Skip to main content
SpringerLink
Log in

Proving linearizability with temporal logic

  • Original Article
  • Published:
Formal Aspects of Computing

Abstract

Linearizability is a global correctness criterion for concurrent systems. One technique to prove linearizability is applying a composition theorem which reduces the proof of a property of the overall system to sufficient rely-guarantee conditions for single processes. In this paper, we describe how the temporal logic framework implemented in the KIV interactive theorem prover can be used to model concurrent systems and to prove such a composition theorem. Finally, we show how this generic theorem can be instantiated to prove linearizability of two classic lock-free implementations: a Treiber-like stack and a slightly improved version of Michael and Scott’s queue.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abrial J-R, Cansell D (2005) Formal construction of a non-blocking concurrent queue algorithm (a case study in atomicity). J Univers Comput Sci 11(5): 744–770

    Google Scholar 

  2. Abadi M, Lamport L (1995) Conjoining specifications. ACM Trans Program Lang Syst 17: 507–534

    Article  Google Scholar 

  3. Amit D, Rinetzky N, Reps TW, Sagiv M, Yahav E (2007) Comparison under abstraction for verifying linearizability. In: CAV, pp 477–490

  4. Alpern B, Schneider FB (1987) Recognizing safety and liveness. Distrib Comput 2(3): 117–126

    Article  MATH  Google Scholar 

  5. Balser M (2005) Verifying concurrent system with symbolic execution—temporal reasoning is symbolic execution with a little induction. PhD thesis, University of Augsburg, Augsburg, Germany

  6. Bjørner NS, Browne A, Michael A Col On, Finkbeiner B, Sipma HB, Uribe T (1999) Verifying temporal properties of reactive systems: a STeP tutorial. In: Formal methods in system design, vol 16, 2000 p

  7. Balser M, Bäumler S, Reif W, Schellhorn G (2008) Interactive verification of concurrent systems using symbolic execution. In: Proceedings of 7th international workshop of implementation of logics (IWIL 08)

  8. Berdine J, Lev-Ami T, Manevich R, Ramalingam G, Sagiv M (2008) Thread quantification for concurrent shape analysis. In: CAV’08. Springer, New York

  9. Bäumler S, Nafz F, Balser M, Reif W (2008) Compositional proofs with symbolic execution. In: Beckert B, Klein G (eds) Proceedings of the 5th international verification workshop, vol 372 of Ceur workshop proceedings

  10. Börger E, Stärk RF (2003) Abstract state machines—a method for high-level system design and analysis. Springer-Verlag, New York

    MATH  Google Scholar 

  11. Burstall RM (1974) Program proving as hand simulation with a little induction. Inf Process 74: 309–312

    Google Scholar 

  12. Cau A, Collette P (1996) Parallel composition of assumption-commitment specifications: a unifying approach for shared variable and distributed message passing concurrency. Acta Inform 33(2): 153–176

    Article  MathSciNet  Google Scholar 

  13. Colvin R, Doherty S, Groves L (2005) Verifying concurrent data structures by simulation. ENTCS 137: 93–110

    Google Scholar 

  14. Clarke E, Grumberg O, Peled D (2000) Model checking. MIT Press, Cambridge

    Google Scholar 

  15. Cau A, Moszkowski B, Zedan H (2002) ITL—interval temporal logic. Software Technology Research Laboratory, SERCentre, De Montfort University, The Gateway, Leicester LE1 9BH, UK. www.cms.dmu.ac.uk/~cau/itlhomepage

  16. Calcagno C, Parkinson MJ, Vafeiadis V (2007) Modular safety checking for fine-grained concurrency. In: SAS, pp 233–248

  17. Doherty S, Groves L, Luchangco V, Moir M (2004) Formal verification of a practical lock-free queue algorithm. In: FORTE 2004, vol 3235 of LNCS, pp 97–114

  18. Dijkstra EW (1965) Solution of a problem in concurrent programming control. Commun ACM 8(9): 569

    Article  Google Scholar 

  19. Distefano D, O’Hearn PW, Yang H (2006) A local shape analysis based on separation logic. In: TACAS, vol 3920. Springer, New York, pp 287–302

  20. de Roever W-P, de Boer F, Hannemann U, Hooman J, Lakhnech Y, Poel M, Zwiers J (2001) Concurrency verification: introduction to compositional and noncompositional methods. Number 54 in Cambridge Tracts in Theoretical Computer Science. Cambridge University Press

  21. Derrick J, Schellhorn G, Wehrheim H (2007) Proving linearizability via non-atomic refinement. In: IFM, pp 195–214

  22. Derrick J, Schellhorn G, Wehrheim H (2008) Mechanising a correctness proof for a lock-free concurrent stack. In: Prooceedings of FMOODS 2008, Oslo, vol 5051 of LNCS, pp 78–95

  23. Groves L, Colvin R (2007) Derivation of a scalable lock-free stack algorithm. Electron Notes Theor Comput Sci 187: 55–74

    Article  Google Scholar 

  24. Groves L, Colvin R (2009) Trace-based derivation of a scalable lock-free stack algorithm. Form Asp Comp 21(1–2): 187–223

    Article  MATH  Google Scholar 

  25. Gao H, Groote JF, Hesselink WH (2007) Lock-free parallel and concurrent garbage collection by mark&sweep. Sci Comput Program 64(3): 341–374

    Article  MATH  MathSciNet  Google Scholar 

  26. Gurevich Y (1995) Evolving algebras 1993: Lipari guide. In: Börger E (eds) Specification and validation methods. Oxford University Press, Oxford, pp 9–36

    Google Scholar 

  27. Harel D (1984) Dynamic logic. In: Gabbay D, Guenther F (eds) Handbook of philosophical logic, vol 2. Reidel, Dordrecht, pp 496–604

    Google Scholar 

  28. Hesselink WH (2006) Refinement verification of the lazy caching algorithm. Acta Inform 43(3): 195–222

    Article  MATH  MathSciNet  Google Scholar 

  29. Hendler D, Shavit N, Yerushalmi L (2004) A scalable lock-free stack algorithm. In: SPAA ’04: ACM symposium on parallelism in algorithms and architectures, New York, NY, USA. ACM Press, pp 206–215

  30. Herlihy M, Wing J (1990) Linearizability: a correctness condition for concurrent objects. ACM Trans Program Lang Syst 12(3): 463–492

    Article  Google Scholar 

  31. Jones CB (1983) Tentative steps toward a development method for interfering programs. ACM Trans Program Lang Syst 5(4): 596–619

    Article  MATH  Google Scholar 

  32. Jonsson B, Tsay Y-K (1996) Assumption/guarantee specifications in linear-time temporal logic. Theor Comput Sci 167(1–2): 47–72

    Article  MATH  MathSciNet  Google Scholar 

  33. Kalvala S (1995) A formulation of TLA in Isabelle. http://www.research.digital.com/SRC/personal/lamport/tla/tla.html Accessed June 1995

  34. Web presentation of the composition theorem and the lock-free stack and queue case study in KIV. URL: http://www.informatik.uni-augsburg.de/swt/projects/lock-free.html

  35. Lamport L (1994) The temporal logic of actions. ACM Trans Program Lang Syst 16(3): 872–923

    Article  Google Scholar 

  36. Lamport L (2006) The +CAL algorithm language. Technical report, Microsoft

  37. Misra J, Chandi KM (1981) Proofs of networks of processes. IEEE Trans Softw Eng

  38. Merz S (1995) Mechanizing TLA in Isabelle. In: Rodošek R (ed) Workshop on verification in new orientations. Univeristy of Maribor, Maribor, pp 54–74

  39. Moszkowski B (1986) Executing temporal logic programs. Cambridge University Press, Cambridge

    Google Scholar 

  40. Michael MM, Scott ML (1996) Simple, fast, and practical non-blocking and blocking concurrent queue algorithms. In: Proceedings of 15th ACM symposium on principles of distributed computing, pp 267–275

  41. Owicki SS, Gries D (1976) An axiomatic proof technique for parallel programs I. Acta Inform 6: 319–340

    Article  MATH  MathSciNet  Google Scholar 

  42. Pnueli A, Arons T (2003) TLPVS: a PVS-based LTL verification system. In: Verification-theory and practice. Proceedings of an international symposium in honor of Zohar Manna’s 64th birthday. Lecture Notes in Computer Science. Springer-Verlag, New York, pp 84–98

  43. Prensa Nieto L (2003) The rely-guarantee method in Isabelle/HOL. In: Degano P (eds) European symposium on programming (ESOP’03), vol 2618 of LNCS. Springer, New York, pp 348–362

    Google Scholar 

  44. Reynolds JC (2002) Separation logic: a logic for shared mutable data structures. In: LICS ’02: Proceedings of the 17th annual IEEE symposium on logic in computer science, Washington, DC, USA. IEEE Computer Society, pp 55–74

  45. Reif W, Schellhorn G, Stenzel K, Balser M (1998) Structured specifications and interactive proofs with KIV. In: Bibel W, Schmitt P (eds) Automated deduction—a basis for applications, vol II: systems and implementation techniques, chapter 1: interactive theorem proving. Kluwer Academic Publishers, Dordrecht, pp 13–39

  46. Treiber RK (1986) System programming: coping with parallelism. Technical report RJ 5118. IBM Almaden Research Center

  47. Vafeiadis V (2007) Modular fine-grained concurrency verification. PhD thesis, University of Cambridge

  48. Vafeiadis V (2009) Shape-value abstraction for verifying linearizability. In: Proceedings VMCAI 2009, vol 5403 of LNCS. Springer, New York

  49. Vafeiadis V, Herlihy M, Hoare T, Shapiro M (2006) Proving correctness of highly-concurrent linearisable objects. In: PPoPP ’06: Proceedings of the eleventh ACM SIGPLAN symposium on principles and practice of parallel programming, New York, NY, USA. ACM, pp 129–136

  50. Vafeiadis V, Parkinson MJ (2007) A marriage of rely/guarantee and separation logic. In: CONCUR, pp 256–271

Download references

Author information

Authors and Affiliations

  1. Lehrstuhl für Softwaretechnik und Programmiersprachen, Universität Augsburg, 86135, Augsburg, Germany

    Simon Bäumler, Gerhard Schellhorn, Bogdan Tofan & Wolfgang Reif

Authors
  1. Simon Bäumler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gerhard Schellhorn
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bogdan Tofan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wolfgang Reif
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Simon Bäumler.

Additional information

Communicated by Egon Börger and Michael Butler

Rights and permissions

Reprints and permissions

About this article

Cite this article

Bäumler, S., Schellhorn, G., Tofan, B. et al. Proving linearizability with temporal logic. Form Asp Comp 23, 91–112 (2011). https://doi.org/10.1007/s00165-009-0130-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-009-0130-y

Keywords

Search

Navigation