Time analysis of actor programs

HAL Id: hal-02392909

https://hal.inria.fr/hal-02392909

Submitted on 4 Dec 2019

HAL is a multi-disciplinary open access

archive for the deposit and dissemination of

sci-entific research documents, whether they are

pub-lished or not. The documents may come from

teaching and research institutions in France or

abroad, or from public or private research centers.

L’archive ouverte pluridisciplinaire HAL, est

destinée au dépôt et à la diffusion de documents

scientifiques de niveau recherche, publiés ou non,

émanant des établissements d’enseignement et de

recherche français ou étrangers, des laboratoires

publics ou privés.

Time analysis of actor programs

Cosimo Laneve, Michael Lienhardt, Ka Pun, Guillermo Román-Díez

To cite this version:

Cosimo Laneve, Michael Lienhardt, Ka Pun, Guillermo Román-Díez. Time analysis of actor

pro-grams. Journal of Logical and Algebraic Methods in Programming, Elsevier, 2019, 105, pp.1 - 27.

�10.1016/j.jlamp.2019.02.007�. �hal-02392909�

Contents lists available atScienceDirect

Journal

of

Logical

and

Algebraic

Methods

in

Programming

www.elsevier.com/locate/jlamp

Time

analysis

of

actor

programs

✩

Cosimo Laneve

a

,

Michael Lienhardt

b

,

Ka

I Pun

c

,

d

,

Guillermo Román-Díez

e

,

∗

a_{UniversityofBologna/INRIA,Italy}

b_{ONERA–TheFrenchAerospaceLab,Palaiseau,France} c_{WesternNorwayUniversityofAppliedSciences,Norway} d_{UniversityofOslo,Norway}

e_{UniversidadPolitécnicadeMadrid,Spain}

a

r

t

i

c

l

e

i

n

f

o

a

b

s

t

r

a

c

t

Articlehistory:

Received23March2018

Receivedinrevisedform9February2019 Accepted17February2019

Availableonline21February2019

Keywords:

Timeanalysis Behavioral types Resourceanalysis

This paper proposes a technique for estimating the computational time of programs in an actor model, which is intended to serve as acompiler target of awide variety of actor-based programming languages. We define a compositional translation function returningcostequations,whicharefedtoan automaticoff-the-shelfsolverforobtaining the timebounds.Ourapproach isbasedonanew notion ofsynchronizationsets, which captures possible difficult synchronizationpatterns between actors and helpsmake the analysis efficient and precise.The approachis proven tocorrectlyover-approximate the worst computational time of an actor model ofconcurrent programs. Ourtechnique is complementedby aprototype analyzerthat returnsupper bound ofcostsfor theactor model.

©2019ElsevierInc.Allrightsreserved.

1. Introduction

Time computation for programs running on mainstream architectures,for example, multicore, distributed systems or cloud, is intricate anddemanding as the execution of a process may be indirectly delayed by other processes running on differentmachines dueto synchronizations. The computational time of programs is particularlyrelevant in cloud ar-chitectures, where services are bound by so-called service-levelagreements (SLAs), which regulate the costs in time and assignpenaltiesfortheirinfringements [7].Inparticular,theserviceprovidersneedguaranteesthat theservicesmeetthe SLA, for example interms of the end-user response time, by deciding on a resource management policy,and by deter-mining theappropriate number ofvirtual machine instances(or containers)and their parametersettings (e.g.,their CPU speeds).

Inthispaperweproposeatechniqueforestimatingthecomputationaltimeofprogramsinanactormodel.Thismodel isintendedtoserveasacompilertargetofawidevarietyofactor-basedprogramminglanguages,suchasobject-oriented ones, including

Java

and

C#

,which areusedincloud architectures.Ourtechnique aimsat(andinfact, hasbeen devel-oped for)helpingserviceproviderstoselectresourcemanagement policiesinacorrectway, beforeactuallydeployingthe service.

✩ _{ThisworkhasbeenpartiallysupportedbyComunidaddeMadridaspartoftheprogramS2018/TCS-4339(BLOQUES-CM)co-fundedbyEIEFundsof}

theEuropeanUnion,bytheSpanishMINECOprojectTIN2015-69175-C4-2-RandtheSIRIUSCentreforScalableDataAccess (http://www.sirius-labs.no).

*

Correspondingauthor.

E-mailaddresses:cosimo.laneve@unibo.it(C. Laneve),michael.lienhardt@onera.fr(M. Lienhardt),Violet.Ka.I.Pun@hvl.no(K. Pun),

guillermo.roman@upm.es(G. Román-Díez).

https://doi.org/10.1016/j.jlamp.2019.02.007

Severaltechniqueshavebeenproposedforanalyzingthecomputationaltimeofsequentialprograms.Seeforexample [3,

6,10,11,17] andSection7.Ourapproachissimilarto [15],whereastaticallytypedintermediatelanguagehasbeendefined in order to verify safety propertiesand certify code optimizations. Different from [15], our language, called

alt

, short foractorlanguagewithtime,isconcurrent,andcontainsanoperation definingthenumberofprocessingcyclesrequiredto be computed, calledwait

(

n

)

(similarto the

sleep

(

n

)

operationin

Java

). Inordertoanalyze thecomputationaltime of

alt

,we definean algorithmthat returnsasetofcostequationsthat areadequateforasolver. Wedemonstratethatthe solutionofthecostequationsover-approximatesthecomputationaltimeofthe

alt

programininput.Giventheseresults, estimatingthecomputational timeofa programinsome programminglanguagesamountstodefining acompilationinto an

alt

program(anddemonstratingitscorrectness).

Thepresentedworkbuildsuponapreviousarticlebytheauthors [9],whereitcapturestheactormodelsofactor-based programminglanguagesintermsofbehavioral types,andobtainsthecomputationaltime ofthecorrespondingprogram by feeding the cost equations produced by a translationfunction to a off-the-shelf solver, namely the

CoFloCo

solver [8]. However, thistechniqueproposed in [9] has averysevere constraint:invocations wereadmittedonly eitheron thesame actororonnewlycreatedones,i.e.,noinvocationonparameters.Forinstance,accordingtothisconstraint,aninvocationto amethod

inner

(

y

,

x

)

,wherethefirstparameteristheactorexecutingthemethod,cannotoccurinthebodyofamethod

outer

(

x

,

y

)

.The challengeis that,in thiscase,computingthe cost of

outer

(

x

,

y

)

requiresto knowwhetherthereis a synchronizationbetweenactors x and y.Incasethereis,onehastoconsiderthat

inner

(

y

,

x

)

mightbedelayedbyother methodsrunningon y,whichmightbeindependentfrom

outer

(

x

,

y

)

.

Thispaperfocusesonovercomingthisissue.Wefirstcompute synchronizationsets ofactors, whichareactorsthat po-tentiallymightinterferewiththeexecutionsofeachother.Wethencomposethecostofaninvocationwiththecostofthe calleeintwoways:(1)itisadded,correspondingtosequentialcompositions,iftheargumentsoftheinvocationandthoseof thecallerareinthesamesynchronizationset;(2)itisthemaximumvalue,correspondingtoparallelcomposition,otherwise. Wethendefineanewtranslationfunctionthattakesthesynchronizationsetsofan

alt

programintoaccountandreturns thecorrespondingsetofcostequations.

The translation of

alt

programs intothe solver input code [2,8] has beenprototyped andcan be experimented(see Section 6). This tool, together withthecompiler we havedefinedin [9], allows usto automaticallycompute the cost of programs in

ABS

,aprototypelanguageforprogrammingthecloud [13] thatisan extensionof

alt

.Experimentalresults show that our technique is very precise when computingthe cost ofa number oftypical distributed patterns,such as

fork-join ormap-reduce.

Paperoverview. The

alt

language is defined in Section 2 and we discuss in Section 3 the issues in estimating the computational time.Section4explainstheanalysisofcomputational timebymeansofatranslationfunctionthatreturns cost equations,andSection 5discusses thepropertiesofthetranslation.In Section 6,weillustrate theconversion ofthe translationoutput totheadequate formforan off-the-shelfsolver,presentourprototype,togetherwiththeexperimental resultsofourapproachandacomparisonwithothertools.InSection7,wediscusstherelatedworkanddeliverconcluding remarksinSection8.

2. Thelanguage

alt

Inthissection,wedefinethesyntaxandthesemanticsof

alt

andillustratethelanguagewithsomeexamples. Syntax. We useseveral disjointsets ofnames that, for convenience, we address takingdifferentnotations oridentifiers:

methodnames,rangedoverby

m

,

m

,

· · ·

;actor names rangedoverbyx, y,

· · ·

;natural namesu, w,a, b,

· · ·

;futurenames

ranged overby f , g,h,

· · ·

.Thenotationsx andu denotea possiblyemptysequenceofactorandnaturalnames, respec-tively; p rangesoversequenceswhoseelementsmaybeeitheractorornaturalnames.An

alt

program



m

1

(

p1

)

=

s1

,

· · · , m

n

(

pn

)

=

sn

, main(

x

,

u

)

=

s



isasequenceofmethoddefinitionsoftheform

m

i

(

pi

)

=

si.Thelastmethodisthemainmethod,wherex istheactorname executingthemainbodyandu arenaturalnames.Statements s andexpressions e aredefinedbythefollowingsyntax:

s

::=

0

|

ν

x

;

s

|

ν

f

: m(

e

);

s

|

f

;

s

|

wait

(

en

);

s

e

::=

en

|

x

en

::=

k

|

u

|

en

+

en

(

k are natural constants

)

The syntax of

alt

statements is quite basic: 0 indicates a terminated statement;

ν

x is the creation of a new actor x;

ν

f

: m(

e

);

s creates a new taskof the method

m

that is associated to the future f ; the task startsinparallel with the continuation s. The term f performs thesynchronization ofthe taskassociatedto f . Thismaycause the(busy) wait-ing forthe terminationof thetask. Thestatement wait

(

en

)

, where en isa naturalexpression, represents theadvance of

e time units.This isthe only terminour modelthat consumestime (a.k.a. that generates acost). Note that term en in

wait

(

en

)

contains constants andnaturalnames,includingthe arithmetic binary operator

+

betweenthem.These expres-sionsarealsoknownasPresburgerarithmetics,whichisadecidablefragmentofPeanoarithmeticscontainingonlyaddition.

The restrictionisnecessary becausetheanalysisinSection 4cannot deal withgenericexpressions. Notethat, ingeneral, expressions e also include actor names (in the syntax of e, x also ranges over actor names), as in the method invoca-tions.

Methoddefinitionshavetheform

m

(

p

)

=

νz

1

;

· · · ;

νz

k

;

s suchthatallactorscanonlybecreatedinthebeginningofthe method.Additionally,the methoddefinition

m

(

p

)

=

s bindsnames p tothebody s.Weassume that p hasalways afixed pattern:p

=

x

,

y

,

u,namelyp isanonemptysequencewherethefirstelementisalways anactornameindicatingthecallee ofthe method, y areactornames andu are natural names.We assume that actornames x

,

y do notclash withnames

z1

,

· · · ,

zk. Therefore, methodinvocations

ν

f

: m(

e

)

have thepattern x

,

y

,

e. We further assume that

alt

hasa simple type systemthat verifiesthetype correctness ofmethodapplications.Statements

νx

;

s and

ν

f

: m(

e

);

s linkthe names x and f inthecontinuationss.Forthenotionofboundnameandtheone offree name,weusethestandardoperationsof alpha-conversionandsubstitution.Itis alsoassumedthat methodnames

m

1

,

· · · ,

m

n inprogramdeclarations arepairwise different.

Example2.1.Toillustrate

alt

,considertheprogram:

1

main

(

x

,

a

,

b

)

=

2

ν

y

;

ν

z

;

3

ν

f

: timer(

y

,

a

)

;

4 f

;

5

ν

g

: timer(

z

,

b

)

;

6 g

;

8

main



(

x

,

a

,

b

)

=

9

ν

y

;

νz

;

10

ν

f

: timer(

y

,

a

)

;

11

ν

g

: timer(

z

,

b

)

;

12 f

;

13 g

;

15

timer

(

x

,

n

)

=

16

wait

(

n

);

Considermethod

main

whichisexecuted byactor x.Notethatthisactorisautomaticallycreatedwhenthemainmethod starts to run. After creating two actors y and z at line 2,

main

invokes

timer

(

y

,

a

)

and continues its execution. By bindingthisinvocationtothefuturename f andsynchronizingitimmediatelyafterwards atline4,itispossibletodelay the execution of the caller actor x until the termination of

timer

(

y

,

a

)

. In this case, since y has been just created,it willimmediatelyexecute

timer

(

y

,

a

)

andreturn(thisis nottrueingeneralbecause y mighthaveother tasksrunning). Therefore,x willwaitexactly a timeunits(effectoftheinstructionwait

(

n

)

atline16) beforecontinuing.Thecontinuation spawnsatask

ν

g

: timer(

z

,

b

)

atline5onactorz andwaitsforitstermination,which,forthesamereasonsasbefore,will occurafterb timeunits.Overall,thecomputationaltimeof

main

isa

+

b.Observethatthetimeisthesamewhenline5

isreplacedby

ν

g

: timer(

y

,

b

)

,e.g.,spawningthethreadon y insteadof z.

Inthecaseof

main

,thetwoinvocationsto

timer

are performedoneaftertheother,withoutanysynchronizationin between.Thusthetwotasksareexecuted inparallel,andastheyarebothsynchronizedatlines12and13,the computa-tionaltime of

main

 ismax

(

a

,

b

)

.Observethatifline11isreplaced by

ν

g

: timer(

y

,

b

)

,e.g., spawningthe threadon y

insteadofz,thecomputationaltimebecomesa

+

b.

2

Twofeaturesof

alt

easeourtheoreticaldevelopment:(i)

alt

actorsarestateless and(ii)methodsdonotreturnvalues. Infact,computingthecostofstatefulactorprogramsrequiresaleapofthetheory developedinthiscontributionbecause itisnecessarytotracethestateofthefields.Similarly,whenmethodsreturnavalue,itisnecessarytoestimatethevalue (isitanoldactororanewone?ifitisanaturalnumber,howlargeitis?)inordertohavesensiblecostcomputations. Semantics. The semantics of

alt

is a transition system whose states are configurations cn that are defined as fol-lows.

cn ::= act(x,p,q) | fut(f,val) | invoc(x,f, m,v) | cn cn

val ::= ⊥ |  p ::= s;f | f | 0

v ::= x | f | k q ::= ∅ | s;f | q q

The notation s

;

f represents the statement s where the tailing 0 isreplaced by the future name f . We use p to range over s

;

f , f , and 0. A configurationcn is a nonempty set of actors, invocation messages and futures. The associa-tive and commutative union operator on configurations is denoted by whitespace. An actor is written as act

(

x

,

p

,

q

)

, where x is the identity of the actor, p is the active task, and q is a pool of either suspended or waitingtasks. An

invocation message is denoted as invoc

(

x

,

f

,

m

,

v

)

, where x is the callee, f the future to which the call is bound,

m

the method name, and v the set of parameter values of the call. Configurations also include futures, denoted as

fut

(

f

,

val

)

, where f isthe futureidentity and val indicateswhether f has alreadybeencomputed, writtenas



, other-wise

⊥

.

The transitionrules of

alt

are givenin Fig.1. Weuse an auxiliary function tobind invocations tothe corresponding methodbodies.Let

m

(

x

,

z

)

=

s bean

alt

method.Then

bind

(

y

, m,

v

)

=

s

{

y,v

_/

x,z

} .

(Context) cn

→

cn cn cn

→

cncn (New) z

=

fresh

( )

act

(

x

,

νz

;

p

,

q

)

→

act

(

x

,

p

{

z

_/

z

},

q

)

act

(

z

,

0

,

∅)

(Get-True) act

(

x

,

f

;

p

,

q

)

fut

(

f

,

) →

act

(

x

,

p

,

q

)

fut

(

f

,

)

(Get-False) act

(

x

,

f

;

p

,

q

)

fut

(

f

,

⊥) →

act

(

x

,

0

,

q

∪ (

f

;

p

))

fut

(

f

,

⊥)

(Async-Call)

[[

e

]] =

v f

=

fresh

( )

act

(

x

,

ν

f

: m(

z

,

e

);

p

,

q

)

→

act

(

x

,

p

{

f

_/

f

},

q

)

invoc

(

z

,

f

, m,

v

)

fut

(

f

,

⊥)

(Bind-Fun) s

=

bind

(

x

, m,

v

)

act

(

x

,

p

,

q

)

invoc

(

x

,

f

, m,

v

)

→

act

(

x

,

p

,

q

∪

s

;

f

)

(Wait-0)

[[

e

]] =

0

act

(

x

,

wait

(

e

);

s

,

q

)

→

act

(

x

,

s

,

q

)

(Activate) act

(

x

,

0

,

q

∪

p

)

→

act

(

x

,

p

,

q

)

(Return) act

(

x

,

f

,

q

)

fut

(

f

,

⊥) →

act

(

x

,

0

,

q

)

fut

(

f

,

)

(Tick) strongstable_t

(

cn

)

cn

→ (

t cn

,

t

)

Fig. 1. Transition rules.

We alsousethefunction fresh

(

)

toreturneitherafreshactornameorafreshfuturename.Finally,weuseanevaluation function

[

[·]

]

ofexpressionse suchthat

[

[

x

]

] =

x,and

[

[

e

]

] =

v whenevere isaconstantnaturalexpressionandv isitsvalue;

[

[

e

]

]

isundefinedotherwise.

Thesemanticsof

alt

isalmoststandard.See,forexample [14],forasimilarsemanticsforadialectofpi-calculuswith time.Wediscussthemostrelevantrulesinthefollowing:actorcreation,methodinvocation,methodreturnandthewait

(

e

)

statement.

Actor creation is handled by rule New, which extends the configuration with act

₍

z

_,

₀

_,

∅)

where z is a fresh actor identifier.In

alt

,methodinvocationsareasynchronous:ruleAsync-Call_{createsanewinvocationpredicateinvoc}

₍

_z

_,

_f

_,

m

,

v

)

andanewunresolvedfuturepredicatefut

(

f

,

⊥)

,whichisassociatedtotheinvocationwithafreshfutureidentifier f.The invocation predicatewill then be bound to the corresponding callee actoras one of the tasksin the task pool (cf. rule Bind-Fun). When a method terminates, rule Return sets the value ofthe corresponding future f to



. Note that f is added to the end of the method body in rule Bind-Fun. In our model, wait

₍

e

₎

is the unique operation that consumes time; that is,time does not advanceas longas a wait

(

e

)

statement is prefixedby some active task.Forthe trivialcase wheree

=

0 (seeruleWait-_{0),thestatementissimplydiscarded.Onthecontrary,whenaconfigurationcn reachesastable} state, that is,no other transitionis possible apartfrom those evaluating the wait

(

e

)

statements,time advances until an actor withanon-wait

(

e

)

statement canproceed. Toformalize thissemantics,we first introducethe notionofstability as

follows:

Definition2.1.Lett

>

0.Aconfigurationcn ist-stable,writtenasstablet

(

cn

)

,ifeveryactorincn matchesoneofthefollowing forms:

1. act

(

x

,

wait

(

e

);

s

;

f

,

q

)

with

[

[

e

]

] ≥

t,

2. act

(

x

,

0

,

q

)

and i. eitherq

= ∅

,

ii. or,foreverys

∈

q,s

=

f

;

p andfut

(

f

,

⊥) ∈

cn.

Aconfigurationcn isstrongly t-stable,writtenasstrongstablet

(

cn

)

,ifitist-stableandthereexistsanactoract

(

x

,

wait

(

e

);

s

,

q

)

with

[

[

e

]

] =

t.

Note thatt-stable(and consequently,stronglyt-stable) configurationscannot progressanymore becauseevery actor is stuckeitheronawait

(

·)

-statementoronanunresolvedfuture.

(

cn

,

t

)

=

⎧

⎪

⎪

⎪

⎪

⎨

⎪

⎪

⎪

⎪

⎩

act

(

x

,

wait

(

k

);

s

,

q

)

(

cn

,

t

)

if cn

=

act

(

x

,

wait

(

e

);

s

,

q

)

cn

and k

= [[

e

]] −

t act

(

x

,

0

,

q

)

(

cn

,

t

)

if cn

=

act

(

x

,

0

,

q

)

cn

cn otherwise.

TogetherwiththeruleTickinFig.1,wedefinethetimeprogress ofaconfiguration.

Theinitialconfigurationofaprogramwhosemainmethodis

main

(

x

,

u

)

=

s andwithinvocation

main

(

z

,

k

)

is act

(

z

,

s

{

k

_/

u

};

fstart

,

∅)

where fstartisthefutureidentifierforthemainbody.Asusual,

→

∗ isthereflexiveandtransitiveclosureof

→

and t

⇒

is

→

∗ t

→→

∗_{.Acomputation iscn}

_{⇒ · · ·}

t1

_⇒

tn

cn,thatis, cnisaconfigurationreachablefrom cn witheithertransitions

→

or

⇒

t . Whenthetimelabelsoftransitionsarenotrelevantwealsowritecn

⇒

∗cn.

Definition2.2.Thecomputationaltimeof cn

_{⇒ · · ·}

t1

_⇒

tn

cnist1

+ · · · +

tn.

Thecomputationaltimeofaconfiguration cn,writtentime

(

cn

)

,isthemaximumcomputationaltimeofcomputations start-ingatcn.Thecomputationaltime ofan

alt

programisthecomputationaltimeofitsinitialconfiguration.

Example2.2.Considerthefollowingmethod

main

1:

1

main

1

(

x

,

a

,

b

)

=

2

ν

y

;

3

wait

(

k0

)

;

4

ν

f

: m

1

(

y

)

;

5

wait

(

a

)

;

6

ν

g

: m

2

(

y

)

;

7

wait

(

b

)

;

8 g

;

9 f

;

10

m

1

(

x

)

=

11

wait

(

k1

)

;

12 13

m

2

(

x

)

=

14

wait

(

k2

)

;

Thismethodcreatesanewactor y atline2andspawnstwotasksonitatlines4and6,respectively,wherethetwotasks willexecute inparallelwith

main

1.Theirterminationsaresynchronizedatlines8and9by meansof g and f.Note

that

main

1takesitsnaturalnumberargumentsastheinputparameterofthewait

(

·)

-operationsatlines5and7,whilethe

oneatline3usesa constant k0.Thus, thecomputationaltime of

main

1 dependsontheconcretevaluesof a and b.The

otherwait

(

·)

-statementsintheexampleareexecutedwithsomeconstantsk0,k1 andk2.

2

Oursemanticsdoesnotexcludebehaviors ofmethodsthatperforminfiniteactionswithoutconsumingtime(preventing rule Tick _{to apply), such as}

foo

(

x

)

=

ν

f

: foo(

x

);

f.This kind ofbehaviors are well-known in the literature (cf. Zeno behaviors,see [14])andtheymaybeeasilyexcludedfromouranalysisbyconstrainingrecursiveinvocationstobeprefixed byawait

(

e

)

-statement,where e isanot-zeronatural.Asimilarparadoxicalbehavior is

gee

(

x

)

=

ν

y

;

ν

f

: gee(

y

);

fthat spawnsthenewtaskonanewactor,therebycreatinganunboundednumberofactors.

WefinallyremarkthatthecompositeeffectofActivateandGet-Falsemightproduceinfinitecomputationsthatdonot makeprogress,andnotimeispassing(anactorcanrepeatedlyactivateablockedtaskandthensuspenditagain).However, assuming fairnessincomputations(anenabledtaskwilleventually be executed),itispossibleto demonstratethatthese behaviors arenotpossiblein

alt

.

3. Thechallengesofcostcomputationfor

alt

programs

Computing the time of

alt

programs is challenging. In this section, we illustrate the difficulties by discussing four examples.Thesedifficultiesrangefromdeterminingthetasksthat cannotexecuteinparallel – thereforethecost ofeach of thesetasksmustbeadded together–,tounderstandingthetasksthatareexecutedinparallel –thus,themaximumvalue of

thecostofthetasksisselected–ortoanalyzingthewholespectrumofschedulingpoliciesbecausetheymightalsoaffect thecomputationaltime.

Example3.1. The method

main

1 in Example 2.2 invokes

m

1 and

m

2 on an actor that is different from the caller. The

followinggraphicalrepresentationsillustratefourdifferentcomputationsthatareobtainedbychoosingdifferentvaluesofa

andb.Rectanglesindarkgray representthelargestsegmentoftimethat areusedforcomputingthemaximal costofthe computations,whicharedenotedbythenamesc1,c2,c3 andc4,respectively.

Computation 1 represents an execution where a

>

k1, which leads to the execution of

m

2 on actor y starts after the

termination of

m

1. In this case, the executions of wait

(

b

)

and

m

2 run in parallel. Thus, the cost of this computation is

k0

+

a

+

max

(

b

,

k2

)

(the expression c1 inthefigure reflectsthe casewhere b

≥

k2). Computation2and Computation3

de-scribe computations wherea

<

k1. This leads to delaying

m

2 until the executionof

m

1 finishes. In Computation2, since

a

+

b

<

k1

+

k2,actor x hastowaitfortheterminationof

m

2.Onthecontrary,in Computation3,

m

2 returnsbeforeactor x

finishes theexecutionofwait

(

b

)

.Finally, Computation4illustratesanexecutionwhereboth x and y havetowaiteitherfor amethodtoterminateandreturnorforexecutinganewtask.

Asouranalysisaimsatfindingasoundapproximation oftimeneededforanycomputationoftheprogram,thecostof

main

1isover-approximatedbytheexpression

cmain₁

=

k0

+

max

(

a

,

k1

)

+

max

(

b

,

k2

)

For Computation 1, Computation2 and Computation4, cmain1 captures precisely the execution time. Note that the sub-expressionk0

+

max

(

a

,

k1

)

determinesthestartingtimeof

m

2onactory.However,k0

+

max

(

a

,

k1

)

isanover-approximation

of thestarting time of thestatement wait

(

b

)

atline7 of

main

1, endingup ina non-precise resultfor Computation3as

cmain1

>

c3.

2

Anotherchallenging issuetocope withiswhenataskis delayeddueto anunresolved future(seerule Get-false_{). In} thissituation,thecarrieractormaystartthe executionofthependingtasksandmayrescheduletheinitialtaskafterthe terminationoftheotherones.

Example3.2.Consider followingmethod

main

2,which issimilarto

main

1 inExample2.2,exceptthat

m

2 isinvokedon

the calleeactor x. The computationsonthe rightshow twopossible executionsof

main

2,depending onthe valuesof a

and b.

In Computation1, thesynchronization g atline 8 happensbefore

m

1 terminates. In thiscase, the cost of executing

m

2

doesnotcontribute totheoverallcost c1.Onthecontrary,in Computation2,thecostofexecuting

m

1 doesnotcontribute

to theoverall cost c2.Thereasonis thatthe valuesofa andb in thiscomputationare larger than Computation1,which

consequentlyresultsinlongertimeforexecutingwait

(

a

)

,wait

(

b

)

and

m

2 (i.e.,wait

(

k2

)

)onactor x than

m

1 onactor y.The

expression

cmain2

=

k0

+

max

(

a

+

b

+

k2

,

k1

)

Amorecomplexscenariocanbeillustratedbyhavingtwoactors x and y spawningtasksonathirdactor z.Inthiscase, theexecutionoftaskson x and y maydelaythestartingtimeofthosespawnedon z.Asaconsequence,itmayleadtothe postponementofthesynchronizationson x andy.Determiningthedelaysofsynchronizationsiscrucial,asdiscussedinthe followingexample.

Example3.3.Considerthefollowingmethod

main

3thatcreatestwoactors y and z atline2,theninvokes

m

3on y atline4

and

m

₁ on z at line6.The actor z isgivenasaparameterintheinvocationof

m

₃ (line 4)andbecomesthe carrierof

m

₂

(line18). 1

main

3

(

x

,

a

,

b

)

=

2

ν

y

;

νz

;

3

wait

(

k0

)

;

4

ν

f

: m

3

(

y

,

z

)

;

5

wait

(

a

)

;

6

ν

g

: m

1

(

z

);

7

wait

(

b

)

;

8 g

;

9 f

;

10

m

1

(

x

)

=

11

wait

(

k1

)

;

12 13

m

2

(

x

)

=

14

wait

(

k2

)

;

15 16

m

3

(

x

,

y

)

=

17

wait

(

k3

)

;

18

νh

: m

2

(

y

)

;

19 h

;

Thefigurebelowshowsfourdifferentcomputationsof

main

3thatcorrespondtovariousvaluesofa,b,k1,k2 andk3.

In Computation1,thecostisthesumofthecostsofthewait

(

·)

statementsin

main

3.Thiscostdoesnotincludethecostof

anytaskexecutedon y and z astheyarerunninginparallelwith

main

3 withoutanydelay.

Computation2combinesthecostsfromactors x andz butnotfrom y becausea

>

k2

+

k3.Observethatthetimeneeded

tostart

m

1 isdetermined bythe expressionk0

+

a;observealsothat wait

(

k3

)

andwait

(

k2

)

executesequentiallyalthough theyrunondifferentactors(y and z).Notethat,wait

(

b

)

andwait

(

k1

)

areexecutedinparallelon x and z,andsincek1

>

b,

themaximumcostisexpressedasc2

=

k0

+

a

+

k1.

In Computation3,we assumea

<

k3 such that theexecutionof

m

1 on z startsbeforetheinvocationof

m

2 on z.Thus,

theexecutionof

m

2isdelayeduntil

m

1hasfinished.Thecostof Computation3iscalculatedbytheexpressionc3

=

k0

+

a

+

k1

+

k2.

Computation4highlights apossible dependencyamong tasksexecuted on actors y and z.Thecost expression forthis caseisc4

=

k0

+

k3

+

k2

+

k1,describinga sumtowhichall threeactors contribute(k0 on x, k3 on y andk2

+

k1 on z).

Thereasonisthata

>

k3 wherethestatement wait

(

k3

)

on y (line17)directlydeterminesthestartingtimeof

m

2 on z,and

whichinthiscasedelaystheexecutionof

m

1 on z asaconsequence.

Oneremarkabledifferencebetween Computation2and Computation4isthetimetakenbeforestarting

m

1 onactorz.In

Computation2,thecostk0

+

k3 issmallerthank0

+

a,causingthat

m

2 isexecutedbefore

m

1on z.Whentherearetwoactors

whosetaskscouldbedependent oneachother,theircostsmustbeconsideredasifthetasksareexecutedsequentially,that is,theircostsaresummedup.Thus,therelationbetweenthetasksexecutedon y andon z mustbeconsideredinorderto over-approximateall possiblecomputationsof

main

3.Consideringallpossiblevaluesof a and b,thecost expressionthat

over-approximatesthecostofexecuting

main

₃ is cmain₃

=

k0

+

max

(

a

,

k2

+

k3

)

+

max

(

b

,

k1

)

Observethatcmain3 preciselyapproximatestheoverallcostof Computation2and Computation4.However,tosafely approx-imate thelateststarting time of

m

1 incasea

>

k3,the subexpressionmax

(

a

,

k2

+

k3

)

returnsk2

+

k3.Thus,we havethat

cmain3

>

c3,indicatingthatthisexpressionisover-approximatingthecostof Computation3.Similarly, Computation1isalso over-approximatedbyc3 asitcapturesthatthestartingtimeof

m

1 isk0

+

k2

+

k3,whenitsstartingtimeisk0

+

a.

2

Thislastexamplesuggeststhat,whenamethodinvocationhasseveralactorsasarguments,thepoolsofpendingtasksof theseactorscanhaveimplicitandpossiblycomplexdependencies,i.e.,eachofthemmayinprincipleaffectthetaskpoolsof theothersbydelayingtheexecutionofthetaskstherein.Wesaythattheseactorsbelongtothesamesynchronizationset.It iscrucialtonotethatthissynchronizationrelationistransitive.Forinstance,if x and y belongtothesamesynchronization set ataprogram pointandifanewsynchronizationrelationbetween y and z isestablished bya subsequentinvocation, thenactors x, y and z belongtothesamesynchronizationsetaswell.

Thefinalexampleillustrateshowtheschedulingmightalsoaffectthecomputationaltimeofthe

alt

programs. Example3.4.The followingexampleshowsthemethod

main

4 thatspawnsthreetasksinactory inparallel–

m

1,

m

2 and

m

3 –thatwillbeinthepoolofpendingtasksof y.Inturn,

m

3 spawns

m

4inanewlycreatedactor z.

We havealso highlighted two possiblecomputations of

main

4. Computation 1 illustrates an executionwhere task

m

2 is

scheduledbefore

m

3.Therefore,theexecutionof

m

4,spawnedby

m

3,isexecutedwhen

m

2 isfinished.Thisschedulingleads

to thecomputational time c1 that adds the cost of all methods. Additionally, note that differentscheduling orders in y

affecttheexecutionof

m

4 inz.Onthecontrary,in Computation2theexecutionof

m

3 isscheduledbefore

m

2.Inthiscase,

afterexecutingwait

(

k3

)

atline 16,

m

4isspawnedanditsreturnissynchronizedatline 18.Notethat,as

m

2 isinthepool

of pending tasksof y, it willbe executed inparallel with

m

4.The computational time of Computation 2 will be smaller:

c2

=

k0

+

k1

+

k3

+

max

(

k2

,

k4

)

.Forthisprogram,theexpressionthatover-approximatesthecostofexecuting

main

4needs

tosumupthecostofallmethods: cmain₄

=

k0

+

k1

+

k2

+

k3

+

k4

Since ourtechniqueissound(seeSection 5fordetails),i.e., itreturnsan over-approximationforeverypossible computa-tionaltime,ittakesintoaccounteveryschedulingorderwhenmultipletaskscanbependinginthesamepool.

2

4. Theanalysisof

alt

programs

This section defines the translation of an

alt

program into a costprogram, i.e., a set of cost equations m

(

u

)

=

exp,

where m isa(cost)functionsymbolandexp isanexpressionthatmaycontain(cost)functionapplicationsoftheform: exp

::=

k

|

u

|

exp

+

exp

|

m

(

e

)

|

max

(

exp

,

exp

)

In particular,cost expressionsare additions ofthefollowingtype ofelements:naturalnumbersk, naturalnames u,m

(

e

)

whichreferstothecostofexecutingmethod

m

,butonlyconsideringthenaturalexpressionsine;ormax

(

exp

,

exp

)

,which returnsthemaximumbetweentwocostexpressionsexp andexp.

Givenan

alt

program

P

,theanalysisiteratesindependentlyovereachmethoddefinition

m

(

x

,

y

,

u

)

=

s in

P

and trans-latesitintoacostequation oftheformm

(

u

)

=

exp,where m correspondsto themethodname

m

andexp encodesa cost function which correspondsto an upperbound ofthetime executing

m

,withrespectto thenumerical parameters u. As hinted in our examples, the analysis performs thistranslation by studying the task pool of every actor involved inthe method’s execution, identifying an upper bound forthe ending time ofeach of its tasks,which in turngive raise to an upperboundtothecomputationaltimeofthemethoditself.

In order to manage the complexity of studying task pools and the different scheduling possibilities as described in Section 3,ouranalysisusestwomajorstructures, synchronizationschema andaccumulatedcosts.Thesynchronizationschema

ofamethodgivesthesynchronizationsetofeveryactorinvolvedinthatmethod’sbody.AsdescribedinExample3.3,actors inthesamesynchronizationsetinteractoutsidethescope oftheanalyzed method,whichmeansthattheendingtime of

1

main

(

x

,

a

,

b

)

=

2

ν

y

;

νz

;

ν

w

;

3

wait

(

k0

)

;

4

ν

f

: m

1

(

x

);

5

νg

: m

3

(

y

,

z

);

6

wait

(

a

)

;

7

νh

: m

4

(

w

)

;

8

νi

: m

2

(

z

)

;

9 i

;

10

wait

(

b

)

;

11 h

;

12 f

;

g

;

13

m

1

(

z

)

=

14

wait

(

k1

)

;

15 16

m

2

(

z

)

=

17

wait

(

k2

)

;

18 19

m

3

(

y

,

z

)

=

20

wait

(

k3

)

;

21

ν

f

: m

4

(

z

)

;

22 f

;

23 24

m

4

(

z

)

=

25

wait

(

k4

)

;

Fig. 2. Running example of aaltprogram.

ataskinoneactor’staskpooldependssomehowonthetaskpoolsanditsschedulingordersofother actorsinthesame synchronizationset.Theanalysisover-approximatesthisimplicitdependencybyconsideringthepoolsofalltheseactorsas iftheywereoneuniquepool.Anaccumulatedcosts isanabstractionofataskpoolusedtogetagoodupperboundforthe endingtimeofacomputation.Themaindifficultyinidentifyingsuchanupperbound istodeterminethestartingtimeof acomputation,whichdependsonthestateofthetaskpoolitselfandonthetimeatwhichthecorrespondingmethodcall wasperformed.

4.1. Synchronizationschema

Asynchronizationset,rangedoverby A, B,

· · ·

,isasetofactornameswhosetaskshaveimplicitdependencies,thatis, the tasksofthese actorsmay reciprocally affectthetaskpools oftheother actors in thesame setby means ofmethod invocations andsynchronizations.Asynchronizationschema, rangedover by

S

,

S

,

· · ·

, isa collectionof pairwise disjoint synchronizationsets.Thesynchronizationschemaofamethod

m

isthusapartitionoftheactorsusedinthatmethodinto synchronizationsetsandisconstructedasfollows.

Definition4.1(Synchronizationschemafunction).Let

S

beasynchronizationschemaands beastatement.Let

sschem

(

S

,

s

)

=

⎧

⎨

⎩

S

⊕ {

y

,

z

}

if s

=

ν

f

: m(

y

,

z

,

e

)

sschem

(sschem(

S

,

s

),

s

)

if s

=

s

;

s

S

otherwise where

S

⊕

A

=

⎧

⎨

⎩

A if

S

= ∅

(

S



⊕

A

)

∪

A if

S

=

S



∪

Aand A

∩

A

= ∅

S



_{⊕ (}

_A

_∪

_A

₎

_if

_S

₌

_S



_∪

_A_{and A}

_∩

_A

_{= ∅}

Let be an

alt

method definition. The synchronizationschema

S

m, where

m

(

x

,

y

,

u

)

=

νz

1

;

· · · ;

νz

k

;

s, is the set

S

m

=

sschem

(

{{

x

,

y

}},

s

)

.Theterm

S(

x

)

denotesthesynchronizationset,whichcontains x,inthesynchronizationschema

S

.

The function

S ⊕

A merges aschema

S

witha synchronizationset A. Ifnoneofthe actors in A belongsto a setin

S

,theoperationreducestoasimplesetunion.Forexample,let

S={{

x

,

y

},

{

z

,

w

}}

.Then

S ⊕ {

x

,

v

}

is equalto

(

{{

x

,

y

}}

⊕

{

x

,

v

})

∪ {{

z

,

w

}}

,whichequals

{{

x

,

y

,

v

},

{

z

,

w

}}

.Itisworthtoobservethatthesameresultfollowsbyswapping

{

x

,

y

}

and

{

z

,

w

}

(becauseelementsof

S

aredisjoint).Infact

{{

z

,

w

}} ⊕ ({

x

,

y

} ∪ {

x

,

v

}) = {{

x

,

y

,

v

},

{

z

,

w

}}

.

The synchronizationschema

sschem

(

S,

ν

f

: m(

y

,

z

))

= {{

x

,

y

,

z

,

w

}}

indicatesthat all the actorsare inthe same syn-chronizationset.Onthecontrary,

sschem

(S,

ν

f

: m(

x

,

v

))

= {{

x

,

y

,

v

},

{

z

,

w

}}

,becauseactors x

,

v donotbelongto

{

z

,

w

}

.

We alsocompute

S

main,where

main

(

x

,

a

,

b

)

=

ν

y

;

νz

;

νw

;

smain isthe mainmethod inFig.2.This schemaisequal

to

{{

x

},

{

y

,

z

},

{

w

}}

,thatisthetaskpoolsofactors y and z may affecteach otherdueto theinvocationatline8,whereas thetaskpoolsof x and w areindependent fromtherest.Observethat,asthebody of

m

3 doesnotcontainactorcreation

statements,itssynchronizationschemaisasingletonsetthatcontainingonlyitsparameters,e.g.,

S

m3

= {{

y

,

z

}}

.

4.2. Accumulatedcosts

Inordertodefine (anover-approximation of)thetime advancementsoftasksinasamepool –e.g. inasame synchro-nizationset–weuseanextensionofthesyntaxofexp,calledaccumulatedcost andnoted

ε

,whichisdefinedasfollows:

ε

::=

exp

|

ε

· 

m

(

e

),

exp

 |

ε



exp

.

The termexp defines the starting time of a taskinvoked in an actor that doesnot belong to thesame synchronization set of the carrier. Letthis carrierbe x in the discussion below andconsider an actor y that residesin a different syn-chronization setthan thatof x. Theterm

ε

· 

m

(

e

),

exp



representsthe startingtime ofamethodinvokedon actor y.For example, whenx invokes a method

m

on y using

ν

f

: m(

y

,

z

,

e

)

,the accumulatedcost ofthesynchronizationset of y is

ε

· 

m

(

e

),

0



,where

ε

isthecostuptothatpoint.Timeadvancementsinthetaskofthecarrier x (e.g.,withwait

(

e

)

),which affectthe starting timeofsubsequent methodinvocationson y,isexpressedby addinge to exp;namely,

ε

· 

m

(

e

),

exp



becomes

ε

· 

m

(

e

),

exp

+

e



,which means that the starting time ofthe next method invocationon the synchronization set of y isafter thetime expressedby

ε

plus the maximum betweenm

(

e

)

andexp

+

e.The term

ε



exp expresses the time advancementin thecarrier x when amethod running onan actor y in adifferent synchronizationset is synchro-nized. Inthiscasethetimeadvancesby themaximumbetweenthecurrenttimeexp of x and thetimeof y,represented by

ε

.

Following thesemanticsdescribed above, wecan definethe function

[

[

ε

]

]

that computesthetime correspondingto

ε

, i.e.,the(over-approximationof)startingtimeofthenexttaskinthesynchronizationsetwhosecostis

ε

:

[[

exp

]] =

exp

[[

ε

· 

m

(

e

),

exp

]] = [[

ε

]] +

max

(

m

(

e

),

exp

)

[[

ε



exp

]] =

max

(

[[

ε

]],

exp

)

Example4.1.Thefollowingexpressions

ε

i indicatetheaccumulatedcostsinactor y forsomeinterestingprogrampointsof method

main

1inExample2.2:

3: wait

(

k0

)

;

ε

3

=

0

4:

ν

f

: m

₁

(

y

)

;

ε

₄

=

k₀

· 

m₁

(),

0



5: wait

(

a

)

;

ε

5

=

k0

· 

m1

(),

a



6:

ν

g

: m

₂

(

y

)

;

ε

₆

=

k₀

· 

m₁

(),

a

 · 

m₂

(),

0



7: wait

(

b

)

;

ε

₇

=

k₀

· 

m₁

(),

a

 · 

m₂

(),

b



Note thateach taskcreationin y includesanewtupleintheaccumulatedcost:



m1

(),

0



in

ε

4 and



m2

(),

0



in

ε

6.Note

alsothattimeadvancements localinthecarrier,i.e.,actor x inExample2.2,updatethelasttupleintheaccumulatedcost withthecorrespondingexpression:a in

ε

5andb in

ε

7.

Next, considerthe expression

ε

7

=

k0

· 

m1

(),

a

 · 

m2

(),

b



. Becauseof thesynchronization g at line8of

main

1 we

obtainthefollowingcostexpression:

[[

ε

7

]] =

k0

+

max

(

m1

(),

a

)

+

max

(

m2

,

b

)

that over-approximates the worst possible time when g issynchronized. We observe that k0 is the computational time

when

m

1 isinvoked,max

(

m1

(),

a

)

expressesthat

m

1 andwait

(

a

)

canbeexecutedinparallel(analogouslyformax

(

m2

(),

b

)

)

andk0

+

max

(

m1

(),

a

)

correspondstotheworstpossiblestartingtimeof

m

2.Itisworthtonoticethat

[

[

ε

7

]

]

returnsthecost expressioncmain1 computedinExample3.1.

2

4.3. Thetranslationfunction

Wehaveseenhowtheaccumulatedcostsandtheircorrespondingcostexpressionscanbecomputedforagiven synchro-nizationset.Interestingly,eachsynchronizationsethasitsownaccumulatedcost,thus,forouranalysisitisfundamentalto keeptheaccumulatedcostsseparateinordertogetpreciseresults.Inthefollowingsectionwedefinea

translate

func-tion thatcomputesthecostofamethodconsidering allpossiblesynchronizationsetsandsynchronizationsperformedon it.

Thetranslationofan

alt

method

m

consistsoftwosteps:first(i)thesynchronizationschema

S

miscomputed,following

thetechniquedescribedSection 4.1,then(ii)thebodyofmethod

m

isanalyzed,byparsingeachofitsstatementsinorder. The analysis (ii)recordsthe accumulatedcosts ofsynchronization setsin translationenvironments, rangedover by



,



,

· · ·

. Translation environments are maps of the form

S

m

(

x

)

→

ε

, which relate the different synchronization sets to their

correspondingaccumulatedcosts.Theauxiliaryoperators



and

+

areusedasfollows:

(



exp

)(

S

)

= (

S

)



exp

(

+

exp

)(

S

)

=

ε

· 

m

(

e

),

exp’

+

exp

  (

exp1

+

exp

)

 · · ·  (

expn

+

exp

)

with

(

S

)

=

ε

· 

m

(

e

),

exp

 

exp₁

 · · · 

exp_n

Givenasynchronizationschema

S

,thetranslationfunction,writtenas

translate

_S

(

I

,

,

x

,

l

,

t

,

s

)

,takesthefollowingsix arguments:

translate_S(I,,x,l,t,

μ

) = ⎧ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎨ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎩ (1) (I,+e,l,t+e) when

μ

=wait(e) (2) (I[f→S(x)], ,l+m(e),t) when

μ

=

ν

f: m(y,z,e)and y∈S(x) (3) (I[f→S(y)], [S(y)→

ε

· m(e),0],l,t) when

μ

=

ν

f: m(y,z,e)and y∈/S(x)

ε

=  (S(y)) if_S(y)∈dom() t otherwise (4) (I\F,+l,0,t+l) when

μ

=fand x∈I(f) where F= {f|I(f)=S(x)} (5) (I\F, (t)\I(f),0,t) when

μ

=fand x∈/I(f) where F= {f|I(f)=S(x)or I(f)=I(f)} and t₌max(t₊l,[[(I(f))]]) (6) (I\F,+l,0,t+l) when

μ

=fand f∈/dom(I)

where F_{= {}f_|I(f)=S(x)}

Fig. 3. The translation ofaltstatements.

i. I isamapfromfuturenamestosynchronizationsets,

ii.



isatranslationenvironment,

iii. x isthenameofthecarrier,i.e.,theactoronwhichs isexecuting,

iv. l isacostexpressionthatover-approximatesthecostofthemethodsinvokedonactorsbelongingtothesame synchro-nizationsetwherethecarrier x residesandnotyetsynchronized,

v. t isacostexpressionthatover-approximatesthecurrentcomputationalcost,whichisthecomputationaltime accumu-latedfromthebeginningofthemethodexecution,and

vi. s isasequenceofstatements,representingwait

(

e

)

,

ν

f

: m(

e

)

,or fthatmustbetranslated. andreturnsatupleconsistingofthefourelements:

i. anupdatedmap I,

ii. anupdatedtranslationenvironment



,

iii. anupdatedthecostofmethodsrunningonactorsinthesamesynchronizationsetasthecarrier,and

iv. anexpressionoftheupdatedcurrentcomputationalcost. Thefunctionisdefinedonstatementsasfollows

translate_S(I,,x,l,t,0)= (I,,l,t)

translate_S(I,,x,l,t,

μ

;s)= translate_S(I,,x,l,t,s)

wheretranslate_S(I,,x,l,t,

μ

)= (I,,l,t)

where

translate

_S

(

I

,

,

x

,

l

,

t

,

μ

)

isdetailedinFig.3.Notethat,thedifficultcaseofthetranslationfunctioniswhenthe statementisatasksynchronization f,whichiscoveredbycases(4),(5)and(6).Inthefollowing,wediscussthesixcases ofFig.3indetail.

Case (1): When s is a wait

(

e

)

statement, the

translate

function adds thecost e to the current cost t, which is also reflectedontheenvironment



byupdating theaccumulatedcost ofthemethodinvocationsoneach synchronization set in



.

Cases (2)and (3): When s isamethod invocationonactor y, there aretwo subcases, depending onwhether y isinthe samesynchronizationsetofcarrier x (Case (2))ornot(Case (3)).InCase (2),thecost oftheinvocationisaddedto l and theupdated I bindsthecorrespondingfuture f to

S(

x

)

.InCase (3),weaddthebindingfrom f to

S(

y

)

tothemap I and updatethetranslationenvironment



byappending thecostofinvoking

m

totheaccumulatedcosttowhich

S(

y

)

maps. Notethat,methodinvocationsonlyincludesthenaturalexpressionsusedforinvoking

m

,thatis,itincludesm

(

e

)

.

Case (4): Thisisthefirstsub-caseoftasksynchronization whichcapturesthe situationwherethesynchronizationis per-formed on a methodwhose calleebelongs to

S(

x

)

. Since itis non-deterministic when the taskbeingsynchronized will actuallybe scheduled,we addthesumofthecostsofallthetasksrunningonactorsin

S(

x

)

,whichisstoredinl,tothe currenttimet (worstcase)atthissynchronizationpoint.The

translate

functionthenresets l to 0,andremovesfrom I allthecorrespondingfuturessincethecorrespondingcostshavebeenalreadyconsidered.