Formal Models for Distributed Negotiations Linda

1
Formal Models forDistributed NegotiationsLinda
XVII Escuela de Ciencias Informaticas (ECI 2003),
Buenos Aires, July 21-26 2003
Roberto Bruni Dipartimento di Informatica
Università di Pisa
2
Linda

• Linda Gelernter 1985 is a well-known
  coordination language
• Based on generative communication
• Primitives for insertion, reading and withdrawal
  of data tuples to and from a shared data space
  (possibly distributed)
• Generative once generated and until removed,
  each message becomes equally accessible to all
  processes, without being bound to a particular
  one
• We overview basis for formal treatment

3
Graphically
Q
P
R
?b?
?a?
?c?
?a?
S
T
4
Linda, PDL and Petri nets

• Linda and PDL Busi, Gorrieri, Zavattaro 1997
• A novel process algebra based on Linda primitives
• Asynchronous communication
• Test for absence / presence of tuples
• Test-and-fetch
• Linda and Petri nets
• A truly concurrent semantics for the above
  process algebra
• P/T Petri nets are simply not enough expressive
• Petri nets with read-arcs
• Reading without consumption
• Multiple concurrent readings are possible
• Petri nets with inhibitor arcs
• Test for absence

5
Syntax

• Messages
• M ?a?
• Action Prefixes
• ? out(a) rd(a) in(a) !in(a)
• Predicates
• ? rdp(a) inp(a)
• Sequential Programs
• S 0 ?.C ??CC
• Concurrent Programs
• C S CC
• Processes
• P M C PP

6
Some Remarks I

• ?a? represents a tuple in the tuple space
• 0 is the inactive process
• out(a).P emits the tuple ?a? and behaves like P
• rd(a).P reads the tuple ?a? from the tuple space
  if present and then behaves like P (otherwise is
  blocking)
• in(a).P fetches the tuple ?a? from the tuple
  space if present and then behaves like P
  (otherwise is blocking)
• !in(a).P is the replicated input
• rdp(a)?PQ reads the tuple ?a? from the tuple
  space if present and then behaves like P
  (otherwise behaves like Q)
• inp(a)?PQ fetches the tuple ?a? from the tuple
  space if present and then behaves like P
  (otherwise behaves like Q)

7
Some Remarks II

• The tuple space is just a multiset of messages
• A sequential program is a concurrent program
  whose top operator is 0 or a prefix or a
  conditional statement
• A concurrent program is a multiset of sequential
  programs
• A process can always be seen as a pair formed by
  the tuple space and a concurrent program
• The distinction between processes P and
  concurrent programs C means that new tuples can
  be dynamically added to the tuple space only via
  output operations
• Some tuples can be initially present in the tuple
  space
• Terms like out(a).(?a??a?C) are not allowed
• We shall abuse the notation by writing ?.P and
  ??P1P2 leaving implicit the fact that P, P1, P2
  are concurrent programs

8
SemanticsTuples and Prefixes
9
SemanticsConditional Statements
a
P ? Q means P evolves to Q if ?a? can be read
a
P ? Q means P evolves to Q if ?a? can be fetched
10
SemanticsParallel Composition
11
Some Remarks III

• The only moves that make sense for P as a
  stand-alone entity are those with labels ?a and ?
• We write P ? P if P evolves to P with a
  transition labeld by ?a or ?
• The semantics we have presented for the prefix
  out(a) is called ordered
• Emission of the tuple and its rendering in the
  tuple space are atomic
• The order in which the tuples are inserted in the
  tuple space is the same as the order in which
  outputs are performed
• Bisimilarity is a congruence
• Guaranteed by the SOS format
• We show that encoding in P/T Petri nets is not
  possible!

12
Expressiveness

• Turing powerful Busi, Gorrieri, Zavattaro 2000
• Finite P/T Petri nets are not (termination is
  decidable)
• An encoding would not preserve the behavior
• The expressiveness of the language is
  demonstrated by encoding Random Access Machines
  (RAM)
• Finite set of registers, each holding arbitrarily
  large natural numbers
• Input in registers r1,,rm
• Remaining registers rm1,,rn set to 0
• A Sequence of numbered instructions (program)
• Arithmetic operations
• Conditional jumps
• Executed sequentially from the first (unless
  jumps occur)
• Stop when an instruction number higher than
  program length is reached

13
RAM

• Two instructions are enough to model all
  recursive functions
• SUCC(ri) add 1 to the content of register ri
• DECJUMP(ri,h) if ri?0 then decrease it by 1 and
  go to next instruction, otherwise jump to
  instruction number h
• Example
• 1 DECJUMP(r2,4)
• 2 SUCC(r1)
• 3 DECJUMP(r3,1)
• Semantics
• Configurations (i,c1,,cn)
• Transitions (i,c1,,cn)?R (j,c1,,cn)
• The execution of the ith instruction of program R
  leads from (i,c1,,cn) to (j,c1,,cn)

14
Encoding RAM in Linda I

• Tuples
• Program counter ?pi?
• Contents of ith registers ?ri??ri? (ci times)
• Encoding configurations
• (i,c1,,cn) ?pi? ?r1??r1?
  ?rn??rn?
• Encoding programs R I1 Ik
• R I1 Ik
• i SUCC(rj ) !in(pi).out(rj).out(pi1).0
• i DECJUMP(rj, h) !in(pi).inp(rj)?
  out(pi1).0 out(ph).0

c1
cn
15
Encoding RAM in Linda II

• Each instruction requires exactly three internal
  steps
• Fetch the program counter
• Update/test the contents of some register
• Produce the new program counter
• Soundness
• If R (i,c1,,cn) ?3 Q
• then there exists a unique configuration
  (j,c1,,cn) such that
• (i,c1,,cn)?R (j,c1,,cn)
• Q R (j,c1,,cn)
• Completeness
• If (i,c1,,cn)?R (j,c1,,cn)
• then R (i,c1,,cn) ?3 R
  (j,c1,,cn)

16
Petri Nets

• A truly concurrent semantics for Linda should
  include
• Reading without consuming
• Fundamental from the point of view of concurrency
• Test for absence of resources
• Fundamental for recovering the full
  expressiveness of the language
• P/T Petri nets miss both features
• We move to contextual nets
• Read arcs
• Inhibitor arcs

17
Nets with Read Arcs

• Equivalent to self-loops from the point of view
  of reachability
• Allow more parallelism
• Ex. readL and readR can fire concurrently!
• Graphically rendered as undirected arcs

readL
readR
18
Formal Definition

• A P/T Petri net with read arcs is a graph
  N(S?,T,pre,post,u0 ,ctx)
• (S?,T,pre,post,u0) is a P/T Petri net
• ctxT ? S? assigns contexts to transitions (could
  be just a set)
• The minimal amount of resources that enables t is
• pre(t) ? ?ctx(t)? (maximal sharing hypothesis)
• where ?u? is the set a a?u
• A firing of t
• Fetches pre(t)
• Reads ctx(t)
• Produces post(t)
• We write tu ?w? v for t with
• pre(t)u, ?ctx(t)?w and post(t)v (all disjoint)

19
Operational Semantics

• We slightly change the inference rules of P/T
  Petri nets to accommodate contexts

u?S?
tu ?w? v?T
reflexivity
firing
u ??u??N u
u?w ?w?N v?w
u?w ?w?N v?w u?w ?w?N v?w
parallel composition
u?u??w?w? ??w?w??N v?v??w?w?
20
Nets with Inhibitor Arcs

• Reachability no longer decidable
• Increase expressiveness
• The heads of inhibitor arcs carry a small circle
  near transition boxes

stop
try is enabled
try
go
21
Nets with Inhibitor Arcs

• Reachability no longer decidable
• Increase expressiveness
• The heads of inhibitor arcs carry a small circle
  near transition boxes

stop
try is NOT enabled
try
go
22
Nets with Inhibitor Arcs

• Reachability no longer decidable
• Increase expressiveness
• The heads of inhibitor arcs carry a small circle
  near transition boxes

stop
try is enabled again
try
go
23
Formal Definition

• A contextual P/T Petri net is a graph
  N(S?,T,pre,post,u0,ctx,neg)
• (S?,T,pre,post,u0,ctx) is a P/T Petri net with
  read arcs
• negT ? S? assigns negative contexts to
  transitions (just a set)
• Transition t is enabled at marking u if
• pre(t) ? ?ctx(t)? ? u (as before)
• neg(t)?u ?
• A firing of t
• Fetches pre(t), reads ctx(t), produces post(t)
• Requires neg(t) empty
• We write tx?u ?w? v for t with
• ?neg(t)?x, pre(t)u, ?ctx(t)?w and post(t)v
  (all disjoint)

24
Operational Semantics

• We further extend the inference rules to deal
  with negative contexts
• See PhD Thesis of Paolo Baldan for process and
  unfolding semantics

u?S?
tx?u ?w? v?T
reflexivity
firing
??u ??u??N u
x?u?w ?w?N v?w
x?u?w ?w?N v?w x?u?w ?w?N v?w
parallel composition
?x?x??u?u??w?w? ??w?w??N v?v??w?w?
if (x?x)?(u?u?w?w?v?v) ?
25
Truly Concurrent Semantics for Linda

• Ordinary interleaving semantics do not faithfully
  account for the concurrent activities intuitively
  demanded to the language
• e.g. multiple concurrent readings
• There is a behavior preserving encoding of Linda
  primitives in contextual nets
• Places model tuples and sequential programs
• Read arcs are used to model rd(a) and rdp(a)
• Inhibitor arcs are used to model rdp(a) and inp(a)

26
Decomposition Function

• We define the marking associated to a process P
  by means of a decomposition function dec(P)
  inductively defined as
• dec(0) 0
• dec(M) M
• dec(?.P) ?.P
• dec(??PQ) ??PQ
• dec(PQ) dec(P)?dec(Q)

27
Transitions for Linda Primitives

• Contextual transitions express reductions between
  sequential programs and available tuples
• RD(a,P) ? ? rd(a).P ??a?? dec(P)
• RDP(a,P,Q) ? ? rdp(a)?PQ ??a?? dec(P)
• RDP-(a,P,Q) ?a? ? rdp(a)?PQ ??? dec(Q)
• IN(a,P) ? ? ?a? ? in(a).P ??? dec(P)
• INP(a,P,Q) ? ? ?a? ? inp(a)?PQ ??? dec(P)
• INP-(a,P,Q) ?a? ? inp(a)?PQ ??? dec(Q)
• !IN(a,P) ? ? ?a? ?!in(a).P? dec(P)
• OUT(a,P) ? ? out(a).P ??? ?a? ? dec(P)

28
Test for Presence Graphically
rdp(a)?PQ
?a?
29
Semantic Correspondence I

• The net for the whole language is of course
  infinite
• Let P be an agent and take dec(P) as initial
  marking
• There are finitely many
• markable places
• fireable transitions
• As over-approximation we let net(P) contain
• all places corresponding to sequential
  sub-programs in P
• all places corresponding to tuples ?a? appearing
  in P
• all transitions acting on these places
• dec(P) as initial marking

30
Semantic Correspondence II

• Completeness
• For any agent P
• If P ? P1 ? Pn
• Then dec(P) ?net(P) dec(P1) ?net(P) dec(Pn)
• Soundness
• For any agent P
• If dec(P) ?net(P) u1 ?net(P) un
• Then there exist P1,,Pn such that
• P ? P1 ? Pn
• dec(Pi) ui for all i1,..,n

31
Recap

• We have seen
• A process algebra for Linda primitives
• Equipped with interleaving semantics
• Turing powerful
• Truly concurrent sematics for Linda primitives
• P/T Petri nets not expressive enough
• Contextual nets
• Basic notions
• Encoding and correspondence theorem

32
References

• Generative communication in Linda (ACM
  Transactions on Programming Languages and Systems
  7(1)80-112, ACM 1985)
• D. Gelernter
• A truly concurrent view of Linda interprocess
  communication (T.R. UBLCS 97-02, Computer Science
  Department, University of Bologna 1997)
• N. Busi, R. Gorrieri, G. Zavattaro
• On the expressiveness of Linda coordination
  primitives (Information and Computation
  156(1-2)90-121, Academic Press 2000)
• N. Busi, R. Gorrieri, G. Zavattaro
• Comparing three semantics for Linda-like
  languages (Theoretical Computer Science
  240(1)49-90, 2000)
• N. Busi, R. Gorrieri, G. Zavattaro