Abstract
Modern highly-concurrent search data structures, such as search trees, obtain multi-core scalability and performance by having operations traverse the data structure without any synchronization. As a result, however, these algorithms are notoriously difficult to prove linearizable, which requires identifying a point in time in which the traversal's result is correct. The problem is that traversing the data structure as it undergoes modifications leads to complex behaviors, necessitating intricate reasoning about all interleavings of reads by traversals and writes mutating the data structure.
In this paper, we present a general proof technique for proving unsynchronized traversals correct in a significantly simpler manner, compared to typical concurrent reasoning and prior proof techniques. Our framework relies only on sequential properties of traversals and on a conceptually simple and widely-applicable condition about the ways an algorithm's writes mutate the data structure. Establishing that a target data structure satisfies our condition requires only simple concurrent reasoning, without considering interactions of writes and reads. This reasoning can be further simplified by using our framework.
To demonstrate our technique, we apply it to prove several interesting and challenging concurrent binary search trees: the logical-ordering AVL tree, the Citrus tree, and the full contention-friendly tree. Both the logical-ordering tree and the full contention-friendly tree are beyond the reach of previous approaches targeted at simplifying linearizability proofs.
Supplemental Material
- Parosh Aziz Abdulla, Frédéric Haziza, Lukás Holík, Bengt Jonsson, and Ahmed Rezine. 2013. An Integrated Specification and Verification Technique for Highly Concurrent Data Structures. In TACAS. 324-338.Google Scholar
- Daphna Amit, Noam Rinetzky, Thomas W. Reps, Mooly Sagiv, and Eran Yahav. 2007. Comparison Under Abstraction for Verifying Linearizability. In CAV '07 (LNCS), Vol. 4590. 477-490.Google Scholar
- Maya Arbel and Hagit Attiya. 2014. Concurrent Updates with RCU: Search Tree As an Example. In PODC 2014.Google Scholar
Digital Library
- Hagit Attiya, G. Ramalingam, and Noam Rinetzky. 2010. Sequential verification of serializability. In Proceedings of the 37th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2010, Madrid, Spain, January 17-23, 2010. 31-42. https://doi.org/10.1145/1706299.1706305 Google Scholar
Digital Library
- Richard Bornat, Cristiano Calcagno, Peter W. O'Hearn, and Matthew J. Parkinson. 2005. Permission accounting in separation logic. In Proceedings of the 32nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2005, Long Beach, California, USA, January 12-14, 2005. 259-270. https://doi.org/10.1145/1040305.1040327 Google Scholar
Digital Library
- Ahmed Bouajjani, Michael Emmi, Constantin Enea, and Jad Hamza. 2013. Verifying Concurrent Programs against Sequential Specifications. In ESOP '13 (LNCS), Vol. 7792. Springer, 290-309.Google Scholar
Digital Library
- Ahmed Bouajjani, Michael Emmi, Constantin Enea, and Jad Hamza. 2015. On Reducing Linearizability to State Reachability. In Automata, Languages, and Programming-42nd International Colloquium, ICALP 2015, Kyoto, Japan, July 6-10, 2015, Proceedings, Part II. 95-107.Google Scholar
- Ahmed Bouajjani, Michael Emmi, Constantin Enea, and Suha Orhun Mutluergil. 2017. Proving Linearizability Using Forward Simulations. In Computer Aided Verification-29th International Conference, CAV 2017, Heidelberg, Germany, July 24-28, 2017, Proceedings, Part II. 542-563. https://doi.org/10.1007/978-3-319-63390-9_28 Google Scholar
Cross Ref
- Nathan G. Bronson, Jared Casper, Hassan Chafi, and Kunle Olukotun. 2010. A Practical Concurrent Binary Search Tree. In PPoPP 2010.Google Scholar
Digital Library
- Stephen D. Brookes. 2004. A Semantics for Concurrent Separation Logic. In CONCUR 2004-Concurrency Theory, 15th International Conference, London, UK, August 31-September 3, 2004, Proceedings. 16-34. https://doi.org/10.1007/978-3-540-28644-8_2 Google Scholar
Cross Ref
- Trevor Brown, Faith Ellen, and Eric Ruppert. 2014. A General Technique for Non-blocking Trees. In PPoPP 2014.Google Scholar
Digital Library
- Austin T. Clements, M. Frans Kaashoek, and Nickolai Zeldovich. 2012. Scalable address spaces using RCU balanced trees. In ASPLOS 2012.Google Scholar
Digital Library
- Tyler Crain, Vincent Gramoli, and Michel Raynal. 2013a. A Contention-Friendly Binary Search Tree. In Euro-Par 2013.Google Scholar
Digital Library
- Tyler Crain, Vincent Gramoli, and Michel Raynal. 2013b. No Hot Spot Non-blocking Skip List. In ICDCS 2013.Google Scholar
- Tyler Crain, Vincent Gramoli, and Michel Raynal. 2016. A Fast Contention-Friendly Binary Search Tree. Parallel Processing Letters 26, 03 ( 2016 ).Google Scholar
Cross Ref
- Pedro da Rocha Pinto, Thomas Dinsdale-Young, and Philippa Gardner. 2014. TaDA: A Logic for Time and Data Abstraction. In ECOOP 2014-Object-Oriented Programming-28th European Conference, Uppsala, Sweden, July 28-August 1, 2014. Proceedings. 207-231. https://doi.org/10.1007/978-3-662-44202-9_9 Google Scholar
Digital Library
- Tudor David, Rachid Guerraoui, and Vasileios Trigonakis. 2015. Asynchronized Concurrency: The Secret to Scaling Concurrent Search Data Structures. In ASPLOS 2015.Google Scholar
Digital Library
- Mathieu Desnoyers, Paul E. McKenney, Alan S. Stern, Michel R. Dagenais, and Jonathan Walpole. 2012. User-Level Implementations of Read-Copy Update. IEEE Trans. Parallel Distrib. Syst. 23, 2 ( 2012 ), 375-382.Google Scholar
Digital Library
- Dana Drachsler, Martin Vechev, and Eran Yahav. 2014. Practical Concurrent Binary Search Trees via Logical Ordering. In PPoPP 2014.Google Scholar
Digital Library
- Cezara Dragoi, Ashutosh Gupta, and Thomas A. Henzinger. 2013. Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates. In CAV '13 (LNCS), Vol. 8044. Springer, 174-190.Google Scholar
- Faith Ellen, Panagiota Fatourou, Eric Ruppert, and Franck van Breugel. 2010. Non-blocking Binary Search Trees. In PODC 2010.Google Scholar
- Yotam M. Y. Feldman, Constantin Enea, Adam Morrison, Noam Rinetzky, and Sharon Shoham. 2018. Order out of Chaos: Proving Linearizability Using Local Views. In DISC 2018.Google Scholar
- Yotam M. Y. Feldman, Artem Khyzha, Constantin Enea, Adam Morrison, Aleksandar Nanevski, Noam Rinetzky, and Sharon Shoham. 2020. Proving Highly-Concurrent Traversals Correct. CoRR ( 2020 ). https://arxiv.org/abs/ 2010.00911Google Scholar
- Keir Fraser. 2004. Practical lock-freedom. Ph.D. Dissertation. University of Cambridge, Computer Laboratory.Google Scholar
- Vincent Gramoli. 2015. More than you ever wanted to know about synchronization: synchrobench, measuring the impact of the synchronization on concurrent algorithms. In PPoPP 2015.Google Scholar
Digital Library
- Timothy L. Harris. 2001. A Pragmatic Implementation of Non-blocking Linked-Lists. In DISC 2001.Google Scholar
Digital Library
- Steve Heller, Maurice Herlihy, Victor Luchangco, Mark Moir, Bill Scherer, and Nir Shavit. 2005. A Lazy Concurrent List-based Set Algorithm. In OPODIS 2005.Google Scholar
- Thomas A. Henzinger, Ali Sezgin, and Viktor Vafeiadis. 2013. Aspect-Oriented Linearizability Proofs. In CONCUR. 242-256.Google Scholar
- Maurice Herlihy, Yossi Lev, Victor Luchangco, and Nir Shavit. 2007. A Simple Optimistic Skiplist Algorithm. In SIROCCO 2007.Google Scholar
Digital Library
- Maurice Herlihy and Nir Shavit. 2008. The Art of Multiprocessor Programming. Morgan Kaufmann Publishers Inc., San Francisco, CA, USA.Google Scholar
Digital Library
- M. P. Herlihy and J. M. Wing. 1990. Linearizability: a correctness condition for concurrent objects. 12, 3 ( 1990 ).Google Scholar
- Shane V. Howley and Jeremy Jones. 2012. A Non-blocking Internal Binary Search Tree. In SPAA 2012.Google Scholar
- Clif B. Jones. 1983. Specification and Design of (Parallel) Programs. In IFIP Congress. 321-332.Google Scholar
- Ralf Jung, Robbert Krebbers, Jacques-Henri Jourdan, Ales Bizjak, Lars Birkedal, and Derek Dreyer. 2018. Iris from the ground up: A modular foundation for higher-order concurrent separation logic. J. Funct. Program. 28 ( 2018 ), e20. https://doi.org/10.1017/S0956796818000151 Google Scholar
Cross Ref
- Ralf Jung, Rodolphe Lepigre, Gaurav Parthasarathy, Marianna Rapoport, Amin Timany, Derek Dreyer, and Bart Jacobs. 2020. The future is ours: prophecy variables in separation logic. Proc. ACM Program. Lang. 4, POPL ( 2020 ), 45 : 1-45 : 32. https://doi.org/10.1145/3371113 Google Scholar
Digital Library
- Siddharth Krishna, Nisarg Patel, Dennis Shasha,, and Thomas Wies. 2020. Verifying Concurrent Search Structure Templates. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2010. ACM.Google Scholar
Digital Library
- Siddharth Krishna, Dennis E. Shasha, and Thomas Wies. 2018. Go with the flow: compositional abstractions for concurrent data structures. PACMPL 2, POPL ( 2018 ), 37 : 1-37 : 31. https://doi.org/10.1145/3158125 Google Scholar
Digital Library
- Kfir Lev-Ari, Gregory V. Chockler, and Idit Keidar. 2015a. A Constructive Approach for Proving Data Structures' Linearizability. In DISC 205.Google Scholar
- Kfir Lev-Ari, Gregory V. Chockler, and Idit Keidar. 2015b. A Constructive Approach for Proving Data Structures' Linearizability. In Distributed Computing-29th International Symposium, DISC 2015, Tokyo, Japan, October 7-9, 2015, Proceedings. 356-370. https://doi.org/10.1007/978-3-662-48653-5_24 Google Scholar
Digital Library
- Ruy Ley-Wild and Aleksandar Nanevski. 2013. Subjective auxiliary state for coarse-grained concurrency. In The 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL '13, Rome, Italy-January 23-25, 2013. 561-574. https://doi.org/10.1145/2429069.2429134 Google Scholar
Digital Library
- Hongjin Liang and Xinyu Feng. 2013. Modular verification of linearizability with non-fixed linearization points. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '13, Seattle, WA, USA, June 16-19, 2013. 459-470.Google Scholar
Digital Library
- Yandong Mao, Eddie Kohler, and Robert Tappan Morris. 2012. Cache Craftiness for Fast Multicore Key-value Storage. In EuroSys 2012.Google Scholar
Digital Library
- Paul McKenney. 2004. Exploiting deferred destruction: an analysis of read-copy-update techniques in operating system kernels. Ph.D. Dissertation. OGI.Google Scholar
Digital Library
- Paul E. McKenney and John D. Slingwine. 1998. Read-copy update: using execution history to solve concurrency problems. In PDCS.Google Scholar
- Maged M. Michael. 2002. High Performance Dynamic Lock-free Hash Tables and List-based Sets. In SPAA 2002.Google Scholar
- Aleksandar Nanevski, Anindya Banerjee, Germán Andrés Delbianco, and Ignacio Fábregas. 2019. Specifying concurrent programs in separation logic: morphisms and simulations. Proc. ACM Program. Lang. 3, OOPSLA ( 2019 ), 161 : 1-161 : 30. https://doi.org/10.1145/3360587 Google Scholar
Digital Library
- Aravind Natarajan and Neeraj Mittal. 2014. Fast Concurrent Lock-free Binary Search Trees. In PPoPP 2014.Google Scholar
Digital Library
- Peter W. O'Hearn. 2004. Resources, Concurrency and Local Reasoning. In CONCUR 2004-Concurrency Theory, 15th International Conference, London, UK, August 31-September 3, 2004, Proceedings. 49-67. https://doi.org/10.1007/978-3-540-28644-8_4 Google Scholar
Cross Ref
- P. W. O'Hearn, N. Rinetzky, M. T. Vechev, E. Yahav, and G. Yorsh. 2010. Verifying Linearizability with Hindsight. In PODC 2010.Google Scholar
- Susan S. Owicki and David Gries. 1976. Verifying Properties of Parallel Programs: An Axiomatic Approach. Commun. ACM 19, 5 ( 1976 ), 279-285. https://doi.org/10.1145/360051.360224 Google Scholar
Digital Library
- Matthew J. Parkinson, Richard Bornat, and Peter W. O'Hearn. 2007. Modular verification of a non-blocking stack. In Proceedings of the 34th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2007, Nice, France, January 17-19, 2007. 297-302. https://doi.org/10.1145/1190216.1190261 Google Scholar
Digital Library
- Azalea Raad, Jules Villard, and Philippa Gardner. 2015. CoLoSL: Concurrent Local Subjective Logic. In Programming Languages and Systems-24th European Symposium on Programming, ESOP 2015, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2015, London, UK, April 11-18, 2015. Proceedings. 710-735. https: //doi.org/10.1007/978-3-662-46669-8_29 Google Scholar
Cross Ref
- Arunmoezhi Ramachandran and Neeraj Mittal. 2015. A Fast Lock-Free Internal Binary Search Tree. In ICDCN 2015.Google Scholar
Digital Library
- Ilya Sergey, Aleksandar Nanevski, and Anindya Banerjee. 2015. Specifying and Verifying Concurrent Algorithms with Histories and Subjectivity. In Programming Languages and Systems-24th European Symposium on Programming, ESOP 2015, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2015, London, UK, April 11-18, 2015. Proceedings. 333-358. https://doi.org/10.1007/978-3-662-46669-8_14 Google Scholar
Digital Library
- Ilya Sergey, Aleksandar Nanevski, Anindya Banerjee, and Germán Andrés Delbianco. 2016. Hoare-style specifications as correctness conditions for non-linearizable concurrent objects. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, part of SPLASH 2016, Amsterdam, The Netherlands, October 30-November 4, 2016. 92-110. https://doi.org/10.1145/2983990.2983999 Google Scholar
Digital Library
- Dennis E. Shasha and Nathan Goodman. 1988. Concurrent Search Structure Algorithms. ACM Trans. Database Syst. 13, 1 ( 1988 ), 53-90.Google Scholar
Digital Library
- Josh Triplett, Paul E. McKenney, and Jonathan Walpole. 2011. Resizable, Scalable, Concurrent Hash Tables via Relativistic Programming. In USENIX ATC 2011.Google Scholar
Digital Library
- Stephen Tu, Wenting Zheng, Eddie Kohler, Barbara Liskov, and Samuel Madden. 2013. Speedy Transactions in Multicore In-memory Databases. In SOSP 2013.Google Scholar
- Aaron Turon, Derek Dreyer, and Lars Birkedal. 2013. Unifying refinement and hoare-style reasoning in a logic for higherorder concurrency. In ACM SIGPLAN International Conference on Functional Programming, ICFP'13, Boston, MA, USA-September 25-27, 2013. 377-390. https://doi.org/10.1145/2500365.2500600 Google Scholar
Digital Library
- V. Vafeiadis. 2008. Modular fine-grained concurrency verification. Ph.D. Dissertation. University of Cambridge.Google Scholar
- Viktor Vafeiadis. 2009. Shape-Value Abstraction for Verifying Linearizability. In VMCAI '09: Proc. 10th Intl. Conf. on Verification, Model Checking, and Abstract Interpretation (LNCS), Vol. 5403. Springer, 335-348.Google Scholar
- Viktor Vafeiadis. 2010. Automatically Proving Linearizability. In Computer Aided Verification, 22nd International Conference, CAV 2010, Edinburgh, UK, July 15-19, 2010. Proceedings (Lecture Notes in Computer Science), Tayssir Touili, Byron Cook, and Paul B. Jackson (Eds.), Vol. 6174. Springer, 450-464. https://doi.org/10.1007/978-3-642-14295-6_40 Google Scholar
Digital Library
- Viktor Vafeiadis, Maurice Herlihy, Tony Hoare, and Marc Shapiro. 2006. A safety proof of a lazy concurrent list-based set implementation. Technical Report UCAM-CL-TR-659. University of Cambridge, Computer Laboratory.Google Scholar
- Viktor Vafeiadis, Maurice Herlihy, Tony Hoare, and Marc Shapiro. 2016. Proving correctness of highly-concurrent linearisable objects. In PPOPP '06. ACM, 129-136.Google Scholar
- He Zhu, Gustavo Petri, and Suresh Jagannathan. 2015. Poling: SMT Aided Linearizability Proofs. In Computer Aided Verification-27th International Conference, CAV 2015, San Francisco, CA, USA, July 18-24, 2015, Proceedings, Part II. 3-19.Google Scholar
Index Terms
Proving highly-concurrent traversals correct
Recommendations
Concurrent size
The size of a data structure (i.e., the number of elements in it) is a widely used property of a data set. However, for concurrent programs, obtaining a correct size efficiently is non-trivial. In fact, the literature does not offer a mechanism to ...
Looking for efficient implementations of concurrent objects
PaCT'11: Proceedings of the 11th international conference on Parallel computing technologiesAs introduced by Taubenfeld, a contention-sensitive implementation of a concurrent object is an implementation such that the overhead introduced by locking is eliminated in the common cases, i.e., when there is no contention or when the operations ...
A concurrent multiway tree using the lazy locking mechanism
CASCON '16: Proceedings of the 26th Annual International Conference on Computer Science and Software EngineeringIn this paper, we present a concurrent multiway tree algorithm using the lazy locking mechanism introduced in the lazy-list algorithm for concurrent linked lists. The multiway tree is represented in a left-child right-sibling tree, in which the keys are ...






Comments