1 / 14

Verification of mutual exclusion algorithms with EST

ERK 2001. Verification of mutual exclusion algorithms with EST. Robert Meolic , Tatjana Kapus, Ernest Gungl, Zmago Brezočnik. Verification of mutual exclusion algorithms with EST. Introduction Mutual exclusion algorithms Formal verification Equivalence checking Model checking

tblackwell
Download Presentation

Verification of mutual exclusion algorithms with EST

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ERK 2001 Verification of mutual exclusion algorithms with EST Robert Meolic, Tatjana Kapus, Ernest Gungl, Zmago Brezočnik

  2. Verification of mutual exclusion algorithms with EST • Introduction • Mutual exclusion algorithms • Formal verification • Equivalence checking • Model checking • Demonstration

  3. Introduction • A critical section is a block of code in a thread that accesses one or more shared variables in a read-update-write fashion. • In such a situation we want mutual exclusion: only one thread at a time can access (read-update-write) a shared variable at a time. • The mutual exclusion problem is how to keep two or more threads from being in their critical sections at the same time.

  4. A critical section and mutual exclusion while (true) { outsideCS(); wantToEnterCS(i); insideCS(); finishedInCS(i); }

  5. Dekker’s algorithm (1965) while true dobegin<noncritical section>;bi := true;whilebjdo beginif k = j then begin bi := false;whilek = j do skip; bi := true;end;end;<critical section>; k := j;bi := false;end Mutual exclusion with shared variables and referee: • variables b1 and b2 (false or true) • variable k (1 or 2) Dekker’s algorithm is very efficientalgorithm for handling twoconcurrentprocesses.

  6. Hyman’s algorithm (1966) while true dobegin<noncritical section>;bi := true;while k  i do beginwhile bj do skip;k := i;end;<critical section>;bi := false;end

  7. Peterson’s algorithm (1981) while true dobegin<noncritical section>;bi := true;k := j;while (bj and k = j) do skip;<critical section>;bi := false;end

  8. Formal verification • Mentor Graphics: FormalPro • Equivalence checking Have I corrupted my design with changes? • Model checking Have I designed what I wanted to design?

  9. Why formal verification? Source: Mentor Graphics Web page

  10. Source: Mentor Graphics

  11. Efficient Symbolic Tools • Realized on Faculty of Electrical Engineering and Computer Science in Maribor • The project started in year 1992 • GNU General Public License • It runs on many different computers with different operating systems, including HP-UX, Linux, and Windows. http://www.el.feri.uni-mb.si/est/

  12. Demonstration • Verification of Hyman’s algorithm (MC)- does not preserve mutual exclusion • Verification of Peterson’s algorithm (MC)- preserve mutual exclusion • Our model contains divergent states (MC)- we eliminate divergent states • Modification was not correct!(EC) - we improve our model

  13. b2rf? Modified model of Peterson’s algorithm  =

  14. Further work • Mutual exclusion algorithms for 3 or more processes, e.g. Lamport’s algorithm • Automatic trasformation from programming language to process algebra description • Model checking with fairness constraints

More Related