Gal Amram 061240131, Assignment 1
1. First we shall prove that the algorithm satisfies mutual exclusion. Assume for a
contradiction that there is an execution α, leads to a configuration C, in which two
different processes, pi and pk are at their critical section. By examining the code,
we see that if a process pj reaches the 9th line of its code, then the value of b[j] is
set to ”true” and during the execution of the loop in lines 9 and 10, pj does not
perform any write. Thus, we observe:
if a process pj at its critical section at a configuration C, then the value of b[j]
is ”true” at C
Now, by this observation, at the configuration C we have: b[i] = b[k] = ”true”.
Since the initial values of each b[j] is ”false”, we conclude that pi and pk both wrote
”true” to b[i] and b[k] respectively, during the execution α.
Consider the last writes to registers b[i] and b[k] in α (which wrote the value ”true”
as explained) and assume w.l.o.g. that last write to b[i] (performed by pi ) precedes
the last write to b[k] (performed by pk ). Therefore, there is a postfix of α, α0 so
that:
(a) At the first event of α0 pk writes ”true” to b[k].
(b) excluding the first event, there are no writes addressed to b[k] during α0 .
(c) During the execution α0 the value of b[i] is ”true”.
(d) α0 leads to the configuration C, and in particular pk enters its critical section
at α0 .
According to (a), at the first event in α0 , pk executes the command in line 2 of its
code (as this is the only line in which pk writes ”true” to b[k]). Now, if i < k then
at some point of the execution of the loop in lines 3-7, pk will find that b[i] =”true”
(due to (c)), and will write to b[k] ”false” (according to line 5). This contradicts
(b), hence we must have k < i. However, in this case, when pk executes the loop in
lines 9-10, by property (c), pk finds at some point that condition b[i] =”true” holds
and from that point, it executes line 10 for j = k and cannot enter each critical
section, in contradiction to property (d).
Now we shall prove that the algorithm satisfies deadlock-freedom. Assume for a
contradiction that the algorithm is not deadlock free, and hence there is an infinite
execution β such that at some postfix of β, α, some processes are at their remainder
section and all other process are at their entry section. Let R and E denote this
two sets of processes respectively. First we observe:
Lemma 1. Let pi be the process with minimal i.d. among the processes in E. Thus,
at some point, pi traverse from line 8 to line 9 in α.
1
Proof. When a process pj executes its exit section, it writes ”false” to b[j]. Thus,
we conclude:
If pj ∈ R, then b[j]=”false” during α.
Therefore, when pi executes the loop in lines 1-8, for each j < i it finds that
b[j] =”false”. As a result, when pi executes the loop in lines 1-8, it never changes
the value stored in b[i] from ”true” to ”false”. Hence, eventually pi reaches line 8,
finds that condition b[i] =”true” holds and traverse to line 9.
The set E can be partitioned into two disjoint sets, E1 and E2 so that all processes
in E1 execute for ever the loop in lines 1-8 and all processes in E2 reach line 9
at some point in α. It may be noticed that all the processes in E2 at some point
perform last write to b[i.d.] and they write the value ”true”. In addition, by the
previous lemma, pi ∈ E2 , when pi has the minimal i.d. among the processes in E.
Let pk be some process in E1 . By the choice of pi , i < k. Thus, there are processes
with i.d. smaller then k in E2 . As a result, since pk executes forever the loop
in lines 1-8, pk from some point will execute line 6 forever, waiting for condition
b[j] =”true” to hold for some j so that pj ∈ E2 . Furthermore, when a process pk
executes the command in line 6, b[k] store the value ”false”.
By the previous paragraph we conclude that from some point, the value of b[k] is
permanently ”false” for each pk ∈ E1 . Therefore, there is a postfix of α, α0 , in
which all the registers {b[k] : pk ∈ E1 } store the value ”false”. Let pl be the process
in E2 with the largest i.d. Hence, for each l < j, pj ∈ R ∪ E1 , and hence b[j] store
the value ”false” during α0 . Therefore, for each l + 1 ≤ j ≤ n, pl does not execute
line 10 for ever waiting for condition b[j] =”false” to hold, and hence eventually, pl
enters its critical section in contradiction to our assumption, namely that no process
enters its critical section in α.
2.a. We shall prove that the new algorithm satisfies mutual exclusion and deadlockfreedom. For proving that the algorithm satisfies mutual exclusion, assume for a
contradiction that there is an execution α leads to a configuration C in which pi
and pj are at their critical section, and in addition choose α to be of minimal length
with this property.
Lemma 2. It is impossible that pi and pj both entered through the fast path.
Proof. Assume for a contradiction that both entered through the fast path. Assume
w.l.o.g that pi was the first to enter the critical section. Thus, pi wrote i to f ast lock
in line 2, and no other process wrote to this register until pi read i from f ast lock
in line 8. Between this events, pi wrote i to slow lock. Now, pj wrote to f ast lock
after pi read from this register and hence, pj wrote to f ast lock after pi wrote
i to slow lock. However, by assumption pj read 0 from slow lock, so some other
process, pk left the critical section between the write event by pi to slow lock and the
read event by pj from slow lock. Therefore, we construct the following execution:
instead of letting pk to exit its critical section and letting pj executes lines 7,8 and
to enter its critical section, we let pi to execute the command in line 8 and joint pk
in the critical section. Thus, we have constructed a shorter execution which violates
mutual exclusion in contradiction to the minimality of α.
2
Lemma 3. It is impossible that pi and pj entered through the slow-path.
Proof. Assume for a contradiction that both processes entered through the slow
path, and assume w.l.o.g. that pi was the first to enter its critical section. Hence,
pi read i from slow lock while executing line 11. As a result, there is no write
addressed to slow lock between the write of pi to this register and the read of pi
from this register. However, as pj entered to its critical section through the slow
path after pi did, pj wrote j to slow lock after pi read i from slow lock. Since pi
entered its critical section, at some point while executing the loop in line 10, it
found that condition want[j] =”false” hold. Thus, pj executed line 1 after pi read
want[j] in line 10. However, since pj have reached line 7, it found that slow lock
store the value 0, while executing line 3. We sum-up the course of events:
(a) pi writes i to slow lock.
(b) pi reads ”false” from want[j].
(c) pj writes ”true” to want[j].
(d) pj reads 0 from slow lock.
We see that some process left the critical section (and wrote 0 to slow lock) after
pi wrote i to slow lock, but we have argued that there is no write addressed to
slow lock between the write and read performed by pi . The consequence is:
some process left the critical section after pi read i from slow lock and before pj
read 0 from slow lock.
By the assumption on α, this process is not pi , but after pi read i from slow lock it
entered its critical section. Therefore, there is a strict prefix of α in which mutual
exclusion is violated, in contradiction to the minimality of α.
Lemma 4. It is impossible that one of the processes entered the critical section
through the fast path, and the other through the slow path.
Proof. Assume w.l.o.g. that pi entered through the fast path and pj entered through
the slow path. Since pj entered from the slow path, while executing line 10, it founds
that condition want[i] =”false” hold. Thus, pj read want[i] during the execution
of line 10, before pi wrote ”true” to want[i] (for the last time before entering the
critical section). As a consequence, pj wrote j to slow lock before pi read slow lock.
However, as pj entered the critical section through the slow path, there is no write
into slow lock between the write action pj performed while execution line 7 and
the read action pj performed while executing line 11. In addition, since pi takes the
fast path to its critical section, after writing ”true” to want[i] and i to f ast lock, it
finds that slow lock store the value 0, while executing line 3. In similar to previous
lemma, we conclude that some process left the critical section, after pj executed
line 11 and entered the critical section. We see that there is a strict prefix of α, α0
in which mutual exclusion is violated in contradiction to the minimality of α.
3
Of course, the previous lemmas prove that there cannot be an execution which
violates the mutual exclusion property.
It is left to prove that the algorithm satisfies deadlock-freedom. Assume for a
contradiction that the algorithm is not deadlock free, and hence there is an infinite
execution β so that, for some postfix of β, α, some of the process are at their
remainder section in α and the other processes are at their entry section in α. We
use R and E to denote this sets respectively. We argue:
Lemma 5. Each process in E, from some point, executes forever the command in
line 5 or executes forever the command in line 10.
Proof. If all processes execute line 5 forever from some point we are done. Otherwise, some process reaches line 7 in α and changes the value of slow lock. As
no process exits the critical section in α, from some point the value of slow lock
is different from 0. Now, if a process pi succeed to exit the loop in line 10, by
assumption it does not enters the critical section and it goes to line 1 (recall that
the processes do not execute line 12). So, a process that succeed to exit line 10, will
find that the value of slow lock is different from 0 in line 3, and will wait forever for
condition slow lock = 0 to hold at line 5. Therefore, from some point, if a process
succeeds to exit the loop in line 10, it will execute the command in line 5 forever,
as the lemma claims.
By the lemma, E can be partitioned into two sets, E1 and E2 . E1 contains all
processes that from some point, execute line 5 forever and E2 contains the processes
in E that from some point execute the loop in line 10 forever.
It may be noticed that before a process executes line 5 or 10, it writes ”false” to
want[i.d.]. Thus, from some point, each register want[i] store the value ”false”.
As a result, a process cannot execute the loop in line 10 forever thus E2 = ∅ and
E = E1 .
Now, as E = E1 , since the last process that entered the critical section (if there is
such process) has left the critical section and wrote 0 to slow lock, some process
in E has changed the valued of slow lock. Since all processes in E execute line 5
forever from some point, there is a process pj that was the last to write to slow lock
after the last process that entered the critical section has left the critical section.
Therefore, pj wrote j to slow lock in line 7 and it was the last to write to slow lock.
By assumption, pj does not enter the critical section so it finds that f ast lock 6= i
in line 8 and continue to execute line 9 and the loop in line 10. As E2 = ∅, pj
exits from the loop in line 10 and executes line 11. Since pj was the last to write to
slow lock, it finds that slow lock store the value j, and enters the critical section,
in contradiction to our conclusion, that no process entered the critical section after
pj performed the last write to slow lock.
2.b. Removing lines 12 and 5 results in an algorithm that satisfies mutual exclusion
but does not satisfy deadlock freedom. For proving that the algorithm satisfies
mutual exclusion we assume for a contradiction that pi and pj are in the critical
4
section together at the end of a minimal ”bad” execution α. We repeat briefly the
arguments in lemmas 1, 2 and 3.
Lemma 6. It is impossible that pi and pj both entered through the fast path.
Proof. Assume for a contradiction that they entered through the fast path and
w.l.o.g. pi was first to enter the critical section. Thus, pj wrote j to f ast lock (line
2), after pi read i from f ast lock. Thus, when pj read register slow lock (line 3)
it read the value i 6= 0 and executed line 4 and 6. As long as pi is at its critical
section, pj will find that slow lock store the value i and it cannot pass line 6 in its
code.
Lemma 7. It is impossible that pi and pj entered through the slow path.
Proof. Assume for a contradiction that they entered through the slow path and
assume w.l.o.g. that pi was first to enter its critical section. Thus, pj changed
want[j] to ”true” after pi read ”false” from want[j] in line 10, which is also after
pi wrote i to slow lock. Hence, as long as pi is in its critical section, pj will always
find that slow lock = i in line 3 and it cannot pass line 6 while pi is still in its
critical section.
Lemma 8. It is impossible that one of the processes entered through the fast path
and the other entered through the slow path.
Proof. Assume for a contradiction that w.l.o.g. pi entered through the slow path
and pj entered through the fast path. Thus, pj changed want[j] to ”true” after pi
read ”false” from want[j] while executing line 10, which is also after pi wrote i to
slow lock. As in the previous case, we conclude that pj cannot pass line 6 in its
code as long as pi is in its critical section.
This lemmas establish that mutual exclusion holds and for proving that the algorithm is not deadlock free we consider the following execution:
We let process p1 executes lines 1,2,7 and then we let process p2 executes lines 1 and
2. Now, we let p1 executes line 8, find that f ast lock 6= i, executes lines 9 and 10
and finds that want[2] =”true”. Now we repeat forever the following process: we
let p2 executes lines 3-6 (when it ignores line 5 by assumption) and then executes
lines 1 and 2. Now we let p1 act again and finds that want[2] =”true”. We have
reached the same configuration and hence this process can be repeated forever.
3.a. We shall prove that the algorithm satisfies mutual exclusion.
Lemma 9. At any reachable configuration, the value of s is at most 1.
Proof. The initial value of s is 1. During the execution, a process may increase or
decrease the value of s by 1, at a single step. If a process increase the value of s
by 1, it is done by executing the second line in the entry section or by executing
the single command at the exit section. Thus, the previous action the process
performed (not including step inside the critical section) was the first command in
5
the entry section, that is fetch-and-add(s,-1). Therefore, a process increases s by 1,
only immediately after it decreases s by 1. Hence the value of s cannot be greater
then the initial value: 1.
Now assume for a contradiction that the algorithm does not satisfy mutual exclusion
and choose an execution α so that in the last action in α, process pi enters the critical
section although pj is still in its critical section. Since pi enters the critical section,
it performs fetch-and-add(s,-1) and reads 1 from s. Now, instead of letting pi to
perform its step, we let pj to exit the critical section and to execute the single
command at the exit section. So, before pj executes the exist section, the value of
s is 1. pj performs a fetch-and-add(s,1) action and write 2 to s. Thus, we have
constructed an execution that leads to a configuration in which the value of s is 1,
in contradiction to our lemma.
3.b. The algorithm does not satisfy deadlock-freedom. Let p1 , p2 , p3 be the three processes. We construct an infinite execution as follows: First we let p1 take the
fetch-and-add(s,-1) step and since this operation returns 1, p1 enters the critical
section. Now we let p2 and p3 to take the first step. Non of them gets critical and
now s store the value −2. Now we let p1 execute the exit section and to increase s
by 1.
so far, we have reached a configuration in which:
• p1 in the remainder.
• p2 and p3 are scheduled to execute the second command in their code.
• s store the value −1.
Now we let p2 execute the second line in its code, write 0 to s and then execute
again the first line in its code and to write −1 to s. Now, by letting p3 do the same
we reach the same configuration described above. Thus, by letting p2 and p3 repeat
this process forever, we get an execution in which all processes that are not in the
remainder section are active, and still no process enters the critical section.
3.c. ticket, next are shared registers and turn is a local variable. Initially, ticket =
next = 1.
1.
2.
3.
4.
turn:=fetch-and-add(ticket,1) ;
await turn=next;
CRITICAL SECTION
next:=next+1;
4. Let A be an algorithm that solves th AllGreen problem. For a given n ∈ N, we shall
prove that there is an execution on a ring with n processes so that the color of each
process is green, and at least n(b n2 c − 1) messages has been sent. Let p0 , . . . , pn−1
denote the processes in the ring so that the right neighbor of pi is p(i+1 mod n) . We
shall construct an execution
α = σ1 σ2 . . . σb n2 c−1
such that
6
(a) Each process sends at least one message during σi .
(b) If a process have not terminate during σi , then it waits to a message (no
process is in the middle of execution a code).
(c) At the end of the execution σi , all processes are at the same state and their
buffers contains the same messages.
(d) All processes send the same messages during σi .
(e) If there are at least i + 1 processes between p0 and pj , then no message has
been transfered from p0 to pj .
Assume we have constructed σ0 . . . σi−1 so that the properties hold. If i = 0 then
surely, no process has terminate. If i > 0 then σi−1 satisfy the requirement and
hence, by (e) we see that some processes have not terminate (since they can not
know about p0 ’s state), and then by (c) we conclude that all processes have not
terminate. Since (b) promises that no process is about to take steps unless it
receives a message, we conclude that all process have at least one message waiting
to be read. We construct σi as follows:
First, we let each process, pj , so that there are at least i processes between pj
and p0 , reads the messages in its buffers (in some fixed order) and executes the
correspondence code in a solo run. After that, in an arbitrary order, we let all
other processes read their messages and execute their code in a solo run. Since
all processes start at the same state, all or none send a message to the right, and
all or none send a message to the left. If it is the case the no message has been
sent, then it is clear that no process has terminate (trivial if i = 0, and otherwise,
an immediate conclusion from the fact that (e) hold for σi−1 ) and we repeat this
process again. Since the algorithm is assumed to be correct, as all the processes
participate in this execution, we cannot repeat this process forever. Hence, after
several repetitions we get an execution in which each process sends at least one
message.
We need to prove that properties (b)-(e) hold while it is easy to see that (b) is an
immediate conclusion from the construction. For proving (c) and (d) we observe
that all processes start at the same state (which is the initial sate if i = 0, or by
assumption on σi−1 if i > 0). In addition, before the execution σi , the processes
buffers contain the same messages (no messages if i = 0 and otherwise, by assumption on σi−1 ). Finally, since all processes have the same color, they send the same
messages as a response to the common messages they read, and finish the execution
in the same state.
It is left to verify that (e) hold. For proving (e), we shall say that a process pj is
close to p0 if there are less than i processes between pj and p0 , and otherwise pj is
far from p0 . We see that if pj is far from p0 , then pj reads its messages and sends
messages before all processes that are close to p0 . Let pj be a process that is far
from p0 . Before the execution σi , no message has been traveled from p0 to pj . Thus,
a message from p0 may be transfered to pj during σi only if pj has a neighbor that
is close to p0 . As a consequence, after σi a message may traveled from p0 to pj only
if there are less then i + 1 processes between pj and p0 .
7
5. For proving that the same result old for any uniform algorithm, we prove the next
lemma.
Lemma 10. Let A be a uniform algorithm for the leader election problem with
message complexity O(f (n)). Thus, there is a uniform algorithm A0 for the leader
election problem so that:
• The process with the maximum identifier is elected.
• All processes learn the identifier of the elected leader.
• The message complexity of A0 is O(f (n) + n).
Proof. We describe how to construct A0 from A. First, the processes execute A to
find a temporary leader instead of a leader. When a process terminates as a temporary leader A it sends a message to the right: (temporary leader, ID) when ID
is its ID. When a process pi which is not the temporary leader receives a message:
(temporary leader, n) it stops executing the code of A and sends a message to the
right: (temporary leader, max{n, ID}). When the temporary leader receives a message: (temporary leader, max) it sends a message to the right: (new leader, max),
and terminates as a leader if its ID equals max, and terminates as non-leader otherwise. When a process pi gets a message (new leader, max) it sends this message
to its right, terminates as leader if max is its ID, and terminates as non-leader
otherwise.
By assumption on A, only single process will terminate as a temporary leader.
Eventually the temporary leader will send a message: (new leader, n) when n is
some process ID. Since there is a unique process so that n is its ID, only a single
process will terminate as a leader and hence A0 is correct.
Now, as in immediate consequence from the description of the code, if the temporary
leader receives a message: (temporary leader, n), then n is the maximal ID in the
ring. The temporary leader ”instructs” the processes to choose n as a leader, and
hence the leader is the process with the maximal ID and all processes learn its ID.
Finally, each process sends messages according to the code of A and two additional
messages. Thus, the message complexity is O(f (n) + 2n) = O(f (n) + n) when f (n)
is the message complexity of A.
Now we can prove that the lower bound holds for any algorithm. Assume for a contradiction that A is a leader election algorithm with message complexity O(f (n)) <
O(n log n). By the previous lemma we can find a leader election algorithm in which
the process with maximal ID is chosen and all processes learn the ID of the leader,
and in addition, the message complexity is O(f (n) + n). But, O(f (n) + n) =
O(max{f (n), n}) and by the assumption on f (n), O(max{f (n), n}) < O(n log n)
in contradiction to the lower bound result.
8
© Copyright 2026 Paperzz