C, M)) \neq c_2(c_1(C, M))$

 $n_1$ ,  $n_2$  are confluent with each other in (C, M), written:  $n_1 \sim_{(C, M)} n_2$ , iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations I

- Confluence is taken relative to valid configurations (C, M) and indirectly as the absence of conflicts
- ▶ Instead of requiring that confluent nodes commute with each other for *arbitrary* memories, we only consider those configurations (C', M') that are *reachable* from (C, M)
- ▶ E.g., if it happens for a given program that in all memories M' reachable from a configuration (C, M) two expressions  $ex_1$  and  $ex_2$  evaluate to the same value, then the assignments  $x = ex_1$  and  $x = ex_2$  are confluent in (C, M)

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations II

- Similarly, if the two assignments are never jointly active in any reachable continuation pool C', they are confluent in (C, M), too
- ► Thus, statements may be confluent for some program relative to some reachable configuration, but not for other configurations or in another program

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations II

- ▶ Similarly, if the two assignments are never jointly active in any reachable continuation pool C', they are confluent in (C, M), too
- ► Thus, statements may be confluent for some program relative to some reachable configuration, but not for other configurations or in another program
- However, notice that relative writes of the same type are confluent in the absolute sense, i. e., for all valid configurations (C, M) of all programs

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations III

- ▶ Confluence  $n_1 \sim_{(C,M)} n_2$  requires conflict-freeness for all configurations (C',M') reachable from (C,M) by arbitrary micro-sequences under free scheduling
- ► Will use this notion of confluence to define the restricted set of *SC-admissible* macro ticks

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations III

- ▶ Confluence  $n_1 \sim_{(C,M)} n_2$  requires conflict-freeness for all configurations (C',M') reachable from (C,M) by arbitrary micro-sequences under free scheduling
- Will use this notion of confluence to define the restricted set of SC-admissible macro ticks
- Since compiler will ensure SC-admissibility of the execution schedule,
   one might be tempted to define confluence relative to these SC-admissible schedules;

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations III

- ▶ Confluence  $n_1 \sim_{(C,M)} n_2$  requires conflict-freeness for all configurations (C',M') reachable from (C,M) by arbitrary micro-sequences under free scheduling
- ► Will use this notion of confluence to define the restricted set of *SC-admissible* macro ticks
- Since compiler will ensure SC-admissibility of the execution schedule,
   one might be tempted to define confluence relative to these SC-admissible schedules;
   however, this would result in a logical cycle

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations IV

 This relative view of confluence keeps the scheduling constraints on SC-admissible macro ticks sufficiently weak

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations IV

- This relative view of confluence keeps the scheduling constraints on SC-admissible macro ticks sufficiently weak
- Note: two nodes confluent in some configuration are still confluent in every later configuration reached through an arbitrary sequence of micro steps

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \twoheadrightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations IV

- This relative view of confluence keeps the scheduling constraints on SC-admissible macro ticks sufficiently weak
- Note: two nodes confluent in some configuration are still confluent in every later configuration reached through an arbitrary sequence of micro steps
- However, more nodes may become confluent in later configurations, because some conflicting configurations are no longer reachable

(From definition:)  $n_1 \sim_{(C,M)} n_2$  iff

▶  $\not\exists$  Sequence of micro steps  $(C, M) \rightarrow_{\mu s} (C', M')$  such that  $n_1$  and  $n_2$  are conflicting in (C', M')

#### Observations IV

- This relative view of confluence keeps the scheduling constraints on SC-admissible macro ticks sufficiently weak
- Note: two nodes confluent in some configuration are still confluent in every later configuration reached through an arbitrary sequence of micro steps
- However, more nodes may become confluent in later configurations, because some conflicting configurations are no longer reachable
- Exploit this in following definition of confluence of node instances by making confluence of node instances within a macro tick relative to the index position at which they occur

#### Given:

- ▶ Macro tick R
- ▶  $(C_i, M_i)$  for  $0 \le i \le len(R)$ , the configurations of R
- Node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  in R

#### Given:

- Macro tick R
- ▶  $(C_i, M_i)$  for  $0 \le i \le len(R)$ , the configurations of R
- Node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  in R,  $i. e., 1 \le i_1, i_2 \le len(R), n_1 = R(i_1), n_2 = R(i_2)$

#### Given:

- Macro tick R
- ▶  $(C_i, M_i)$  for  $0 \le i \le len(R)$ , the configurations of R
- Node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  in R,  $i. e., 1 \le i_1, i_2 \le len(R), n_1 = R(i_1), n_2 = R(i_2)$

Call node instances confluent in R, written  $ni_1 \sim_R ni_2$ , iff

#### Given:

- Macro tick R
- ▶  $(C_i, M_i)$  for  $0 \le i \le len(R)$ , the configurations of R
- Node instances  $ni_1 = (n_1, i_1)$  and  $ni_2 = (n_2, i_2)$  in R, i. e.,  $1 \le i_1, i_2 \le len(R)$ ,  $n_1 = R(i_1)$ ,  $n_2 = R(i_2)$

Call node instances confluent in R, written  $ni_1 \sim_R ni_2$ , iff

- for  $i = min(i_1, i_2) 1$
- $ightharpoonup n_1 \sim_{(C_i,M_i)} n_2$

## InEffective2 Revisited

```
module InEffective2
   output bool x = false;
3
     int y;
5
    fork
6
7
    if (!x) {
     y = 1;
8
      x = x x or true
9
10
    else
11
       y = 0
12
    par
13
    x = x xor true;
14
    join
15
```

Recall sequence L6; L7; L8; L13:

```
module InEffective2
   output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      y = 1;
8
      x = x xor true
9
10
    else
11
       v = 0
12
    par
13
    x = x xor true;
14
    join
15
```

Recall sequence L6; L7; L8; L13:

▶ Q: Is L13 ineffective relative to L6?

```
module InEffective2
   output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      y = 1;
8
      x = x xor true
9
10
    else
11
       v = 0
12
    par
13
    x = x xor true;
14
    join
15
```

- ▶ Q: Is L13 ineffective *relative to L6*?
- ► A: Yes!

```
module InEffective2
    output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      y = 1;
8
       x = x xor true
9
10
     else
11
       v = 0
12
    par
13
      x = x xor true;
14
     join
15
```

- ▶ Q: Is L13 ineffective relative to L6?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = false, which is what L6 read!

```
module InEffective2
    output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      v = 1;
8
       x = x xor true
9
10
     else
11
       v = 0
12
    par
13
      x = x xor true;
14
     join
15
```

- ▶ Q: Is L13 ineffective relative to L6?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = false, which is what L6 read!
- Q: Are L6 and L13 confluent?

```
module InEffective2
    output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      v = 1;
8
       x = x xor true
9
10
     else
11
       v = 0
12
    par
13
      x = x xor true;
14
     join
15
```

- ▶ Q: Is L13 ineffective relative to L6?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = false, which is what L6 read!
- Q: Are L6 and L13 confluent?
- ► A: No!

```
module InEffective2
    output bool x = false;
3
     int y;
5
    fork
6
      if (!x) {
7
      v = 1;
8
        x = x x or true
9
10
     else
11
        v = 0
12
    par
13
      x = x xor true;
14
     join
15
```

- ▶ Q: Is L13 ineffective *relative to L6*?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = false, which is what L6 read!
- Q: Are L6 and L13 confluent?
- ► A: No!
- ▶ L6 and L13 conflict at point of execution of L6

```
module InEffective2
    output bool x = false;
 3
     int y;
5
    fork
6
      if (!x) {
7
      v = 1;
8
        x = x xor true
9
10
     else
11
        v = 0
12
    par
13
      x = x xor true:
14
     ioin
15
```

- ▶ Q: Is L13 ineffective relative to L6?
- ► A: Yes!
- ▶ L13 is out-of-order . . .
- but writes x = false, which is what L6 read!
- Q: Are L6 and L13 confluent?
- ► A: No!
- L6 and L13 conflict at point of execution of L6
- $\rightarrow$  Def. of SC-admissibility specifically, the underlying scheduling relations uses confluence condition

## Scheduling Relations [Def 4.6]

#### Given:

- Macro tick R with
- Node instances  $ni_{1,2}=(n_{1,2},i_{1,2})$ , *i. e.*,  $1 \le i_{1,2} \le len(R)$  and  $n_{1,2}=R(i_{1,2})$
- ▶  $ni_{1,2}$  concurrent in R, i.e.,  $ni_1 \mid_R ni_2$
- ▶  $ni_{1,2}$  not confluent in R, i.e.,  $ni_1 \not\sim_R ni_2$

#### Then:

- $ightharpoonup ni_1 
  ightharpoonup \frac{R}{\alpha} ni_2$  iff  $n_1 
  ightharpoonup \alpha_1$  for some  $\alpha \in \alpha_{iur}$
- $ightharpoonup ni_1 
  ightharpoonup ^R ni_2$  iff  $i_1 < i_2$ ; i. e.,  $ni_1$  happens before  $ni_2$  in R.

## Sequential Admissibility [Def. 4.7]

A macro tick R is SC-admissible iff

- ▶ for all node instances  $ni_{1,2} = (n_{1,2}, i_{1,2})$  in R, with  $1 \le i_{1,2} \le len(R)$  and  $n_{1,2} = R(i_{1,2})$ ,
- for all  $\alpha \in \alpha_{inr}$

the scheduling condition  $SC_{\alpha}$  holds:

## Sequential Admissibility [Def. 4.7]

A macro tick R is SC-admissible iff

- ▶ for all node instances  $ni_{1,2} = (n_{1,2}, i_{1,2})$  in R, with  $1 \le i_{1,2} \le len(R)$  and  $n_{1,2} = R(i_{1,2})$ ,
- for all  $\alpha \in \alpha_{inr}$

the scheduling condition  $SC_{\alpha}$  holds: if  $ni_1 \rightarrow_{\alpha}^R ni_2$  then  $ni_1 \rightarrow^R ni_2$ .

A run for an SCG is SC-admissible if all macro ticks *R* in this run are SC-admissible.

The SC Language (SCL) and the SC Graph (SCG) [Sec. 2]
Free Scheduling of SCGs [Sec. 3]
The SC Model of Computation [Sec. 4]

```
module NonDet
 2
     output bool x = false, y = false;
 3
 4
     fork { // Thread CheckX
      if (!x)
 6
       y = true;
 7
     par { // Thread CheckY
      if (!v)
10
       x = true
11
12
      join
13
```

```
module NonDet
 2
     output bool x = false, y = false;
 3
     fork { // Thread CheckX
      if (!x)
 6
       y = true;
 7
     par { // Thread CheckY
      if (!v)
10
       x = true
11
12
      join
13
```

Admissible runs?

```
module NonDet
 2
     output bool x = false, y = false;
 3
     fork { // Thread CheckX
      if (!x)
 6
       v = true:
 7
     par { // Thread CheckY
      if (!v)
10
       x = true
11
12
      join
13
```

Admissible runs? Yes, multiple

```
module NonDet
2
    output bool x = false, y = false;
 3
     fork { // Thread CheckX
      if (!x)
6
       v = true:
     par { // Thread CheckY
      if (!v)
10
       x = true
11
12
     join
13
```

- Admissible runs? Yes, multiple
- Determinate?

```
module NonDet
2
    output bool x = false, y = false;
 3
     fork { // Thread CheckX
      if (!x)
6
       v = true:
     par { // Thread CheckY
      if (!v)
10
       x = true
11
12
     join
13
```

- Admissible runs? Yes, multiple
- Determinate? No

```
module NonDet
coutput bool x = false, y = false;

fork { // Thread CheckX}

if (!x)
    y = true;

}

par { // Thread CheckY}

if (!y)
    x = true

}

join
}
```

- Admissible runs? Yes, multiple
- Determinate? No



```
module NonDet
coutput bool x = false, y = false;

fork { // Thread CheckX}

if (!x)
    y = true;

par { // Thread CheckY}

if (!y)
    x = true

}

join
}
```

- Admissible runs? Yes, multiple
- Determinate? No



The SC Language (SCL) and the SC Graph (SCG) [Sec. 2] Free Scheduling of SCGs [Sec. 3]

The SC Model of Computation [Sec. 4]

```
module Fail
output bool z = false;

fork {
    if (!z)
    z = true;
    }

par {
    if (z)
    z = true
    if (z)
    if (z)
```

```
module Fail
output bool z = false;

fork {
    if (!z)
      z = true;
    }

par {
    if (z)
      z = true
    if (z)
    i
```

Admissible runs?

```
module Fail
output bool z = false;

fork {
    if (!z)
      z = true;
    }

par {
    if (z)
      z = true
    if (z)
    i
```

Admissible runs? No

```
module Fail
output bool z = false;

{
  fork {
        if (!z)
        z = true;
      }

      par {
        if (z)
        z = true
      }

      z = true
      if (z)
      if
```

- Admissible runs? No
- Determinate?

```
module Fail
output bool z = false;

{
  fork {
    if (!z)
    z = true;
  }
}

par {
  if (z)
    z = true
  if (z)
  if (z)
```

- Admissible runs? No
- Determinate? Yes

```
module Fail
output bool z = false;

{
  fork {
    if (!z)
    z = true;
  }
}

par {
    if (z)
    z = true
    if (z)
    z = true
    if (z)
    z = true
    if (z)
    if (z)
```

- Admissible runs? No
- Determinate? Yes

#### Thus: Determinacy ≠ SC-admissibility

### Sequential Constructiveness [Def. 4.8]



**Definition:** A program P is sequentially constructive (SC) iff for each initial configuration and input sequence:

- 1. There exists an SC-admissible run (P is reactive)
- 2. Every SC-admissible run generates the same determinate sequence of macro responses (*P* is determinate)

Synchronous Languages Lecture 13 Slide 77

#### Overview

Motivation

Formalizing Sequential Constructiveness (SC)

Wrap-Up

Synchronous Program Classes Summary















Example  $P_{APS} =$ 



Example  $P_{APS} = if(x) x = 1$ 



Example  $P_{AS} =$ 



Example  $P_{AS} = if (!x) x = 1$ 



Example  $P_{ALS} =$ 



Example  $P_{ALS} = \text{if (!x)} x = 1 \text{ else } x = 1$ 



Example  $P_{ALPS} =$ 



Example  $P_{ALPS} = if (!x \&\& y) \{x = 1; y = 1\}$ 

### Summary

Underlying idea of sequential constructiveness rather simple

#### Summary

Underlying idea of sequential constructiveness rather simple

- Prescriptive instead of descriptive sequentiality
- ► Thus circumventing "spurious" causality problems
- Initialize-update-read protocol

#### Summary

Underlying idea of sequential constructiveness rather simple

- Prescriptive instead of descriptive sequentiality
- ► Thus circumventing "spurious" causality problems
- Initialize-update-read protocol

However, precise definition of SC MoC not trivial

- Challenging to ensure conservativeness relative to Berry-constructiveness
- Plain initialize-update-read protocol does not accommodate, e. g., signal re-emissions
- Restricting attention to concurrent, non-confluent node instances is key

#### Conclusions

- Clocked, synchronous model of execution for imperative, shared-memory multi-threading
- Conservatively extends synchronous programming (Esterel) by standard sequential control flow (Java, C)
- Deterministic concurrency with synchronous foundations, but without synchronous restrictions
  - © Expressive and intuitive sequential paradigm
  - © Predictable concurrent threads

#### **Future Work**

Plenty of extensions/adaptations possible . . .

- Alternative notions of sequential constructiveness:
  - A truly "constructive" approach that sharpens SC admissibility to determinate schedules
  - Extension of iur-protocol, e.g., to model ForeC
- ► Improved synthesis & analysis see also next lecture