Skip to main content
SpringerLink
Log in

A Mechanically Checked Proof of a Multiprocessor Result via a Uniprocessor View

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

We describe a mechanically checked correctness proof for a system of n processes, each running a simple, non-blocking counter algorithm. We prove that if the system runs longer than 5n steps, the counter is increased. The theorem is formalized in applicative Common Lisp and proved with the ACL2 theorem prover. The value of this paper lies not so much in the trivial algorithm addressed as in the method used to prove it correct. The method allows one to reason accurately about the behavior of a concurrent, multiprocess system by reasoning about the sequential computation carried out by a selected process, against a memory that is changed externally. Indeed, we prove general lemmas that allow shifting between the multiprocess and uniprocess views. We prove a safety property using a multiprocess view, project the property to a uniprocess view, and then prove a global progress property via a local, sequential computation argument. Our uniprocessor view is a formal compositional semantics for a shared memory system.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. R.S. Boyer, D. Goldschlag, M. Kaufmann, and J.S. Moore, “Functional instantiation in first order logic,” Artificial Intelligence and Mathematical Theory of Computation: Papers in Honor of John McCarthy, Academic Press, pp. 7–26, 1991.

  2. R.S. Boyer and J.S. Moore, A Computational Logic, Academic Press, New York, 1979.

    Google Scholar 

  3. R.S. Boyer and J.S. Moore, A Computational Logic Handbook, 2nd edition, Academic Press, London, 1997.

    Google Scholar 

  4. B. Brock, M. Kaufmann, and J.S. Moore, “ACL2 theorems about commercial microprocessors,” in M. Srivas and A. Camilleri (Eds.), Proceedings of Formal Methods in Computer-Aided Design (FMCAD'96), Springer-Verlag, pp. 275–293, 1996.

  5. K.M. Chandy and J. Misra, Parallel Program Design: A Foundation, Addison Wesley, MA, 1988.

    Google Scholar 

  6. D.M. Goldschlag, “Mechanizing unity,” in M. Broy and C.B. Jones (Eds.), Programming Concepts and Methods, North Holland, Amsterdam, 1990.

    Google Scholar 

  7. D. Hardin, M. Wilding, and D. Hardin, “Transforming the theorem prover into a digital design tool: From concept car to off-road vehicle,” in A.J. Hu and M.Y. Vardi (Eds.), Computer Aided Verification: 10th International Conference, CAV '98, LNCS 1427, Springer-Verlag, 1998.

  8. M. Herlihy, “Wait-free synchronization,” ACM Trans. Prog. Lang. and Sys. Vol. II,No. 1, pp. 124–149, Jan. 1991.

    Google Scholar 

  9. M. Kaufmann and J.S. Moore, “An industrial strength theorem prover for a logic based on common lisp,” IEEE Transactions on Software Engineering, Vol. 23,No. 4, pp. 203–213, April 1997.

    Google Scholar 

  10. M. Kaufmann and J. Strother Moore, “Structured theory development for a mechanized logic,” URL: http://www.cs.utexas.edu/users/moore/acl2/reports/km98.ps.

  11. L. Lamport, “Concurrent reading and writing,” Commun. ACM, Vol. 20,No. 11, pp. 806–811, Nov. 1977.

    Google Scholar 

  12. L. Lamport, “The temporal logic of actions,” TOPLAS, Vol. 16,No. 3, pp. 872–923, May 1994.

    Google Scholar 

  13. M. Moir, “Fast, long-lived renaming improved and simplified,” Science of Computer Programming. Vol. 30,No. 3, pp. 287–308, March 1998. URL: http://www.cs.pitt.edu/~moir/Papers/moir-scp97.ps.

    Google Scholar 

  14. J. S. Moore, T. Lynch, and M. Kaufmann, “A mechanically checked proof of the correctness of the kernel of the AMD5K 86 floating point division algorithm,” IEEE Trans. Comp., Vol. 47,No. 9, Sept. 1998.

  15. D. Russinoff, “A mechanically checked proof of correctness of the AMD5K 86 floating-point square root microcode,” Formal Methods in System Design, Special Issue on Arithmetic Circuits, 1997.

  16. D.M. Russinoff, “A mechanically checked proof of IEEE compliance of the floating point multiplication, division, and square root algorithms of the AMD-K7™ Processor,” URL http://www.onr.com/user/-russ/david/k7-div-sqrt.html.

  17. J. Sawada and W. Hunt, Jr., “Processor verification with precise exceptions and speculative execution,” Computer Aided Verification 1998, Lecture Notes in Computer Science, Springer Verlag, 1998.

  18. G.L. Steele, Jr., Common Lisp The Language, 2nd edition, Digital Press, 30 North Avenue, Burlington, MA 01803, 1990.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Sciences, University of Texas, Austin, TX, 78712, USA

    J Strother Moore

Authors
  1. J Strother Moore
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Moore, J.S. A Mechanically Checked Proof of a Multiprocessor Result via a Uniprocessor View. Formal Methods in System Design 14, 213–228 (1999). https://doi.org/10.1023/A:1008624904634

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1008624904634

Search

Navigation