Part 3: Safety and liveness - PowerPoint PPT Presentation

About This Presentation
Title:

Part 3: Safety and liveness

Description:

Run: q1 q3 q1 q3 q1 q2 q2. Trace: a b a b a a,b a,b (K,q) |= iff for all t L(K,q), t ... Language of deadlock-free state-transition graph K at state q : ... – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 27
Provided by: qad2
Category:
Tags: liveness | part | safety

less

Transcript and Presenter's Notes

Title: Part 3: Safety and liveness


1
Part 3 Safety and liveness
2
Safety vs. liveness
Safety something bad will never
happen Liveness something good will happen
(but we dont know when)
3
Safety vs. liveness for sequential programs
Safety the program will never produce a
wrong result (partial
correctness) Liveness the program will produce
a result (termination)
4
Safety vs. liveness for sequential programs
Safety the program will never produce a
wrong result (partial
correctness) Liveness the program will produce
a result (termination)
5
Safety vs. liveness for state-transition graphs
Safety those properties whose violation always
has a finite witness (if
something bad happens on an infinite run, then
it happens already on some finite prefix)
Liveness those properties whose violation never
has a finite witness
(no matter what happens along a finite run,
something good could still happen later)
6
This is much easier.
Safety the properties that can be
checked on finite executions Liveness the
properties that cannot be checked on
finite executions (they need to
be checked on infinite executions)
7
Example Mutual exclusion
It cannot happen that both processes are in their
critical sections simultaneously.
8
Example Mutual exclusion
It cannot happen that both processes are in their
critical sections simultaneously.
Safety
9
Example Bounded overtaking
Whenever process P1 wants to enter the critical
section, then process P2 gets to enter at most
once before process P1 gets to enter.
10
Example Bounded overtaking
Whenever process P1 wants to enter the critical
section, then process P2 gets to enter at most
once before process P1 gets to enter.
Safety
11
Example Starvation freedom
Whenever process P1 wants to enter the critical
section, provided process P2 never stays in the
critical section forever, P1 gets to enter
eventually.
12
Example Starvation freedom
Whenever process P1 wants to enter the critical
section, provided process P2 never stays in the
critical section forever, P1 gets to enter
eventually.
Liveness
13
Example Starvation freedom
Whenever process P1 wants to enter the critical
section, provided process P2 never stays in the
critical section forever, P1 gets to enter
eventually.
Liveness
14
LTL (Linear Temporal Logic)
-safety liveness -linear time
Pnueli 1977 Lichtenstein Pnueli 1982
15
LTL Syntax
? a ? ? ? ? ? ? ? ? U ?
16
LTL Model
infinite trace t t0 t1 t2 ... (sequence of
observations)
17
q1
a
a,b
b
q3
q2
Run q1 ? q3 ? q1 ? q3 ? q1 ? q2 ? q2
? Trace a ? b ? a ? b ? a ? a,b ? a,b
?
18
Language of deadlock-free state-transition graph
K at state q L(K,q) set of infinite traces
of K starting at q
(K,q) ? ? iff for all t ? L(K,q),
t ? (K,q) ? ? iff exists t ?
L(K,q), t ?
19
LTL Semantics
t a iff a ? t0 t ? ? ? iff
t ? and t ? t ?? iff
not t ? t ? ? iff t1
t2 ... ? t ? U ? iff exists n ? 0
s.t. 1. for all 0 ? i lt n, ti ti1 ...
? 2. tn tn1 ... ?
(K,q) ? ? iff ? (K,q) ? ??
20
Defined modalities
  • ? X next
  • U U until
  • ? ? true U ? F eventually
  • ? ? ? ? ?? G always
  • W? (? U ?) ? ?? W waiting-for
    (weak-until)

21
Important properties
Invariance ? a safety
? ? (pc1in ? pc2in) Sequencing
a W b W c W d safety
? (pc1req ?
(pc2?in) W (pc2in) W (pc2?in) W
(pc1in)) Response ? (a ? ? b) liveness
? (pc1req ? ? (pc1in))
22
Composed modalities
?? a infinitely often a ?? a almost always a
23
Example Starvation freedom
Whenever process P1 wants to enter the critical
section, provided process P2 never stays in the
critical section forever, P1 gets to enter
eventually.
?? (pc2in ? ? (pc2out)) ? ? (pc1req ? ?
(pc1in))
24
State-transition graph
  • Q set of states q1,q2,q3
  • A set of atomic observations a,b
  • ? Q ? Q transition relation q1 ?
    q2
  • Q ? 2A observation function q1
    a

25
(K,q) ? ?
Tableau construction (Vardi-Wolper)
(K, q, BA) where BA ? K Is there an infinite
path starting from q that hits BA infinitely
often?
Is there a path from q to p ? BA such that p is
a member of a strongly connnected component of
K?
26
dfs(s) add s to dfsTable for each
successor t of s if (t ? dfsTable) then
dfs(t) if (s ? BA) then seed s ndfs(s)
ndfs(s) add s to ndfsTable for
each successor t of s if (t ? ndfsTable)
then ndfs(t) else if (t seed) then
report error
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Part 3: Safety and liveness" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!