0.3 Modeling concurrent processes (Page 17/21)

Page 17 / 21

The moral of the story is that concurrent protocols can difficult and subtle. The SPIN book puts it well:The number of incorrect mutual exclusion algorithms that have been dreamt up over the years, often supported by long andpersuasive correctness arguments, is considerably larger than the number of correct ones.[ One exercise ],for instance, shows a version, converted into Promela, that was recommended bya major computer manufacturer in the not too distant past.

The following are some other ideas, each of these can form the kernel of a successful mutex algorithm.

First-come, first-served. Within Promela/SPIN, we assume onestatement is executed at a time, so processes must arrive at the critical section in some particular order.
Pre-determined priority order, e.g. , by process ID.
Least recently used. I.e. , processes defer to others that haven't recently executed this code.
Random. E.g. , each process randomly chooses a number, withties broken randomly also.

Issues in writing feasibly-verifiable programs (optional)

Banking

Our first Promela examples were drastically simplified models of banking, with deposits and withdrawals. Now, let's considera production-quality system of bank accounts. Its code base could easily entail millions of lines of code.

Before we start porting the entire system to Promela, let's consider what it is we want to use SPIN to verify.Ideally, we want to verify everything, including ensuring that each account balance is correct. But, think aboutthat in conjunction with SPIN's approach using state spaces.

Even with only one bank account, if we model balances accurately, we need an infinite number of statesone for each possible balance. Similarly, the production system likely has no boundon the number of possible accounts. SPIN would have a wee bit of difficulty searching theentire state space in finite time. To make verification feasible, all SPIN models are requiredto be finite. (All data types, including int , have a finite range.)

How could we restrict the Promela program to guarantee finiteness?The most obvious and least restrictive option is to simply use the int type and ensure that any examples used should not cause overflow.

To make verification efficient, the state space should berelatively small. Even using int s as bank balances andaccount numbers, assuming only 1000 lines of code and ignoring any other program variables, we still have $2^{32} 2^{32} 1000$ statesover 18 sextillion. Even at a billion states per second, averification could still take over half a millenium!

Let's abandon the goal having our Promela prototype track the particular balances accurately.Since our focus is on concurrency, we mainly want to ensure that when there are multiple simultaneous transactions, we don't loseor mix up any of the data. We might also want to verify the securityprotocols used in selecting appropriate accounts. But, we no longer need to even keep track of balances.Furthermore, it is highly unlikely that the production code might have errors that only occur when there are a large numberof accounts, so we can comfortably use just a few.

Questions & Answers

A golfer on a fairway is 70 m away from the green, which sits below the level of the fairway by 20 m. If the golfer hits the ball at an angle of 40° with an initial speed of 20 m/s, how close to the green does she come?

Aislinn Reply

tijani

what is titration

John Reply

what is physics

Siyaka Reply

A mouse of mass 200 g falls 100 m down a vertical mine shaft and lands at the bottom with a speed of 8.0 m/s. During its fall, how much work is done on the mouse by air resistance

Jude Reply

Can you compute that for me. Ty

Jude

what is the dimension formula of energy?

David Reply

what is viscosity?

David

what is inorganic

emma Reply

what is chemistry

Youesf Reply

what is inorganic

emma

Chemistry is a branch of science that deals with the study of matter,it composition,it structure and the changes it undergoes

Adjei

please, I'm a physics student and I need help in physics

Adjanou

chemistry could also be understood like the sexual attraction/repulsion of the male and female elements. the reaction varies depending on the energy differences of each given gender. + masculine -female.

Pedro

A ball is thrown straight up.it passes a 2.0m high window 7.50 m off the ground on it path up and takes 1.30 s to go past the window.what was the ball initial velocity

Krampah Reply

2. A sled plus passenger with total mass 50 kg is pulled 20 m across the snow (0.20) at constant velocity by a force directed 25° above the horizontal. Calculate (a) the work of the applied force, (b) the work of friction, and (c) the total work.

Sahid Reply

you have been hired as an espert witness in a court case involving an automobile accident. the accident involved car A of mass 1500kg which crashed into stationary car B of mass 1100kg. the driver of car A applied his brakes 15 m before he skidded and crashed into car B. after the collision, car A s

Samuel Reply

can someone explain to me, an ignorant high school student, why the trend of the graph doesn't follow the fact that the higher frequency a sound wave is, the more power it is, hence, making me think the phons output would follow this general trend?

Joseph Reply

Nevermind i just realied that the graph is the phons output for a person with normal hearing and not just the phons output of the sound waves power, I should read the entire thing next time

Joseph

Follow up question, does anyone know where I can find a graph that accuretly depicts the actual relative "power" output of sound over its frequency instead of just humans hearing

Joseph

"Generation of electrical energy from sound energy | IEEE Conference Publication | IEEE Xplore" ***ieeexplore.ieee.org/document/7150687?reload=true

Ryan

what's motion

Maurice Reply

what are the types of wave

Maurice

answer

Magreth

progressive wave

Magreth

hello friend how are you

Muhammad Reply

fine, how about you?

Mohammed

Mujahid

A string is 3.00 m long with a mass of 5.00 g. The string is held taut with a tension of 500.00 N applied to the string. A pulse is sent down the string. How long does it take the pulse to travel the 3.00 m of the string?

yasuo Reply

Who can show me the full solution in this problem?

Reofrir Reply

Got questions? Join the online conversation and get instant answers!

Jobilize.com Reply

<< Chapter < Page Page > Chapter >>

Read also:

Get Jobilize Job Search Mobile App in your pocket Now!

100% Free Mobile Applications
Receive real-time job alerts and never miss the right job again

Source: OpenStax, Model checking concurrent programs. OpenStax CNX. Oct 27, 2005 Download for free at http://cnx.org/content/col10294/1.3

Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Model checking concurrent programs' conversation and receive update notifications?

Ask

	1 CDL Quiz - Air Brakes Endorsement Part 1 By Jazzycazz Jackson Start Quiz
	20 Biology 20 Phylogenies the History of Life MCQ By OpenStax Start Quiz
	10 Clin Sci I - GI Twedt quiz By Brooke Delaney Start Quiz
	9 Arts Society: Theater 9 Exam By Jonathan Long Start Exam
	1 Arts Society: Theater 1 By Jonathan Long Start Quiz
	9 Psychology MCQ 2011 2 Exam By John Gabrieli Start Exam
	Evolutionary Biology Ecology By Olivia D'Ambrogio Start Quiz
	11 Sociology 11 Race and Ethnicity MCQ By OpenStax Start Quiz
	OOP with Java - Quiz 1 By Vongkol HENG Start Quiz
	2 Microeconomics 02 Choice in a World of Scarcity By OpenStax Start Flashcards