Shared Variables Interaction Diagrams

Radu GrosuState University of New York at Stony

Brook

joint work with

Rajeev AlurUniversity of Pennsylvania

Motivation

• Scenario-based specifications are very popular in concurrent systems development:

– intuitive description of design requirements,

– intuitive presentation of system executions,

– compact presentation test sequences.

Fact

• Concurrent systems are usually constructed around one of the following communication models:

– Shared variables

– Message passing

Message Passing

• standardized notation in form of MSCs (UML-SDs)

• precise semantics subjected to analysis,

• algorithms and tools (race conditions, timing conflicts…)

Shared Variables?

No formal notation so far!

• but plenty informal diagrams

In This Work

• Define Shared Variables Interaction Diagrams (SVID):

– introduce the notion of consistent SVID,

– analyze complexity of consistency checking:

•many-to-many communication

• one-to-many communication

• Define refinement notion between SVIDs:– intuitive syntactic refinement steps,

– analyze complexity of refinement checking:

•many-to-many communication

• point-to-point communication

Peterson Mutual Exclusion Protocol

p1

ini

idle

f1:=F

f1:=T

t :=2

f1:=F

p2

ini

idle

reqCS reqCS

f2:=F

f2:=T

t :=1

t t

inCS f1

idle reqCS

p1

ini

idle

reqCS

f1:=F

f1:=T

t :=2

f2

inCS

f1:=F

p2

ini

idle

f2:=F

idle idle

f1= T: p1 wants to enter critical section

f2= T: p2 wants to enter critical section

t = 1: p1 has priority

idle

t

reqCS reqCS

f1:=T

t :=2

idle

f1:=F

ini

f1:=F

ini

f2:=F

f2:=T

t :=1

t

inCS f1

idle reqCS

Processes p1 p2

p1.Xr = {f2} - read variables

p1.Xs = {t} - write shared variables

p1.Xe = {f1} - write exclusive variables

p1.Xw = {t,f1} - write variables

p1.X = {t,f1,f2} - all variables

Vertices

idle reqCS

p2

idle

ini

idle

ini

reqCS reqCS

inCS

f1:=F

f1:=T

t :=2

f1:=F

f2:=F

f2:=T

t :=1

t t

f1

p1

v14

v13

v12

v11

v24

v23

v22

v21

Vertices

idle reqCS

p2

idle

ini

idle

ini

reqCS reqCS

inCS

f2:=F

f2:=T

t :=1

f1:=F

f1:=T

t :=2

f1:=F

t t

f1

p1

v14

v13

v12

v11

v24

v23

v22

v21

v1i.p = p1

p1.V = {v11,v12,v13,v14}

V = p1.V p2.V

< = <p1 <p2

linear

order=

timeflow

<p

1

Atomic Update Boxes

idle reqCS

p1 p2

idle

ini

idle

ini

reqCS reqCS

inCS

f1:=F

f1:=T t :=2

f1:=F

f2:=F

f2:=T

t :=1

t t

f1

v12

v13

read variables

(t)

assignment

(state)

explicit write variables (t,f1)

implicit write

variables (f1)

Read Edges

p1

ini

idle

f1:=F

f1:=T

t :=2

f1:=F

p2

ini

idle

reqCS reqCS

f2:=F

f2:=T

t :=1

t t

inCS f1

idle reqCS

no intervening

vertex writes t

v13

v12

v23

v22

v24

v12 v22 v13 v23 v24 v12 v22 v23 v13 v24 v12 v22 v23 v24 v13

partial orderamong

vertices

Consistent SVID

There is a sequence v1 v2 … vn that:

(1) is consistent with time order <

(2) is consistent with read order E

(3) respects most recent updates.

Inconsistent SVID

p1

three

o1:=F o2

two

o1:=T

one

p1

three

o2:=F o1

two

o2:=T

one

v11 v21

v12 v22

v11

v21

v12

v22

v11

v21

v22

v12

Checking Consistency

One-to-many communication (write exclusive):

- Solved in linear time.

- Reduces to finding a cycle in a graph.

Many-to-many communication (write shared):

- In general NP complete.

- Resolving implicit dependencies -> backtrack.

Refinement

When does I refine S written I S?

- Interested in a refinement notion that has a syntactic counterpart that guides users.

Three simple ways to refine an SVID:

- By moving arrows and adding empty boxes.

- By splitting vertices.- By splitting processes.

Moving Arrows & Adding Empty Boxes

p1

p2

idle

ini

idle

f1:=F

f1:=T

t :=2

f1:=F

ini

reqCS reqCS

f2:=F

f2:=T

t :=1

t t

inCS f1

idle reqCS

p1

p2

idle

ini

idle

f1:=F

f1:=T

t :=2

f1:=F

ini

reqCS reqCS

f2:=F

f2:=T

t :=1

t t

inCS f1

idle reqCS

p1

p2

idle

ini

idle

f1:=F

f1:=T

t :=2

f1:=F

ini

reqCS reqCS

f2:=F

f2:=T

t :=1

t t

inCS f1

idle reqCS

p1

p2

idle

ini

idle

f1:=F

f1:=T

t :=2

f1:=F

ini

reqCS reqCS

f2:=F

f2:=T

t :=1

t t

inCS f1

idle reqCS

Splitting Vertices

f1:=T

t :=2

f2:=T

t :=1

Splitting Processes

p1

p2

idle

ini

idle

f1:=F

f1:=F

ini

reqCS reqCS

f2:=F

t t

inCS f1

idle reqCS

f1:=T

t :=2

f2:=T

t :=1

p1

p2

idle

ini

idle

f1:=F

f1:=F

ini

reqCS reqCS

f2:=F

t t

inCS f1

idle reqCS

f1:=T

t :=2

f2:=T

t :=1

p2

idle

ini

reqCS

f2:=F

t

f1

reqCS

f2:=T

p1

t

ini

idle

f1:=F

f1:=F

reqCS

t

inCS

idle

f1:=T

t :=2

t :=1

Refinement

When does I refine S written I S?

- Variables: S.X = I.X

- Processes: p.X q.X = {} or p.X q.X

- Boxes: there is a surjective map r form the vertices I to the vertices of S that preserves the variables.

- Dependency: The specification partial order (S.E S.<) is included in the image r(I.E I.<).

Checking Refinement

p1

p2

idle

ini

idle

f1:=F

f1:=F

ini

reqCS reqCS

f2:=F

t t

inCS f1

idle reqCS

f1:=T

t :=2 f2:=T

t :=1

p2

idle

ini

reqCS

f2:=F

t

f1

reqCS

f2:=T

p1

t

ini

idle

f1:=F

f1:=F

reqCS

t

inCS

idle

f1:=T

t :=2

t :=1

Checking Refinement

Point-to-point communication:

- Solved in O(|V|3).

- Reduces to computing the transitive closure.

Many-to-many communication:

- In general NP complete.

- Guessing the vertex map -> backtrack.

Deadlock for Dining Philosophers

p1

ini

tstR

f1:=F

tstL

tstL

f1:=T f1

f3

p3

ini

tstR

f3:=F

tstL

tstL

f3:=T f3

f2

p2

ini

tstR

f2:=F

tstL

tstL

f2:=T f2

f1

Deadlock for Dining Philosophers

p1

ini

tstR

tstL

tstL

f3

ini

tstR

tstL

tstL

p2

ini

tstR

tstL

tstL

f1

ini

tstR

tstL

tstL

f2

ini

tstR

tstL

tstL

p3

ini

tstR

tstL

tstL

set(F) set(F) set(F)

get get get

val(F) val(F)set(T)

val(F)set(T) set(T)

get

val(T)

get

val(T)get

val(T)

Wrap Up

• Defined Shared Variables Interaction Diagrams (SVID):

– introduced the notion of consistent SVID,

– analyzed complexity of consistency checking:

•many-to-many communication

• one-to-many communication

• Defined refinement notion between SVIDs:– intuitive syntactic refinement steps,

– analyzed complexity of refinement checking:

•many-to-many communication

• point-to-point communication