A Hoare Logic for Monitors in Java

Besides the features of a class-based object-oriented language, Java integrates concurrency via its thread-classes, allowing for a multithreaded flow of control. Besides shared-variable concurrency via instance variables, synchronous message passing, and dynamic thread creation, Java’s concurrency model offers reentrant synchronization monitors via specific method calls, wait and notify. To reason about safety-properties of multithreaded programs, we introduce an assertional proof method for JavaMT (“Multi-Threaded Java”), a small concurrent sublanguage of Java, covering the mentioned concurrency issues, specifically, Java’s monitor discipline, as well as the object-

[1]  Martin Hofmann,et al.  Generation of verification conditions for Abadi and Leino's Logic of Objects (Extended Abstract) , 1910 .

[2]  Willem P. de Roever,et al.  A Proof System for Communicating Sequential Processes , 1980, ACM Trans. Program. Lang. Syst..

[3]  Krzysztof R. Apt,et al.  Ten Years of Hoare's Logic: A Survey—Part I , 1981, TOPL.

[4]  J. V. Tucker,et al.  Program correctness over abstract data types, with error-state semantics , 1988, CWI monographs.

[5]  P. America,et al.  A behavioural approach to subtyping in object-oriented programming languages , 1991 .

[6]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[7]  Robert W. Floyd,et al.  Assigning Meanings to Programs , 1993 .

[8]  Peter A. Buhr,et al.  Monitor classification , 1995, CSUR.

[9]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[10]  Martín Abadi,et al.  A Theory of Objects , 1996, Monographs in Computer Science.

[11]  Arnd Poetzsch-Heffter,et al.  Specification and verification of object-oriented programs , 1997 .

[12]  Martín Abadi,et al.  A Logic of Object-Oriented Programs , 1997, Verification: Theory and Practice.

[13]  Anneke Kleppe,et al.  The object constraint language: precise modeling with UML , 1998 .

[14]  Arnd Poetzsch-Heffter,et al.  Logical foundations for typed object-oriented languages , 1998, PROCOMET.

[15]  Bart Jacobs,et al.  Reasonong about Classess in Object-Oriented Languages: Logical Models and Tools , 1998, ESOP.

[16]  Jim Alves-Foss,et al.  Formal Syntax and Semantics of Java , 2002, Lecture Notes in Computer Science.

[17]  Martin Wirsing,et al.  An Event-Based Structural Operational Semantics of Multi-Threaded Java , 1999, Formal Syntax and Semantics of Java.

[18]  Frank S. de Boer,et al.  A WP-calculus for OO , 1999, FoSSaCS.

[19]  Gregory R. Andrews,et al.  Foundations of Multithreaded, Parallel, and Distributed Programming , 1999 .

[20]  Arnd Poetzsch-Heffter,et al.  A Programming Logic for Sequential Java , 1999, ESOP.

[21]  Frank S. de Boer,et al.  Proof-Outlines for Threads in Java , 2000, CONCUR.

[22]  Martin Hofmann,et al.  Implementing a Program Logic of Objects in a Higher-Order Logic Theorem Prover , 2000, TPHOLs.

[23]  Jozef Hooman,et al.  Concurrency Verification: Introduction to Compositional and Noncompositional Methods , 2001, Cambridge Tracts in Theoretical Computer Science.

[24]  David von Oheimb Hoare logic for Java in Isabelle/HOL , 2001, Concurr. Comput. Pract. Exp..

[25]  Martin Wirsing,et al.  A Hoare Calculus for Verifying Java Realizations of OCL-Constrained Design Models , 2001, FASE.

[26]  Xavier Leroy Java Bytecode Verification: An Overview , 2001, CAV.

[27]  Prof. Dr. Robert F. Stärk,et al.  Java and the Java Virtual Machine , 2001, Springer Berlin Heidelberg.

[28]  F. S. Boer,et al.  Verification for Java's Reentrant Multithreading Concept , 2002, Foundations of Software Science and Computation Structure.

[29]  David A. Basin,et al.  Verified Bytecode Model Checkers , 2002, TPHOLs.

[30]  Tobias Nipkow,et al.  Hoare Logic for NanoJava: Auxiliary Variables, Side Effects, and Virtual Methods Revisited , 2002, FME.

[31]  Frank S. de Boer,et al.  A Compositional Operational Semantics for JavaMT , 2003, Verification: Theory and Practice.

[32]  Susan Owicki,et al.  An axiomatic proof technique for parallel programs I , 1976, Acta Informatica.

[33]  David Gries,et al.  A proof technique for communicating sequential processes , 1981, Acta Informatica.