Models of Concurrency

Manna, Pnueli

2

Chapter 1 1.1 The Generic Model 1.2 Model 1: Transition Diagrams 1.3 Model 2: Shared-Variables Text

1.4 Semantics of Shared-Variables Text 1.5 Structural Relations Between Statements 1.6 Behavioral Equivalence 1.7 Grouped Statements 1.8 Semaphore Statements 1.9 Region Statements

1.10 Model 3: Message-Passing Text 1.11 Model 4: Petri-Nets

3

Model 2: shared-variable text

In transition diagram representation of shared-variables programs We only have guarded assignment

We need structured constructs to allow hierarchical programs readability, modifiability, analysis

4

Shared-variable text language

Basic (simple) statements Grouped statements (atomic

execution) Synchronization statements

Semaphore Region statement

5

Simple statementsBasic steps, atomic Skip: a trivial do-nothing statement

skip Assignment: for ŷ a list of variables

and ē a list of expressions of the same length and corresponding types. ŷ:=ē

Await: for c a boolean expression await c

6

await c c is the guard Wait until c becomes true, and

then terminates.

What happens if in a sequential program we have an await ?

7

In which states is await c enabled?

What about skip and assignment statements?

8

Compound statements

A controlling frame applied to one or more simpler statements (body).

May require several computation steps. Conditional (if then else) Concatenation (sequential composition) Selection (non-deterministic choice) Cooperation (parallel composition) While (while do) Block (a block with local dcls, like in Algol)

9

Conditional If c then S1 else S2

Step 1: evaluate c Step 2: execute one of statements

What is the difference between conditional statement and await (await c)?

10

Concatenation S1; S2 Sequential composition Step 1: first step of S1 Subsequent steps: rest of S1 and

then S2 Multiple concatenation statement S

S1; S2; …; Sn Si children of S

11

We define Concatenation await c; Sas when c do Sas an abbreviation. c: the guard, S: bodyNot atomic

12

Selection S1 or S2

Step 1: first step of one of S1 or S2 which is enabled.

Subsequent steps: the rest of the selected statement.

What if S1 and S2 are both enabled? Non-deterministic choice

What if none is enabled? The statement is disabled

13

Multiple selection statement S1 or S2 or … or Sn

Abbreviated to ORin=1 Si

Si children of the selection statement.

14

Dijkstra’s guarded command: if c1 S1 c2 S2 … cn Sn fi

How to write it in our language (using or)? [when c1 do S1] or … [when cn do Sn]

15

First step: arbitrary choosing an i such that ci is currently true, and passing the guard ci.

Subsequent steps: execute the selected Si

The order of the list does not imply priority.

16

Non-exclusive ci s are not exclusive, not necessarily ci (cj) for every i j

Non-exhaustive ci s are not exhaustive, not always \/i

n=1 ci is true.

QUESTIONS: Non-exclusiveness allows ??

nondeterminism Non-exhaustiveness allows ??

Possibility of deadlock

17

Cooperation S1 || S2

Parallel execution of S1 and S2

Step 1: entry step, setting the stage for the parallel execution of S1 and S2

Subsequent steps: steps from S1 and S2

Last step: an additional exit step that close the parallel execution.

18

Multiple cooperation statement S1 || S2 … || Sn

Si children of the cooperation statement

QUESTION: In [S1 || S2 ]; S3 , when does S3 start?

After both S1 and S2 are terminated.

19

While

while c do S

First step: evaluation of guard c Subsequent steps:

C true: at least one more repetition of the body S

C false: terminating the execution of while

20

Question What are the differences between:

while c do S when c do S ?

21

Block

[local dcl; S] S is the body of the block. Local dcl:

Local variable, …,variable: type where

: yi = ei yi declared in this statement, ei depends on

program’s input variables is the initialization of variables Once, at the beginning of the program

(static) and not every time we enter the block.

22

Statement S may refer to variables which are declared at the head of the program or at the head of a block containing S.

23

Programs P:: [dcl; [P1::S1 || … || Pm::SM]]

P1 , …,Pm :names of the processes

S1, …,Sm : top-level processes of the program [P1::S1 || … || Pm::SM] : body of the program Names of the program and top-level processes

are optionalQUESTION: body of a program is like which statement??

a cooperation statement (but allow m=1) Uniformity

24

declarations: mode variable, …, variable: type

where mode: in , local, out Assertion : restrict the initial values

of the variables on entry to the program

25

Labels: Statements in the body may be

labeled. We use them in our discussions and

specifications. No statement refer to the labels.

26

Examples

Binomial coefficient Greatest common divisor

P. 27, 28

BINOM

in k, n : integer where 0<= k <= nLocal y1, y2: integer where y1 = n, y2 = 1out b : integer where b = 1

P1 :: …

||

P2 :: …

27

28

Program GCDin a,b : integer where a>0, b>0

local y1,y2: integer where y1=a, y2=bout g: integer

l1: while y1<> y2 do l3: when y1> y2 do l4: y1:=y1-y2 l2: or l5: when y2> y1 do l6: y2:=y2-y1

l7: g:=y1

29

Labels in Text Program

Pre-label, post-label of statements Two important roles:

Unique identification and reference to the statements

Serve as possible sites of control in a way similar to nodes in a transition diagram

P. 30 fig. 1.6, P. 31 fig. 1.7

30

The label equivalence relation P. 31

Locations in the text language an equivalence class of labels A location is an equivalence class of

labels with respect to the label equivalence relation ~L

P. 32

Conditional: S=[if c then S1 else S2] post(S) ~L post(S1) ~L post(S2)

Concatenation: S =[S1 … Si;Si+1 … Sm] post(Si) ~L pre(Si+1) pre(S) ~L pre(S1) post(S) ~L post(Sm)

when statement S =[when c do S’] post(S’) ~L post(S)

Selection statement S =[S1 or…or Sm] pre(S) ~L pre(S1) … pre(Sm) post(S) ~L post(S1) … post(Sm)

31

while statement S =[while c do S’] post(S’) ~L pre(S)

block statement S = [dcl; S’] pre(S) ~L pre(S’) post(S) ~L post(S’)

cooperation statement No equivalency

32

33

1.4 Semantics of Shared-Variables Text

Giving the semantics of Shared-Variables Text:

Establishing the correspondence between text programs

and the generic model of basic transition systems (,,,) Identifying the components of a basic

transition system in text programs

34

State variables, : (, , , ) = {Y, } Y is the set of data variables,

explicitly declared (input, output, local)

is single control variable: ranges over sets of locations All the locations of the program that are

currently active (statements candidate for execution)

35

Example out x: integer where x=0 l0: [l1 : x:= x+1; l2: x:=2; l3: x:=x+2]:l’0

QUESTION: = ??

Note: adequately labeled (equivalence classes) Instead of {[l1], …} we represent it by {l1, …} Here: {l0}, {l2}, {l3}, {l’0}

36

States, : (,,,) All possible interpretations that

assign to the state variables values over their respective domains.

Question: States of the previous example? Reachable states of it? (p.34)

37

Transitions (,,,) The transition relation for idling

transition I =

The transition relations for diligent transitions l , shall be defined for each statement, as trans(S).

p. 34 – p. 37

l : skip : l’, l : ŷ:=ē : l’, (Assignment) l : await c : l’, l : if c then [ l1: S1 ] else [ l2: S2 ], l : when c do [l’ : S ] l : [while c do [l1 : S ]]: l’, l : [[l1 : S1 : l’1] || … || [lm : Sm : l’m]] : l’, (Cooperation)---------------------------------- Concatenation: S= [S1;S2] Selection: S= [S1 or S2 or … or Sn] Block: S= [local dcl; S’]

39

The Initial Condition

[dcl; [P1 :: [lm : S1] || … || Pm::[lm : Sm ]]]

is the data precondition of the program.

: (={l1, …, lm})

40

Computation Computation of a basic transition system:

an infinite sequence of states satisfying the following requirement: Initiation: first state satisfy the initial condition Consecution: for two consecutive states in the

computation, the corresponding transition is in the set of transitions.

Diligence: the sequence contains infinitely many diligent steps or it contains a terminal state.

41

GCD example State variables: , y1, y2, g P. 39

42

Program GCDin a,b : integer where a>0, b>0

local y1,y2: integer where y1=a, y2=bout g: integer

l1: while y1<> y2 do l3: when y1> y2 do l4: y1:=y1-y2 l2: or l5: when y2> y1 do l6: y2:=y2-y1

l7: g:=y1----------------------<, y1, y2, g>: <{l0},4,6,-> <{l2},4,6,-> <{l6},4,6,->

<{l1},4,2,-> <{l2},4,2,-> <{l4},4,2,-> <{l1},2,2,-> <{l7},2,2,-> <{l0’},2,2,2> …

43

Problem 1.1, 1.2

44

Subscripted variables

We allow subscripted variables u[e]

45

1.5 Structural Relations Between Statements

The relations are determined by the syntax of the program.

Sub-statements For statements S and S’ , S is defined

to be a substatement of S’ , denoted by S S’ , if either S=S’ or S is a substatement of one of the children of S’.

46

Being a substatement: the reflexive transitive closure of the childhood relation. A is a child of B B is a child of C Then C is a substatement of A And so on, recursively, the union of all

47

S S’ S is a substatement of S’ S’ is an ancestor of S S is a descendent of S’

S is defined to be a proper substatement of S’ , denoted by S< S’ if S S’ and S S’ .

48

A statement S1 is at front of a statement S2

if S1 S2 and pre(S1) ~L pre(S2) .

S1 is at the front of …? S1 [S1;S2] [[S1,S2 ] or S3] S1 || S2

49

S1 [S1;S2]

pre(S) ~L pre(S1)

[[S1,S2 ] or S3] pre(S) ~L pre([S1, S2 ]) ~L pre(S3)

S1 || S2

No label equivalence definition is associated with cooperation statement.

50

We defined trans(S) : the set of transitions associated with a statement S

We also can Define trans-in(S) : the set of all transitions associated with substatements of S

trans-in(S) = S’ S trans(S’)

51

Least Common Ancestor

Common ancestor of S1 and S2 is S, if S1 S and S2 S.

S is the least common ancestor (lca) of S1 and S2 if S is a common ancestor of S1 and S2

and For any other common ancestor S’ of

S1 and S2 , S S’ .

52

Any two statements in a program have a unique least common ancestor.

P: [S1; [S2 || S3]; S4] || S5 lca of S2 and S3

[S2||S3] lca of S2 and S4

[S1; [S2 || S3]; S4] lca of S2 and S5

[S1; [S2 || S3]; S4] || S5

53

The state predicates:at, after, inat, after, in Several control predicates that

identify the current location of control in a state, in terms of labels and statements. at-l , at-S after-l, after-S in-l, in-S

Page 42

54

s |= at_l , if [l] holds in s [l] s[ ]

s |= at_S, if [pre(S)] holds in s Pre[S] s [ ]

For the l:S, the two predicates are equivalent.

55

after_S, after_l s |= after_S, if [post(S)] s[]

in_S, in_l In_S = \/S’S at_S’

at_S implies in_S after_S implies !in_S

56

Enabledness of a statement

A statement S is defined to be enabled on a state s if one of the transitions associated with S (some transition in trans(S)) is enabled on s.

57

Processes and parallel statements The diagram language allows only

one level of parallelism, at top The text language allows nested

parallelism For a statement S in a program P, S

is defined to be a process of P if S is a child of a cooperation statement. Covers the top-level processes

(children of the body of the program)

58

S’ and S’’ in a program P are defined to be (syntactically) parallel in P if the least common ancestor of S’ and S’’ is a cooperation statement that is different from both S’ and S’’.

59

P::[dcl; [[S1; [S2||S3];S4] || S5]]

The processes: [S1; [S2||S3];S4] S5 S2 S3

Is parallel to each other? S2, S3 :T S2, S4 :F S2||S3, S2 :F S2, S5 :T

60

Competing statements S1 and S2 : two statements in a

program P S: Their lca S1 and S2 are defined to be competing

in P if either S1=S2 or S is a selection statement, different from both S1 and S2, such that both S1 and S2 are at front of S, pre(S1)~L pre(S2)~l pre(S)

61

[S1; [[S2;S3] or [S4;S5]];S6]]

Comp(S2) = {S2, S4, [S4;S5]}

62

Behavioral Equivalence

(section 1.6)