Models of Concurrency Manna, Pnueli
Download
Report
Transcript Models of Concurrency Manna, Pnueli
Models of Concurrency
Manna, Pnueli
Chapter 1
1.1 The Generic Model
1.2 Model 1: Transition Diagrams
1.3 Model 2: Shared-Variables Text
1.4
1.5
1.6
1.7
1.8
1.9
Semantics of Shared-Variables Text
Structural Relations Between Statements
Behavioral Equivalence
Grouped Statements
Semaphore Statements
Region Statements
1.10 Model 3: Message-Passing Text
1.11 Model 4: Petri-Nets
2
Model 2: shared-variable text
In transition diagram representation of
shared-variables programs
We only have guarded assignment
We need structured constructs to allow
hierarchical programs
readability, modifiability, analysis
3
Shared-variable text language
Basic (simple) statements
Grouped statements (atomic execution)
Synchronization statements
Semaphore
Region statement
4
Simple statements
Basic steps, atomic
Skip: a trivial do-nothing statement
Assignment: for ŷ a list of variables and
ē a list of expressions of the same
length and corresponding types.
skip
ŷ:=ē
Await: for c a boolean expression
await c
5
await c
c is the guard
Wait until c becomes true, and then
terminates.
What happens if in a sequential
program we have an await ?
6
In which states is await c enabled?
What about skip and assignment
statements?
7
Compound statements
A controlling frame applied to one or more simpler
statements (body).
May require several computation steps.
Conditional (if then else)
Concatenation (sequential composition)
Selection (non-deterministic choice)
Cooperation (parallel composition)
While (while do)
Block (a block with local dcls, like in Algol)
8
Conditional
If c then S1 else S2
Step 1: evaluate c
Step 2: execute one of statements
What is the difference between
conditional statement and await (await
c)?
9
Concatenation
S1; S2
Sequential composition
Step 1: first step of S1
Subsequent steps: rest of S1 and then
S2
Multiple concatenation statement S
S1; S2; …; Sn
Si children of S
10
We define
Concatenation await c; S
as
when c do S
as an abbreviation.
c: the guard, S: body
Not atomic
11
Selection
S1 or S2
Step 1: first step of one of S1 or S2 which is
enabled.
Subsequent steps: the rest of the selected
statement.
What if S1 and S2 are both enabled?
Non-deterministic choice
What if none is enabled?
The statement is disabled
12
Multiple selection statement
S1 or S2 or … or Sn
Abbreviated to
Si
ORin=1 Si
children of the selection
statement.
13
Dijkstra’s guarded command:
if c1 S1 c2 S2 … cn Sn fi
How to write it in our language (using
or)?
[when c1 do S1] or … [when cn do Sn]
14
First step: arbitrary choosing an i such
that ci is currently true, and passing the
guard ci.
Subsequent steps: execute the selected
Si
The order of the list does not imply
priority.
15
Non-exclusive
ci s are not exclusive,
not necessarily ci (cj) for every i j
Non-exhaustive
ci s are not exhaustive,
not always
\/in=1 ci
is true.
QUESTIONS:
Non-exclusiveness allows ??
nondeterminism
Non-exhaustiveness allows ??
Possibility of deadlock
16
Cooperation
S1 || S2
Parallel execution of S1 and S2
Step 1: entry step, setting the stage for
the parallel execution of S1 and S2
Subsequent steps: steps from S1 and S2
Last step: an additional exit step that
close the parallel execution.
17
Multiple cooperation statement
S1 || S2 … || Sn
Si children of the cooperation statement
QUESTION:
In [S1 || S2 ]; S3 , when does S3 start?
After both S1 and S2 are terminated.
18
While
while c do S
First step: evaluation of guard c
Subsequent steps:
C true: at least one more repetition of the
body S
C false: terminating the execution of while
19
Question
What are the differences between:
while c do S
when c do S ?
20
Block
[local dcl; S]
S is the body of the block.
Local dcl:
Local variable, …,variable: type where
: yi = ei
yi declared in this statement, ei depends on
program’s input variables
is the initialization of variables
Once, at the beginning of the program
(static) and not every time we enter the
block.
21
Statement S may refer to variables
which are declared at the head of the
program or at the head of a block
containing S.
22
Programs
P:: [dcl; [P1::S1 || … || Pm::SM]]
P1 , …,Pm :names of the processes
S1, …,Sm : top-level processes of the program
[P1::S1 || … || Pm::SM] : body of the program
Names of the program and top-level processes are
optional
QUESTION:
body of a program is like which statement??
a cooperation statement (but allow m=1) Uniformity
23
declarations:
mode variable, …, variable: type where
mode: in , local, out
Assertion : restrict the initial values of the
variables on entry to the program
24
Labels:
Statements in the body may be labeled.
We use them in our discussions and
specifications.
No statement refer to the labels.
25
Examples
Binomial coefficient
Greatest common divisor
P. 27, 28
26
BINOM
in
k, n : integer where 0<= k <= n
Local y1, y2: integer where y1 = n, y2 = 1
out b
: integer where b = 1
P1 :: …
||
P2 :: …
27
Program GCD
in a,b : integer where a>0, b>0
local y1,y2: integer where y1=a, y2=b
out g: integer
l1: while y1<> y2 do
l3: when y1> y2 do l4: y1:=y1-y2
l2:
or
l5: when y2> y1 do l6: y2:=y2-y1
l7: g:=y1
28
Labels in Text Program
Pre-label, post-label of statements
Two important roles:
Unique identification and reference to the
statements
Serve as possible sites of control in a way
similar to nodes in a transition diagram
P. 30 fig. 1.6, P. 31 fig. 1.7
29
The label equivalence relation
P. 31
Locations in the text language an
equivalence class of labels
A location is an equivalence class of labels
with respect to the label equivalence
relation ~L
P. 32
30
Conditional: S=[if c then S1 else S2]
Concatenation: S =[S1 … Si;Si+1 … Sm]
post(Si) ~L pre(Si+1)
pre(S) ~L pre(S1)
post(S) ~L post(Sm)
when statement S =[when c do S’]
post(S) ~L post(S1) ~L post(S2)
post(S’) ~L post(S)
Selection statement S =[S1 or…or Sm]
pre(S) ~L pre(S1) … pre(Sm)
post(S) ~L post(S1) … post(Sm)
31
while statement S =[while c do S’]
block statement S = [dcl; S’]
post(S’) ~L pre(S)
pre(S) ~L pre(S’)
post(S) ~L post(S’)
cooperation statement
No equivalency
32
1.4 Semantics of SharedVariables Text
Giving the semantics of SharedVariables Text:
Establishing the correspondence
between text programs
and the generic model of basic
transition systems (,,,)
Identifying the components of a basic
transition system in text programs
33
State variables, :
(, , , )
= {Y, }
Y is the set of data variables, explicitly
declared (input, output, local)
is single control variable: ranges over
sets of locations
All the locations of the program that are
currently active (statements candidate for
execution)
34
Example
out x: integer where x=0
l0: [l1 : x:= x+1; l2: x:=2; l3: x:=x+2]:l’0
QUESTION:
= ??
Note:
adequately labeled (equivalence classes)
Instead of {[l1], …} we represent it by {l1, …}
Here: {l0}, {l2}, {l3}, {l’0}
35
States, :
(,,,)
All possible interpretations that assign
to the state variables values over their
respective domains.
Question:
States of the previous example?
Reachable states of it? (p.34)
36
Transitions
(,,,)
The transition relation for idling
transition
I =
The transition relations for diligent
transitions l , shall be defined for each
statement, as trans(S).
p. 34 – p. 37
37
l : skip : l’,
l : ŷ:=ē : l’, (Assignment)
l : await c : l’,
l : if c then [ l1: S1 ] else [ l2: S2 ],
l : when c do [l’ : S ]
l : [while c do [l1 : S ]]: l’,
l : [[l1 : S1 : l’1] || … || [lm : Sm : l’m]] : l’,
(Cooperation)
--------------------------------- Concatenation: S= [S1;S2]
Selection: S= [S1 or S2 or … or Sn]
Block: S= [local dcl; S’]
The Initial Condition
[dcl; [P1 :: [lm : S1] || … || Pm::[lm : Sm ]]]
is the data precondition of the program.
: (={l1, …, lm})
39
Computation
Computation of a basic transition system: an
infinite sequence of states satisfying the
following requirement:
Initiation: first state satisfy the initial condition
Consecution: for two consecutive states in the
computation, the corresponding transition is in the
set of transitions.
Diligence: the sequence contains infinitely many
diligent steps or it contains a terminal state.
40
GCD example
State variables: , y1, y2, g
P. 39
41
Program GCD
in a,b : integer where a>0, b>0
local y1,y2: integer where y1=a, y2=b
out g: integer
l1: while y1<> y2 do
l3: when y1> y2 do l4: y1:=y1-y2
l2:
or
l5: when y2> y1 do l6: y2:=y2-y1
l7: g:=y1
---------------------<, y1, y2, g>:
<{l0},4,6,-> <{l2},4,6,-> <{l6},4,6,->
<{l1},4,2,-> <{l2},4,2,-> <{l4},4,2,->
<{l1},2,2,-> <{l7},2,2,-> <{l0’},2,2,2> …
42
Problem 1.1, 1.2
43
Subscripted variables
We allow subscripted variables u[e]
44
1.5 Structural Relations
Between Statements
The relations are determined by the
syntax of the program.
Sub-statements
For statements S and S’ , S is defined to be
a substatement of S’ , denoted by S S’ ,
if either S=S’ or S is a substatement of
one of the children of S’.
45
Being a substatement: the reflexive
transitive closure of the childhood
relation.
A is a child of B
B is a child of C
Then C is a substatement of A
And so on, recursively, the union of all
46
S S’
S is a substatement of S’
S’ is an ancestor of S
S is a descendent of S’
S is defined to be a proper
substatement of S’ , denoted by S< S’
if S S’ and S S’ .
47
A statement S1 is at front of a statement S2
if S1 S2 and pre(S1) ~L pre(S2) .
S1 is at the front of …?
S1
[S1;S2]
[[S1,S2 ] or S3]
S1 || S2
48
S1
[S1;S2]
[[S1,S2 ] or S3]
pre(S) ~L pre(S1)
pre(S) ~L pre([S1, S2 ]) ~L pre(S3)
S1 || S2
No label equivalence definition is associated
with cooperation statement.
49
We defined trans(S) : the set of
transitions associated with a statement
S
We also can Define trans-in(S) : the set
of all transitions associated with
substatements of S
trans-in(S) = S’ S trans(S’)
50
Least Common Ancestor
Common ancestor of S1 and S2 is S, if
S1 S and S2 S.
S is the least common ancestor (lca) of
S1 and S2 if
S is a common ancestor of S1 and S2 and
For any other common ancestor S’ of S1
and S2 , S S’ .
51
Any two statements in a program have
a unique least common ancestor.
P: [S1; [S2 || S3]; S4] || S5
lca of S2 and S3
lca of S2 and S4
[S2||S3]
[S1; [S2 || S3]; S4]
lca of S2 and S5
[S1; [S2 || S3]; S4] || S5
52
The state predicates:
at, after, in
Several control predicates that identify
the current location of control in a
state, in terms of labels and
statements.
at-l , at-S
after-l, after-S
in-l, in-S
Page 42
53
s |= at_l , if [l] holds in s
s |= at_S, if [pre(S)] holds in s
[l] s[ ]
Pre[S] s [ ]
For the l:S, the two predicates are
equivalent.
54
after_S, after_l
s |= after_S, if [post(S)] s[]
in_S, in_l
In_S = \/
S’S at_S’
at_S implies in_S
after_S implies !in_S
55
Enabledness of a statement
A statement S is defined to be enabled
on a state s if one of the transitions
associated with S (some transition in
trans(S)) is enabled on s.
56
Processes and parallel
statements
The diagram language allows only one
level of parallelism, at top
The text language allows nested
parallelism
For a statement S in a program P, S is
defined to be a process of P if S is a
child of a cooperation statement.
Covers the top-level processes (children of
the body of the program)
57
S’ and S’’ in a program P are defined to
be (syntactically) parallel in P if the
least common ancestor of S’ and S’’ is a
cooperation statement that is different
from both S’ and S’’.
58
P::[dcl; [[S1; [S2||S3];S4] || S5]]
The processes:
[S1; [S2||S3];S4]
S5
S2
S3
Is parallel to each other?
S2, S3 :T
S2, S4 :F
S2||S3, S2 :F
S2, S5 :T
59
Competing statements
S1 and S2 : two statements in a program P
S: Their lca
S1 and S2 are defined to be competing in P if
either S1=S2 or S is a selection statement,
different from both S1 and S2, such that both
S1 and S2 are at front of S,
pre(S1)~L pre(S2)~l pre(S)
60
[S1; [[S2;S3] or [S4;S5]];S6]]
Comp(S2) = {S2, S4, [S4;S5]}
61
Behavioral Equivalence
(section 1.6)
62