Implementation of an Interleaving Semantics for TLDA
-
Upload
universitaet-rostock -
Category
Education
-
view
601 -
download
1
description
Transcript of Implementation of an Interleaving Semantics for TLDA
![Page 1: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/1.jpg)
7 May 2005
Implementation of anInterleaving Semantics for TLDA
Luhme XI
Niels Lohmann
[email protected]://www.informatik.hu-berlin.de/~nlohmann/arbeit
![Page 2: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/2.jpg)
Luhme XI
2
Introduction to TLDA
The semantic model of TLDA is a run.
§
!
semantic model and basic concepts
idle
1
idle
pending
0
idle
pending
critical
1 0
criticalIntroduction to
TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 3: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/3.jpg)
Luhme XI
2
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts:
§
!
semantic model and basic concepts
idle
1
idle
pending
0
idle
pending
critical
1 0
criticalIntroduction to
TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 4: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/4.jpg)
Luhme XI
2
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts:
! transitions update values
§
!
semantic model and basic concepts
idle
1
idle
pending
0
idle
pending
critical
1 0
criticalIntroduction to
TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 5: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/5.jpg)
Luhme XI
2
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts:
! transitions update values
! …0f involved variables
§
!
semantic model and basic concepts
t1t2
idle
1
idle
pending
0
idle
pending
critical
1 0
criticalIntroduction to
TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 6: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/6.jpg)
Luhme XI
2
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts:
! transitions update values
! …0f involved variables
§
!
semantic model and basic concepts
t1t2
idle
1
idle
pending
0
idle
pending
critical
1 0
critical
dom(t1)={agent1} dom(t2)={agent1, sem}
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 7: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/7.jpg)
Luhme XI
3
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts (continued):
idle
1
idle
pending
0
idle
pending
critical
1 0
critical§
! C
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
semantic model and basic concepts
![Page 8: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/8.jpg)
Luhme XI
3
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts (continued):
! a cut can be understood as a global state
idle
1
idle
pending
0
idle
pending
critical
1 0
critical§
! C
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
semantic model and basic concepts
![Page 9: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/9.jpg)
Luhme XI
3
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts (continued):
! a cut can be understood as a global state
! every run has an initial cut
idle
1
idle
pending
0
idle
pending
critical
1 0
critical§
! CC0
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
semantic model and basic concepts
![Page 10: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/10.jpg)
Luhme XI
4
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts (continued):
§
! C C'
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
t1
t2
idle
1
idle
pending
0
idle
pending
critical
1 0
critical
semantic model and basic concepts
![Page 11: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/11.jpg)
Luhme XI
4
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts (continued):
! when all possible transitions occur, the successor cut C' is reached
§
! C C'
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
t1
t2
idle
1
idle
pending
0
idle
pending
critical
1 0
critical
semantic model and basic concepts
![Page 12: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/12.jpg)
Luhme XI
4
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts (continued):
! when all possible transitions occur, the successor cut C' is reached
! cuts C, C' and the occurred transitions form a step
§
! C C'
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
t1
t2
idle
1
idle
pending
0
idle
pending
critical
1 0
critical
semantic model and basic concepts
![Page 13: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/13.jpg)
Luhme XI
4
Introduction to TLDA
The semantic model of TLDA is a run.
basic concepts (continued):
! when all possible transitions occur, the successor cut C' is reached
! cuts C, C' and the occurred transitions form a step
§
! C C'
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
this cut cannot be reached with steps
t1
t2
idle
1
idle
pending
0
idle
pending
critical
1 0
critical
semantic model and basic concepts
![Page 14: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/14.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables
syntax
constants
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 15: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/15.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )
syntax
variables describingvalues in current cut Introduction to
TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 16: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/16.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )! flexible variables ( )
syntax
variables describing values in successor cut
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 17: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/17.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )! flexible variables ( )! primed flexible variables ( )
syntax
variables describinginvolvedness of setsof flexible variables
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 18: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/18.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )! flexible variables ( )! primed flexible variables ( )! ~-variables ( )
syntax
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 19: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/19.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )! flexible variables ( )! primed flexible variables ( )! ~-variables ( )
! formulas
syntax
formulas evaluated in steps of a run
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 20: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/20.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )! flexible variables ( )! primed flexible variables ( )! ~-variables ( )
! formulas! step formulas
syntax
step formulas with only flexible variables
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 21: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/21.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )! flexible variables ( )! primed flexible variables ( )! ~-variables ( )
! formulas! step formulas! state predicate
syntax
step formulas with only flexible variables
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 22: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/22.jpg)
Luhme XI
5
Introduction to TLDA
syntactic elements:
! variables! rigid variables ( )! flexible variables ( )! primed flexible variables ( )! ~-variables ( )
! formulas! step formulas! state predicate! run formulas
syntax
formulas evaluated in a whole run
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 23: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/23.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 24: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/24.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 25: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/25.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 26: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/26.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 27: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/27.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 28: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/28.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
Is there a transitionoccurring in SC involvingboth agent1 and sem?
![Page 29: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/29.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
Is there a transitionoccurring in SC involvingboth agent1 and sem?
![Page 30: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/30.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 31: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/31.jpg)
Luhme XI
6
Introduction to TLDA
evaluating step formulas:
idle
1
idle
pending
0t
idle
pending
critical
1 0
critical§
! C C'There is no transitioninvolving agent2.
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 32: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/32.jpg)
Luhme XI
7
Introduction to TLDA
evaluating run formulas:
idlet1
1
idle
pending
0t2
idle
pending
critical
1
§
!
?
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 33: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/33.jpg)
Luhme XI
7
Introduction to TLDA
evaluating run formulas:
idlet1
1
idle
pending
0t2
idle
pending
critical
1
§
!
?
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 34: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/34.jpg)
Luhme XI
7
Introduction to TLDA
evaluating run formulas:
idlet1
1
idle
pending
0t2
idle
pending
critical
1
§
! C0 C1 C2 C3
?
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 35: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/35.jpg)
Luhme XI
7
Introduction to TLDA
evaluating run formulas:
idlet1
1
idle
pending
0t2
idle
pending
critical
1
§
! C0 C1 C2 C3
?
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 36: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/36.jpg)
Luhme XI
7
Introduction to TLDA
evaluating run formulas:
idlet1
1
idle
pending
0t2
idle
pending
critical
1
§
! C0 C1 C2 C3
?!
evaluating formulas
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 37: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/37.jpg)
Luhme XI
8
Semantics
! TLDA: partial order semantics! transitions are partially ordered
u1 occurs before u2
! concurrent transitions have no order
t2idle pending
t1idle pending Which transition
occurs first?
partial ordered semantics
u11 0 u2 1
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 38: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/38.jpg)
Luhme XI
9
Semantics
! other formalisms (e.g. TLA):interleaving semantics! all possible interleavings of transitions
! totally ordered! exponential number of interleavings
and intermediate states
First t1, then t2!
idleidle
t1 pendingidle
t2 pendingpending
idleidle
t2 idlepending
t1 pendingpending
idleidle
{t1, t2} pendingpending
First t2, then t1!
t1 and t2 occur concurrently!
interleaving semantics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 39: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/39.jpg)
Luhme XI
10
Semantics
first subject of my work: development of an interleaving semantics for TLDA
! model checking:! few experiences with partial order
semantics (complicated data structures)! interleavings can be easily represented by a
labelled graph (transition system)! explicit model checkers (LoLA, Spin) base
on graph search in a transition system
! Next subject: build a transition system
interleaving semantics for TLDA
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 40: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/40.jpg)
Luhme XI
11
Transition System
formally a quintuple TS = (S, S0, Act, R, L)
sem ! 1 sem ! 0 sem ! 1
s0 s1 s2
definition
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 41: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/41.jpg)
Luhme XI
11
Transition System
formally a quintuple TS = (S, S0, Act, R, L)! S: nonempty set of states
sem ! 1 sem ! 0 sem ! 1
s0 s1 s2
definition
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 42: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/42.jpg)
Luhme XI
11
Transition System
formally a quintuple TS = (S, S0, Act, R, L)! S: nonempty set of states
! S0 " S: nonempty set of initial states
sem ! 1 sem ! 0 sem ! 1
s0 s1 s2
definition
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 43: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/43.jpg)
Luhme XI
11
Transition System
formally a quintuple TS = (S, S0, Act, R, L)! S: nonempty set of states
! S0 " S: nonempty set of initial states
! Act: finite set of actions
sem ! 1 sem ! 0 sem ! 1{a0} {a1}
{a2, a3}
s0 s1 s2
definition
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 44: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/44.jpg)
Luhme XI
11
Transition System
formally a quintuple TS = (S, S0, Act, R, L)! S: nonempty set of states
! S0 " S: nonempty set of initial states
! Act: finite set of actions
! R " S # (Act) # S: transition relation, labeled with a nonempty set of actions
sem ! 1 sem ! 0 sem ! 1{a0} {a1}
{a2, a3}
s0 s1 s2
definition
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 45: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/45.jpg)
Luhme XI
11
Transition System
formally a quintuple TS = (S, S0, Act, R, L)! S: nonempty set of states
! S0 " S: nonempty set of initial states
! Act: finite set of actions
! R " S # (Act) # S: transition relation, labeled with a nonempty set of actions
! L: S " (Var " Val): function to label states with a mapping variables/values
sem ! 1 sem ! 0 sem ! 1{a0} {a1}
{a2, a3}
s0 s1 s2
definition
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 46: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/46.jpg)
Luhme XI
12
Transition System
We can construct a transition system TS!
for TLDA specifications ! in normal form:
! Definition: normal form:! , Init $ �Next $ Progress
! Actions:Act is the set of the clauses of the disjunctive normal form of Next.
state predicate step formula ignored right now
construction
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 47: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/47.jpg)
Luhme XI
13
Transition Systemconstruction
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
idle
1
idle
pending
0
idle
pending
critical
1 0
critical§
! C0
sC0
! States, initial states, labels
For each cut reachable with steps from C0,add a new state and label it.
![Page 48: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/48.jpg)
Luhme XI
13
Transition Systemconstruction
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
idle
1
idle
pending
0
idle
pending
critical
1 0
critical§
! C0 C1
sC0sC1
! States, initial states, labels
For each cut reachable with steps from C0,add a new state and label it.
![Page 49: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/49.jpg)
Luhme XI
13
Transition Systemconstruction
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
idle
1
idle
pending
0
idle
pending
critical
1 0
critical§
! C0 C1 C2
sC0sC1
sC2
! States, initial states, labels
Repeat this for all runs of !.
For each cut reachable with steps from C0,add a new state and label it.
![Page 50: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/50.jpg)
Luhme XI
14
Transition Systemconstruction
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
idle
1
idle
pending
0
idle
pending
critical
1 0
critical§
! C0 C1 C2
sC0sC1
sC2
! Transition relation:
Repeat this for all runs of !.
Each step fulfils a set of clauses Ai of Next.Label the new transition relation with Ai (Ai " Act).
A0 A1
![Page 51: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/51.jpg)
Luhme XI
15
Transition System
properties of TS!:
! For all runs of !, for all cuts C reachable with steps from the initial cut, there exists a corresponding state sC in TS!
reachable from an initial state.
! For all states sC in TS! reachable from
an initial state, there exists a run of ! with a corresponding cut C reachable with steps from the initial cut.
properties
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 52: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/52.jpg)
Luhme XI
16
"
Transition System
Do we reach all cuts with steps from C0?
t21
pending
0t4
idle
t5pending
critical
1 0
critical
C0 C1 C2 C3
t3
t1
u1 " u2 " "
idle
idle§
!*
properties
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 53: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/53.jpg)
Luhme XI
16
"
Transition System
Do we reach all cuts with steps from C0?
t21
pending
0t4
idle
t5pending
critical
1 0
critical
C0 C1 C2 C3
t3
t1
u1 " u2 " "
C*
idle
idle§
!*
properties
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 54: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/54.jpg)
Luhme XI
16
"
Transition System
Do we reach all cuts with steps from C0?
t21
pending
0t4
idle
t5pending
critical
1 0
critical
C0 C1 C2 C3
t3
t1
u1 " u2 " "
C*
idle
idle§
!*
properties
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 55: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/55.jpg)
Luhme XI
16
"
Transition System
Do we reach all cuts with steps from C0?
t21
pending
0t4
idle
t5pending
critical
1 0
critical
C0 C1 C2
t3
t1
u1 " u2 " "
C*
idle
idle
§
!*
properties
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 56: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/56.jpg)
Luhme XI
16
"
Transition System
Do we reach all cuts with steps from C0?
t21
pending
0t4
idle
t5pending
critical
1 0
critical
C0 C1 C2
t3
t1
u1 " u2 " "
C*
idle
idle
§
!*
!properties
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 57: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/57.jpg)
Luhme XI
17
Transition System
Does "# ⊨ ! hold?
But it always holds for environment invariant formulas.
Can be understood literally:A formula ! is called environment invariant i! for all runs " with " ⊨ ! holds:when "# has the same restrictions on the system variables as ", then "# ⊨ !.
Not necessarily!properties
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 58: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/58.jpg)
Luhme XI
18
Transition System
Properties of TS! (! environment
invariant):
! For all runs of !, for all cuts C reachable with steps from the initial cut, there exists a corresponding state sC in TS!
reachable from an initial state.
! For all states sC in TS! reachable from
an initial state, there exists a run of ! with a corresponding cut C reachable with steps from the initial cut.
properties revised
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 59: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/59.jpg)
Luhme XI
19
Transition System
Properties of TS! (! environment
invariant):1. Every cut is represented by a state.
2. Every run is represented by a sequence of states beginning at an initial state.
3. Every state represents a cut.
4. Every sequence of states beginning at an initial state represents a run.
All interleavings of ! are contained in TS!.
! TS! is a TLDA interleaving semantics.
propositions
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 60: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/60.jpg)
Luhme XI
20
Implementation
second subject of my work:the prototypic implementation “TLDC”
! present features:! parse a TLDA specification! build a DNF-tree! discard irrelevant/contradicting actions! create C-code to build the transition system
! future:! better heuristics! TLDA model checking! reduction techniques
overview
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 61: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/61.jpg)
Luhme XI
21
Implementation
creation of actions/pruning of contradictions
" "
" "
DNF-tree (n=4)
pruning heuristics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook" "
![Page 62: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/62.jpg)
Luhme XI
21
Implementation
creation of actions/pruning of contradictions
" "
" "
DNF-tree (n=4)
pruning heuristics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook" "
![Page 63: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/63.jpg)
Luhme XI
21
Implementation
creation of actions/pruning of contradictions
" "
" "
DNF-tree (n=4)
pruning heuristics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook" "
![Page 64: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/64.jpg)
Luhme XI
21
Implementation
creation of actions/pruning of contradictions
" "
" "
DNF-tree (n=4)
pruning heuristics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook" "
![Page 65: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/65.jpg)
Luhme XI
21
Implementation
creation of actions/pruning of contradictions
" "
" "
DNF-tree (n=4)
pruning heuristics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook" "
![Page 66: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/66.jpg)
Luhme XI
21
Implementation
creation of actions/pruning of contradictions
" "
" "
DNF-tree (n=4)
pruning heuristics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook" "
#
![Page 67: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/67.jpg)
Luhme XI
21
Implementation
creation of actions/pruning of contradictions
" "
" "
DNF-tree (n=4)
pruning heuristics
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook" "
continue here…
![Page 68: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/68.jpg)
Luhme XI
22
Implementation
treating ~-variables
! most actions contradict because of~-variables
! ! “the more, the better”! a lot of knowledge can be gained:
! d ! ! ! ! "
gaining knowledge
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 69: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/69.jpg)
Luhme XI
23
Examples
requesting1
idle1
critical1 critical2
requesting2
idle2
semaphore
mutual exclusion
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 70: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/70.jpg)
Luhme XI
23
First example: mutual exclusion
! Petri net
! TLDA: three components/variables
Examples
requesting1
idle1
critical1 critical2
requesting2
idle2
semaphore
mutual exclusion
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 71: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/71.jpg)
Luhme XI
24
Examplesmutual exclusion
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
Tool demonstration #1
![Page 72: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/72.jpg)
Luhme XI
25
Examplesmutual exclusion
state inscriptions:
agent1 agent2 semaphore
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 73: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/73.jpg)
Luhme XI
25
Examplesmutual exclusion
state inscriptions:
agent1 agent2 semaphore
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 74: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/74.jpg)
Luhme XI
25
Examplesmutual exclusion
state inscriptions:
agent1 agent2 semaphore
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 75: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/75.jpg)
Luhme XI
26
Examplescrossing the river
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
! Second example:! farmer bought a wolf, a goat and cabbage! all have to cross a river with a small boat! the farmer can only take one thing with him! left unattended, the goat eats the cabbage! left unattended, the wolf eats the goat
Can they cross the river safely?
![Page 76: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/76.jpg)
Luhme XI
27
Examplescrossing the river
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
Tool demonstration #2
![Page 77: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/77.jpg)
Luhme XI
28
Examplescrossing the river
state inscriptions:
farmer goat wolf cabbage
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 78: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/78.jpg)
Luhme XI
28
Examplescrossing the river
initial state (all at east side of the river)
state inscriptions:
farmer goat wolf cabbage
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 79: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/79.jpg)
Luhme XI
28
Examplescrossing the river
initial state (all at east side of the river)
goal state(all at westside of the river)
state inscriptions:
farmer goat wolf cabbage
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 80: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/80.jpg)
Luhme XI
29
Outlook
! many exponential problems:! disjunctive normal form:
Peterson’s Mutex-algorithm could not yet be modelled: few lines of TLDA end up in milliards of actions. (pruning at its limits)
! ~-variables:Dining philosophers’ problem could not yet be modelled: 5 forks and 5 philosophers lead to 1023 ~-variables and 2046 variables in C++. (a new data structure might help)
! actions:step-explosion (Stephan Roch’s work)
problems
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 81: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/81.jpg)
Luhme XI
30
Outlook
! TLDA inapplicable for explicit model checking?
! Would symbolic model checking help?
! Any solutions for open problems?
! Any questions about my Studienarbeit?
! Ideas for subjects for a Diplomarbeit?
future/further work
Introduction to TLDA
Semantics
Transition System
Implementation
Examples
Outlook
![Page 82: Implementation of an Interleaving Semantics for TLDA](https://reader037.fdocuments.us/reader037/viewer/2022102923/5538101a4a79598f768b4664/html5/thumbnails/82.jpg)
7 May 2005
Implementation of anInterleaving Semantics for TLDA
Thank you!
Niels Lohmann
[email protected]://www.informatik.hu-berlin.de/~nlohmann/arbeit