Verifying atomic data types

Atomic transactions are a widely-accepted technique for organizing computation in fault-tolerant distributed systems. In most languages and systems based on transactions, atomicity is implemented through atomic objects, typed data objects that provide their own synchronization and recovery. Hence, atomicity is the key correctness condition required of a data type implementation. This paper presents a technique for verifying the correctness of implementations of atomic data types. The significant aspect of this technique is the extension of Hoare's abstraction function to map to a set of sequences of abstract operations, not just to a single abstract value. We give an example of a proof for an atomic queue implemented in the programming language Avalon/C++.

[1]  Najmi Jarwala The seveteenth international symposium on fault tolerant computing , 1987, SIGD.

[2]  William E. Weihl,et al.  SPECIFICATION AND IMPLEMENTATION OF ATOMIC DATA TYPES , 1984 .

[3]  Robert S. Boyer,et al.  The Correctness Problem in Computer Science , 1982 .

[4]  Willem P. de Roever,et al.  A Proof System for Communicating Sequential Processes , 1980, ACM Trans. Program. Lang. Syst..

[5]  Bjarne Stroustrup,et al.  C++ Programming Language , 1986, IEEE Softw..

[6]  Leslie Lamport,et al.  Specifying Concurrent Program Modules , 1983, TOPL.

[7]  Reiji Nakajima,et al.  Hierarchical program specification and verification — a many-sorted logical approach , 1980, Acta Informatica.

[8]  Stephen J. Garland,et al.  An Overview of LP, The Larch Power , 1989, RTA.

[9]  Zohar Manna,et al.  Verification of concurrent programs, Part I: The temporal framework , 1981 .

[10]  Barbara Liskov,et al.  Guardians and Actions: Linguistic Support for Robust, Distributed Programs , 1983, TOPL.

[11]  Maurice Herlihy,et al.  Avalon : language support for reliable distributed systems , 1986 .

[12]  Walter H. Kohler,et al.  A Survey of Techniques for Synchronization and Recovery in Decentralized Computer Systems , 1981, CSUR.

[13]  Nancy A. Lynch,et al.  Concurrency control for resilient nested transactions , 1983, PODS '83.

[14]  Zohar Manna,et al.  Adequate Proof Principles for Invariance and Liveness Properties of Concurrent Programs , 1984, Sci. Comput. Program..

[15]  William E. Weihl,et al.  Local atomicity properties: modular concurrency control for abstract data types , 1989, TOPL.

[16]  Maurice Herlihy,et al.  Inheritance of synchronization and recovery properties in Avalon/C++ , 1988, Computer.

[17]  FrancezNissim,et al.  A Proof System for Communicating Sequential Processes , 1980 .

[18]  GriesDavid,et al.  Verifying properties of parallel programs , 1976 .

[19]  Michael J. Carey,et al.  Programming constructs for database system implementation in EXODUS , 1987, SIGMOD '87.

[20]  M. Herlihy A quorum-consensus replication method for abstract data types , 1986, TOCS.

[21]  James J. Horning,et al.  Synchronization Primitives for a Multiprocessor: A Formal Speci cation , 1987 .

[22]  J. Goree INTERNAL CONSISTENCY OF A DISTRIBUTED TRANSACTION SYSTEM WITH ORPHAN DETECTION , 1983 .

[23]  Nancy A. Lynch,et al.  Introduction to the Theory of Nested Transactions , 1986, Theoretical Computer Science.

[24]  Christos H. Papadimitriou,et al.  The serializability of concurrent database updates , 1979, JACM.

[25]  E. B. Moss,et al.  Nested Transactions: An Approach to Reliable Distributed Computing , 1985 .

[26]  Santosh K. Shrivastava,et al.  Exploiting Type Inheritance Facilities to Implement Recoverability in Object Based Systems , 1987, SRDS.

[27]  Stephen J. Garland,et al.  Inductive methods for reasoning about abstract data types , 1988, POPL '88.

[28]  David P. Reed,et al.  Implementing atomic actions on decentralized data , 1983, TOCS.

[29]  William E. Weihl,et al.  Implementation of resilient, atomic data types , 1985, TOPL.

[30]  Philip A. Bernstein,et al.  Concurrency Control in Distributed Database Systems , 1986, CSUR.

[31]  James J. Horning,et al.  The Larch Family of Specification Languages , 1985, IEEE Software.

[32]  Martín Abadi,et al.  The Existence of Refinement Mappings , 1988, LICS.

[33]  Bruce Jay Nelson Remote procedure call , 1981 .

[34]  Maurice Herlihy,et al.  Axioms for concurrent objects , 1987, POPL '87.

[35]  Alfred Z. Spector,et al.  The Camelot project , 1986 .

[36]  Brian Randell,et al.  A formal model of atomicity in asynchronous systems , 1981, Acta Informatica.

[37]  C. A. R. Hoare,et al.  Proof of correctness of data representations , 1972, Acta Informatica.

[38]  Jeannette M. Wing,et al.  Machine assisted proofs of properties of Avalon programs , 1989 .

[39]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[40]  Nancy A. Lynch,et al.  Hierarchical correctness proofs for distributed algorithms , 1987, PODC '87.

[41]  Irving L. Traiger,et al.  The notions of consistency and predicate locks in a database system , 1976, CACM.

[42]  Nancy A. Lynch,et al.  On the Correctness of Orphan Elimination Algorithms. , 1987 .