Weakagree and Alive claims now also allow for a role parameter + BUGFIX.

Previously, weak agreement and aliveness claims would enforce a requirement for all agents in the range
of the rho of the claim run.

For some three-party protocols this was stronger than needed. We now allow an
optional role name parameter for these claims; if such a parameter is used, the claim
is only evaluated for the agents performing that role.

En passant fixed a potential bug: aliveness and weak agreement require a run for each
agent, but previously we didn't check if these were helper protocols. Clearly they
should not be.
This commit is contained in:
Cas Cremers 2013-05-23 16:38:44 +02:00
parent 9e13d07b6e
commit 5c2eded8f9
2 changed files with 75 additions and 43 deletions

View File

@ -727,6 +727,29 @@ arachne_claim_nisynch (const System sys, const int claim_run,
return arachne_claim_authentications (sys, claim_run, claim_index, 1); return arachne_claim_authentications (sys, claim_run, claim_index, 1);
} }
//! Test weak agreement with a single agent
int
has_weakagree_agent (const System sys, const int claim_run, const Term agent)
{
int run;
for (run = 0; run < sys->maxruns; run++)
{
if (!isHelperProtocol (sys->runs[run].protocol))
{
if (isTermEqual (agent, agentOfRun (sys, run)))
{
if (isTermlistSetEqual
(sys->runs[run].rho, sys->runs[claim_run].rho))
{
return true;
}
}
}
}
return false;
}
//! Test weak agreement //! Test weak agreement
int int
arachne_claim_weakagree (const System sys, const int claim_run, arachne_claim_weakagree (const System sys, const int claim_run,
@ -736,6 +759,9 @@ arachne_claim_weakagree (const System sys, const int claim_run,
* Runs for each supposed agent, with matching *sets* for rho. * Runs for each supposed agent, with matching *sets* for rho.
* (so we can skip the actor) * (so we can skip the actor)
*/ */
if (sys->current_claim->parameter == NULL)
{
// No parameter: need agents for all roles
Termlist tl; Termlist tl;
for (tl = sys->runs[claim_run].rho; tl != NULL; tl = tl->next) for (tl = sys->runs[claim_run].rho; tl != NULL; tl = tl->next)
@ -743,34 +769,21 @@ arachne_claim_weakagree (const System sys, const int claim_run,
Term agent; Term agent;
agent = tl->term; agent = tl->term;
if (!isTermEqual (agent, agentOfRun (sys, claim_run))) if (!has_weakagree_agent (sys, claim_run, agent))
{
int run;
int agentokay;
agentokay = false;
for (run = 0; run < sys->maxruns; run++)
{
if (run != claim_run)
{
if (isTermEqual (agent, agentOfRun (sys, run)))
{
if (isTermlistSetEqual
(sys->runs[run].rho, sys->runs[claim_run].rho))
{
agentokay = true;
break;
}
}
}
}
if (!agentokay)
{ {
return false; return false;
} }
} }
}
return true; return true;
}
else
{
// Parameter for role
Term agent;
agent = agentOfRunRole (sys, claim_run, sys->current_claim->parameter);
return has_weakagree_agent (sys, claim_run, agent);
}
} }
//! Test commit(X) => running(X) //! Test commit(X) => running(X)
@ -861,6 +874,25 @@ arachne_claim_commit (const System sys, const int claim_run,
return false; return false;
} }
//! Test aliveness of agent
int
is_agent_alive (const System sys, const Term agent)
{
int run;
for (run = 0; run < sys->maxruns; run++)
{
if (!isHelperProtocol (sys->runs[run].protocol))
{
if (isTermEqual (agent, agentOfRun (sys, run)))
{
return true;
}
}
}
return false;
}
//! Test aliveness //! Test aliveness
int int
arachne_claim_alive (const System sys, const int claim_run, arachne_claim_alive (const System sys, const int claim_run,
@ -870,28 +902,28 @@ arachne_claim_alive (const System sys, const int claim_run,
* Fairly simple claim: there must exist runs for each agent involved. * Fairly simple claim: there must exist runs for each agent involved.
* We don't even consider the roles. * We don't even consider the roles.
*/ */
if (sys->current_claim->parameter == NULL)
{
// No parameter: check for all roles
Termlist tl; Termlist tl;
for (tl = sys->runs[claim_run].rho; tl != NULL; tl = tl->next) for (tl = sys->runs[claim_run].rho; tl != NULL; tl = tl->next)
{ {
int run; if (!is_agent_alive (sys, tl->term))
int principalLives;
principalLives = false;
for (run = 0; run < sys->maxruns; run++)
{
if (isTermEqual (tl->term, agentOfRun (sys, run)))
{
principalLives = true;
break;
}
}
if (!principalLives)
{ {
return false; return false;
} }
} }
return true; return true;
}
else
{
// Parameter: check for agent in that role
Term agent;
agent = agentOfRunRole (sys, claim_run, sys->current_claim->parameter);
return is_agent_alive (sys, agent);
}
} }
//! Determine good height for full session //! Determine good height for full session

View File

@ -754,8 +754,8 @@ claimCreate (const System sys, const Protocol protocol, const Role role,
} }
checkParameterRange (cl, CLAIM_Secret, 1, -1); checkParameterRange (cl, CLAIM_Secret, 1, -1);
checkParameterRange (cl, CLAIM_SKR, 1, -1); checkParameterRange (cl, CLAIM_SKR, 1, -1);
checkParameterRange (cl, CLAIM_Alive, 0, 0); checkParameterRange (cl, CLAIM_Alive, 0, 1);
checkParameterRange (cl, CLAIM_Weakagree, 0, 0); checkParameterRange (cl, CLAIM_Weakagree, 0, 1);
checkParameterRange (cl, CLAIM_Nisynch, 0, 0); checkParameterRange (cl, CLAIM_Nisynch, 0, 0);
checkParameterRange (cl, CLAIM_Niagree, 0, 0); checkParameterRange (cl, CLAIM_Niagree, 0, 0);
checkParameterRange (cl, CLAIM_Reachable, 0, 0); checkParameterRange (cl, CLAIM_Reachable, 0, 0);