Model Checking a Lazy Concurrent List-Based Set Algorithm

Concurrent objects are notoriously difficult to design correctly, and high performance algorithms that make little or no use of locks even more so. In this paper, we present a formal verification of a lazy concurrent list-based set using model checking techniques. The algorithm supports insertion, removal, and membership testing of a list entry under optimistic locking scheme. The algorithm has nonfixed linearization points and is highly non-trivial. We have proved that the algorithm satisfies linearizability, by showing a trace refinement relation from the concrete implementation to its abstract specification. These models are specified in CSP# and verified automatically using our home grown model checker PAT.

[1]  John Derrick,et al.  Proving Linearizability Via Non-atomic Refinement , 2007, IFM.

[2]  Marcin Paprzycki,et al.  Distributed Computing: Fundamentals, Simulations and Advanced Topics , 2001, Scalable Comput. Pract. Exp..

[3]  Yanhong A. Liu,et al.  Formal Verification of Scalable NonZero Indicators , 2009, SEKE.

[4]  Jun Sun,et al.  Integrating Specification and Programs for System Modeling and Verification , 2009, 2009 Third IEEE International Symposium on Theoretical Aspects of Software Engineering.

[5]  Maurice Herlihy,et al.  A Lazy Concurrent List-Based Set Algorithm , 2005, OPODIS.

[6]  Hagit Attiya,et al.  Distributed Computing: Fundamentals, Simulations and Advanced Topics , 1998 .

[7]  Yanhong A. Liu,et al.  Model Checking Linearizability via Refinement , 2009, FM.

[8]  Andrew William Roscoe,et al.  Model-checking CSP , 1994 .

[9]  Rajeev Alur,et al.  Model-checking of correctness conditions for concurrent objects , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[10]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[11]  Eran Yahav,et al.  Experience with Model Checking Linearizability , 2009, SPIN.

[12]  Jun Sun,et al.  PAT: Towards Flexible Verification under Fairness , 2009, CAV.

[13]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[14]  Mark Moir,et al.  Formal Verification of a Practical Lock-Free Queue Algorithm , 2004, FORTE.

[15]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[16]  Jun Sun,et al.  Model Checking CSP Revisited: Introducing a Process Analysis Toolkit , 2008, ISoLA.

[17]  Jin Song Dong,et al.  Timed Communicating Object Z , 2000, IEEE Trans. Software Eng..

[18]  Eran Yahav,et al.  Comparison Under Abstraction for Verifying Linearizability , 2007, CAV.

[19]  Jin Song Dong,et al.  Blending Object-Z and Timed CSP: an introduction to TCOZ , 1998, Proceedings of the 20th International Conference on Software Engineering.

[20]  Scott D. Stoller,et al.  Static analysis of atomicity for programs with non-blocking synchronization , 2005, PPoPP.