Upload
leon-bradford
View
221
Download
0
Tags:
Embed Size (px)
Citation preview
Shared Variables Interaction Diagrams
Radu GrosuState University of New York at Stony
Brook
joint work with
Rajeev AlurUniversity of Pennsylvania
Motivation
• Scenario-based specifications are very popular in concurrent systems development:
– intuitive description of design requirements,
– intuitive presentation of system executions,
– compact presentation test sequences.
Fact
• Concurrent systems are usually constructed around one of the following communication models:
– Shared variables
– Message passing
Message Passing
• standardized notation in form of MSCs (UML-SDs)
• precise semantics subjected to analysis,
• algorithms and tools (race conditions, timing conflicts…)
Shared Variables?
No formal notation so far!
• but plenty informal diagrams
In This Work
• Define Shared Variables Interaction Diagrams (SVID):
– introduce the notion of consistent SVID,
– analyze complexity of consistency checking:
•many-to-many communication
• one-to-many communication
• Define refinement notion between SVIDs:– intuitive syntactic refinement steps,
– analyze complexity of refinement checking:
•many-to-many communication
• point-to-point communication
Peterson Mutual Exclusion Protocol
p1
ini
idle
f1:=F
f1:=T
t :=2
f1:=F
p2
ini
idle
reqCS reqCS
f2:=F
f2:=T
t :=1
t t
inCS f1
idle reqCS
p1
ini
idle
reqCS
f1:=F
f1:=T
t :=2
f2
inCS
f1:=F
p2
ini
idle
f2:=F
idle idle
f1= T: p1 wants to enter critical section
f2= T: p2 wants to enter critical section
t = 1: p1 has priority
idle
t
reqCS reqCS
f1:=T
t :=2
idle
f1:=F
ini
f1:=F
ini
f2:=F
f2:=T
t :=1
t
inCS f1
idle reqCS
Processes p1 p2
p1.Xr = {f2} - read variables
p1.Xs = {t} - write shared variables
p1.Xe = {f1} - write exclusive variables
p1.Xw = {t,f1} - write variables
p1.X = {t,f1,f2} - all variables
Vertices
idle reqCS
p2
idle
ini
idle
ini
reqCS reqCS
inCS
f1:=F
f1:=T
t :=2
f1:=F
f2:=F
f2:=T
t :=1
t t
f1
p1
v14
v13
v12
v11
v24
v23
v22
v21
Vertices
idle reqCS
p2
idle
ini
idle
ini
reqCS reqCS
inCS
f2:=F
f2:=T
t :=1
f1:=F
f1:=T
t :=2
f1:=F
t t
f1
p1
v14
v13
v12
v11
v24
v23
v22
v21
v1i.p = p1
p1.V = {v11,v12,v13,v14}
V = p1.V p2.V
< = <p1 <p2
linear
order=
timeflow
<p
1
Atomic Update Boxes
idle reqCS
p1 p2
idle
ini
idle
ini
reqCS reqCS
inCS
f1:=F
f1:=T t :=2
f1:=F
f2:=F
f2:=T
t :=1
t t
f1
v12
v13
read variables
(t)
assignment
(state)
explicit write variables (t,f1)
implicit write
variables (f1)
Read Edges
p1
ini
idle
f1:=F
f1:=T
t :=2
f1:=F
p2
ini
idle
reqCS reqCS
f2:=F
f2:=T
t :=1
t t
inCS f1
idle reqCS
no intervening
vertex writes t
v13
v12
v23
v22
v24
v12 v22 v13 v23 v24 v12 v22 v23 v13 v24 v12 v22 v23 v24 v13
partial orderamong
vertices
Consistent SVID
There is a sequence v1 v2 … vn that:
(1) is consistent with time order <
(2) is consistent with read order E
(3) respects most recent updates.
Inconsistent SVID
p1
three
o1:=F o2
two
o1:=T
one
p1
three
o2:=F o1
two
o2:=T
one
v11 v21
v12 v22
v11
v21
v12
v22
v11
v21
v22
v12
Checking Consistency
One-to-many communication (write exclusive):
- Solved in linear time.
- Reduces to finding a cycle in a graph.
Many-to-many communication (write shared):
- In general NP complete.
- Resolving implicit dependencies -> backtrack.
Refinement
When does I refine S written I S?
- Interested in a refinement notion that has a syntactic counterpart that guides users.
Three simple ways to refine an SVID:
- By moving arrows and adding empty boxes.
- By splitting vertices.- By splitting processes.
Moving Arrows & Adding Empty Boxes
p1
p2
idle
ini
idle
f1:=F
f1:=T
t :=2
f1:=F
ini
reqCS reqCS
f2:=F
f2:=T
t :=1
t t
inCS f1
idle reqCS
p1
p2
idle
ini
idle
f1:=F
f1:=T
t :=2
f1:=F
ini
reqCS reqCS
f2:=F
f2:=T
t :=1
t t
inCS f1
idle reqCS
p1
p2
idle
ini
idle
f1:=F
f1:=T
t :=2
f1:=F
ini
reqCS reqCS
f2:=F
f2:=T
t :=1
t t
inCS f1
idle reqCS
p1
p2
idle
ini
idle
f1:=F
f1:=T
t :=2
f1:=F
ini
reqCS reqCS
f2:=F
f2:=T
t :=1
t t
inCS f1
idle reqCS
Splitting Vertices
f1:=T
t :=2
f2:=T
t :=1
Splitting Processes
p1
p2
idle
ini
idle
f1:=F
f1:=F
ini
reqCS reqCS
f2:=F
t t
inCS f1
idle reqCS
f1:=T
t :=2
f2:=T
t :=1
p1
p2
idle
ini
idle
f1:=F
f1:=F
ini
reqCS reqCS
f2:=F
t t
inCS f1
idle reqCS
f1:=T
t :=2
f2:=T
t :=1
p2
idle
ini
reqCS
f2:=F
t
f1
reqCS
f2:=T
p1
t
ini
idle
f1:=F
f1:=F
reqCS
t
inCS
idle
f1:=T
t :=2
t :=1
Refinement
When does I refine S written I S?
- Variables: S.X = I.X
- Processes: p.X q.X = {} or p.X q.X
- Boxes: there is a surjective map r form the vertices I to the vertices of S that preserves the variables.
- Dependency: The specification partial order (S.E S.<) is included in the image r(I.E I.<).
Checking Refinement
p1
p2
idle
ini
idle
f1:=F
f1:=F
ini
reqCS reqCS
f2:=F
t t
inCS f1
idle reqCS
f1:=T
t :=2 f2:=T
t :=1
p2
idle
ini
reqCS
f2:=F
t
f1
reqCS
f2:=T
p1
t
ini
idle
f1:=F
f1:=F
reqCS
t
inCS
idle
f1:=T
t :=2
t :=1
Checking Refinement
Point-to-point communication:
- Solved in O(|V|3).
- Reduces to computing the transitive closure.
Many-to-many communication:
- In general NP complete.
- Guessing the vertex map -> backtrack.
Deadlock for Dining Philosophers
p1
ini
tstR
f1:=F
tstL
tstL
f1:=T f1
f3
p3
ini
tstR
f3:=F
tstL
tstL
f3:=T f3
f2
p2
ini
tstR
f2:=F
tstL
tstL
f2:=T f2
f1
Deadlock for Dining Philosophers
p1
ini
tstR
tstL
tstL
f3
ini
tstR
tstL
tstL
p2
ini
tstR
tstL
tstL
f1
ini
tstR
tstL
tstL
f2
ini
tstR
tstL
tstL
p3
ini
tstR
tstL
tstL
set(F) set(F) set(F)
get get get
val(F) val(F)set(T)
val(F)set(T) set(T)
get
val(T)
get
val(T)get
val(T)
Wrap Up
• Defined Shared Variables Interaction Diagrams (SVID):
– introduced the notion of consistent SVID,
– analyzed complexity of consistency checking:
•many-to-many communication
• one-to-many communication
• Defined refinement notion between SVIDs:– intuitive syntactic refinement steps,
– analyzed complexity of refinement checking:
•many-to-many communication
• point-to-point communication