290 likes | 308 Views
Computer Architecture A Quantitative Approach, Fifth Edition. CDA 5416 Computer System Verification HW Review. Instructor: Hao Zheng Department of Computer Science & Engineering University of South Florida Tampa, FL 33620 Email: haozheng@usf.edu Phone: (813)974-4757 Fax: (813)974-5456.
E N D
Computer Architecture A Quantitative Approach, Fifth Edition CDA 5416 Computer System Verification HW Review Instructor: Hao Zheng Department of Computer Science & Engineering University of South FloridaTampa, FL 33620Email: haozheng@usf.eduPhone: (813)974-4757Fax: (813)974-5456
Draw program graphs for twoprocesses with id = {0,1}. Show an execution of the composed program graph. Build a Promela model for this algorithm with threeprocesses. Think about the type of channels that should be used. Format the relevant correctness requirement(s) using a separate process(es) and/or assertions in Promela. Use the SPIN to check that the leader election model satisfies the correctness requirements.
C0 (c0) P1 P0 C1 (c1) 0 0 /send(id0) /recv(c0) /send(c0) 1 1 /recv(m0) m0<id0 2 stop m0>id0/send(m0) m0=id0
C0 P1 P0 C1 0 0 0 0 /<send(id0), recv(c1)> /<send(id1), recv(c0)> 0 1 0 0 1 1 1 0 /<send(id1), recv(c0)> /<send(id0), recv(c1)> 1 1 1 1
C0 P1 P0 C1 /<send(id1), recv(c0)> /<send(id0), recv(c1)> 1 1 1 1 /<send(c0), recv(m0)> /<send(c1), recv(m1)> 1 2 1 0 0 2 1 1
C0 P1 P0 C1 chanC1= [1] of {byte}; chan C2 = [1] of {byte};
proctypeP0() { byte m0; C1 ! id0; do :: C0 ? m0; if :: m0<id0 -> goto stop :: m0>id0 -> C1 ! m0 fi od stop: } 0 /C1 ! id0 1 /C0 ? m0 m0<id0 2 stop m0>id0/ C1 ! m0 m0=id0
byte n = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; } What are the largest and smallest values that n can be produced by the model upon termination?
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } /* passed active proctype checker1() { if :: stop==2 -> assert (n <= 20); fi } */ /* failed */ active proctype checker2() { if :: stop==2 -> assert (n <= 19); fi }
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } /* passed active proctype checker4() { if :: stop==2 -> assert (n >= 2); fi } */ /* failed */ active proctype checker4() { if :: stop==2 -> assert (n >= 3); fi }
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } 1: proc 1 (p:1) a1_3.pml:12 (state 3) [else] 2: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 3: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] n = 0; reg0=0, cnt0=0, reg1=1, cnt1=0 4: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 5: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] n = 0; reg0=0, cnt0=0, reg1=1, cnt1=0 6: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 7: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 1; reg0=0, cnt0=0, reg1=1, cnt1=1 8: proc 1 (p:1) a1_3.pml:12 (state 3) [else] 9: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 10: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 11: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 12: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 2; reg0=0, cnt0=0, reg1=2, cnt1=2 spin -p -tmodel.pml /* replay error trace “model.pml.trail” */
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 2; reg0=0, cnt0=0, reg1=2, cnt1=2 13: proc 1 (p:1) a1_3.pml:12 (state 3) [else] 14: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 15: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 16: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 17: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 3; reg0=0, cnt0=0, reg1=3, cnt1=3 18: proc 1 (p:1) a1_3.pml:12 (state 3) [else] 19: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 20: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 21: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 22: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 4; reg0=0, cnt0=0, reg1=4, cnt1=4
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 4; reg0=0, cnt0=0, reg1=4, cnt1=4 23: proc 1 (p:1) a1_3.pml:12 (state 3) [else] 24: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 25: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 26: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 27: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 5; reg0=0, cnt0=0, reg1=5, cnt1=5 28: proc 1 (p:1) a1_3.pml:12 (state 3) [else] 29: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 30: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 31: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 32: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 6; reg0=0, cnt0=0, reg1=6, cnt1=6
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 8; reg0=0, cnt0=0, reg1=8, cnt1=8 43: proc 1 (p:1) a1_3.pml:12 (state 3) [else] 44: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 45: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 46: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 47: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] 48: proc 1 (p:1) a1_3.pml:12 (state 3) [else] n = 9; reg0=0, cnt0=0, reg1=9, cnt1=9 49: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 50: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] n = 1; reg0=1, cnt0=0, reg1=9, cnt1=9 51: proc 1 (p:1) a1_3.pml:13 (state 4) [reg = n] 52: proc 1 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] n = 1; reg0=1, cnt0=0, reg1=2, cnt1=9
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 1; reg0=1, cnt0=0, reg1=2, cnt1=9 53: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 1; reg0=1, cnt0=1, reg1=2, cnt1=9 54: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 55: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 56: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 57: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 58: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 2; reg0=2, cnt2=2, reg1=2, cnt1=9 59: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 60: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 61: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 62: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 63: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 3; reg0=3, cnt0=3, reg1=2, cnt1=9
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 3; reg0=3, cnt0=3, reg1=2, cnt1=9 64: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 65: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 66: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 67: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 68: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 4; reg0=4, cnt0=4, reg1=2, cnt1=9 69: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 70: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 71: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 72: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 73: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 5; reg0=5, cnt0=5, reg1=2, cnt1=9
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 5; reg0=5, cnt0=5, reg1=2, cnt1=9 74: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 75: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 76: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 77: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 78: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 6; reg0=6, cnt0=6, reg1=2, cnt1=9 79: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 80: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 81: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 82: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 83: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 7; reg0=7, cnt0=7, reg1=2, cnt1=9
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 7; reg0=7, cnt0=7, reg1=2, cnt1=9 84: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 85: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 86: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 87: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 88: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 8; reg0=8, cnt0=8, reg1=2, cnt1=9 89: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 90: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 91: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 92: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] 93: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] n = 9; reg0=9, cnt0=9, reg1=2, cnt1=9
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 9; reg0=9, cnt0=9, reg1=2, cnt1=9 94: proc 0 (p:1) a1_3.pml:12 (state 3) [else] 95: proc 0 (p:1) a1_3.pml:13 (state 4) [reg = n] 96: proc 0 (p:1) a1_3.pml:14 (state 5) [reg = (reg+1)] 97: proc 0 (p:1) a1_3.pml:15 (state 6) [n = reg] n = 10; reg0=10, cnt0=9, reg1=2, cnt1=9 98: proc 1 (p:1) a1_3.pml:15 (state 6) [n = reg] 99: proc 1 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] 100: proc 1 (p:1) a1_3.pml:11 (state 1) [((cnt==10))] 101: proc 1 (p:1) a1_3.pml:18 (state 11) [stop = (stop+1)] n = 2; reg0=9, cnt0=9, reg1=2, cnt1=10; stop=1
byte n = 0; byte stop = 0; active [2] proctype P() { byte reg; byte cnt = 0; do :: cnt == 10 -> break :: else -> reg = n; reg++; n = reg; cnt++ od; stop++; } n = 2; reg0=9, cnt0=9, reg1=2, cnt1=10; stop=1 102: proc 0 (p:1) a1_3.pml:16 (state 7) [cnt = (cnt+1)] 103: proc 0 (p:1) a1_3.pml:11 (state 1) [((cnt==10))] 104: proc 0 (p:1) a1_3.pml:18 (state 11) [stop = (stop+1)] n = 2; reg0=9, cnt0=10, reg1=2, cnt1=10; stop=2 105: proc 2 (checker4:1) a1_3.pml:71 (state 1) [((stop==2))] 106: proc 2 (checker4:1) a1_3.pml:71 (state 2) [assert((n>=3))]