research-article

Tasks in modular proofs of concurrent algorithms

Authors:

Armando Castañeda,

Aurélie Hurault,

Philippe Quéinnec,

Matthieu RoyAuthors Info & Claims

Volume 292, Issue C

https://doi.org/10.1016/j.ic.2023.105040

Published: 01 June 2023 Publication History

Abstract

Proving the correctness of distributed or concurrent algorithms is a complex process. Errors in the reasoning are hard to find, calling for computer-checked proof systems like Coq or TLA⁺. To use these tools, sequential specifications of base objects are required to build modular proofs by composition. Unfortunately, many concurrent objects lack a sequential specification. This article describes a method to transform any task, a specification of a concurrent one-shot distributed problem, into a sequential specification involving two calls, set and get. This enables designers to compose proofs, facilitating modular computer-checked proofs of algorithms built using tasks and sequential objects as building blocks. Moir & Anderson implementation of renaming using splitters, wait-free concurrent objects, is an algorithm designed by composition, but it is not modular. Using our transformation, a modular description of the algorithm is given in TLA⁺ and mechanically verified using the TLA⁺ Proof System. As far as we know, this is the first time this algorithm is mechanically verified.

References

[1]

Alistarh Dan, The renaming problem: recent developments and open questions, Bull. Eur. Assoc. Theor. Comput. Sci. 117 (2015).

[2]

Manamiary Bruno Andriamiarina, Dominique Méry, Neeraj Kumar Singh, Revisiting snapshot algorithms by refinement-based techniques, Comput. Sci. Inf. Syst. 11 (1) (2014) 251–270.

[3]

James Aspnes, Faith Ellen, Tight bounds for adopt-commit objects, Theory Comput. Syst. 55 (3) (2014) 451–474.

Digital Library

[4]

H. Attiya, A. Bar-Noy, D. Dolev, D. Peleg, R. Reischuk, Renaming in an asynchronous environment, J. ACM 37 (3) (1990) 524–548.

[5]

Elizabeth Borowsky, Eli Gafni, Generalized FLP impossibility result for t-resilient asynchronous computations, in: STOC '93: Proceedings of the ACM Symposium on Theory of Computing, 1993, pp. 91–100.

[6]

Elizabeth Borowsky, Eli Gafni, Nancy A. Lynch, Sergio Rajsbaum, The BG distributed simulation algorithm, Distrib. Comput. 14 (3) (2001) 127–146.

Digital Library

[7]

Armando Castañeda, Sergio Rajsbaum, Michel Raynal, The renaming problem in shared memory systems: an introduction, Comput. Sci. Rev. 5 (3) (2011) 229–251.

Digital Library

[8]

Armando Castañeda, Sergio Rajsbaum, Michel Raynal, Unifying concurrent objects and distributed tasks: interval-linearizability, J. ACM 65 (6) (2018).

[9]

Armando Castañeda, Aurélie Hurault, Philippe Quéinnec, Matthieu Roy, Tasks in modular proofs of concurrent algorithms, in: 21st Int'l Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS 2019), in: Lecture Notes in Computer Science, vol. 11914, Springer, October 2019, pp. 69–83.

[10]

Kaustuv Chaudhuri, Damien Doligez, Leslie Lamport, Stephan Merz, Verifying safety properties with the TLA+ proof system, in: 5th International Joint Conference on Automated Reasoning, IJCAR 2010, in: Lecture Notes in Computer Science, vol. 6173, Springer, 2010, pp. 142–148.

[11]

Soma Chaudhuri, More choices allow more faults: set consensus problems in totally asynchronous systems, Inf. Comput. 105 (1) (July 1993) 132–158.

[12]

Sylvain Conchon, Amit Goel, Sava Krstic, Alain Mebsout, Fatiha Zaïdi Cubicle, A parallel SMT-based model checker for parameterized systems, in: 24th International Conference on Computer Aided Verification, in: Lecture Notes in Computer Science, vol. 7358, Springer, 2012, pp. 718–724.

[13]

Cezara Dragoi, Ashutosh Gupta, Thomas A. Henzinger, Automatic linearizability proofs of concurrent objects with cooperating updates, in: 25th International Conference on Computer Aided Verification, in: Lecture Notes in Computer Science, vol. 8044, Springer, 2013, pp. 174–190.

[14]

Eli Gafni, Round-by-round fault detectors: unifying synchrony and asynchrony (extended abstract), in: 17th ACM Symposium on Principles of Distributed Computing, PODC '98, 1998, pp. 143–152.

[15]

Silvio Ghilardi, Silvio Ranise, MCMT: a model checker modulo theories, in: 5th International Joint Conference on Automated Reasoning IJCAR, in: Lecture Notes in Computer Science, vol. 6173, Springer, 2010, pp. 22–29.

[16]

Éric Goubault, Jérémy Ledent, Sergio Rajsbaum, A simplicial complex model for dynamic epistemic logic to study distributed task computability, in: Ninth International Symposium on Games, Automata, Logics, and Formal Verification, GandALF 2018, 2018, pp. 73–87.

[17]

Nir Hemed, Noam Rinetzky, Viktor Vafeiadis, Modular verification of concurrency-aware linearizability, in: 29th International Symposium on Distributed Computing (DISC), 2015, pp. 371–387.

[18]

Danny Hendler, Nir Shavit, Lena Yerushalmi, A scalable lock-free stack algorithm, J. Parallel Distrib. Comput. 70 (1) (2010) 1–12.

Digital Library

[19]

Maurice Herlihy, Dmitry N. Kozlov, Sergio Rajsbaum, Distributed Computing Through Combinatorial Topology, Morgan Kaufmann, 2013.

[20]

Maurice Herlihy, Nir Shavit, The Art of Multiprocessor Programming, Morgan Kaufmann, 2008.

Digital Library

[21]

Maurice Herlihy, Jeannette M. Wing, Linearizability: a correctness condition for concurrent objects, ACM Trans. Program. Lang. Syst. 12 (3) (1990) 463–492.

Digital Library

[22]

Gerard J. Holzmann, The SPIN Model Checker - Primer and Reference Manual, Addison-Wesley, 2004.

Digital Library

[23]

Aurélie Hurault, Philippe Quéinnec, Proving a non-blocking algorithm for process renaming with TLA⁺, in: 13th International Conference on Tests and Proofs, TAP 2019, in: Lecture Notes in Computer Science, vol. 11823, Springer, October 2019, pp. 147–166.

[24]

Hurault, Aurélie; Quéinnec, Philippe (2019): TLA⁺ proof of Moir-Anderson renaming algorithm. http://hurault.perso.enseeiht.fr/RenamingProof.

[25]

IEC : IEC-61508: functional safety https://www.iec.ch/functionalsafety/.

[26]

Annu John, Igor Konnov, Ulrich Schmid, Helmut Veith, Josef Widder, Parameterized model checking of fault-tolerant distributed algorithms by abstraction, in: Formal Methods in Computer-Aided Design, FMCAD 2013, IEEE, October 2013, pp. 201–209.

[27]

Leslie Lamport, Specifying Systems, Addison Wesley, 2002.

[28]

Leslie Lamport, The PlusCal algorithm language, in: Theoretical Aspects of Computing, in: Lecture Notes in Computer Science, vol. 5684, Springer, August 2009, pp. 36–60.

[29]

Leslie Lamport, Byzantizing paxos by refinement, in: 25th International Symposium on Distributed Computing (DISC), in: Lecture Notes in Computer Science, vol. 6950, Springer, September 2011, pp. 211–224.

[30]

Tianxiang Lu, Formal Verification of the Pastry Protocol, PhD thesis Université de Lorraine – Universität des Saarlandes, July 2013.

[31]

Tianxiang Lu, Stephan Merz, Christoph Weidenbach, Towards verification of the Pastry protocol using TLA⁺, in: International Conference on Formal Techniques for Distributed Systems FORTE, in: Lecture Notes in Computer Science, vol. 6722, Springer, June 2011, pp. 244–258.

[32]

Robin Milner, A Calculus of Communicating Systems, Lecture Notes in Computer Science., vol. 92, Springer, 1980.

[33]

Mark Moir, James H. Anderson, Wait-free algorithms for fast, long-lived renaming, Sci. Comput. Program. 25 (1) (1995) 1–39.

[34]

Mark Moir, Daniel Nussbaum, Ori Shalev, Nir Shavit, Using elimination to implement scalable and lock-free FIFO queues, in: 17th ACM Symposium on Parallelism in Algorithms and Architectures, SPAA 2005, ACM, July 2005, pp. 253–262.

[35]

Gil Neiger, Set-linearizability, in: Thirteenth Annual ACM Symposium on Principles of Distributed Computing, August 1994, p. 396.

[36]

Peter W. O'Hearn, Noam Rinetzky, Martin T. Vechev, Eran Yahav, Greta Yorsh, Verifying linearizability with hindsight, in: 29th Annual ACM Symposium on Principles of Distributed Computing, PODC 2010, ACM, 2010, pp. 85–94.

[37]

Michel Raynal, Concurrent Programming - Algorithms, Principles, and Foundations, Springer, 2013.

[38]

William N. Scherer III, Doug Lea, Michael L. Scott, Scalable synchronous queues, Commun. ACM 52 (5) (2009) 100–111.

[39]

William N. Scherer III, Michael L. Scott, Nonblocking concurrent data structures with condition synchronization, in: 18th International Conference on Distributed Computing (DISC), 2004, pp. 174–187.

[40]

Nir Shavit, Dan Touitou, Elimination trees and the construction of pools and stacks, Theory Comput. Syst. 30 (6) (1997) 645–670.

[41]

Nir Shavit, Asaph Zemach, Diffracting trees, ACM Trans. Comput. Syst. 14 (4) (1996) 385–428.

[42]

Bogdan Tofan, Gerhard Schellhorn, Wolfgang Reif, A compositional proof method for linearizability applied to a wait-free multiset, in: 11th International Conference on Integrated Formal Methods, IFM 2014, in: Lecture Notes in Computer Science, vol. 8739, Springer, 2014, pp. 357–372.

[43]

Pamela Zave, Using lightweight modeling to understand Chord, Comput. Commun. Rev. 42 (2) (April 2012) 49–57.

Cited By

Castañeda ARajsbaum S(2024)Recent Advances on Principles of Concurrent Data StructuresCommunications of the ACM10.1145/365329067:8(45-46)Online publication date: 11-Jul-2024
https://dl.acm.org/doi/10.1145/3653290

Index Terms

Tasks in modular proofs of concurrent algorithms
1. Software and its engineering
2. Theory of computation
  1. Logic
    1. Proof theory
  2. Semantics and reasoning
    1. Program reasoning

Index terms have been assigned to the content through auto-classification.

Recommendations

A Formal Framework for ASTRAL Intralevel Proof Obligations

ASTRAL is a formal specification language for real-time systems. It is intended to support formal software development, and therefore has been formally defined. This paper focuses on how to formally prove the mathematical correctness of ASTRAL ...
Scenario-Based Proofs for Concurrent Objects

Concurrent objects form the foundation of many applications that exploit multicore architectures and their importance has lead to informal correctness arguments, as well as formal proof systems. Correctness arguments (as found in the distributed ...
Specification, Refinement and Verification of Concurrent Systems—An Integration of Object-Z and CSP

This paper presents a method of formally specifying, refining and verifying concurrent systems which uses the object-oriented state-based specification language Object-Z together with the process algebra CSP. Object-Z provides a convenient way of ...

Comments

Information & Contributors

Information

Published In

cover image Information and Computation

Information and Computation Volume 292, Issue C

Jun 2023

373 pages

ISSN:0890-5401

Issue’s Table of Contents

Elsevier Inc.

Publisher

Academic Press, Inc.

United States

Publication History

Published: 01 June 2023

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 15 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Castañeda ARajsbaum S(2024)Recent Advances on Principles of Concurrent Data StructuresCommunications of the ACM10.1145/365329067:8(45-46)Online publication date: 11-Jul-2024
https://dl.acm.org/doi/10.1145/3653290

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents