# Decidability results of Communicating Finite State Machines over acyclic topology

## G. Namratha Reddy

- 4 Chennai Mathematical Institute, India
- 5 http://www.cmi.ac.in/~namratha

#### - Abstract

- <sup>7</sup> Models of concurrent finite state processes that communicate over queues allow different reachability
- 8 results based on the underlying topology. The reachability is known to be undecidable for a general
- 9 topology, but when we restrict to acyclic topologies it becomes decidable. The paper provides a
- proof of how it can be decided by reducing the problem to checking emptiness of a certain regular
- 11 language.

17

19

20

21

22

23

24 25

27

- 2012 ACM Subject Classification Theory of computation  $\rightarrow$  Distributed computing models
- 13 Keywords and phrases Distributed Systems, Reachability, Finite state machines with FIFO queues,
- 14 Network of concurrent processes

## 1 Introduction

Distributed systems are becoming more and more popular. The ability to achieve with multiple cores/ computers for efficiency, reliability is highly enticing. Applications like block chain, database replication, ...

These concurrent nature of these applications/programs makes their verification challenging. Techniques to solve this problem are in high demand.

Formal methods uses mathematical formalism makes it easier to show that certain algorithms are not possible, maybe by showing that they are undecidable/decidable (atleast theoretically) which provides a motivation to develop efficient algorithms that can be used for practical purposes.

Communicating finite state processes (cite paper) over queues has been a standard model for modelling concurrent non-recursive programs.

One correctness idea for a concurrent program is to define via a safety property. Which states that a bad state should never be reached in my program. Which translates to asking in the model when we start with the initial configuration is it possible to reach this bad state. The answer to this question depends on the model we have considered. It turns out that for the communication finite state processes with queues it is undecidable to know if a state is reachable and this is shown because it is turing powerful (cite paper). But when restricted to certain class of topologies it allows for decidablity.

## 2 System topology

## 2.1 Model

#### 36 Topology

We work with a topology which we describe using the tuple

$$\mathcal{T} = (\mathcal{P}, \mathcal{C}, r, w),$$

39 where

38

- $\mathcal{P}$  is the set of processes;
- $\mathcal{C}$  is the set of channels;

 $r:\mathcal{C}\to\mathcal{P}$  is the reader function that assigns to each channel a process that can read from it:  $w:\mathcal{C}\to\mathcal{P}$  is the writer function that assigns to each channel a process that can write 44

### Channel

to it.

- Each channel  $c \in \mathcal{C}$  has a message alphabet  $\Gamma_c$ .
- Operations on the channel:
- c!m is a send operation. It appends the message m to the end of channel c
- c?m is a read operation. It receives the message m from the head of channel c (enabled only if m is at the head of channel c)

### **Process**

Each process  $p \in \mathcal{P}$  is modelled as a finite state transition system

$$TS_p = (Q_p, \delta_p, s_p),$$
 where 
$$Q_p \text{ is a finite set of states;}$$
 
$$\delta_p \subseteq Q_p \times O_p \times Q_p \text{ is a finite set of transitions, where,}$$
 
$$O_p = \{c?m \mid r(c) = p, m \in \Gamma_c\} \cup \{c!m \mid w(c) = p, m \in \Gamma_c\};$$
 
$$s_p \text{ is the initial state.}$$

#### **Configuration Graph** 2.2

A configuration  $(\alpha, \beta)$  of the system is a pair describing the states of all processes (control state) and the contents of all channels(channel state).

$$\alpha \in \prod_{i \in \mathcal{P}} Q_i, \, \beta \in \prod_{c \in \mathcal{C}} \Gamma_c^*$$

 $\alpha \in \prod_{i \in \mathcal{P}} Q_i, \, \beta \in \prod_{c \in \mathcal{C}} \Gamma_c^*$  For any  $p \in \mathcal{P}$ , We write  $\alpha(p)$  gives the state of process p, and for any  $c \in \mathcal{C}$ ,  $\beta(c)$  gives the content of channel c.  $\alpha[p \leftarrow q]$  to be the control state  $\alpha'$  such that  $\alpha'(p) = q$ , and  $\alpha'(p') = \alpha(p')$  if  $p' \neq p$ . Similarly, we define  $\beta[c \leftarrow w] = \beta'$  such that  $\beta'(c) = w$ , and  $\beta'(c') = \beta(c')$  if  $c' \neq c$ 

Vertices in the configuration graph (G = (V, E)) are configurations, and the edges are labelled with channel operations. The edges need to satisfy the following conditions.

Let  $(\alpha, \beta), (\alpha', \beta') \in V, c \in \mathcal{C}$ , then

72

74

75

76

A global configuration of the system would consist of the states of each process and the channel contents of each channel. So if we have n processes and m channels, a configuration would be the tuple  $(q_0, q_1, ..., q_n, \gamma_1, \gamma_2, ..., \gamma_m)$ 

that is when a transition from one tuple to the next happens what all should align in the universe.

A run is a path in this graph

## The Reachability Problem

The reachability problem is to ask whether we can reach a target configuration where one or more processes are in a target state.

G. Namratha Reddy

We know that the problem is undecidable in general (cite), because if there is a loop in the topology then we can simulate a queue machine and state reachability is undecidable for queue machines.

So we ask the question of whether it is decidable for acyclic topologies.

What we mean by acyclic topologies is consider the network topology and ignore the direction of the edges, so we get an undirected graph and this graph should have no cycles.

We solve this with the help of two reductions

#### Reduction 1

85

86

97

98

99

100

101

103

104

105

106

107

108

109

110

111 112

113

114

115

116

117

118

119

120

121

122

123

given such an acyclic topology the reachability problem can be reduced to one in which the target state is reached only if the queue is empty [1]

#### 91 Reduction 2

We reduce it to another isomorphic topology that looks like a tree, where every process has one incoming edge (except the root) i.e every process can read from one channel but write to multiple channels [1]

▶ **Lemma 1.** Given a directed tree topology with r=0 as the root of the tree  $w \in L_r^e \implies$   $(s_0, s_1, ..., s_n, w \downarrow_{r(0)}, \epsilon, ..., \epsilon) \rightarrow_G^* (f_0, f_1, ..., f_n, \epsilon, \epsilon, ... \epsilon)$ 

**Proof.** Induction on the no. of nodes in the directed tree topology

Base case: We have only one node r,  $L_r^e = \epsilon \implies \epsilon \in L_r \implies s_r = f_r$ , clearly since we start in  $s_r$  it is reachable

Induction: Let r be a non-leaf node and let the children be  $k_1, k_2, ..., k_m, w \in L_r^e \implies w \in L_i \cap shuffle(L_{k_1}^e \downarrow_r, L_{k_2}^e \downarrow_r, ..., L_{k_m}^e \downarrow_r, M_{r(i)}^*)$  w is of the form  $shuffle(w_1, w_2, ..., w_m)$  where  $w_i \in L_{k_i}^e \downarrow_{r(i)}$ 

```
w_i \downarrow_{r(k_i)} = w'_i \downarrow r(k_i) where w'_i \in L_{k_i}^e
```

Let  $\pi_i$  be the tree that is rooted by  $k_i$  By induction hypothesis, since  $w_i' \in L_{k_i}^e$  we have run from nodes in  $\pi$  are in start state, and reader channel of  $k_i$  has  $w_i' \downarrow r(k_i)$  to a final configuration where every node is in the final state and all channels are empty.

Since w is in  $L_r^e$  it means it is also in  $L_r$  we can take this run and convert to the corresponding run in the configuration graph where only r is moving, and this w can generate  $w_i' \downarrow r(k_i)$  in each  $k_i$ 's reader channel, so we can start from  $(s_0, s_1, ..., s_n, \epsilon...) - >$  (only r moves and fills up all the channels)  $- > (f_0, s_1, ..., s_n, \epsilon, w_i \downarrow_{r(k_i)}, ...w_i \downarrow_{r(k_i)}) - >$  stitchthe $k_i$ runoneaftertheother

▶ **Lemma 2.** Given a directed tree topology with i=0 as the root of the tree.

```
(s_0, s_1, ..., s_n, \alpha, \epsilon, ..., \epsilon) \rightarrow_G^* (f_0, f_1, ..., f_n, \epsilon, \epsilon, ... \epsilon) => \exists w \in L_i^e, \alpha \downarrow_{r(0)} = w \downarrow_{r(0)}
```

**Proof.** Base case : There is only one node  $\alpha$  has to be epsilon

Induction: Let r be a non-leaf node, and  $k_1, k_2, ..., k_n$  be the children of the r and let the tree rooted by them be  $\pi_1, \pi_2, ..., \pi_n$ 

Let r run and fill all the reader channels with  $\alpha_i$  For each  $k_i$  we form a run from where only nodes in  $\pi_i$  are in start state and  $\alpha_i$  is in the reader channel of  $k_i$ , there and final state is reached. Now we use induction hypothesis to say that there is a word in  $w_i \in L_{k_i}^e$  and  $\alpha_i \downarrow_{r(0)} = w_i \downarrow_{r(0)}$ 

```
So we find a w_i for each k_i
```

so we have  $w_i \downarrow_{r(i)} \in L_i^e$  so we have  $\alpha_i \in L_i^e$ 

126

130

131

139

```
Consider the word w \in shuffle(\alpha_1, \alpha_2, ... \alpha_n, \alpha) walsobelongstoL_r w \in L_r^e and w \downarrow_{r(r)} = \alpha
```

► Theorem 3. The Reachability problem is decidable for CFMs with FIFO channels over undirected topology.

Proof. We use reductions 1 and 2 to get a tree topology

## 4 Conclusions

Morbi eros magna, vestibulum non posuere non, porta eu quam. Maecenas vitae orci risus, eget imperdiet mauris. Donec massa mauris, pellentesque vel lobortis eu, molestie ac turpis. Sed condimentum convallis dolor, a dignissim est ultrices eu. Donec consectetur volutpat eros, et ornare dui ultricies id. Vivamus eu augue eget dolor euismod ultrices et sit amet nisi. Vivamus malesuada leo ac leo ullamcorper tempor. Donec justo mi, tempor vitae aliquet non, faucibus eu lacus. Donec dictum gravida neque, non porta turpis imperdiet eget. Curabitur quis euismod ligula.

#### References

La Torre, S., Madhusudan, P., Parlato, G. (2008). Context-Bounded Analysis of Concurrent Queue Systems. In: Ramakrishnan, C.R., Rehof, J. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2008. Lecture Notes in Computer Science, vol 4963. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78800-3\_21