How to Prove Algorithms Linearisable

Schellhorn, Gerhard; Wehrheim, Heike; Derrick, John

doi:10.1007/978-3-642-31424-7_21

Cited by 42 publications

(45 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This work has applied state-based methods to program verification, and is part of a larger effort on the verification of linearizability on sequentially consistent architectures as well as weaker memory models. This larger effort mechanises the proofs of linearizability by integrating the state-based reasoning into the KIV theorem prover, see [6][7][8], and in [14] we prove (and mechanise the proof) that our approach is complete, in that all linearizable algorithms can be verified by such simulation-based methods. Given we are using the same simulation-based approach, mechanisation and integration into KIV of the theory in this paper will be relatively straightforward.…”

Section: Discussionmentioning

confidence: 93%

“…The original definition in [12] (for a formalisation, see [7]) is based on the concept of possibilities, however there are now a number of different proof strategies which have been applied to a number of algorithms. These range from using shape analysis [2,5] and separation logic [5] to rely-guarantee reasoning [18] and refinement-based simulation methods [10,14,7]. The simulation-based methods, which we will adapt for use in this paper, show that an abstraction (or simulation or refinement) relation exists between the abstract specification of the data structure and its concurrent implementation.…”

Section: Linearizability On Tsomentioning

confidence: 99%

“…We do not work directly with this definition of linearizability, but rather use a refinementbased proof method for verifying linearizability as defined in [6][7][8]14]. This approach defines simulation rules that form a sound (and complete) proof method for verifying linearizability.…”

Section: Definition 1 (Tso Linearizability)mentioning

confidence: 99%

See 2 more Smart Citations

Verifying Linearizability on TSO Architectures

Derrick

Smith

Dongol

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Linearizability is the standard correctness criterion for fine-grained, non-atomic concurrent algorithms, and a variety of methods for verifying linearizability have been developed. However, most approaches assume a sequentially consistent memory model, which is not always realised in practice. In this paper we define linearizability on a weak memory model: the TSO (Total Store Order) memory model, which is implemented in the x86 multicore architecture. We also show how a simulation-based proof method can be adapted to verify linearizability for algorithms running on TSO architectures. We demonstrate our approach on a typical concurrent algorithm, spinlock, and prove it linearizable using our simulation-based approach. Previous approaches to proving linearizabilty on TSO architectures have required a modification to the algorithm's natural abstract specification. Our proof method is the first, to our knowledge, for proving correctness without the need for such modification.

show abstract

Section: Discussionmentioning

confidence: 93%

Section: Linearizability On Tsomentioning

confidence: 99%

See 1 more Smart Citation

Verifying Linearizability on TSO Architectures

Derrick

Smith

Dongol

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…A number of approaches to proving linearizability have been developed, and several algorithms have been shown to be linearizable [5,21,3,17,9,20]. The methodology used in these proofs varies, and ranges from shape analysis and separation logic to rely-guarantee reasoning and simulation-based methods.…”

Section: Introductionmentioning

confidence: 99%

Quiescent Consistency: Defining and Verifying Relaxed Linearizability

Derrick

Dongol

Schellhorn

et al. 2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Concurrent data structures like stacks, sets or queues need to be highly optimized to provide large degrees of parallelism with reduced contention. Linearizability, a key consistency condition for concurrent objects, sometimes limits the potential for optimization. Hence algorithm designers have started to build concurrent data structures that are not linearizable but only satisfy relaxed consistency requirements. In this paper, we study quiescent consistency as proposed by Shavit and Herlihy, which is one such relaxed condition. More precisely, we give the first formal definition of quiescent consistency, investigate its relationship with linearizability, and provide a proof technique for it based on (coupled) simulations. We demonstrate our proof technique by verifying quiescent consistency of a (nonlinearizable) FIFO queue built using a diffraction tree.

show abstract

“…The works in [13,15] present semi-automatic techniques, where human guidance is required either to interact with the theorem prover [15] or to carry out mathematical reasoning. The work presented in [5] defines a class of concurrent objects for which linearizability is decidable if the object is accessed by a bounded number of threads.…”

Section: Introductionmentioning

confidence: 99%

Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates

Drăgoi

Gupta

Henzinger

2013

Computer Aided Verification

View full text Add to dashboard Cite

Abstract. An execution containing operations performing queries or updating a concurrent object is linearizable w.r.t an abstract implementation (called specification) iff for each operation, one can associate a point in time, called linearization point, such that the execution of the operations in the order of their linearization points can be reproduced by the specification. Finding linearization points is particularly difficult when they do not belong to the operations's actions. This paper addresses this challenge by introducing a new technique for rewriting the implementation of the concurrent object and its specification such that the new implementation preserves all executions of the original one, and its linearizability (w.r.t. the new specification) implies the linearizability of the original implementation (w.r.t. the original specification). The rewriting introduces additional combined methods to obtain a library with a simpler linearizability proof, i.e., a library whose operations contain their linearization points. We have implemented this technique in a prototype, which has been successfully applied to examples beyond the reach of current techniques, e.g., Stack Elimination and Fetch&Add.

show abstract

How to Prove Algorithms Linearisable

Cited by 42 publications

References 25 publications

Verifying Linearizability on TSO Architectures

Verifying Linearizability on TSO Architectures

Quiescent Consistency: Defining and Verifying Relaxed Linearizability

Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates

Contact Info

Product

Resources

About