A Proof Technique for Rely/Guarantee Properties
نویسنده
چکیده
A rely/guarantee specification for a program P is a specification of the form R D G (R implies G), where R is a rely condition and G is a guarantee condition. A rely condition expresses the conditions that P relies on its environment to provide, and a guarantee condition expresses what P guarantees to provide in return. This paper presents a proof technique that permits us to infer that a program P satisfies a rely/guarantee specification R D G, given that we know P satisfies a finite collection of rely/guarantee specifications R/D Gi, (i E I). The utility of the proof technique is illustrated by using it to derive global liveness properties of a system of concurrent processes from a collection of local liveness properties satisfied by the component processes. The use of the proof rule as a design principle is also considered.
منابع مشابه
Compositional Termination Proofs for Multi-threaded Programs
Automated verification of multi-threaded programs is difficult. Direct treatment of all possible thread interleavings by reasoning about the program globally is a prohibitively expensive task, even for small programs. Rely-guarantee reasoning is a promising technique to address this challenge by reducing the verification problem to reasoning about each thread individually with the help of asser...
متن کاملA Structural Proof of the Soundness of Rely/guarantee Rules
The challenge of finding compositional ways of (formally) developing concurrent programs is considerable. Various forms of rely and guarantee conditions have been used to record and reason about interference in ways which do indeed provide compositional development methods for such programs.This paper presents a new approach to justifying the soundness of rely/guarantee inference rules. The und...
متن کاملLocal Rely-Guarantee Conditions for Linearizability and Lock-Freedom
Rely-guarantee reasoning specifications typically consider all components of a concurrent system. For the important case where components operate on a shared data object, we derive a local instance of rely-guarantee reasoning, which permits specifications to examine a single pair of representative components only. Based on this instance, we define local proof obligations for linearizability and...
متن کاملThe Rely { Guarantee Method forVerifying Shared Variable
Compositional proof systems for shared variable concurrent programs can be devised by including the interference information in the speciica-tions. The formalism falls into a category called rely{guarantee (or assumption{ commitment), in which a speciication is explicitly (syntactically) split into two corresponding parts. This paper summarises existing work on the rely-guarantee method and giv...
متن کاملCompositional Proofs for Concurrent Objects
We consider the language, programming, and proof-theoretic issues in the design of open systems built from concurrent objects. Our model supports constructs for communication and synchronization, and mechanisms for diierent kinds of method invocations. For full generality, it also supports an unbounded number of objects and threads of control. We express object properties using TLA, and use the...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1985