SLIDE 1 Overview
1 Lecture 2: Races
Joost-Pieter Katoen Theoretical Foundations of the UML 1/23
in
MSCS that
complicates
their
✓
P
"
"
interpretation
formal definition
\
algor
.
than
hating
\
'
Msc
has
a
race ?
SLIDE 2 Theoretical Foundations of the UML
Lecture 2: Races Joost-Pieter Katoen
Lehrstuhl für Informatik 2 Software Modeling and Verification Group
moves.rwth-aachen.de/teaching/ss-20/fuml/
April 21, 2020
Joost-Pieter Katoen Theoretical Foundations of the UML 2/23
SLIDE 3 Summary of Lecture #1
Joost-Pieter Katoen Theoretical Foundations of the UML 3/23
SLIDE 4 Summary of Lecture #1
1 A Message Sequence Chart is a partial order
between send and receive events totally ordered per process
vertical ordering
receive events happen after their send events
message ordering
respecting the first-in first out (FIFO) property
Joost-Pieter Katoen Theoretical Foundations of the UML 3/23 p I ez
>
e ,
±
:
4¥
non
9
S p
5
ez
< g
e ,
Fito
.
SLIDE 5 Summary of Lecture #1
1 A Message Sequence Chart is a partial order
between send and receive events totally ordered per process
vertical ordering
receive events happen after their send events
message ordering
respecting the first-in first out (FIFO) property
2 Linearizations are totally ordered extensions of partial orders
all linearizations of an MSC are well-formed
1
every receive is preceded by a corresponding send
2
respects the FIFO ordering
3
no send events without corresponding receive
Joost-Pieter Katoen Theoretical Foundations of the UML 3/23
{
SLIDE 6 Summary of Lecture #1
1 A Message Sequence Chart is a partial order
between send and receive events totally ordered per process
vertical ordering
receive events happen after their send events
message ordering
respecting the first-in first out (FIFO) property
2 Linearizations are totally ordered extensions of partial orders
all linearizations of an MSC are well-formed
1
every receive is preceded by a corresponding send
2
respects the FIFO ordering
3
no send events without corresponding receive
3 Every well-formed word can be transformed into an MSC
two linearizations of the same MSC yield isomorphic MSCs
Joost-Pieter Katoen Theoretical Foundations of the UML 3/23
→
MIM
I
Liners
SLIDE 7 Summary of Lecture #1
1 A Message Sequence Chart is a partial order
between send and receive events totally ordered per process
vertical ordering
receive events happen after their send events
message ordering
respecting the first-in first out (FIFO) property
2 Linearizations are totally ordered extensions of partial orders
all linearizations of an MSC are well-formed
1
every receive is preceded by a corresponding send
2
respects the FIFO ordering
3
no send events without corresponding receive
3 Every well-formed word can be transformed into an MSC
two linearizations of the same MSC yield isomorphic MSCs
4 So: there is a 1-to-1 relation between an MSC and its linearizations Joost-Pieter Katoen Theoretical Foundations of the UML 3/23 kin
C M )
SLIDE 8 Example
p1 p2 p3 a b c d e msc
Joost-Pieter Katoen Theoretical Foundations of the UML 4/23
e
co
'
ele )
=
! Cp
, , Be , a)
Ice
'
)= ? ( Pap
,
, a)
SLIDE 9 Example
p1 p2 p3 a b c d e msc
These pictures are formalized using partial orders.
Joost-Pieter Katoen Theoretical Foundations of the UML 4/23
SLIDE 10 Message Sequence Chart (MSC) (1)
Definition
An MSC M = (P, E, C, l, m, ) with:
Joost-Pieter Katoen Theoretical Foundations of the UML 5/23
SLIDE 11 Message Sequence Chart (MSC) (1)
Definition
An MSC M = (P, E, C, l, m, ) with: P, a finite set of processes {p1, p2, . . . , pn}
Joost-Pieter Katoen Theoretical Foundations of the UML 5/23
O
Pi
Pz
Pn
G T
u
SLIDE 12 Message Sequence Chart (MSC) (1)
Definition
An MSC M = (P, E, C, l, m, ) with: P, a finite set of processes {p1, p2, . . . , pn} E, a finite set of events E =
Ep = E? · ∪ E!
Joost-Pieter Katoen Theoretical Foundations of the UML 5/23
horizontally
SLIDE 13 Message Sequence Chart (MSC) (1)
Definition
An MSC M = (P, E, C, l, m, ) with: P, a finite set of processes {p1, p2, . . . , pn} E, a finite set of events E =
Ep = E? · ∪ E! C, a finite set of message contents
Joost-Pieter Katoen Theoretical Foundations of the UML 5/23
, b
,
c
←
I
.
SLIDE 14 Message Sequence Chart (MSC) (1)
Definition
An MSC M = (P, E, C, l, m, ) with: P, a finite set of processes {p1, p2, . . . , pn} E, a finite set of events E =
Ep = E? · ∪ E! C, a finite set of message contents l : E → Act, a labelling function defined by: l(e) =
if e ∈ Ep ∩ E! ?(p, q, a) if e ∈ Ep ∩ E? , for p = q ∈ P, a ∈ C
Joost-Pieter Katoen Theoretical Foundations of the UML 5/23
SLIDE 15 Message Sequence Chart (MSC) (2)
Joost-Pieter Katoen Theoretical Foundations of the UML 6/23
SLIDE 16 Message Sequence Chart (MSC) (2)
Definition
m : E! → E? a bijection (“matching function”), satisfying: m(e) = e′ ∧ l(e) = !(p, q, a) implies l(e′) = ?(q, p, a) (p = q, a ∈ C)
Joost-Pieter Katoen Theoretical Foundations of the UML 6/23
µ.e
,
meet
'
SLIDE 17 Message Sequence Chart (MSC) (2)
Definition
m : E! → E? a bijection (“matching function”), satisfying: m(e) = e′ ∧ l(e) = !(p, q, a) implies l(e′) = ?(q, p, a) (p = q, a ∈ C) ⊆ E × E is a partial order (“visual order”) defined by: =
<p
<p is a total order = “top-to- bottom” order on process p
∪ {(e, m(e)) | e ∈ E!}
∗
where for relation R, R∗ denotes its reflexive and transitive closure.
Joost-Pieter Katoen Theoretical Foundations of the UML 6/23
±
C
SLIDE 18 Example
Joost-Pieter Katoen Theoretical Foundations of the UML 7/23
p
a-
r
Eo
e ,
ez
S
m ( ez )=e
,
es #
.
ea
m
C es )=eg
Hasse
diagram
< p
i
eco
Cp
es
Cs
i
e ,
as ez
eo
→
④
←
t
Sr
i
eg Crea
ez
e ,
→ to
.
.
SLIDE 19 Visual order can be misleading
p1 p2 p3 a b c msc
Joost-Pieter Katoen Theoretical Foundations of the UML 8/23
SLIDE 20 Visual order can be misleading
p1 p2 p3 a b c msc
If message b takes much shorter than message a, then c might arrive at p1 before a.
Joost-Pieter Katoen Theoretical Foundations of the UML 8/23
e ,
Eo
f
ez @
⑨
S
e⑨
eh
! Cpa
, p ,
,
a )
! C pups
, b)
? ( pg , Pz
, b)
! ( pg
, P , , c)
7
! ( p ,
, Pz , C)
G
!
Cp
, ,Pz
,
a )
SLIDE 21 Visual order can be misleading
p1 p2 p3 a b c msc
If message b takes much shorter than message a, then c might arrive at p1 before a. In practice, e6 might occur before e2, but e2 <p1 e6 and thus e2 e6. This is misleading and called a race.
Joost-Pieter Katoen Theoretical Foundations of the UML 8/23
ez
E
eb
EGO
I
possible
Ef
before
e ,
SLIDE 22 What is a race?
A race condition asserts a particular order of events will occur because
- f the visual ordering (i.e., the partial order ) when, in practice, this
- rder cannot be guaranteed to hold.
Joost-Pieter Katoen Theoretical Foundations of the UML 9/23
SLIDE 23 What is a race?
A race condition asserts a particular order of events will occur because
- f the visual ordering (i.e., the partial order ) when, in practice, this
- rder cannot be guaranteed to hold.
Q: When are race conditions possible and how to detect them?
Joost-Pieter Katoen Theoretical Foundations of the UML 9/23
i
formally
define what
algorithm
m is
a
race
?
I
:
M
has
a
race
not
.
SLIDE 24 Causal order
Joost-Pieter Katoen Theoretical Foundations of the UML 10/23
in
a
different
way
than
£
:
visual
→
pot
the
MSC
definition
.
SLIDE 25 Causal order
Main principles: Send events should happen before their matching receive events The ordering of events wrt. sends on same process is unaffected Receive events on a process sent from the same process are ordered as their sends
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
Joost-Pieter Katoen Theoretical Foundations of the UML 10/23
y
similar
⑦
as
①
③
✓
visual
②
③
e
.
e '
e'
"
tea
ease
'
SLIDE 26 Causal order
Main principles: Send events should happen before their matching receive events The ordering of events wrt. sends on same process is unaffected Receive events on a process sent from the same process are ordered as their sends
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
Joost-Pieter Katoen Theoretical Foundations of the UML 10/23
②
a
:*
.
SLIDE 27 p
9-
r
a
e
a
hi
' Ce)
b
e
'
m
'
' (
e ' )
e ¢
e
°
because thee
is
no
process
u
such
that
m
e )
su
m
Ce
" )
as m
le )
and
rn
e
' )
at different processes
SLIDE 28 Causal order
Main principles: Send events should happen before their matching receive events The ordering of events wrt. sends on same process is unaffected Receive events on a process sent from the same process are ordered as their sends
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′)
Joost-Pieter Katoen Theoretical Foundations of the UML 10/23
③
p
g
r
e.
←
"
"
y
y
!
. m
TIP
7¥
SLIDE 29 Causal order
Main principles: Send events should happen before their matching receive events The ordering of events wrt. sends on same process is unaffected Receive events on a process sent from the same process are ordered as their sends
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′) ∗ is a partial order (referred to as causal order) in which events at the same process are not necessarily ordered.
Joost-Pieter Katoen Theoretical Foundations of the UML 10/23
O
(
e
.
O
SLIDE 30 Causal order: example
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′)
Joost-Pieter Katoen Theoretical Foundations of the UML 11/23
SLIDE 31 Causal order: example
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′)
p1 p2 p3 a b c msc
Joost-Pieter Katoen Theoretical Foundations of the UML 11/23
SLIDE 32 Causal order: example
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′)
p1 p2 p3 a b c msc
Example
Joost-Pieter Katoen Theoretical Foundations of the UML 11/23
ez
e ,
g ea
et er
SLIDE 33 Causal order: example
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′)
p1 p2 p3 a b c msc
Example
e1 e2, e3 e4, e5 e6,
Joost-Pieter Katoen Theoretical Foundations of the UML 11/23
①
( e , )
=
ez
ez
e ,
→ e , a
ez g
es et
es
①
SLIDE 34 Causal order: example
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′)
p1 p2 p3 a b c msc
Example
e1 e2, e3 e4, e5 e6, e1 e3, e4 e5,
Joost-Pieter Katoen Theoretical Foundations of the UML 11/23
ez
Eg Cpg
e5 ez
EG
er
{ eases )
n
E ! -40
es
aces
er
② ②
SLIDE 35 Causal order: example
Definition
For MSC M = (P, E, C, l, m, ), relation ⊆ E × E is defined by: e e′ iff e′ = m(e)
e <p e′ and E! ∩ {e, e′} = ∅
e, e′ ∈ Ep ∩ E? and m−1(e) <q m−1(e′)
p1 p2 p3 a b c msc
Example
e1 e2, e3 e4, e5 e6, e1 e3, e4 e5, not (e2 e6)
Joost-Pieter Katoen Theoretical Foundations of the UML 11/23
O
SLIDE 36 Races
Definition
MSC M contains a race if for some e, e′ ∈ E? and process p: e <p e′ but not (e ∗ e′)
where ∗ ⊆ E × E is the reflexive and transitive closure of . As relation ∗ contains at most all orderings in , the MSC M has a race whenever ⊆ ∗.
Joost-Pieter Katoen Theoretical Foundations of the UML 12/23
.
O
voi
÷
!
SLIDE 37 Race: example
p1 p2 p3 a b c msc
Joost-Pieter Katoen Theoretical Foundations of the UML 13/23
SLIDE 38 Race: example
p1 p2 p3 a b c msc
Visual order versus causal order
1 e1 e2, e3 e4, e5 e6, e1 e3, e4 e5, e2 e6 2 e1 e2, e3 e4, e5 e6, e1 e3, e4 e5, not (e2 e6)
As ⊆ ∗, this MSC contains a race.
Joost-Pieter Katoen Theoretical Foundations of the UML 13/23
⑦
e
: :&
SLIDE 39 Other examples
On the black board.
Joost-Pieter Katoen Theoretical Foundations of the UML 14/23
SLIDE 40 p
s
r
MSC
has
a
race 7
702
a
:
b
3
34
y as
6
c
C
r
g
45
a
2
I
:
a
t 2
I
b
because
2
sp
6
not
za
6
t
E
r
a
z
2
MSC
has
no
b
4
s
3 race
.
6
a
t
K
:
n
K2
,
ska
,
546
,
245
,
1K
3,3
KG
=
I
visual
SLIDE 41 Why are races problematic?
Recall: MSC M has a race if ⊆ ∗ or equivalently: ∃e, e′ ∈ E? . (e <p e′ and e ∗ e′) Whenever ⊆ ∗, implementations based on <p may cause problems:
1 unspecified message reception
a process receives a message which by the MSC is not possible
2 deadlocks
a process blocking on receipt of an unexpected message may block
3 message loss
unexpectedly received messages may be ignored
4 exploiting wrong message content Joost-Pieter Katoen Theoretical Foundations of the UML 15/23
{
: :
SLIDE 42 Checking whether an MSC has a race
1for digraphs without negative cycles. Joost-Pieter Katoen Theoretical Foundations of the UML 16/23
Tortosa
SLIDE 43 Checking whether an MSC has a race
MSC M has a race if ⊆ ∗ How to check whether MSC M has a race?
compute ∗ and check whether ⊆ ∗
transitive closure ∗ is computed using Floyd-Warshall’s algorithm
algorithm for finding shortest paths in a weighted digraph with positive or negative edge weights1 easily adapted for computing the transitive closure of digraphs worst-case time complexity O(|E|3) by using some specifics of MSC, this is reduced to O(|E|2)
So: race checking can be done quadratically in the number of events
1for digraphs without negative cycles. Joost-Pieter Katoen Theoretical Foundations of the UML 16/23
I
no
es O
✓
relation
✓
↳
set
events
in
MSC
M
SLIDE 44 Computing ∗: Warshall’s algorithm
Algorithm
compute ∗
and compare with Warshall’s algorithm: input: R ⊆ X × X where X is a set
R∗
Joost-Pieter Katoen Theoretical Foundations of the UML 17/23
#
X
=
E
for
Msas
O
SLIDE 45 Computing ∗: Warshall’s algorithm
Algorithm
compute ∗
and compare with Warshall’s algorithm: input: R ⊆ X × X where X is a set
R∗
Idea:
Consider R and R∗ as directed graphs There is an edge x ⇒ y in R∗ iff there is a (possibly empty) sequence x = x0 → x1 → x2 → . . . → xn = y in R (our setting: X = E, R = , R∗ = ∗)
Joost-Pieter Katoen Theoretical Foundations of the UML 17/23
SLIDE 46 Warshall’s algorithm: preliminaries
Joost-Pieter Katoen Theoretical Foundations of the UML 18/23
SLIDE 47 Warshall’s algorithm: preliminaries
assume: graph vertices are numbered {1, 2, . . . , n} where n = |E|
Joost-Pieter Katoen Theoretical Foundations of the UML 18/23
=
1×1
R
X={
x
,
,
.
R={
C x
,
,xa )
,
Cska )
, ( Xz ,Xs ) )
( r )
:
④
→
④
④
→
④
SLIDE 48 Warshall’s algorithm: preliminaries
assume: graph vertices are numbered {1, 2, . . . , n} where n = |E| for j ∈ {1, . . . , n+1} define relation
j
= ⇒ as follows: x
j
= ⇒ y iff ∃ path in R from x to y such that all vertices
- n the path (= x, y) have a smaller number than j
Joost-Pieter Katoen Theoretical Foundations of the UML 18/23
④ FEE
.to
number
a
j
x
Is y
SLIDE 49 Warshall’s algorithm: preliminaries
assume: graph vertices are numbered {1, 2, . . . , n} where n = |E| for j ∈ {1, . . . , n+1} define relation
j
= ⇒ as follows: x
j
= ⇒ y iff ∃ path in R from x to y such that all vertices
- n the path (= x, y) have a smaller number than j
Then: (1) x = ⇒ y iff x n+1 = ⇒ y (2) x
1
= ⇒ y iff x = y or x y (3) x
y+1
= ⇒ z iff x
y
= ⇒ z or x
y
= ⇒ y
y
= ⇒ z
Joost-Pieter Katoen Theoretical Foundations of the UML 18/23
ntn
O I
initial isatin
indnetinaj
ja
x
y
SLIDE 50 Warshall’s algorithm: preliminaries
assume: graph vertices are numbered {1, 2, . . . , n} where n = |E| for j ∈ {1, . . . , n+1} define relation
j
= ⇒ as follows: x
j
= ⇒ y iff ∃ path in R from x to y such that all vertices
- n the path (= x, y) have a smaller number than j
Then: (1) x = ⇒ y iff x n+1 = ⇒ y (2) x
1
= ⇒ y iff x = y or x y (3) x
y+1
= ⇒ z iff x
y
= ⇒ z or x
y
= ⇒ y
y
= ⇒ z Algorithm: determine the relations
1
= ⇒, . . . ,
n
= ⇒, n+1 = ⇒ iteratively using properties (2) + (3);
Joost-Pieter Katoen Theoretical Foundations of the UML 18/23
(
, Y )
ER
*
←
termination
Condition
SLIDE 51 Warshall’s algorithm: preliminaries
assume: graph vertices are numbered {1, 2, . . . , n} where n = |E| for j ∈ {1, . . . , n+1} define relation
j
= ⇒ as follows: x
j
= ⇒ y iff ∃ path in R from x to y such that all vertices
- n the path (= x, y) have a smaller number than j
Then: (1) x = ⇒ y iff x n+1 = ⇒ y (2) x
1
= ⇒ y iff x = y or x y (3) x
y+1
= ⇒ z iff x
y
= ⇒ z or x
y
= ⇒ y
y
= ⇒ z Algorithm: determine the relations
1
= ⇒, . . . ,
n
= ⇒, n+1 = ⇒ iteratively using properties (2) + (3); Result is then given by (1). Store
i
= ⇒ in a boolean matrix C of cardinality |E| × |E|
Joost-Pieter Katoen Theoretical Foundations of the UML 18/23
O
SLIDE 52 Warshall’s algorithm: preliminaries
assume: graph vertices are numbered {1, 2, . . . , n} where n = |E| for j ∈ {1, . . . , n+1} define relation
j
= ⇒ as follows: x
j
= ⇒ y iff ∃ path in R from x to y such that all vertices
- n the path (= x, y) have a smaller number than j
Then: (1) x = ⇒ y iff x n+1 = ⇒ y (2) x
1
= ⇒ y iff x = y or x y (3) x
y+1
= ⇒ z iff x
y
= ⇒ z or x
y
= ⇒ y
y
= ⇒ z Algorithm: determine the relations
1
= ⇒, . . . ,
n
= ⇒, n+1 = ⇒ iteratively using properties (2) + (3); Result is then given by (1). Store
i
= ⇒ in a boolean matrix C of cardinality |E| × |E| Postcondition: C[x, y] = true iff (x, y) ∈ R∗ Precondition: ∀x, y ∈ X . C[x, y] = false
Joost-Pieter Katoen Theoretical Foundations of the UML 18/23
termination initial isatin
→
loop .
SLIDE 53 Warshall’s algorithm
/* first compute x
1
= ⇒ y */
for x := 1 to n do for y := 1 to n do C[x, y] := (x = y or (x, y) ∈ R
)
/* loop invariant: after the j-th iteration of */ /* outermost loop it holds: C[x, y] = true iff x
j+1
= ⇒ y */
for y := 1 to n do for x := 1 to n do if C[x, y] then for z := 1 to n do if C[y, z] then C[x, z] := true
Joost-Pieter Katoen Theoretical Foundations of the UML 19/23
init axon
i
.
Is
. . . .
2
.
. {
g
it
y
}
loop
③
y
⇒ z
SLIDE 54 Correctness and complexity
Lemma: correctness
After j iterations: x
j+1
= ⇒ y iff C[x, y] = true.
Proof.
if: trivial; only if: by induction on j.
Joost-Pieter Katoen Theoretical Foundations of the UML 20/23
SLIDE 55 Claim
:
after
j
iterations
(
for
any
)
:
jti
k
→
m
implies
CEk,mJ=7
Proof
:
by
induction
j
.
1)
base
case
:
j=o
i
it
follows from
the
initial
isatin
jtr
2)
ind
.
step
:
let
j
3
assume
he
⇒
m
if
C
Ek
,
m ]
⇒
,
done
✓
k¥m
b)
assume
C
Ebm )
=
Then
by
ind
. hyp .
,
it
follows
k ¥
m
.
But
since
he
m
iff k #
m
k # j
m
Cby
Cs )) it
follows k # j
m
.
Thus
C
Eksj]
=
tune
and C
Ejsm ]
=
tune
Thes
deny
the
j
iteration
Cham )
is
set
to
true
DX
SLIDE 56 Correctness and complexity
Lemma: correctness
After j iterations: x
j+1
= ⇒ y iff C[x, y] = true.
Proof.
if: trivial; only if: by induction on j.
Complexity
Worst-case time complexity of Warshall’s algorithm : O(n3) with n = |X|
Proof.
follows from the fact that there is a triple-nested loop of which each loop has at most n iterations.
Joost-Pieter Katoen Theoretical Foundations of the UML 20/23
✓
SLIDE 57 Efficiency improvement [Alur et al. ’96]
Warshall’s algorithm computes R∗ for every binary relation R ⊆ X × X.
Joost-Pieter Katoen Theoretical Foundations of the UML 21/23
T
arbitrary
SLIDE 58 Efficiency improvement [Alur et al. ’96]
Warshall’s algorithm computes R∗ for every binary relation R ⊆ X × X. Recall: our interest is in determining R∗ for R =
Joost-Pieter Katoen Theoretical Foundations of the UML 21/23
SLIDE 59 Efficiency improvement [Alur et al. ’96]
Warshall’s algorithm computes R∗ for every binary relation R ⊆ X × X. Recall: our interest is in determining R∗ for R = Using some properties of , the complexity can be improved.
Joost-Pieter Katoen Theoretical Foundations of the UML 21/23
O
Tin
SLIDE 60 Efficiency improvement [Alur et al. ’96]
Warshall’s algorithm computes R∗ for every binary relation R ⊆ X × X. Recall: our interest is in determining R∗ for R = Using some properties of , the complexity can be improved. Exploit that for :
Joost-Pieter Katoen Theoretical Foundations of the UML 21/23
SLIDE 61 Efficiency improvement [Alur et al. ’96]
Warshall’s algorithm computes R∗ for every binary relation R ⊆ X × X. Recall: our interest is in determining R∗ for R = Using some properties of , the complexity can be improved. Exploit that for :
1 is acyclic (as it is a partial order) 2 the number of immediate predecessors of e ∈ E
under is at most two (why?) Note that e is an immediate predecessor of e′ (under ) if: e e′ and ¬(∃e′′ / ∈ {e, e′}. e e′′ ∧ e′′ e′)
Joost-Pieter Katoen Theoretical Foundations of the UML 21/23
e " ⑧ →
✓
e' too
e
SLIDE 62 Efficiency improvement [Alur et al. ’96]
The main loop of Warshall’s algorithm: for e := 1 to n do for e′ := 1 to n do if C[e′, e] then for e′′ := 1 to n do if C[e, e′′] then C[e′, e′′] := true
Joost-Pieter Katoen Theoretical Foundations of the UML 22/23
e
"
e
'
e
"
[
c
:
[
e
'
.
e
Cee 're
" I
SLIDE 63 Efficiency improvement [Alur et al. ’96]
The main loop of Warshall’s algorithm: for e := 1 to n do for e′ := 1 to n do if C[e′, e] then for e′′ := 1 to n do if C[e, e′′] then C[e′, e′′] := true The main loop of Alur et. al.’s algorithm for detecting races in MSCs: for e := 1 to n do for e′ := e − 1 downto 1 do if (not C[e′, e] and e′ e) then C[e′, e] := true for e′′ := 1 to e′ − 1 do if C[e′′, e′] then C[e′′, e] := true
Joost-Pieter Katoen Theoretical Foundations of the UML 22/23
I
e
"
e
'
e
eh
→
{
any
e
.
)
e
SLIDE 64 Detecting races in MSCs
Theorem
Let M be an MSC with set E of events and n = |E|. Checking whether M has a race can be done in O(n2).
Proof.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/23
SLIDE 65 Detecting races in MSCs
Theorem
Let M be an MSC with set E of events and n = |E|. Checking whether M has a race can be done in O(n2).
Proof.
Since is acyclic, we number the events such that the numbering defines a total
- rder that is consistent with visual order . This can be done in O(n) using a
standard topological sort.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/23
SLIDE 66 Detecting races in MSCs
Theorem
Let M be an MSC with set E of events and n = |E|. Checking whether M has a race can be done in O(n2).
Proof.
Since is acyclic, we number the events such that the numbering defines a total
- rder that is consistent with visual order . This can be done in O(n) using a
standard topological sort. Then observe that the innermost loop: for e′′ := 1 to e′ − 1 do if C[e′′, e′] then C[e′′, e] := true
- f the triple-nested main loop is executed for (e, e′) only if e′ is an immediate
predecessor of e under .
Joost-Pieter Katoen Theoretical Foundations of the UML 23/23
"
SLIDE 67 Detecting races in MSCs
Theorem
Let M be an MSC with set E of events and n = |E|. Checking whether M has a race can be done in O(n2).
Proof.
Since is acyclic, we number the events such that the numbering defines a total
- rder that is consistent with visual order . This can be done in O(n) using a
standard topological sort. Then observe that the innermost loop: for e′′ := 1 to e′ − 1 do if C[e′′, e′] then C[e′′, e] := true
- f the triple-nested main loop is executed for (e, e′) only if e′ is an immediate
predecessor of e under . As for MSCs, an event can have at most two immediate predecessors, the innermost two loop is executed at most 2 · n times in total.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/23
SLIDE 68 Detecting races in MSCs
Theorem
Let M be an MSC with set E of events and n = |E|. Checking whether M has a race can be done in O(n2).
Proof.
Since is acyclic, we number the events such that the numbering defines a total
- rder that is consistent with visual order . This can be done in O(n) using a
standard topological sort. Then observe that the innermost loop: for e′′ := 1 to e′ − 1 do if C[e′′, e′] then C[e′′, e] := true
- f the triple-nested main loop is executed for (e, e′) only if e′ is an immediate
predecessor of e under . As for MSCs, an event can have at most two immediate predecessors, the innermost two loop is executed at most 2 · n times in total. This yields a total worst-case time complexity of n2+2·n.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/23
