1 / 16

Verification of Bakery algorithm variants for two processes

EUROCON 2003. Verification of Bakery algorithm variants for two processes. Robert Meolic Faculty of EE&CS Maribor. David Dedič Nova Vizija d.o.o. Žalec. Verification of Bakery algorithm variants for two processes. About our work on this project mutual exclusion algorithm

Download Presentation

Verification of Bakery algorithm variants for two processes

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. EUROCON 2003 Verification of Bakery algorithm variants for two processes Robert Meolic Faculty of EE&CS Maribor David Dedič Nova Vizija d.o.o. Žalec

  2. Verification of Bakery algorithm variants for two processes About our work on this project • mutual exclusion algorithm • formal verification by checking equivalence relations and model checking with ACTL • free, open-source, written in Maribor About this presentation • does formal verification have sense? • an overview of our paper • demonstration of EST under Windows

  3. Formal verification of hardware Source: from Internet in 2001

  4. Formal verification of software • software is complex • can something goes wrong? - the software will! • a few words from Gerard J. Holzmann, author ofSPIN model checker: Trends in software verification The 12th International FME Symposium, Pisa, Italy, September 8-14, 2003

  5. What is wrong with software? • term software crisis launched in 1968 • first we thought better education of programmers would solve it • the we thought that better programming techniques would solve it • then we thought that investing more money would solve it • but, programming is a human activity, and humans can find ways to make mistakes in any context… Source: Gerard J. Holzmann

  6. Software can be mastered! • do software really get more complexfaster than our ability to analyze it improves? • 1968: OS/360 ~5 million lines of assembly • 2003: Windows XP ~64 million lines of C/C++ • increase of ~64 times (26) in 35 years • Moore's curve: ~223 (> 8 million x) • and • better algorithms • software becomes easier to analyze Source: Gerard J. Holzmann

  7. Mutual exclusion algorithms CS=Critical Section while (true) { outsideCS(); wantToEnterCS(i); insideCS(); finishedInCS(i); }

  8. Wow, so many solutions! • Dijkstra’s algorithm, 1965 • Dekker’s algorithm, 1965 • Knuth’s algorithm, 1966 • Hyman’s algorithm, 1966 • Lamport’s bakery algorithm, 1974 • Peterson’s algorithm, 1981 • Fischer’s algorithm, 1985 • Lamport’s one-bit algorithm, 1986 • there are some more... WRONG! Real-time!

  9.   Bakery algorithm • principle of serving customers at a bakery • each process receives a ticket number • the process with the lowest number enter CS no relying on a lower-level mutual exclusion there are some variants of the algorithm

  10. Bakery algorithm PROCESS Pi loop forever i0: <non-critical section> i1: Choosing(i) := 1; i2: Number(i) := 1 + max(Number[1],…,Number[N]); i3: Choosing(i) := 0; for j in 1..N do begin i4:loop exit when Choosing(j) == 0; end loop; i5:loop con: exit when Number(j) == 0 or Number(i) < Number(j) or (Number(i) == Number(j) and i < j); end loop; end; i6: <critical section> i7: Number(i) := 0; end loop; TICKET compare it

  11. Bakery algorithm for 2 processes PROCES P1-BAKERY loop forever a0: <non-critical section> a1: c1 := 1; a2: n1 := n2 + 1; a3: c1 := 0; a4:loop exit when c2==0; end loop; a5:loop con1:exit when n2==0 or n1<=n2; end loop; a6: <critical section> a7: n1 := 0; end loop; PROCES P2-BAKERY loop forever b0: <non-critical section> b1: c2 := 1; b2: n2 := n1 + 1; b3: c2 := 0; b4:loop exit when c1==0; end loop; b5:loop con2:exit when n1==0 or n2<n1; end loop; b6: <critical section> b7: n2 := 0; end loop;

  12. Three variants PROCES P1-BAKERY loop forever a0: <non-critical section> a1: c1 := 1; a2: n1 := n2 + 1; a3: c1 := 0; a4:loop exit when c2==0; end loop; a5:loop con1:exit when n2==0 or n1<=n2; end loop; a6: <critical section> a7: n1 := 0; end loop; PROCES P1-BEN-ARI loop forever a0: <non-critical section> a1: n1 := 1; a2: n1 := n2 + 1; a5:loop con1:exit when n2==0 or n1<=n2; end loop; a6: <critical section> a7: n1 := 0; end loop; PROCES P1-STEP loop forever a0: <non-critical section> a2: n1 := n2 + 1; a5:loop con1:exit when n2==0 or n1<=n2; end loop; a6: <critical section> a7: n1 := 0; end loop;

  13. Simple process algebra Process P1-BAKERY 10 states / 12 transitions • We also need other processes: • P2-BAKERY (11 st / 13 tr) • NPLUS (9 st / 12 tr) • N1 and N2 (3 st / 12 tr each) • C1 and C2 (2 st / 6 tr each) Composition of all processes:218 states / 381 transitions

  14. Testing equivalence • describe the external behaviour with smaller and simpler process • check if the composition and and the given process are testing equivalent

  15. Model checking • a popular verification method • more interesting properties can be proved After process P1 intends to enter its critical section, process P2 can enter its critical section at most once before P1 does AG [request1!] NOTE[{NOTenter1!} U {enter2!} E[{NOTenter1!} U {enter2!}]] TRUE for Bakery algorithm

  16. Thank you!

More Related