1. Home
  2. Model checking concurrent
  3. Model checking concurrent
  4. Modeling concurrent processes

0.3 Modeling concurrent processes  (Page 13/21)

<< Chapter < Page
  Model checking concurrent     Page 13 / 21
Chapter >> Page >

If we run SPIN's verifier on the code for the Tiny Server and Clients example , we get a spuriousinvalid end stateerror, since we expect the client to be alive and listening forfor any more requests.

To let SPIN know that is acceptable and shouldn't actually be considered deadlock, we label the beginning ofthe server loop as being a valid end state: We give it a label whose first threeletters are end , as shown below. Run the verifier again on this, and there shouldbe no error message.

1 /* Number of each type of client. */ 2 #define NUM_CLIENTS 13 4 /* Define the named constants. */5 mtype = {NONE, REQ1, REQ2}; 67 /* Declare a shared variable. */ 8 show mtype request = NONE;9 10 active proctype server()11 { 12 /* Waiting for a request is a valid place to end. */13 endwait: 14 do15 :: request == REQ1 ->16 printf("Processing request type 1.\n"); 17 request = NONE;18 :: request == REQ2 ->19 printf("Processing request type 2.\n"); 20 request = NONE;21 od; 22 }23 24 active[NUM_CLIENTS]proctype client1() 25 {26 atomic { 27 request == NONE ->28 request = REQ1; 29 }30 } 3132 active[NUM_CLIENTS] proctype client2()33 { 34 atomic {35 request == NONE ->36 request = REQ2; 37 }38 }

More formally, what this does is to tag some of the states in the state space as being valid, if they happen tobe an end-state.

The state space for the above program. The endwait label makes the bottom two states be valid end states.

Putting the end label in front of the entire do statement may not seem as natural to you as: do ::end1: request == REQ1 ->:: end2:request == REQ2 ->od; However, this is not acceptable! Try it, by entering the changes and running a syntax check.The problem is that end1 and end2 both represent the same program point, where the program waits for some guard to become true.It would be nonsensical to have (say) one of the two guards labeled an end-state without the other one being an end-state.To prevent surprising inconsistencies, Promela disallows labels in front of individual guards of a compound statement.

There are other syntactic restrictions of where labels can appear. The most commonly encountered is that they cannot appearat the end of a statement block. For example, instead of { x = 1;y = 2; label: /* Label not allowed here. */} you can introduce a dummy statement, and label it: { x = 1;y = 2; label:skip; /* A statement that does nothing. */ }

Mutual exclusionA morality play (optional)

It's worth showing several examples of correct and incorrect concurrentprograms, and how SPIN can implement and attempt to verify them. We'll examine a sequence of programs, all dealing with mutualexclusion protocols. We hope to leave the gentle reader with an appreciation ofthe non-obvious nature of concurrent bugs (and hence the value of automated verification).

Questions & Answers

what is phylogeny
Odigie Reply
evolutionary history and relationship of an organism or group of organisms
AI-Robot
ok
Deng
what is biology
Hajah Reply
the study of living organisms and their interactions with one another and their environments
AI-Robot
what is biology
Victoria Reply
HOW CAN MAN ORGAN FUNCTION
Alfred Reply
the diagram of the digestive system
Assiatu Reply
allimentary cannel
Ogenrwot
How does twins formed
William Reply
They formed in two ways first when one sperm and one egg are splited by mitosis or two sperm and two eggs join together
Oluwatobi
what is genetics
Josephine Reply
Genetics is the study of heredity
Misack
how does twins formed?
Misack
What is manual
Hassan Reply
discuss biological phenomenon and provide pieces of evidence to show that it was responsible for the formation of eukaryotic organelles
Joseph Reply
what is biology
Yousuf Reply
the study of living organisms and their interactions with one another and their environment.
Wine
discuss the biological phenomenon and provide pieces of evidence to show that it was responsible for the formation of eukaryotic organelles in an essay form
Joseph Reply
what is the blood cells
Shaker Reply
list any five characteristics of the blood cells
Shaker
lack electricity and its more savely than electronic microscope because its naturally by using of light
Abdullahi Reply
advantage of electronic microscope is easily and clearly while disadvantage is dangerous because its electronic. advantage of light microscope is savely and naturally by sun while disadvantage is not easily,means its not sharp and not clear
Abdullahi
cell theory state that every organisms composed of one or more cell,cell is the basic unit of life
Abdullahi
is like gone fail us
DENG
cells is the basic structure and functions of all living things
Ramadan
What is classification
ISCONT Reply
is organisms that are similar into groups called tara
Yamosa
in what situation (s) would be the use of a scanning electron microscope be ideal and why?
Kenna Reply
A scanning electron microscope (SEM) is ideal for situations requiring high-resolution imaging of surfaces. It is commonly used in materials science, biology, and geology to examine the topography and composition of samples at a nanoscale level. SEM is particularly useful for studying fine details,
Hilary
Got questions? Join the online conversation and get instant answers!
Jobilize.com Reply
<< Chapter < Page Page > Chapter >>

Read also:

Get Jobilize Job Search Mobile App in your pocket Now!

Get it on Google Play Download on the App Store Now




Source:  OpenStax, Model checking concurrent programs. OpenStax CNX. Oct 27, 2005 Download for free at http://cnx.org/content/col10294/1.3
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Model checking concurrent programs' conversation and receive update notifications?

Ask