Modular verification of linearizability with non-fixed linearization points

Locating linearization points (LPs) is an intuitive approach for proving linearizability, but it is difficult to apply the idea in Hoare-style logic for formal program verification, especially for verifying algorithms whose LPs cannot be statically located in the code. In this paper, we propose a program logic with a lightweight instrumentation mechanism which can verify algorithms with non-fixed LPs, including the most challenging ones that use the helping mechanism to achieve lock-freedom (as in HSY elimination-based stack), or have LPs depending on unpredictable future executions (as in the lazy set algorithm), or involve both features. We also develop a thread-local simulation as the meta-theory of our logic, and show it implies contextual refinement, which is equivalent to linearizability. Using our logic we have successfully verified various classic algorithms, some of which are used in the java.util.concurrent package.

[1]  Hongseok Yang,et al.  Linearizability with Ownership Transfer , 2012, CONCUR.

[2]  Mark Moir,et al.  Formal Verification of a Lazy Concurrent List-Based Set Algorithm , 2006, CAV.

[3]  Viktor Vafeiadis,et al.  Modular fine-grained concurrency verification , 2008 .

[4]  Peter W. O'Hearn,et al.  Separation and information hiding , 2004, POPL.

[5]  Cliff B. Jones,et al.  Tentative steps toward a development method for interfering programs , 1983, TOPL.

[6]  Lars Birkedal,et al.  Logical relations for fine-grained concurrency , 2013, POPL.

[7]  Eran Yahav,et al.  Comparison Under Abstraction for Verifying Linearizability , 2007, CAV.

[8]  Eran Yahav,et al.  Verifying linearizability with hindsight , 2010, PODC.

[9]  John Derrick,et al.  Verifying Linearisability with Potential Linearisation Points , 2011, FM.

[10]  Yanhong A. Liu,et al.  Model Checking Linearizability via Refinement , 2009, FM.

[11]  Viktor Vafeiadis Automatically Proving Linearizability , 2010, CAV.

[12]  Peter W. O'Hearn,et al.  Resources, Concurrency and Local Reasoning , 2004, CONCUR.

[13]  Serdar Tasiran,et al.  Back and Forth: Prophecy Variables for Static Verification of Concurrent Programs , 2009 .

[14]  Omer Subasi,et al.  Simplifying Linearizability Proofs with Reduction and Abstraction , 2010, TACAS.

[15]  Xinyu Feng,et al.  Modular verification of linearizability with non-fixed linearization points , 2013, PLDI.

[16]  Nancy A. Lynch,et al.  Forward and Backward Simulations: I. Untimed Systems , 1995, Inf. Comput..

[17]  John Derrick,et al.  Mechanically verified proof obligations for linearizability , 2011, TOPL.

[18]  Timothy L. Harris,et al.  A Pragmatic Implementation of Non-blocking Linked-Lists , 2001, DISC.

[19]  Maurice Herlihy,et al.  A Lazy Concurrent List-Based Set Algorithm , 2007, Parallel Process. Lett..

[20]  Keir Fraser,et al.  A Practical Multi-word Compare-and-Swap Operation , 2002, DISC.

[21]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[22]  Mark Moir,et al.  Formal Verification of a Practical Lock-Free Queue Algorithm , 2004, FORTE.

[23]  Maged M. Michael,et al.  High performance dynamic lock-free hash tables and list-based sets , 2002, SPAA '02.

[24]  FengXinyu,et al.  A rely-guarantee-based simulation for verifying concurrent program transformations , 2012 .

[25]  Peter W. O'Hearn,et al.  Abstraction for concurrent objects , 2009, Theor. Comput. Sci..

[26]  D. M. Hutton,et al.  The Art of Multiprocessor Programming , 2008 .

[27]  Xinyu Feng,et al.  A rely-guarantee-based simulation for verifying concurrent program transformations , 2012, POPL '12.

[28]  John Derrick,et al.  How to Prove Algorithms Linearisable , 2012, CAV.

[29]  Maged M. Michael,et al.  Simple, fast, and practical non-blocking and blocking concurrent queue algorithms , 1996, PODC '96.

[30]  Eran Yahav,et al.  Experience with Model Checking Linearizability , 2009, SPIN.

[31]  Aaron Turon,et al.  A separation logic for refining concurrent objects , 2011, POPL '11.

[32]  Xinyu Feng Local rely-guarantee reasoning , 2009, POPL '09.

[33]  Martín Abadi,et al.  The existence of refinement mappings , 1988, [1988] Proceedings. Third Annual Information Symposium on Logic in Computer Science.

[34]  Nir Shavit,et al.  A scalable lock-free stack algorithm , 2004, SPAA '04.