Type Safe Nondeterminism - A Formal Semantics of Java Threads
Andreas Lochbihler
Abstract
We present a generic framework to transform a single-threaded
operational semantics into a semantics with interleaved execution
of threads. Threads can be dynamically created and use locks for
synchronisation. They can suspend themselves, be noti�ed by other
threads again, and interact via shared memory. We formalised this
in the proof assistant Isabelle/HOL along with theorems to carry
type safety proofs for the instantiating semantics (progress and
preservation in the style of Wright and Felleisen [24]) over to the
multithreaded case, thereby investigating the role of deadlocks and
giving an explicit formalisation for them. We apply this framework
to the Java thread model using an extension of the Jinja [12] source
code semantics to have type safety for multithreaded Java machinechecked.
The Java Memory Model is not included.
Presented at FOOL'08; Sunday, 13 January 2007;
San Francisco, California, USA.