Abstract
A new, nonassertional approach to proving multiprocess program correctness is described by proving the correctness of a new algorithm to solve the mutual exclusion problem. The algorithm is an improved version of the bakery algorithm. It is specified and proved correct without being decomposed into indivisible, atomic operations. This allows two different implementations for a conventional, nondistributed system. Moreover, the approach provides a sufficiently general specification of the algorithm to allow nontrivial implementations for a distributed system as well.
- 1 GREIF, I. A language for formal problem specifications. Comm. ACM20, 12 (Dec. 1977), 931-935. Google Scholar
- 2 KELLER, R. Formal verification of parallel programs. Comm. ACM 19, 7 (July 1976), 371-384. Google Scholar
- 3 LAMPORT, L. Proving the correctness of multiprocess programs. IEEE Trans. Software Eng. SE.3, 7 (March 1977), 125-143.Google Scholar
- 4 LAMPORT, L. A new solution of Dijkstra's concurrent programming problem. Comm. ACM 17, 8 (Aug. 1974), 453-455. Google Scholar
- 5 LAMPORT, L. Time, clocks and the ordering of events in a distributed system. Comm. ACM 21, 7 (July 1978), 558-565. Google Scholar
- 6 LAMPORT, L. Concurrent reading and writing. Comm. ACM 20, 11 (Nov. 1977), 806-811. Google Scholar
- 7 OwIcKI, S., A~o GRins, D. Verifying properties of parallel programs: an axiomatic approach. Comm. ACM 19, 5 (May 1976), 279-285. Google Scholar
Index Terms
A New Approach to Proving the Correctness of Multiprocess Programs
Recommendations
Proving the Correctness of Multiprocess Programs
The inductive assertion method is generalized to permit formal, machine-verifiable proofs of correctness for multiprocess programs. Individual processes are represented by ordinary flowcharts, and no special synchronization mechanisms are assumed, so ...
Proving Total Correctness of Parallel Programs
An approach to proving paralel programs correct is presented. The steps are 1) model the paralel program, 2) prove partial correctness (proper synchronization), and 3) prove the absence of deadlock, livelock, and infinite loops. The parallel program ...
Towards a universal construction for transaction-based multiprocess programs
ICDCN'12: Proceedings of the 13th international conference on Distributed Computing and NetworkingThe aim of a Software Transactional Memory (STM) system is to discharge the programmer from the explicit management of synchronization issues. The programmer's job resides in the design of multiprocess programs in which processes are made up of ...






Comments