Asynchronous Event Handling and Real-Time Threads in the Real

Total Page:16

File Type:pdf, Size:1020Kb

Asynchronous Event Handling and Real-Time Threads in the Real Asynchronous Event Handling and Real- time Threads in the Real-time Specification for Java* A.J. Wellings and A. Burns Department of Computer Science, University of York, YOlO 5DD, U .K. Email: {andy, burns}@cs.york.ac.uk Abstract the controller via interrupts. For example, a robot may trip a switch when it reaches a certain position. This paper discusses the role and implementation of This is a signal to the controller that the power to asynchronous event handlers in the Real-time speci- the motor should be turn off, thereby bringing the fication for Java (RTSJ). For non-blocking handlers, robot to a halt. an implementation model whereby all heap-using han- The system designer often has a choice on whether dlers are serviced by a single thread and all no-heap to implement the control algorithm as a time trig- handlers are serviced by another server thread is pro- gered or event triggered one. Event triggered systems posed and schedulability analysis is derived. The are often more flexible whereas time triggered system model is shown to have bounded priority inversion. are more predictable (Kopetz, 1997; Burns, 2002). In General multiple-server models are needed for non- either case, the controller is usually represented as a blocking handlers but the support in the RTSJ is crit- thread. However, there are occasions where this is icised as lacking in configurability. A solution is pro- not appropriate. These include (Ousterhout, 2002; posed which allow the number of servers to be spec- van Renesse, 1998) when: ified, and the allocation of handlers to servers to be controlled. ."!It:;-+1.~ t:;A"t:;L!laL~.,+~--~1 UUJt:;l;""~1.:--+~ aLt:; LLLaLLyaLLU 3 ,-1.-:-LJl~Jl l;UJlLruJ---,--l., algorithms are simple and non blocking, and 1 Introd uction .the external objects are inter-related and their collective control requires significant communi- One of the main reasonsfor a real-time programming cation and synchronization between the con- language to support concurrency is to facilitate the trollers. modelling of parallelism in the real world (Burns and Wellings, 2001). For example, within embeddedsys- In the former case, using a thread per controller leads tem design,the controllers for real world objects such to a proliferation of threads along with the associated as conveyorbelts, enginesand robots are represented per thread overhead. In the latter case, complex com- as threads in the program. The interaction between munication and synchronization protocols are needed the real world objects and their controllers can be which can be difficult to design correctly and may either time triggered or event triggered. In a time lead to deadlock or unbounded blocking. triggered systems,the controller is activated periodi- An alternative to thread-based programming is cally. It sensesthe environment in order to determin- event-based programming. Each event has an asso- ing the status of the real-time object it is controlling. ciated handler. When events occur, they are queued Based on its findings, it writes to actuators which and a server thread takes an event from the queue are able to affect the behaviour of the object. For ex- and executes its associated handler to completion. ample, a robot controller may determine the position When the handler has finished, the server takes an- of a robot via a sensor and decide that it must cut other event from the queue, executes the handler and the power to a motor thereby bringing the robot to so on. The execution of the handlers may generate a halt. In an event triggered system, sensorsin the further events. With this model, there is only one environment are activated when the real world object thread -the server thread. There is no need for ex- enters into certain states. The events are signalled to plicit communication between the handlers as they .Javais a trademarkof SunMicrosystems. can simply read and write from shared objects with- Proceedings of the Eighth IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS’02) 0-7695-1739-0/02 $17.00 © 2002 IEEE out contention. The disadvantage of controlling all The ReleaseParameters class is a base abstract class external objects by event handlers include: and gives the general parameters that all schedula- ble objects need. A schedulable object can have a .it is difficult to have tight deadlines associated deadline and a cost associated with each time it is with event handlers as a long-lived or blocking released for execution, along with handlers for their handler must terminate before the server can ex- overrun. The cost is the amount of execution time ecute any newly arrived high-priority handlers; that a scheduler should give to the object. If the ob- ject is still executing when either its deadline or its .it is difficult to execute the handlers on a multi- cost expires, an associated event handler is scheduled. processorsystem as the handlers assumeno con- It should be noted that the RTSJ does not require tention for shared resources. an implementation to support execution-time moni- One of the main examples often quoted as requiring toring. However, it does require it to detect missed an event-handling system is the implementation of a deadlines. Of course, a program can indicate that it graphical user interface. For example, standard Java is not concerned with a missed deadline by passing a supports threads but its Swing and AWT toolkits are null handler. Subclasses of the ReleaseParameters event based. class support periodic, aperiodic and sporadic release In an attempt to provide the flexibility of threads parameters. and the efficiency of event handling, the Real-Time The Scheduling Parameters is a null abstract Specification for Java (RTSJ) (Bollella et al., 2000) class. It has subclasses for the definition of prior- has introduced the notion of real-time asynchronous ity parameters and important parameters. All RTSJ events and associatedhandlers. However, the spec- implementations are required to support at least 28 ification is silent on how these events can be imple- unique real-time priority levels. However, there is mented and how their timing requirements can be no defined values for the importance parameters. guaranteed. As the RTSJ is likely to becomea stan- The only scheduler that the RTSJ requires is a pre- dard implementation language for real-time applica- emptive priority-based one. tions, a detailed assessmentof its facilities is timely. Essentially there are two types of schedulable ob- The goal of this paper is to explore how RTSJ real- jects: real-time threads and asynchronous event han- time events can be implemented and integrated with dlers. Each AsyncEvent can have one or more han- the scheduling of real-time threads. In section 2, and dlers. When the event occurs {indicated by a call to overview of the RTSJ event handling model is pre- the fire method), all the handlers associated with sented. The only schedulingpolicy required by RTSJ the event are scheduled for execution according to is priority-based scheduling; section 3, therefore, con- their Scheduling Parameters. Note that the firing siders a priority-based implementation of event han- of an event can also be associated with the occur- dlers. Section 4 then developsthe responsetime anal- rence of an implementation-dependent external ac- ysis for this implementation model. Section 5 extends tion by using the bindTo method. Subclasses of the the model by considering multiple serversand bound AsyncEvent class provide time-triggered events. Fig- event handlers. Finally, conclusions are presentedin ure 1 illustrates the event class hierarchy. Section 6. Each handler is scheduled once for each outstand- ing event firing. However, the handler can modify the number of outstanding events by using the methods 2 The Event Handling Model in the AsyncEventHandler class. Although an event handler is a schedulable entity Objects which are to be scheduledin RTSJ must im- {i.e. at some point it must be executed by a thread), plement the Schedulable interface and specify: the intention of the RTSJ is that it will not suffer the same overhead as an application thread. Conse- .their memory requirements via the class quently, it cannot be assumed that there is a sepa- MemoryParameters-not consideredin this pa- rate implementation thread for each handler, as more per; than one handler may be associated with a partic- ular implementation thread. If a dedicated thread .their timing requirements via the class is required, the BoundAsyncEventHandler should be ReleaseParameters; used. However, other event handlers may also be .their scheduling requirements via the class associated with that thread. Figure 2 illustrates the event handler class and its relationship to other Scheduling Parameters; classes. Proceedings of the Eighth IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS’02) 0-7695-1739-0/02 $17.00 © 2002 IEEE Figure 1: Event class in RTSJ 3 Implemention Issues At the other extreme, a single server real-time thread could be used to execute all event handlers. The key challenge in implementing event handlers is This approach is illustrated in Figure 3. to limit the number of threads without jeopardising There are two main issues associated with this ap- the schedulability of the overall system. Further- proach: more, the RTSJ requires pre-emptive priority-based I. the order of the event handler queue scheduling of all schedulable objects. If interpreted strictly, this requires a high priority event handler to 2. the priority of the server pre-empt a low priority event handler. This severely To enable effective schedulability analysis, the event limits the freedom of the implementation and, ar- handler queue should be priority ordered. Note that guably, removesone of the motivations for an event for event firing, zero, one or more handlers may be handling paradigm (i.e.
Recommended publications
  • Tutorial Introduction
    Tutorial Introduction PURPOSE: - To explain MCU processing of reset and and interrupt events OBJECTIVES: - Describe the differences between resets and interrupts. - Identify different sources of resets and interrupts. - Describe the MCU reset recovery process. - Identify the steps to configure and service an interrupt event. - Describe MCU exception processing. CONTENT: - 20 pages - 3 questions LEARNING TIME: - 25 minutes PREREQUESITE: - The 68HC08 CPU training module and a basic understanding of reset and interrupt events Welcome to this tutorial on resets and interrupts. The tutorial describes the different sources of reset and interrupt events and provides detailed training on 68HC08 MCU exception processing. Please note that on subsequent pages, you will find reference buttons in the upper right of the content window that access additional content. Upon completion of this tutorial, you’ll be able to describe the differences between resets and interrupts, identify different sources of reset and interrupt events, and describe MCU exception processing. The recommended prerequisite for this tutorial is the 68HC08 CPU training module. It is also assumed that you have a basic knowledge of reset and interrupt events. Click the Forward arrow when you’re ready to begin the tutorial. 1 Resets and Interrupts Overview • Reset sources: - External - power on, reset pin driven low - Internal - COP, LVI, illegal opcode, illegal address • Resets initialize the MCU to startup condition. • Interrupt sources: - Hardware - Software • Interrupts vector the program counter to a service routine. Resets and interrupts are responses to exceptional events during program execution. Resets can be caused by a signal on the external reset pin or by an internal reset signal.
    [Show full text]
  • Introduction to Exception Handling
    Introduction to Exception Handling Chapter 9 • Sometimes the best outcome can be when Exception nothing unusual happens HdliHandling • However, the case where exceptional things happen must also be ppprepared for – Java exception handling facilities are used when the invocation of a method may cause something exceptional to occur – Often the exception is some type of error condition Copyright © 2012 Pearson Addison‐Wesley. All rights reserved. 9‐2 Introduction to Exception Handling try-throw-catch Mechanism • Java library software (or programmer‐defined code) • The basic way of handling exceptions in Java consists of provides a mechanism that signals when something the try-throw-catch trio • The try block contains the code for the basic algorithm unusual happens – It tells what to do when everything goes smoothly – This is called throwing an exception • It is called a try block because it "tries" to execute the case where all goes as planned • In another place in the program, the programmer – It can also contain code that throws an exception if something must provide code that deals with the exceptional unusual happens try case { – This is called handling the exception CodeThatMayThrowAnException } Copyright © 2012 Pearson Addison‐Wesley. All rights reserved. 9‐3 Copyright © 2012 Pearson Addison‐Wesley. All rights reserved. 9‐4 try-throw-catch Mechanism try-throw-catch Mechanism throw new • A throw statement is siilimilar to a methdhod call: ExceptionClassName(PossiblySomeArguments); throw new ExceptionClassName(SomeString); • When an
    [Show full text]
  • Introduction to Object-Oriented Programming in MATLAB
    Object Oriented & Event-Driven Programming with MATLAB Ameya Deoras © 2014 The MathWorks, Inc.1 Agenda . Object-oriented programming in MATLAB – Classes in MATLAB – Advantages of object oriented design – Example: Designing a portfolio tracker . Events in MATLAB – Event-driven programming fundamentals – Writing event handlers – Example: Building a real-time portfolio tracker 2 Case Study: Portfolio Tracker 45.8 61.88 DD.N JNJ.N 45.7 61.86 45.6 61.84 45.5 61.82 61.8 06:05 06:06 06:07 06:06 06:07 49 -660 WMT.N Portfolio 48.9 48.8 -665 48.7 06:06 06:07 78.8 MMM.N -670 78.6 78.4 78.2 -675 06:04 06:05 06:06 06:07 06:02 06:03 06:04 06:05 06:06 06:07 . Subscribe to real-time quotes for 4 equities from Reuters service . Track real-time combined portfolio valueVisualize instrument & portfolio history graphically in real-time 3 What is a program? Data x = 12 while (x < 100) x = x+1 if (x == 23) x = 12 disp('Hello') while (x < 100) end x = x+1 end if (x == 23) disp('Hello') end Assignment end Looping Test Increment Test to Act Code Take Action End End Actions 4 Progression of Programming Techniques value Data variable structure Level of Abstraction / Sophistication function script command line Algorithm 5 Progression of Programming Techniques value Data variable structure (properties) Level of Abstraction / Sophistication class (methods) function script command line Algorithm 6 Object-Oriented Terminology . Class – Outline of an idea AKAM – Properties (data) GOOG YHOO MSFT – Methods (algorithms) ORCL An element of the set – object .
    [Show full text]
  • Lesson-2: Interrupt and Interrupt Service Routine Concept
    DEVICE DRIVERS AND INTERRUPTS SERVICE MECHANISM Lesson-2: Interrupt and Interrupt Service Routine Concept Chapter 6 L2: "Embedded Systems- Architecture, Programming and Design", 2015 1 Raj Kamal, Publs.: McGraw-Hill Education Interrupt Concept • Interrupt means event, which invites attention of the processor on occurrence of some action at hardware or software interrupt instruction event. Chapter 6 L2: "Embedded Systems- Architecture, Programming and Design", 2015 2 Raj Kamal, Publs.: McGraw-Hill Education Action on Interrupt In response to the interrupt, a routine or program (called foreground program), which is running presently interrupts and an interrupt service routine (ISR) executes. Chapter 6 L2: "Embedded Systems- Architecture, Programming and Design", 2015 3 Raj Kamal, Publs.: McGraw-Hill Education Interrupt Service Routine ISR is also called device driver in case of the devices and called exception or signal or trap handler in case of software interrupts Chapter 6 L2: "Embedded Systems- Architecture, Programming and Design", 2015 4 Raj Kamal, Publs.: McGraw-Hill Education Interrupt approach for the port or device functions Processor executes the program, called interrupt service routine or signal handler or trap handler or exception handler or device driver, related to input or output from the port or device or related to a device function on an interrupt and does not wait and look for the input ready or output completion or device-status ready or set Chapter 6 L2: "Embedded Systems- Architecture, Programming and Design",
    [Show full text]
  • Lecture Notes on Programming Languages Elvis C
    101 Lecture Notes on Programming Languages Elvis C. Foster Lecture 11: Exception and Event Handling This lecture discusses how programming languages support exceptions. Topics to be covered include: . Introduction . Exception Handling in C++ . Exception Handling in Java . Exception Handling in Ada and Other Pascal-like Languages . Event Handling Copyright © 2000 – 2016 by Elvis C. Foster All rights reserved. No part of this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, or otherwise, without prior written permission of the author. 102 Lecture 11: Exception and Event Handling Elvis C. Foster 11.1 Introduction Inexperienced programmers usually think their program will always work as expected. On the other hand, experienced programmers know that things do not always work as expected. Smart programming is about taking care of the expected as well as the unexpected. Programmers refer to the unexpected situations as exceptions. The following are some examples of scenarios that will cause program errors (exceptions): . The user enters a character where an integer is expected; . The program uses an array subscript that is outside of the range of valid subscript values for a given array; . An attempt is made at dividing by zero; . An attempt is made to write to a file that does not exist. There are three broad categories of programming errors: . Syntax errors . Logic errors . Runtime errors We have already shown how programming languages take care of syntax errors through the translation process (review lecture 3). Logic errors are the responsibility of the programmer, but programming languages help by providing debugging features that the programmer can use.
    [Show full text]
  • Programmable Logic Controllers Interrupt Basics
    Programmable Logic Controllers Interrupts Electrical & Computer Engineering Dr. D. J. Jackson Lecture 13-1 Interrupt Basics In terms of a PLC What is an interrupt? When can the controller operation be interrupted? Priority of User Interrupts Interrupt Latency Interrupt Instructions Electrical & Computer Engineering Dr. D. J. Jackson Lecture 13-2 13-1 What is an Interrupt? • An interrupt is an event that causes the controller to suspend the task it is currently performing, perform a different task, and then return to the suspended task at the point where it suspended. • The Micrologix PLCs support the following User Interrupts: – User Fault Routine – Event Interrupts (4) – High-Speed Counter Interrupts(1) – Selectable Timed Interrupt Electrical & Computer Engineering Dr. D. J. Jackson Lecture 13-3 Interrupt Operation • An interrupt must be configured and enabled to execute. When any one of the interrupts is configured (and enabled) and subsequently occurs, the user program: 1. suspends its execution 2. performs a defined task based upon which interrupt occurred 3. returns to the suspended operation. Electrical & Computer Engineering Dr. D. J. Jackson Lecture 13-4 13-2 Interrupt Operation (continued) • Specifically, if the controller program is executing normally and an interrupt event occurs: 1. the controller stops its normal execution 2. determines which interrupt occurred 3. goes immediately to rung 0 of the subroutine specified for that User Interrupt 4. begins executing the User Interrupt subroutine (or set of subroutines if the specified subroutine calls a subsequent subroutine) 5. completes the subroutine(s) 6. resumes normal execution from the point where the controller program was interrupted Electrical & Computer Engineering Dr.
    [Show full text]
  • Modular Reasoning in the Presence of Event Subtyping Mehdi Bagherzadeh Iowa State University, [email protected]
    Computer Science Technical Reports Computer Science 8-4-2014 Modular Reasoning in the Presence of Event Subtyping Mehdi Bagherzadeh Iowa State University, [email protected] Robert Dyer Bowling Green State University, [email protected] Rex D. Fernando University of Wisconsin - Madison, [email protected] Hridesh Rajan Iowa State University, [email protected] Jose Sanchez University of Central Florida, [email protected] Follow this and additional works at: http://lib.dr.iastate.edu/cs_techreports Part of the Programming Languages and Compilers Commons Recommended Citation Bagherzadeh, Mehdi; Dyer, Robert; Fernando, Rex D.; Rajan, Hridesh; and Sanchez, Jose, "Modular Reasoning in the Presence of Event Subtyping" (2014). Computer Science Technical Reports. 363. http://lib.dr.iastate.edu/cs_techreports/363 This Article is brought to you for free and open access by the Computer Science at Iowa State University Digital Repository. It has been accepted for inclusion in Computer Science Technical Reports by an authorized administrator of Iowa State University Digital Repository. For more information, please contact [email protected]. Modular Reasoning in the Presence of Event Subtyping Abstract Separating crosscutting concerns while preserving modular reasoning is challenging. Type-based interfaces (event types) separate modularized crosscutting concerns (observers) and traditional object-oriented concerns (subjects). Event types paired with event specifications have been shown to be effective in enabling modular reasoning about subjects and observers. Similar to class subtyping there are benefits ot organizing event types into subtyping hierarchies. However, unrelated behaviors of observers and their arbitrary execution orders could cause unique, somewhat counterintuitive, reasoning challenges in the presence of event subtyping. These challenges threaten both tractability of reasoning and reuse of event types.
    [Show full text]
  • How to Get Started with Actionscript Actionscript 3.0 Is the Scripting Language of Adobe Flash Professional
    Adobe Flash Professional Guide How to get started with ActionScript ActionScript 3.0 is the scripting language of Adobe Flash Professional. You can use ActionScript to add complex interactivity, playback control, and data display to your application. For example, you might want to animate a picture of a boy walking. By adding ActionScript, you could have the animated boy follow the pointer around the screen, stopping whenever he collides with a piece of animated furniture. ActionScript is an object-oriented programming language. Object-oriented programming is a way to organize the code in a program, using code to define objects and then sending messages back and forth between those objects. You don’t have to be a programmer to take advantage of ActionScript (see “Using Script Assist mode” later in this guide). But the following concepts will help: • Class: The code that defines an object. This code consists of properties, methods, and events. Think of the blueprint of a house: you can’t live in the blueprint, but you need it so you can build the house. You use classes to create objects. • Object: An instance of a class. When you instantiate an object (create an instance of it), you declare what class it is created from and set its properties. You can create as many objects as you want from a single class—if you have a bicycle class, you can create many bicycle objects, each with its own properties (one bicycle might be red while another might be green). • Property: One of the pieces of data bundled together in an object.
    [Show full text]
  • On Thin Air Reads: Towards an Event Structures Model of Relaxed Memory
    ON THIN AIR READS: TOWARDS AN EVENT STRUCTURES MODEL OF RELAXED MEMORY ALAN JEFFREY AND JAMES RIELY Mozilla Research DePaul University Abstract. To model relaxed memory, we propose confusion-free event structures over an alphabet with a justification relation. Executions are modeled by justified configurations, where every read event has a justifying write event. Justification alone is too weak a criterion, since it allows cycles of the kind that result in so-called thin-air reads. Acyclic justification forbids such cycles, but also invalidates event reorderings that result from compiler optimizations and dynamic instruction scheduling. We propose the notion of well-justification, based on a game-like model, which strikes a middle ground. We show that well-justified configurations satisfy the DRF theorem: in any data-race free program, all well-justified configurations are sequentially consistent. We also show that rely-guarantee reasoning is sound for well-justified configurations, but not for justified configurations. For example, well-justified configurations are type-safe. Well-justification allows many, but not all reorderings performed by relaxed memory. In particular, it fails to validate the commutation of independent reads. We discuss variations that may address these shortcomings. 1. Introduction The last few decades have seen several attempts to define a suitable semantics for shared- memory concurrency under relaxed assumptions; see Batty et al. [2015] for a recent summary. Event structures [Winskel 1986] provide a way to visualize all of the conflicting executions of a program as a single semantic object. In this paper, we exploit the visual nature of event structures to provide a fresh approach to relaxed memory models.
    [Show full text]
  • Event-Driven Exception Handling for Software Engineering Processes
    Event-driven Exception Handling for Software Engineering Processes Gregor Grambow1, Roy Oberhauser1, Manfred Reichert2 1 Computer Science Dept., Aalen University {gregor.grambow, roy.oberhauser}@htw-aalen.de 2Institute for Databases and Information Systems, Ulm University, Germany [email protected] Abstract. In software development projects, process execution typically lacks automated guidance and support, and process models remain rather abstract. The environment is sufficiently dynamic that unforeseen situations can occur due to various events that lead to potential aberrations and process governance issues. To alleviate this problem, a dynamic exception handling approach for software engineering processes is presented that incorporates event detection and processing facilities and semantic classification capabilities with a dynamic process-aware information system. A scenario is used to illustrate how this approach supports exception handling with different levels of available contextual knowledge in concordance with software engineering environment relations to the development process and the inherent dynamicity of such relations. Keywords: Complex event processing; semantic processing; event-driven business processes; process-aware information systems; process-centered software engineering environments 1 Introduction The development of software is a very dynamic and highly intellectual process that strongly depends on a variety of environmental factors as well as individuals and their effective collaboration. In contrast to industrial production processes that are highly repetitive and more predictable, software engineering processes have hitherto hardly been considered for automation. Existing software engineering (SE) process models like VM-XT [1] or the open Unified Process [2] are rather abstract (of necessity for greater applicability) and thus do not really reach the executing persons at the operational level [3].
    [Show full text]
  • Asynchronous Programming with Async and Await 1 Await Operator 12 Async 15 Accessing the Web by Using Async and Await 18 Extend
    Asynchronous Programming with Async and Await 1 Await Operator 12 Async 15 Accessing the Web by Using Async and Await 18 Extend the Async Walkthrough by Using Task.WhenAll 33 Make Multiple Web Requests in Parallel by Using Async and Await 43 Async Return Types 48 Control Flow in Async Programs 56 Handling Reentrancy in Async Apps 68 Using Async for File Access 84 Asynchronous Programming with Async and Await (Visual Basic) https://msdn.microsoft.com/en-us/library/mt674902(d=printer).aspx Asynchronous Programming with Async and Await (Visual Basic) Visual Studio 2015 You can avoid performance bottlenecks and enhance the overall responsiveness of your application by using asynchronous programming. However, traditional techniques for writing asynchronous applications can be complicated, making them difficult to write, debug, and maintain. Visual Studio 2012 introduced a simplified approach, async programming, that leverages asynchronous support in the .NET Framework 4.5 and higher as well as in the Windows Runtime. The compiler does the difficult work that the developer used to do, and your application retains a logical structure that resembles synchronous code. As a result, you get all the advantages of asynchronous programming with a fraction of the effort. This topic provides an overview of when and how to use async programming and includes links to support topics that contain details and examples. Async Improves Responsiveness Asynchrony is essential for activities that are potentially blocking, such as when your application accesses the web. Access to a web resource sometimes is slow or delayed. If such an activity is blocked within a synchronous process, the entire application must wait.
    [Show full text]
  • Event-Driven Protocols and Callback Control Flow
    Lifestate: Event-Driven Protocols and Callback Control Flow Shawn Meier University of Colorado Boulder, USA [email protected] Sergio Mover École Polytechnique, Institute Polytechnique de Paris, Palaiseau, France [email protected] Bor-Yuh Evan Chang University of Colorado Boulder, USA [email protected] Abstract Developing interactive applications (apps) against event-driven software frameworks such as Android is notoriously difficult. To create apps that behave as expected, developers must follow complex and often implicit asynchronous programming protocols. Such protocols intertwine the proper registering of callbacks to receive control from the framework with appropriate application-programming interface (API) calls that in turn affect the set of possible future callbacks. An app violates the protocol when, for example, it calls a particular API method in a state of the framework where such a call is invalid. What makes automated reasoning hard in this domain is largely what makes programming apps against such frameworks hard: the specification of the protocol is unclear, and the control flow is complex, asynchronous, and higher-order. In this paper, we tackle the problem of specifying and modeling event-driven application-programming protocols. In particular, we formalize a core meta-model that captures the dialogue between event-driven frameworks and application callbacks. Based on this meta-model, we define a language called lifestate that permits precise and formal descriptions of application-programming protocols and the callback control flow imposed by the event-driven framework. Lifestate unifies modeling what app callbacks can expect of the framework with specifying rules the app must respect when calling into the framework.
    [Show full text]