Abstract
In practice, it is quite difficult to write correct multithreaded programs due to the potential for unintended and nondeterministic interference between parallel threads. A fundamental correctness property for such programs is atomicity---a block of code in a program is atomic if, for any parallel execution of the program, there is an execution with the same overall program behavior in which the block is executed serially.
We propose semantic atomicity, a generalization of atomicity with respect to a programmer-defined notion of equivalent behavior. We propose an assertion framework in which a programmer can use bridge predicates to specify noninterference properties at the level of abstraction of their application. Further, we propose a novel algorithm for systematically testing atomicity specifications on parallel executions with a bounded number of interruptions---i.e. atomic blocks whose execution is interleaved with that of other threads. We further propose a set of sound heuristics and optional user annotations that increase the efficiency of checking atomicity specifications in the common case where the specifications hold.
We have implemented our assertion framework for specifying and checking semantic atomicity for parallel Java programs, and we have written semantic atomicity specifications for a number of benchmarks. We found that using bridge predicates allowed us to specify the natural and intended atomic behavior of a wider range of programs than did previous approaches. Further, in checking our specifications, we found several previously unknown bugs, including in the widely-used java.util.concurrent library.
- R. Agarwal, A. Sasturkar, L. Wang, and S. D. Stoller. Optimized run-time race detection and atomicity checking using partial discovered types. In Proceedings of the 20th IEEE/ACM International Conference on Automated Software Engineering (ASE), pages 233--242. ACM, 2005. Google Scholar
Digital Library
- S. Burckhardt, C. Dern, M. Musuvathi, and R. Tan. Line-Up: A complete and automatic linearizability checker. In Proceedings of the 2010 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 330--340. ACM, 2010. Google Scholar
Digital Library
- J. Burnim and K. Sen. Asserting and checking determinism for multithreaded programs. In Proceedings of the 17th ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE), pages 3--12. ACM, 2009. Google Scholar
Digital Library
- P. Černý, A. Radhakrishna, D. Zufferey, S. Chaudhuri, and R. Alur. Model checking of linearizability of concurrent list implementations. In Proceedings of the 22nd International Conference on Computer Aided Verification (CAV), pages 465--479. Springer, 2010. Google Scholar
Digital Library
- R. Colvin, L. Groves, V. Luchangco, and M. Moir. Formal verification of a lazy concurrent list-based set algorithm. In Proceedings of the 18th International Conference on Computer Aided Verification (CAV), pages 475--488. Springer, 2006. Google Scholar
Digital Library
- A. Farzan and P. Madhusudan. Monitoring atomicity in concurrent programs. In Proceedings of the 20th International Conference on Computer Aided Verification (CAV), pages 52--65. Springer, 2008. Google Scholar
Digital Library
- C. Flanagan. Verifying commit-atomicity using model-checking. In Proceedings of the 11th International SPIN Workshop on Model Checking of Software, pages 252--266. Springer, 2004.Google Scholar
Cross Ref
- C. Flanagan and S. N. Freund. Atomizer: a dynamic atomicity checker for multithreaded programs. In Proceedings of the 31st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 256--267. ACM, 2004. Google Scholar
Digital Library
- C. Flanagan and S. Qadeer. A type and effect system for atomicity. In Proceedings of the 2003 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 338--349. ACM, 2003. Google Scholar
Digital Library
- C. Flanagan and S. Qadeer. Types for atomicity. In Proceedings of the 2003 ACM SIGPLAN International Workshop on Types in Languages Design and Implementation (TLDI), pages 1--12. ACM, 2003. Google Scholar
Digital Library
- C. Flanagan, S. N. Freund, and S. Qadeer. Exploiting purity for atomicity. IEEE Transactions on Software Engineering, 31 (4): 275--291, Apr. 2005. Google Scholar
Digital Library
- C. Flanagan, S. N. Freund, and J. Yi. Velodrome: a sound and complete dynamic atomicity checker for multithreaded programs. In Proceedings of the 2008 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 293--303. ACM, 2008. Google Scholar
Digital Library
- C. Hammer, J. Dolby, M. Vaziri, and F. Tip. Dynamic detection of atomic-set-serializability violations. In Proceedings of the 30th ACM/IEEE International Conference on Software Engineering (ICSE), pages 231--240. ACM, 2008. Google Scholar
Digital Library
- J. Hatcliff, Robby, and M. B. Dwyer. Verifying atomicity specifications for concurrent object-oriented software using model-checking. In Proceedings of the 5th International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI), pages 175--190. Springer, 2004.Google Scholar
Cross Ref
- M. Herlihy and E. Koskinen. Transactional boosting: a methodology for highly-concurrent transactional objects. In Proceedings of the 13th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP), pages 207--216. ACM, 2008. Google Scholar
Digital Library
- M. Herlihy and N. Shavit. phThe Art of Multiprocessor Programming. Morgan Kaufmann Publishers, Inc., 2008. Google Scholar
Digital Library
- M. P. Herlihy and J. M. Wing. Linearizability: a correctness condition for concurrent objects. ACM Transactions on Programming Languages and Systems (TOPLAS), 12 (3): 463--492, 1990. Google Scholar
Digital Library
- P. Joshi, M. Naik, C.-S. Park, and K. Sen. An extensible active testing framework for concurrent programs. In Proceedings of the 21st International Conference on Computer Aided Verification (CAV), pages 675--681. Springer, 2009. Google Scholar
Digital Library
- A. Kaminsky. Parallel Java: A unified API for shared memory and cluster parallel programming in 100% Java. In Proceedings of the 21st IEEE International Parallel and Distributed Processing Symposium (IPDPS), page 231. IEEE Computer Society, 2007.Google Scholar
- E. Koskinen, M. Parkinson, and M. Herlihy. Coarse-grained transactions. In Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 19--30. ACM, 2010. Google Scholar
Digital Library
- Z. Lai, S. C. Cheung, and W. K. Chan. Detecting atomic-set serializability violations in multithreaded programs through active randomized testing. In Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering (ICSE), pages 235--244. ACM, 2010. Google Scholar
Digital Library
- R. J. Lipton. Reduction: A method of proving properties of parallel programs. Communications of the ACM (CACM), 18 (12): 717--721, Dec. 1975. Google Scholar
Digital Library
- M. M. Michael and M. L. Scott. Simple, fast, and practical non-blocking and blocking concurrent queue algorithms. In Proceedings of the 15th annual ACM Symposium on Principles of Distributed Computing (PDOC), pages 267--275. ACM, 1996. Google Scholar
Digital Library
- N. Mittal and V. K. Garg. Consistency conditions for multi-object distributed operations. In Proceedings of the 18th International Conference on Distributed Computing Systems (ICDCS), pages 582--. IEEE Computer Society, 1998. Google Scholar
Digital Library
- M. Musuvathi and S. Qadeer. Iterative context bounding for systematic testing of multithreaded programs. In Proceedings of the 2007 ACM SIGPLAN Symposium on Programming Language Design and Implementation (PLDI), pages 446--455. ACM, 2007. Google Scholar
Digital Library
- M. Musuvathi, S. Qadeer, T. Ball, G. Basler, P. A. Nainar, and I. Neamtiu. Finding and reproducing heisenbugs in concurrent programs. In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 267--280. USENIX Association, 2008. Google Scholar
Digital Library
- Y. Ni, V. S. Menon, A.-R. Adl-Tabatabai, A. L. Hosking, R. L. Hudson, J. E. B. Moss, B. Saha, and T. Shpeisman. Open nesting in software transactional memory. In Proceedings of the 12th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP), pages 68--78. ACM, 2007. Google Scholar
Digital Library
- C. H. Papadimitriou. The serializability of concurrent database updates. Journal of the ACM (JACM), 26 (4): 631--653, Oct. 1979. Google Scholar
Digital Library
- C.-S. Park and K. Sen. Randomized active atomicity violation detection in concurrent programs. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE), pages 135--145. ACM, 2008. Google Scholar
Digital Library
- K. Sen. Race directed random testing of concurrent programs. In Proceedings of the 2008 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 11--21. ACM, 2008. Google Scholar
Digital Library
- V. Vafeiadis. Shape-value abstraction for verifying linearizability. In Proceedings of the 10th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 335--348. Springer, 2009. Google Scholar
Digital Library
- V. Vafeiadis, M. Herlihy, T. Hoare, and M. Shapiro. Proving correctness of highly-concurrent linearisable objects. In Proceedings of the 11th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP), pages 129--136. ACM, 2006. Google Scholar
Digital Library
- Rai et al.(1999)Vallée-Rai, Co, Gagnon, Hendren, Lam, and Sundaresan}sootR. Vallée-Rai, P. Co, E. Gagnon, L. Hendren, P. Lam, and V. Sundaresan. Soot - a Java bytecode optimization framework. In Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research (CASCON), pages 13--. IBM Press, 1999. Google Scholar
Digital Library
- M. Vaziri, F. Tip, and J. Dolby. Associating synchronization constraints with data in an object-oriented language. In Proceedings of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 334--345. ACM, 2006. Google Scholar
Digital Library
- M. Vechev, E. Yahav, and G. Yorsh. Experience with model checking linearizability. In Proceedings of the 16th International SPIN Workshop on Model Checking Software, pages 261--278. Springer, 2009. Google Scholar
Digital Library
- L. Wang and S. D. Stoller. Run-time analysis for atomicity. In Proceedings of the 3rd Workshop on Runtime Verification (RV), pages 191--209. Elsevier, 2003.Google Scholar
Cross Ref
- L. Wang and S. D. Stoller. Accurate and efficient runtime detection of atomicity errors in concurrent programs. In Proceedings of the 11th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP), pages 137--146. ACM, 2006. Google Scholar
Digital Library
- J. M. Wing and C. Gong. Testing and verifying concurrent objects. Journal of Parallel and Distributed Computing, 17 (1--2): 164--182, Jan. 1993. Google Scholar
Digital Library
Index Terms
Specifying and checking semantic atomicity for multithreaded programs
Recommendations
Specifying and checking semantic atomicity for multithreaded programs
ASPLOS '11In practice, it is quite difficult to write correct multithreaded programs due to the potential for unintended and nondeterministic interference between parallel threads. A fundamental correctness property for such programs is atomicity---a block of ...
Specifying and checking semantic atomicity for multithreaded programs
ASPLOS XVI: Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systemsIn practice, it is quite difficult to write correct multithreaded programs due to the potential for unintended and nondeterministic interference between parallel threads. A fundamental correctness property for such programs is atomicity---a block of ...
Checking Linearizability of Encapsulated Extended Operations
Proceedings of the 23rd European Symposium on Programming Languages and Systems - Volume 8410Linearizable objects data-structures provide operations that appear to execute atomically. Modern mainstream languages provide many linearizable data-structures, simplifying concurrent programming. In practice, however, programmers often find a need to ...







Comments