• Nem Talált Eredményt

Example: Greatest Common Divisor – GCD

In document Design of Distributed Systems (Pldal 16-95)

22. Practice 8

2.5. Example: Greatest Common Divisor – GCD

2.6. Partial Function and Logical Relation

Lecture 2

7

Created by XMLmind XSL-FO Converter.

• A relation is called a partial function, if for all the set has at most one element. If then is a function.

• If is a relation, where is an arbitrary set and is the set of the logical values, then is called a logical relation.

2.7. Truth Set

• The truth set of the logical function is defined as

• The logical functions are defined by their truth

sets. .

2.8. Transitive Disjunctive Closure

• The power-set (set of subsets) of set is denoted by .

• relation is the transitive disjunctive closure of relation , if

is the smallest relation, for which holds:

Lecture 2

• if and , then

• for any numerable set : .

2.9. Example TDC Relation

, ,

,

9

Created by XMLmind XSL-FO Converter.

Chapter 3. Lecture 3

1. Problem

1.1. Problem

• The problem is defined as a set of specification relations.

• Every specification relation is defined over the powerset of the state space.

• Let be logical functions.

• According to specification requirement the program is enabled to change state to

state only.

• According to the specification relation the variable is non-decreasing and can be increased one by one.

Lecture 3

1.4. Problem Definition

• Let be a state space and let be a finite or numerable set.

• The relation , where

is called a problem defined over the state space .

• is called the parameter space of the problem.

Two relations expressing boundary properties and five relations expressing transition properties are associated to every point of set .

1.5. Notation

• Let denote an arbitrary element of the domain of the problem.

• Let denote an element of .

• The components of are denoted by and by

respectively.

• If then we use instead of in the indices for the sake of simplicity.

1.6. Notation

Lecture 3

11

Created by XMLmind XSL-FO Converter.

1.7. Example – Value of a Function

, .

2. Abstract Parallel Program

2.1. Abstract parallel program

The abstract program is a relation

• generated by a set of conditional assignments;

• assignments are selected nondeterministically,

• executions of different processors are fairly interleaved.

• a fixed point is said to be reached in a state, if any statement in that state leaves the state unchanged.

2.2. General Assignment

• A statement over the state space is called empty and termed , if

.

• Let , , where .

• The statement is a general assignment defined by , if

Lecture 3

• We extend the domain of a relation for the whole state space in the following way:

• ,

• This kind of (simultaneous, nondeterministic) assignment is called a conditional assignment, if .

• We denote the conditional assignment the following way: , if .

• Simultaneous, nondeterministic, conditional assignment: , if

, if .

• Abbreviation:

2.6. Example – Abstract Program

Lecture 3

13

Created by XMLmind XSL-FO Converter.

, if

• Atomicity:

• if no atomicity:

• there is no state, when is 6.

Chapter 4. Lecture 4

1. Reminder

1.1. Problem

• The problem is defined as a set of specification relations.

• Every specification relation is defined over the powerset of the state space.

• Let be logical functions.

• We define

• and

1.2. Abstract Parallel Program

The abstract program is a relation

• generated by a set of conditional assignments;

• assignments are selected nondeterministically,

• executions of different processors are fairly interleaved.

• a fixed point is said to be reached in a state, if any statement in that state leaves the state unchanged.

1.3. Example

, if

2. Semantics of the Abstract Program

2.1. State Transition Trees

• Let be an ordered pair of a conditional assignment and of a nonempty, finite set of conditional assignments, such that

• ,

• where , .

• The semantics of the abstract program is defined as a binary relation which associates equivalence classes of correctly labeled state transition trees to the points of the state space.

2.2. State Transition Trees

• The labeled state transition trees are generated by the ordered pair

Lecture 4

15

Created by XMLmind XSL-FO Converter.

• of the effect relation of the initial assignment and

• of the UP(S) disjoint union of the effect relations of the elements of the abstract program.

2.3. Abstract Parallel Program – Definition

• The relation is called an abstract parallel program, if

• it associates equivalence classes of labelled transition trees to the element ,

• which trees are generated at by the ordered pairs of relations and

• have a correct labelling.

2.4. Abstract Parallel Program – Notation

• The abstract parallel program generated by is abbreviated by in the

following.

• The conditional assignment is called the initialization in and

• is said to be an element of the program .

2.5. Execution

Lecture 4

• Any path of a representative of the equivalence class is called an execution path of the abstract parallel program starting in the state .

• Any concurrent execution of conditional assignments should satisfy the requirement of serializibility.

• Every execution path of the abstract parallel program represents a possible sequential execution sequence of the assignments.

• The introduced semantics is an interleaving semantics of parallel programs.

2.6. Reachable States

• The labels (states) along the execution paths of set is denoted by .

• is the set of reachable states from state .

2.7. Unconditionally Fair Scheduling

• An execution path corresponds to the requirement of unconditionally fair scheduling,

• if every statement is selected infinitely times along the path, i.e.

• every label from index set is associated infinitely often to the vertices of the path.

3. Program Properties of the Abstract Program

3.1. Weakest Precondition

• The program properties are defined in terms of the weakest precondition of the element statements of the abstract program.

• The logical function is called the weakest precondition of the postcondition in respect to the statement .

• We define .

3.2. Weakest Precondition

• .

• .

Lecture 4

17

Created by XMLmind XSL-FO Converter.

3.3. Strongest Postcondition

• The logical function is called the strongest postcondition of in respect to .

• .

Chapter 5. Lecture 5

1. Reminder

1.1. Abstract Parallel Program and Scheduling

• The abstract parallel program generated by is abbreviated by in the

following.

• The conditional assignment is called the initialization in and

• is said to be an element of the program .

• An execution path corresponds to the requirement of unconditionally fair scheduling, if every statement is selected infinitely times along the path, i.e. every label from index set is associated infinitely often to the vertices of the path.

1.2. Weakest Precondition and Strongest Postcondition

• .

• .

• .

2. Program Properties of the Abstract Program

2.1. Invariant Properties, Definition

• is the set of logical functions of which truth are preserved by the elements of if the program is started from a state satisfying .

• .

• .

• and .

Lecture 5

19

Created by XMLmind XSL-FO Converter.

2.2. Strongest Invariant

Lemma 1 (Conjunction of invariants). is closed for the conjunction operation.

• is the conjunction of the elements of the set

• is the strongest invariant.

Theorem 1. The truth set of is the set of reachable states from .

2.3. Always True Properties, Definition

• .

• .

• Always true is not invariant.

Lecture 5

21

Created by XMLmind XSL-FO Converter.

Chapter 6. Lecture 6

1. Reminder

1.1. Invariant Properties

• is the set of logical functions of which truth are preserved by the elements of if the program is started from a state satisfying .

• is the conjunction of the elements of the set

• is the strongest invariant.

2. Program Properties of the Abstract Program

2.1. Unless Properties, Definition

• is stable while .

• .

Unless.

2.2. Unless and Invariant Property

Theorem 2. If and , then .

Theorem 3. If and , then

.

Lecture 6

2.3. Ensures Property, Definition

• is stable while in and there is a conditional assignment which ensures the transition from

to .

• .

Ensures.

Theorem 4. If and , then

.

2.4. Leads-to Property, Definition

• is the transitive disjunctive closure of relation .

Lecture 6

23

Created by XMLmind XSL-FO Converter.

is the smallest binary relation satisfying the conditions:

• .

• if and , then .

• Let denote a countable set. If , then

.

Theorem 5. If and , then

.

Chapter 7. Lecture 7

1. Reminder

1.1. Program Properties

• is the smallest binary relation satisfying the conditions:

• .

• if and , then .

• Let denote an countable set. If , then

.

2. Program Properties of the Abstract Program

2.1. Inevitability

Inevitability.

, if and only if when on all execution paths leading from and satisfying the axiom of the unconditionally fair scheduling there is a node at a finite unbounded distance from of which label is an element of the truth set of , i.e., the program inevitable reaches the truth set of started from .

Theorem 6 ( sound and complete). =

2.2. Fixed Point Properties

• A fixed point is said to be reached in a state of the state space , if none of the statements changes the state.

• and is a simultaneous, non deterministic conditional assignment, i.e.

: , if

• denotes the logical function, which characterizes the set of states over which the relation is

deterministic, i.e., .

2.3. Definitions

Set of fixed point.

Set of fixed point with deterministic assignments.

Lecture 7

25

Created by XMLmind XSL-FO Converter.

Fixed point properties.

Let us denote by the set .

2.4. Example

• , ha .

• .

2.5. Weakening of fixed point property

Theorem 7. If and , then .

2.6. Termination properties

Termination properties.

denotes the set

2.7. Behaviour relation of abstract program

Behaviour relation.

Let be a program over the state space . The system of relations

is called the behaviour relation of the parallel program .

Chapter 8. Lecture 8

• assuming that the program starts from a state satisfying all the elements of .

2.2. Reachable states

• The truth set of an invariant property may be regarded as a characterization of a subset of reachable states.

• It is sufficient for us, if the program satisfies all properties over the truth set of an invariant property.

2.3. Satisfies a specification property

Definition.

The program satisfies the specification property , if and only if

• there exists an invariant property such that the program satisfies with respect to , i.e.,

• and .

Lecture 8

27

Created by XMLmind XSL-FO Converter.

Theorem 8. The program satisfies the specification property , if it satisfies with respect to the strongest invariant, i.e. is an always true program property: (

).

2.4. Satisfies a specification property

Definition.

The program satisfies the specification property , if and only if

• there exists an invariant property such that the program satisfies with respect to , i.e.,

• and .

Theorem 9. The program satisfies the specification property , if it satisfies with respect to the strongest invariant, i.e.

.

2.5. Satisfies a specification property

Definition.

The program satisfies the specification property , if and only if

• there exists an invariant such that the program satisfies with respect to , i.e.,

• and

Theorem 10. The program satisfies the specification property , if it satisfies with respect to the strongest invariant, i.e.

.

2.6. Satisfies a specification property

Definition.

The program satisfies the specification property , if and only if

• there exists an invariant such that the program satisfies with respect to , i.e.,

• and

Theorem 11. The program satisfies the specification property , if it satisfies with respect to the strongest invariant, i.e.

.

Lecture 8

2.7. Satisfies a specification property

Definition.

The program satisfies the specification property , if and only if

• there exists an invariant such that the program satisfies with respect to , i.e.,

• and .

Theorem 12. The program satisfies the specification property , if it satisfies with respect to the strongest invariant, i.e.

.

2.8. Satisfies a specification property

Definition.

The program satisfies the specification property , if and only if

• there exists an invariant such that the program satisfies ( ) with respect to , i.e.,

• and .

Theorem 13. The program satisfies the specification property , if it satisfies with respect to the strongest invariant, i.e.

.

2.9. Solved by a program

Definition.

The problem is said to be solved by the program with respect to an invariant property

, if such that and satisfies all

the specification properties given in with respect to and the initial conditions .

2.10. Set of solutions

Definition.

We define as the set of all abstract parallel programs that solve the problem .

29

Created by XMLmind XSL-FO Converter.

Chapter 9. Lecture 9

1. Reminder

• assuming that the program starts from a state satisfying all the elements of .

1.2. Solved by a Program

Definition.

The problem is said to be solved by the program with respect to an invariant property

, if such that and satisfies all

the specification properties given in with respect to and the initial conditions .

2. Derivation Rules

2.1. Refinement of a Problem

Definition.

Let be problems defined over the state space .

If : solves solves , then the problem is a refinement of the

problem .

2.2. Refinement of Invariant Specification Property

Theorem 14. If the abstract program satisfies the specification properties and

, then satisfies the specification property too.

2.3. Refinement of Inevitable Specification Property in Finite Steps

Theorem 15. satisfies to the specification property , if it can be derived by finite number of application of the following rules:

1.

Lecture 9

• are logical functions:

• ,

• .

2.5. Application of a Variant Function

Theorem 16. logical functions, is a variant function, for

which .

If satisfies , then

satisfies too.

2.6. and Variant Function

Theorem 17. logical functions, is a variant function, for

which .

If satisfies , then

satisfies too.

2.7. Termination

Theorem 18. and is a variant function, for which

. If satisfies

for all , then satisfies .

2.8. Refinement of fixed point requirement

Theorem 19. If satisfies and , and , then

satisfies .

31

Created by XMLmind XSL-FO Converter.

Chapter 10. Lecture 10

1. Reminder

1.1. Reminder

• Problem

• Parallel Abstract Program

• Properties of the Programs

• Solution

• Derivation Rules

2. Program Constructions

extensions to of two programs on and respectively.

• If all variables belonging to get the same value in the assignments and

(i.e. ), then the program

that is defined on , is called the union of and .

2.2. Behaviour Relation of Union

Theorem 20. Let . Then:

Lecture 10

5.

6.

7.

.

2.3. Behaviour Relation of Union

Theorem 21. Let and be two problems over a common state space and parameter

2.4. Derivation Rule of Union

Theorem 22.

1.

Let and be two problems over a common state space and parameter space . 2.

Lecture 10

33

Created by XMLmind XSL-FO Converter.

Let and be two programs extended to state space , and let the union of this

2.5. Union and Subset of the State Spaces (1)

Theorem 23. Let , a logical function on state space in such a way,

2.6. Union and Subset of the State Spaces (2)

Theorem 24. Let , a logical function on state space in such a way that

, . In this case

• if , then ,

• if , then ,

• if and , then .

2.7. General Locality Theorem

Theorem 25. and are programs on the same state space. denotes the

Chapter 11. Lecture 11

extensions to of two programs on and respectively.

• If all variables belonging to get the same value in the assignments and

programs are called superpositions of the program and the assignment.

2.2. Behaviour Relation of Superposition

Theorem 26. Let the program over state space be a superposition of the program

and the statement , if , where is a program over

the subspace of . Let and be two logical functions over and let and denote the extension of and to . is the extension of the logical function

and .

Lecture 11

35

Created by XMLmind XSL-FO Converter.

1.

2.3. Weak Extension of a Problem

Definition.

is the weak extension of the problem if it is derived from the extension of , from , by leaving out the " " type specification conditions.

2.4. Derivation Rule of Superposition

Theorem 27. Let be a problem over the subspace of state space and over the parameter space . If is a solution of then any superposition of the program and the statement is a solution of the weak extension of .

2.5. Sequence of Programs

Definition.

• Let , be two subspaces of state space .

• Let be a program over ,

be a program over .

• Let denote the extension of to .

• Let be a logical variable, where the state space component of neither belongs to nor to .

2.6. Sequence of Programs (cont.)

Definition (cont.)

Lecture 11

2.7. Sequence of Programs (cont.)

Definition (cont.)

The program is called the sequence of

and is denoted as .

2.8. Behaviour Relation of Sequence

Theorem 28. In the following we suppose that the predicates , , etc. are independent of the variable . and are the extensions of the logical functions of and

respectively. Let . Then:

1.

Lecture 11

37

Created by XMLmind XSL-FO Converter.

7.

, 8.

if then ,

2.9. Behaviour Relation of Sequence (cont.)

Theorem 29. In the following we suppose that the predicates , , etc. are independent of the variable . and are the extensions of the logical functions of and

respectively. Let . Then:

1.

2.10. Derivation Rule of Program Sequencing

Theorem 30.

2.11. Derivation Rule of Program Sequencing (cont.)

Theorem 31.

• If satisfies and conditions under precondition

,

• satisfies and conditions under precondition

, and

Lecture 11

• , then

.

satisfies and conditions under

precondition.

39

Created by XMLmind XSL-FO Converter.

Chapter 12. Lecture 12

1. Reminder

1.1. Program Constructions

• Union

• Superposition

• Sequence

2. Computation of the Value of an Associative Function

2.1. Notations

• Let be a set.

• Let denote an arbitrary associative binary operator over .

• is a function describing the single or multiple application of the operator .

2.2. Notations

• Since is associative, for any arbitrary sequence of length at least three:

• We write instead of the infix notation in the following.

• We extend for sequences of length one: .

2.3. Notations – The Problem

• Let a finite sequence of the elements of be given.

• .

• Let us compute the value of the function for all , where and

.

2.4. The Formal Specification of the Problem

• We represent the sequences and the values of function by arrays.

• We specify that the program inevitably reaches a fixed point and the array contains the values of in any fixed point.

Lecture 12

• .

2.5. The Formal Specification of the Problem

2.6. Properties of Associative Operators

• The computation of the values of at place is made easier with the knowledge of the value of for

subsequences indexed by the elements of an arbitrary interval.

• The result computed for a subsequence is useful in the computation of the value of for any sequence which includes the subsequence.

2.7. Auxiliary Function

• Let us introduce the auxiliary function .

• Let denote the value of for the sequence of which the first element is and its length is or the last element is , if .

Definition.

The precise definition of the partial function is:

2.8. Auxiliary Function

Lemma 2. If , then

.

2.9. Substitution of a Function by a Variable

• The two-dimensional array is introduced to store the known values of .

• This method is called the substitution of a function by a variable.

• The lines on the next Figure illustrate the connections among the elements of the matrix .

• In fixed points and ,

Lecture 12

41

Created by XMLmind XSL-FO Converter.

i.e. is the value of for an at most length prefix.

2.10. Substitution of a Function by a Variable

2.11. Variant Function

• Let us choose the variant function in the following way:

.

• The variant function depends on the number of elements of the matrix which elements are different from the value of function at the corresponding place and on the number of places where the value of the array

is different from the value of function .

2.12. Refining the Specification of the Problem

• We extend the state space and refine the specification of the problem.

2.13. Refining the Specification of the Problem

Lecture 12

2.14. Refining the Specification of the Problem

• The connection between the variables and the function is given by the invariants (6)-(8).

2.15. Refining the Specification of the Problem

Lemma 3. The given specification ((4)-(9)) is a refinement of the original specification ((1)-(3)).

Proof. and in fixed point according to (6).

Using (7) it follows that the equation holds in

fixed point.

Since , after the application of the definition of we get

, which is the same as property (3).

43

Created by XMLmind XSL-FO Converter.

Chapter 13. Lecture 13

1. Reminder

1.1. Computation of the Value of an Associative Function

1.2. The Formal Specification of the Problem

1.3. Refined Specification of the Problem

1.4. Refined Specification of the Problem

Lecture 13

2. Solution of the Problem

2.1. Solution of the Problem

2.2. Solution of the Problem

Theorem 32. The abstract program below is a solution for the problem specified by (4)-(9), i.e., a solution for the problem of the computation of the values of an associative function.

2.3. The Program Solves the Problem

Proof. (6): using the definition of :

We use invariant properties and apply mathematical induction on to prove that the program

satisfies in fixed points.

2.4. The Program Solves the Problem

Lecture 13

45

Created by XMLmind XSL-FO Converter.

Base Case. . From (7) and follows .

Base Case. . From (7) and follows .

In document Design of Distributed Systems (Pldal 16-95)