Abstract:
The well-known coordinated snapshot algorithm of mutable
checkpointing [7{9] is studied. We equip it with a concise formal model
and analyze its operational behavior via an invariant characterizing the
snapshot computation. By this we obtain a clear understanding of the
intermediate behavior and a correctness proof of the fi nal snapshot based
on a strong notion of consistency (reachability within the partial order
representing the underlying computation). The formal model further enables
a comparison with the blocking queue algorithm [13] introduced
for the same scenario and with the same objective.
From a broader perspective, we advocate the use of formal semantics to
formulate and prove correctness of distributed algorithms.
