Synthesis of fault-tolerant concurrent programs

Paul C. Attie, Anish Arora, E. Allen Emerson
2004 ACM Transactions on Programming Languages and Systems  
Methods for mechanically synthesizing concurrent programs from temporal logic specifications obviate the need to manually construct a program and compose a proof of its correctness. A serious drawback of extant synthesis methods, however, is that they produce concurrent programs for models of computation that are often unrealistic. In particular, these methods assume completely fault-free operation, that is, the programs they produce are fault-intolerant. In this paper, we show how to
more » ... ly synthesize fault-tolerant concurrent programs for various fault classes. We illustrate our method by synthesizing fault-tolerant solutions to the mutual exclusion and barrier synchronization problems. A path is a sequence of states where each pair of successive states is related by the transition relation A. A fullpath is a maximal path, that is, a path that is either infinite, or ends in a state with no outgoing transitions. If π is a fullpath, then define |π|, the length of π, to be ω when π is infinite and k when π is finite and of the form s 0 → · · · → s k . We use the usual notation for truth in a structure: M , s 0 |= f means that f is true at state s 0 in structure M . When the structure M is understood, we write s 0 |= f . We define |= inductively: for all fullpaths π = (s 0 , s 1 , . . .) in M that start in s 0 , there exists i ∈ [0 : |π |] such that M , s i |= g and for all j ∈ [1 : (i − 1)]: M , s j |= f ; M , s 0 |= E[ f U g ] iff for some fullpath π = (s 0 , s 1 , . . .) in M that starts in s 0 , there exists i ∈ [0 : |π |] such that M , s i |= g and for all j ∈ [1 : (i − 1)]: M , s j |= f . We say that a formula f is satisfiable if and only if there exists a structure M and state s of M such that M , s |= f . In this case, we say that M is a model of f . We say that a formula f is valid if and only if M , s |= f for all structures M and states s of M . We use the notation M , U |= f as an abbreviation of ∀s ∈ U : M , s |= f , where
doi:10.1145/963778.963782 fatcat:kqij2lg5hbbc7dfztipp6snxhi