Verifying Concurrent Programs against Sequential Specifications

We investigate the algorithmic feasibility of checking whether concurrent implementations of shared-memory objects adhere to their given sequential specifications; sequential consistency, linearizability, and conflict serializability are the canonical variations of this problem. While verifying sequential consistency of systems with unbounded concurrency is known to be undecidable, we demonstrate that conflict serializability, and linearizability with fixed linearization points are EXPSPACE-complete, while the general linearizability problem is undecidable. Our (un)decidability proofs, besides bestowing novel theoretical results, also reveal novel program explorations strategies. For instance, we show that every violation to conflict serializability is captured by a conflict cycle whose length is bounded independently from the number of concurrent operations. This suggests an incomplete detection algorithm which only remembers a small subset of conflict edges, which can be made complete by increasing the number of remembered edges to the cycle-length bound. Similarly, our undecidability proof for linearizability suggests an incomplete detection algorithm which limits the number of "barriers" bisecting non-overlapping operations. Our decidability proof of bounded-barrier linearizability is interesting on its own, as it reduces the consideration of all possible operation serializations to numerical constraint solving. The literature seems to confirm that most violations are detectable by considering very few conflict edges or barriers.

[1]  Rupak Majumdar,et al.  Parameterized verification of transactional memories , 2010, PLDI '10.

[2]  Yanhong A. Liu,et al.  Model Checking Linearizability via Refinement , 2009, FM.

[3]  Omer Subasi,et al.  Simplifying Linearizability Proofs with Reduction and Abstraction , 2010, TACAS.

[4]  Viktor Vafeiadis Automatically Proving Linearizability , 2010, CAV.

[5]  Eran Yahav,et al.  Verifying linearizability with hindsight , 2010, PODC.

[6]  Azadeh Farzan,et al.  Monitoring Atomicity in Concurrent Programs , 2008, CAV.

[7]  Thomas W. Reps,et al.  Reducing Concurrent Analysis Under a Context Bound to Sequential Analysis , 2008, CAV.

[8]  Shuvendu K. Lahiri,et al.  A Solver for Reachability Modulo Theories , 2012, CAV.

[9]  Zvonimir Rakamaric,et al.  Delay-bounded scheduling , 2011, POPL '11.

[10]  Maged M. Michael ABA Prevention Using Single-Word Instructions , 2004 .

[11]  Sebastian Burckhardt,et al.  Line-up: a complete and automatic linearizability checker , 2010, PLDI '10.

[12]  Amir Pnueli,et al.  Verifying Correctness of Transactional Memories , 2007 .

[13]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[14]  Serdar Tasiran A Compositional Method for Verifying Software Transactional Memory Implementations , 2008 .

[15]  Rajeev Alur,et al.  Model-checking of correctness conditions for concurrent objects , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[16]  Roman Manevich,et al.  Thread Quantification for Concurrent Shape Analysis , 2008, CAV.

[17]  Thomas A. Henzinger,et al.  Verifying Sequential Consistency on Shared-Memory Multiprocessor Systems , 1999, CAV.

[18]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[19]  Eran Yahav,et al.  Comparison Under Abstraction for Verifying Linearizability , 2007, CAV.

[20]  Sebastian Burckhardt,et al.  Concurrent Library Correctness on the TSO Memory Model , 2012, ESOP.

[21]  Rachid Guerraoui,et al.  Dividing Transactional Memories by Zero , 2008 .

[22]  Ahmed Bouajjani,et al.  Constrained Properties, Semilinear Systems, and Petri Nets , 1996, CONCUR.

[23]  Alan J. Hu,et al.  Automatic Verification of Sequential Consistency for Unbounded Addresses and Data Values , 2004, CAV.

[24]  Phillip B. Gibbons,et al.  Testing Shared Memories , 1997, SIAM J. Comput..

[25]  Sebastian Burckhardt,et al.  CheckFence: checking consistency of concurrent data types on relaxed memory models , 2007, PLDI '07.

[26]  Shaz Qadeer,et al.  Verifying Sequential Consistency on Shared-Memory Multiprocessors by Model Checking , 2001, IEEE Trans. Parallel Distributed Syst..

[27]  Shao Jie Zhang Scalable automatic linearizability checking , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[28]  Christos H. Papadimitriou,et al.  The serializability of concurrent database updates , 1979, JACM.

[29]  Rachid Guerraoui,et al.  Model checking transactional memories , 2008, PLDI '08.

[30]  George C. Necula,et al.  Specifying and checking semantic atomicity for multithreaded programs , 2011, ASPLOS XVI.

[31]  Scott D. Stoller,et al.  Static analysis of atomicity for programs with non-blocking synchronization , 2005, PPoPP.

[32]  Eran Yahav,et al.  Deriving linearizable fine-grained concurrent objects , 2008, PLDI '08.

[33]  Jesse D. Bingham,et al.  Model checking sequential consistency and parameterized protocols , 2005 .