Towards Algorithmic Synthesis of Synchronization for Shared-Memory Concurrent Programs

Similar documents
Model Checking with CTL. Presented by Jason Simas

Propositional Logic: Models and Proofs

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège

Robustness Analysis of Networked Systems

Abstractions and Decision Procedures for Effective Software Model Checking

3-Valued Abstraction-Refinement

Computation Tree Logic (CTL) & Basic Model Checking Algorithms

CTL-RP: A Computational Tree Logic Resolution Prover

Models. Lecture 25: Model Checking. Example. Semantics. Meanings with respect to model and path through future...

An Introduction to Temporal Logics

Temporal Logic Model Checking

Symmetry Reductions. A. Prasad Sistla University Of Illinois at Chicago

Automata-Theoretic Model Checking of Reactive Systems

First-Order Logic First-Order Theories. Roopsha Samanta. Partly based on slides by Aaron Bradley and Isil Dillig

Alternating-Time Temporal Logic

Introduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either

CTL satisfability via tableau A C++ implementation

Verification Using Temporal Logic

A tableau-based decision procedure for a branching-time interval temporal logic

Lecture 16: Computation Tree Logic (CTL)

Chapter 3: Propositional Calculus: Deductive Systems. September 19, 2008

Model for reactive systems/software

Predicate Calculus - Semantic Tableau (2/2) Moonzoo Kim CS Division of EECS Dept. KAIST

The State Explosion Problem

arxiv: v2 [cs.lo] 22 Jul 2017

Computational Logic. Davide Martinenghi. Spring Free University of Bozen-Bolzano. Computational Logic Davide Martinenghi (1/30)

Model Checking & Program Analysis

Automated Program Verification and Testing 15414/15614 Fall 2016 Lecture 3: Practical SAT Solving

FAIRNESS FOR INFINITE STATE SYSTEMS

Computation Tree Logic

Computation Tree Logic (CTL)

Chapter 4: Computation tree logic

Propositional Logic. Testing, Quality Assurance, and Maintenance Winter Prof. Arie Gurfinkel

Overview. overview / 357

Complexity Issues in Automated Addition of Time-Bounded Liveness Properties 1

Propositional and Predicate Logic - IV

Temporal & Modal Logic. Acronyms. Contents. Temporal Logic Overview Classification PLTL Syntax Semantics Identities. Concurrency Model Checking

T Reactive Systems: Temporal Logic LTL

Deductive Systems. Lecture - 3

Predicate Logic - Semantic Tableau

3 Propositional Logic

Linear-time Temporal Logic

Synthesis of Designs from Property Specifications

CTL Model Checking. Wishnu Prasetya.

First-Order Logic. 1 Syntax. Domain of Discourse. FO Vocabulary. Terms

The Underlying Semantics of Transition Systems

Failure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications

Propositional and Predicate Logic - VII

Lecture 13: Soundness, Completeness and Compactness

Model Checking. Temporal Logic. Fifth International Symposium in Programming, volume. of concurrent systems in CESAR. In Proceedings of the

Model Checking: An Introduction

Timo Latvala. February 4, 2004

Classical First-Order Logic

Advanced Topics in LP and FP

Tableau-based decision procedures for the logics of subinterval structures over dense orderings

Linear Temporal Logic and Büchi Automata

SFM-11:CONNECT Summer School, Bertinoro, June 2011

Pairing Transitive Closure and Reduction to Efficiently Reason about Partially Ordered Events

MODEL CHECKING. Arie Gurfinkel

Computer-Aided Program Design

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66

Alternating Time Temporal Logics*

Temporal Logic. M φ. Outline. Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness. Ralf Huuck. Kripke Structure

Knowledge base (KB) = set of sentences in a formal language Declarative approach to building an agent (or other system):

First-Order Predicate Logic. Basics

From Liveness to Promptness

Chapter 6: Computation Tree Logic

KE/Tableaux. What is it for?

Introduction to Logic in Computer Science: Autumn 2006

Propositional Dynamic Logic

Modal and Temporal Logics

Automata-based Verification - III

First-order resolution for CTL

Fuzzy Description Logics

A Tableau-Based Decision Procedure for Right Propositional Neighborhood Logic (RPNL )

Propositional Calculus - Semantics (3/3) Moonzoo Kim CS Dept. KAIST

Finite-State Model Checking

Simply Typed Lambda Calculus

Preliminaries. Introduction to EF-games. Inexpressivity results for first-order logic. Normal forms for first-order logic

Semi-Automatic Distributed Synthesis

Propositional Logic Language

Model checking for LTL (= satisfiability over a finite-state program)

Computation Tree Logic

Reasoning About Imperative Programs. COS 441 Slides 10b

Program Analysis Part I : Sequential Programs

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.

Mathematical Logics. 12. Soundness and Completeness of tableaux reasoning in first order logic. Luciano Serafini

Pairing Transitive Closure and Reduction to Efficiently Reason about Partially Ordered Events

Model checking the basic modalities of CTL with Description Logic

Propositional and Predicate Logic - V

CS357: CTL Model Checking (two lectures worth) David Dill

Description Logics. Foundations of Propositional Logic. franconi. Enrico Franconi

Propositional Calculus - Deductive Systems

Automata-based Verification - III

Temporal Logic - Soundness and Completeness of L

Automated Reasoning Lecture 5: First-Order Logic

Guest lecturer: Mark Reynolds, The University of Western Australia. May 7, 2014

Overview. Discrete Event Systems Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?

Guest lecturer: Mark Reynolds, The University of Western Australia

On the Expressiveness and Complexity of ATL

Transcription:

Towards Algorithmic Synthesis of Synchronization for Shared-Memory Concurrent Programs Roopsha Samanta The University of Texas at Austin July 6, 2012 Roopsha Samanta Algorithmic Synthesis of Synchronization 1 / 20

Problem Definition Given a shared-memory concurrent program P, composed of unsynchronized processes P 1,..., P k, and a (branching-time) temporal logic specification φ spec such that P = φ spec, automatically generate synchronized processes P s 1,..., P s k such that P s = φ spec. Roopsha Samanta Algorithmic Synthesis of Synchronization 2 / 20

Example P: x : {0, } with x = 1 P 1 P 2 P 1 : L 1 : while(x < 2) L 2 : x := x + 1; L 3 : while true; P 2 : T 1 : while(x > 0) T 2 : x := x 1; T 3 : while true; φ spec : AF(L 3 T 3 (x = 0 x = 2)) Roopsha Samanta Algorithmic Synthesis of Synchronization 3 / 20

Example P: x : {0, } with x = 1 P 1 P 2 = φ spec : AF(L 3 T 3 (x = 0 x = 2)) Roopsha Samanta Algorithmic Synthesis of Synchronization 3 / 20

Q&A Why shared-memory concurrent programs? Ubiquitous Hard to write Harder to verify Why temporal logic specifications? Why branching-time? Terminating, ongoing programs Safety, liveness Expressivity Why synthesize only the synchronization? Trickiest part Simple specifications, tractable Roopsha Samanta Algorithmic Synthesis of Synchronization 4 / 20

Q&A Why shared-memory concurrent programs? Ubiquitous Hard to write Harder to verify Why temporal logic specifications? Why branching-time? Terminating, ongoing programs Safety, liveness Expressivity Why synthesize only the synchronization? Trickiest part Simple specifications, tractable Roopsha Samanta Algorithmic Synthesis of Synchronization 4 / 20

Q&A Why shared-memory concurrent programs? Ubiquitous Hard to write Harder to verify Why temporal logic specifications? Why branching-time? Terminating, ongoing programs Safety, liveness Expressivity Why synthesize only the synchronization? Trickiest part Simple specifications, tractable Roopsha Samanta Algorithmic Synthesis of Synchronization 4 / 20

Q&A Why shared-memory concurrent programs? Ubiquitous Hard to write Harder to verify Why temporal logic specifications? Why branching-time? Terminating, ongoing programs Safety, liveness Expressivity Why synthesize only the synchronization? Trickiest part Simple specifications, tractable Roopsha Samanta Algorithmic Synthesis of Synchronization 4 / 20

A Vocabulary L L-symbols Variable symbols (x) Function, constant symbols (, +, ) Predicate, proposition symbols (L 1, T 3, >, <) Sort symbols (bool, int0to2) Distinguished equality predicate symbol = (Sorted) L-terms and L-atoms: L-term (t): v or f (t 1,..., t m ) (x, 1, x + 1) L-atom(G): B(t 1,..., t m ) or t 1 = t 2 (x > 1, L 1, x = 1) Sorts mapped to nonempty domains (bool {T, F}, int0to2 {0, }) Symbols, terms, atoms mapped to values in appropriate domains. Roopsha Samanta Algorithmic Synthesis of Synchronization 5 / 20

A Vocabulary L L-symbols Variable symbols (x) Function, constant symbols (, +, ) Predicate, proposition symbols (L 1, T 3, >, <) Sort symbols (bool, int0to2) Distinguished equality predicate symbol = (Sorted) L-terms and L-atoms: L-term (t): v or f (t 1,..., t m ) (x, 1, x + 1) L-atom(G): B(t 1,..., t m ) or t 1 = t 2 (x > 1, L 1, x = 1) Sorts mapped to nonempty domains (bool {T, F}, int0to2 {0, }) Symbols, terms, atoms mapped to values in appropriate domains. Roopsha Samanta Algorithmic Synthesis of Synchronization 5 / 20

(Finite-state) Concurrent Programs over L Syntax: P ::= vardeclaration process process vardeclaration ::= v 1 : domain 1,..., v n : domain n process ::= localvardeclaration body localvardeclaration ::= vardeclaration body ::= labeledstmt ; body labeledstmt labeledstmt ::= LOC: atomicstmt atomicstmt ::= assignment conditiontest goto CCR assignment ::= v:=t conditiontest ::= if G LOC if else, LOC else goto ::= goto LOC CCR ::= G body v,loc ::= L-symbol, t ::= L-term, G ::= L-atom Semantics: Finite-state transition system (S, S 0, R) Roopsha Samanta Algorithmic Synthesis of Synchronization 6 / 20

(Finite-state) Concurrent Programs over L Syntax: P ::= vardeclaration process process vardeclaration ::= v 1 : domain 1,..., v n : domain n process ::= localvardeclaration body localvardeclaration ::= vardeclaration body ::= labeledstmt ; body labeledstmt labeledstmt ::= LOC: atomicstmt atomicstmt ::= assignment conditiontest goto CCR assignment ::= v:=t conditiontest ::= if G LOC if else, LOC else goto ::= goto LOC CCR ::= G body v,loc ::= L-symbol, t ::= L-term, G ::= L-atom Semantics: Finite-state transition system (S, S 0, R) Roopsha Samanta Algorithmic Synthesis of Synchronization 6 / 20

(Finite-state) Concurrent Programs over L Syntax: P ::= vardeclaration process process vardeclaration ::= v 1 : domain 1,..., v n : domain n process ::= localvardeclaration body localvardeclaration ::= vardeclaration body ::= labeledstmt ; body labeledstmt labeledstmt ::= LOC: atomicstmt atomicstmt ::= assignment conditiontest goto CCR assignment ::= v:=t conditiontest ::= if G LOC if else, LOC else goto ::= goto LOC CCR ::= G body v,loc ::= L-symbol, t ::= L-term, G ::= L-atom Semantics: Finite-state transition system (S, S 0, R) Roopsha Samanta Algorithmic Synthesis of Synchronization 6 / 20

(Finite-state) Concurrent Programs over L Syntax: P ::= vardeclaration process process vardeclaration ::= v 1 : domain 1,..., v n : domain n process ::= localvardeclaration body localvardeclaration ::= vardeclaration body ::= labeledstmt ; body labeledstmt labeledstmt ::= LOC: atomicstmt atomicstmt ::= assignment conditiontest goto CCR assignment ::= v:=t conditiontest ::= if G LOC if else, LOC else goto ::= goto LOC CCR ::= G body v,loc ::= L-symbol, t ::= L-term, G ::= L-atom Semantics: Finite-state transition system (S, S 0, R) Roopsha Samanta Algorithmic Synthesis of Synchronization 6 / 20

(Finite-state) Concurrent Programs over L Syntax: P ::= vardeclaration process process vardeclaration ::= v 1 : domain 1,..., v n : domain n process ::= localvardeclaration body localvardeclaration ::= vardeclaration body ::= labeledstmt ; body labeledstmt labeledstmt ::= LOC: atomicstmt atomicstmt ::= assignment conditiontest goto CCR assignment ::= v:=t conditiontest ::= if G LOC if else, LOC else goto ::= goto LOC CCR ::= G body v,loc ::= L-symbol, t ::= L-term, G ::= L-atom Semantics: Finite-state transition system (S, S 0, R) Roopsha Samanta Algorithmic Synthesis of Synchronization 6 / 20

CTL-like Specifications over L (LCTL) Syntax: φ ::= L-atom φ φ φ EX φ EX i φ A[φ U φ] E[φ U φ] Semantics: Defined from semantics of L-atoms, propositional and temporal operators Roopsha Samanta Algorithmic Synthesis of Synchronization 7 / 20

Revisiting Example P: x : {0, } with x = 1 P 1 P 2 P 1 : L 1 : if (x < 2) L 2, L 4 ; L 2 : x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P 2 : T 1 : if (x > 0) T 2, T 4 ; T 2 : x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; AF(L 4 T 4 (x = 0 x = 2)) Roopsha Samanta Algorithmic Synthesis of Synchronization 8 / 20

Synthesis Algorithm Sketch 1 Formulate an LCTL formula φ P for semantics of P. 2 Construct a tableau T φ for φ : φ P φ spec. If T φ is empty, declare specification as unsatisfiable. 3 If T φ is non-empty, extract a model M for φ from it. 4 Decompose M to obtain CCRs to synchronize each process. 5 Compile CCRs into lower level synchronization primitives ([EmeSam2011]) Roopsha Samanta Algorithmic Synthesis of Synchronization 9 / 20

Formulation of φ P P: x : {0, } with x = 1 P 1 P 2 P 1 : L 1 : if (x < 2) L 2, L 4 ; L 2 : x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P 2 : T 1 : if (x > 0) T 2, T 4 ; T 2 : x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; At any step, only one process moves AG(L 1 AX 2 (L 1 ))... Roopsha Samanta Algorithmic Synthesis of Synchronization 10 / 20

Formulation of φ P P: x : {0, } with x = 1 P 1 P 2 P 1 : L 1 : if (x < 2) L 2, L 4 ; L 2 : x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P 2 : T 1 : if (x > 0) T 2, T 4 ; T 2 : x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; A process is always in exactly one of its locations AG(L 1 L 2 L 3 L 4 ) AG(L 1 (L 2 L 3 L 4 ))... Roopsha Samanta Algorithmic Synthesis of Synchronization 10 / 20

Formulation of φ P P: x : {0, } with x = 1 P 1 P 2 P 1 : L 1 : if (x < 2) L 2, L 4 ; L 2 : x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P 2 : T 1 : if (x > 0) T 2, T 4 ; T 2 : x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; Some process always moves. AG(EX true) Roopsha Samanta Algorithmic Synthesis of Synchronization 10 / 20

Formulation of φ P P: x : {0, } with x = 1 P 1 P 2 P 1 : L 1 : if (x < 2) L 2, L 4 ; L 2 : x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P 2 : T 1 : if (x > 0) T 2, T 4 ; T 2 : x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; Initial condition L 1 T 1 x = 1 Roopsha Samanta Algorithmic Synthesis of Synchronization 10 / 20

Formulation of φ P P: x : {0, } with x = 1 P 1 P 2 P 1 : L 1 : if (x < 2) L 2, L 4 ; L 2 : x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P 2 : T 1 : if (x > 0) T 2, T 4 ; T 2 : x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; Local process execution AG((L 1 x < 2) AX 1 (L 2 )) AG((L 1 x 2) AX 1 (L 4 )) AG( c {0,1,2} (L 2 x = c) AX 1 (L 3 x = c + 1)) AG(L 3 AX 1 (L 1 ))... Roopsha Samanta Algorithmic Synthesis of Synchronization 10 / 20

Construction of Tableau T φ Tableau basics: Finite, rooted, directed AND/OR graph Nodes labeled with formulas OR-node formulas valid iff formulas in some AND-node succ. valid AND-node formulas valid iff formulas in all OR-node succ. valid Assume ability to evaluate L-atoms and L-terms Algorithm Sketch: Let root node of T φ be OR-node, labeled φ Repeat until no new nodes can be added: Add appropriate AND-node succ. of OR-nodes and OR-node succ. of AND-nodes, merging equivalent nodes Prune inconsistent nodes to get final T φ Roopsha Samanta Algorithmic Synthesis of Synchronization 11 / 20

Construction of Tableau T φ Tableau basics: Finite, rooted, directed AND/OR graph Nodes labeled with formulas OR-node formulas valid iff formulas in some AND-node succ. valid AND-node formulas valid iff formulas in all OR-node succ. valid Assume ability to evaluate L-atoms and L-terms Algorithm Sketch: Let root node of T φ be OR-node, labeled φ Repeat until no new nodes can be added: Add appropriate AND-node succ. of OR-nodes and OR-node succ. of AND-nodes, merging equivalent nodes Prune inconsistent nodes to get final T φ Roopsha Samanta Algorithmic Synthesis of Synchronization 11 / 20

Construction of Tableau T φ φ spec = AF(L 4 T 4 (x = 0 x = 2)) L 1 T 1 x = 1 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec Roopsha Samanta Algorithmic Synthesis of Synchronization 12 / 20

Construction of Tableau T φ φ spec = AF(L 4 T 4 (x = 0 x = 2)) L 1 T 1 x = 1 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 1 T φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 1 T EX 2 T φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 2 T φ spec Roopsha Samanta Algorithmic Synthesis of Synchronization 12 / 20

Construction of Tableau T φ φ spec = AF(L 4 T 4 (x = 0 x = 2)) L 1 T 1 x = 1 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 1 T φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 1 T EX 2 T φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 2 T φ spec 1 1 2 2 L 2 T 1 x = 1 L 1 T 2 x = 1 φ spec φ spec Roopsha Samanta Algorithmic Synthesis of Synchronization 12 / 20

Extraction of Model M from T φ Model-fragment: Rooted DAG of AND-nodes in T φ All eventualities in root node fulfilled Identify model fragments rooted at each AND-node of T φ If multiple model fragments, pick one of minimal size Join model fragments to get model Roopsha Samanta Algorithmic Synthesis of Synchronization 13 / 20

Extraction of Model M from T φ L 1 T 1 x = 2 1 2 L 4 T 1 x = 2 L 1 T 2 x = 2 2 1 L 4 T 2 x = 2 L 1 T 1 x = 1 1 1 2 2 L 2 T 1 x = 1 L 1 T 2 x = 1 1 2 1 2 L 3 T 1 x = 2 L 2 T 2 x = 1 L 1 T 3 x = 0 L 1 T 1 x = 0 1 2 L 2 T 1 x = 0 L 1 T 4 x = 0 2 1 L 2 T 4 x = 0 L 4 T 3 x = 1 1 2 1 2 1 2 L 3 T 4 x = 1 L 3 T 2 x = 2 L 2 T 3 x = 0 L 4 T 1 x = 1 L 1 T 4 x = 1 L 4 T 2 x = 1 L 4 T 4 x = 0 L 4 T 4 x = 2 L 2 T 4 x = 1 L 4 T 3 x = 0 L 4 T 1 x = 0 L 1 T 4 x = 2 L 3 T 4 x = 2 Roopsha Samanta Algorithmic Synthesis of Synchronization 14 / 20

Obtaining P s 1, Ps 2 from M L 1 T 1 x = 2 1 2 L 4 T 1 x = 2 L 1 T 2 x = 2 2 1 2 L 4 T 2 x = 2 L 1 T 1 x = 1 1 1 2 2 L 2 T 1 x = 1 L 1 T 2 x = 1 1 2 1 2 L 3 T 1 x = 2 L 2 T 2 x = 1 L 1 T 3 x = 0 L 1 T 1 x = 0 1 2 L 2 T 1 x = 0 L 1 T 4 x = 0 2 1 L 2 T 4 x = 0 L 4 T 3 x = 1 1 2 1 2 1 2 L 3 T 4 x = 1 L 3 T 2 x = 2 L 2 T 3 x = 0 L 4 T 1 x = 1 2 1 L 1 T 4 x = 1 L 4 T 2 x = 1 L 4 T 4 x = 0 L 4 T 4 x = 2 L 2 T 4 x = 1 L 4 T 3 x = 0 L 4 T 1 x = 0 L 1 T 4 x = 2 L 3 T 4 x = 2 Roopsha Samanta Algorithmic Synthesis of Synchronization 15 / 20

Obtaining P s 1, Ps 2 from M P: x : {0, } with x = 1 P 1 P 2 P s 1: L 1 : if (x < 2) L 2, L 4 ; L 2 : ((x = 0) (T 1 T 3 )) x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P s 2: T 1 : if (x > 0) T 2, T 4 ; T 2 : ((x = 2) (L 1 L 3 )) x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; AF(L 4 T 4 (x = 0 x = 2)) Roopsha Samanta Algorithmic Synthesis of Synchronization 15 / 20

Assumptions, Correctness, Complexity [Assumptions]: P 1, P 2 are finite-state programs over L All program variables are shared variables, initialized to specific values L-atoms and L-terms can be evaluated [Soundness]: Given unsynchronized processes P 1, P 2 and an LCTL formula φ spec, if the algorithm generates P s, then P s = φ spec. [Completeness]: Given unsynchronized processes P 1, P 2 and an LCTL formula φ spec, the algorithm generates P s such that P s = φ spec if φ = φ spec φ P is satisfiable. [Complexity]: Exponential in the size of φ spec and P variables. Roopsha Samanta Algorithmic Synthesis of Synchronization 16 / 20

Assumptions, Correctness, Complexity [Assumptions]: P 1, P 2 are finite-state programs over L All program variables are shared variables, initialized to specific values L-atoms and L-terms can be evaluated [Soundness]: Given unsynchronized processes P 1, P 2 and an LCTL formula φ spec, if the algorithm generates P s, then P s = φ spec. [Completeness]: Given unsynchronized processes P 1, P 2 and an LCTL formula φ spec, the algorithm generates P s such that P s = φ spec if φ = φ spec φ P is satisfiable. [Complexity]: Exponential in the size of φ spec and P variables. Roopsha Samanta Algorithmic Synthesis of Synchronization 16 / 20

Assumptions, Correctness, Complexity [Assumptions]: P 1, P 2 are finite-state programs over L All program variables are shared variables, initialized to specific values L-atoms and L-terms can be evaluated [Soundness]: Given unsynchronized processes P 1, P 2 and an LCTL formula φ spec, if the algorithm generates P s, then P s = φ spec. [Completeness]: Given unsynchronized processes P 1, P 2 and an LCTL formula φ spec, the algorithm generates P s such that P s = φ spec if φ = φ spec φ P is satisfiable. [Complexity]: Exponential in the size of φ spec and P variables. Roopsha Samanta Algorithmic Synthesis of Synchronization 16 / 20

Uninitialized Variables φ spec = AF(L 4 T 4 (x = 0 x = 2)) L 1 T 1 x = 1 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec Roopsha Samanta Algorithmic Synthesis of Synchronization 17 / 20

Uninitialized Variables φ spec = AF(L 4 T 4 (x = 0 x = 2)) L 1 T 1 x = 1 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 1 T φ spec L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 1 T EX 2 T φ spec 1 2 L 1 T 1 x = 1 AX 1 L 2 AX 1 T 1 AX 2 T 2 AX 2 L 1 EX 2 T φ spec 1 2 L 2 T 1 x = 1 φ spec L 1 T 2 x = 1 φ spec Roopsha Samanta Algorithmic Synthesis of Synchronization 17 / 20

Uninitialized Variables φ spec = AF(L 4 T 4 (x = 0 x = 2)) EX(L 1 T 1 x = 0) EX(L 1 T 1 x = 1) EX(L 1 T 1 x = 2) φ spec L 1 T 1 x = 2 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec L 1 T 1 x = 0 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec L 1 T 1 x = 1 EX 1 T EX 2 T (EX 1 T EX 2 T) φ spec Roopsha Samanta Algorithmic Synthesis of Synchronization 17 / 20

Uninitialized Variables L 1 T 1 x = 2 1 2 L 4 T 1 x = 2 L 1 T 2 x = 2 2 1 2 L 4 T 2 x = 2 L 1 T 1 x = 1 1 1 2 2 L 2 T 1 x = 1 L 1 T 2 x = 1 1 2 1 2 L 3 T 1 x = 2 L 2 T 2 x = 1 L 1 T 3 x = 0 L 1 T 1 x = 0 1 2 L 2 T 1 x = 0 L 1 T 4 x = 0 1 2 1 L 2 T 4 x = 0 L 4 T 3 x = 1 1 2 1 2 1 2 L 3 T 4 x = 1 L 3 T 2 x = 2 L 2 T 3 x = 0 L 4 T 1 x = 1 2 1 L 1 T 4 x = 1 L 4 T 2 x = 1 L 4 T 4 x = 0 L 4 T 4 x = 2 L 2 T 4 x = 1 L 4 T 3 x = 0 L 4 T 1 x = 0 L 1 T 4 x = 2 L 3 T 4 x = 2 Roopsha Samanta Algorithmic Synthesis of Synchronization 17 / 20

Observability P: x : {0, } with x = 1 P 1 P 2 P s 1: L 1 : if (x < 2) L 2, L 4 ; L 2 : ((x = 0) (T 1 T 3 )) x := x + 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P s 2: T 1 : if (x > 0) T 2, T 4 ; T 2 : ((x = 2) (L 1 L 3 )) x := x 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; AF(L 4 T 4 (x = 0 x = 2)) Roopsha Samanta Algorithmic Synthesis of Synchronization 18 / 20

Observability L 1 T 1 x = 2 1 2 L 4 T 1 x = 2 L 1 T 2 x = 2 2 1 2 L 4 T 2 x = 2 L 1 T 1 x = 1 1 1 2 2 L 2 T 1 x = 1 L 1 T 2 x = 1 1 2 1 2 L 3 T 1 x = 2 L 2 T 2 x = 1 L 1 T 3 x = 0 L 1 T 1 x = 0 1 2 L 2 T 1 x = 0 L 1 T 4 x = 0 1 2 1 L 2 T 4 x = 0 L 4 T 3 x = 1 1 2 1 2 1 2 L 3 T 4 x = 1 L 3 T 2 x = 2 L 2 T 3 x = 0 L 4 T 1 x = 1 2 1 L 1 T 4 x = 1 L 4 T 2 x = 1 L 4 T 4 x = 0 L 4 T 4 x = 2 L 2 T 4 x = 1 L 4 T 3 x = 0 L 4 T 1 x = 0 L 1 T 4 x = 2 L 3 T 4 x = 2 Roopsha Samanta Algorithmic Synthesis of Synchronization 18 / 20

Observability P: x : {0, } with x = 1 t : bool with t = 1 l : bool with l = 1 P 1 P 2 P s 1 : L 1 : if (x < 2) L 2, L 4 ; l := 0 ; L 2 : ((x = 0) (t = 1)) x := x + 1; l := 1 ; L 3 : goto L 1 ; L 4 : goto L 4 ; P s 2 : T 1 : if (x > 0) T 2, T 4 ; t := 0 ; T 2 : ((x = 2) (l = 1)) x := x 1; t := 1 ; T 3 : goto T 1 ; T 4 : goto T 4 ; AF(L 4 T 4 (x = 0 x = 2)) Roopsha Samanta Algorithmic Synthesis of Synchronization 18 / 20

Related Work Inference of high-level synchronization, guarded commands: [EC82, VYY09] Synthesis of low-level synchronization for relaxed memory models: [KVV10] Sketching: [S-LRBE05] Open systems [PR89] Roopsha Samanta Algorithmic Synthesis of Synchronization 19 / 20

Ongoing Work Efficient tableau construction? Infinite-state programs? Pleasant guards? Other synchronization primitives? Roopsha Samanta Algorithmic Synthesis of Synchronization 20 / 20

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback