Abstract
Concurrency in data structures is crucial to the performance of multithreaded programs in shared-memory multiprocessor environments. However, greater concurrency also increases the difficulty of verifying correctness of the data structure. Model checking has been used for verifying concurrent data structures satisfy the correctness condition ‘linearizability’. In particular, ‘automatic’ tools achieve verification without requiring user-specified linearization points. This has several advantages, but is generally not scalable. We examine the automatic checking used by Vechev et al. in their 2009 work to understand the scalability issues of automatic checking in SPIN. We then describe a new, more scalable automatic technique based on these insights, and present the results of a proof-of-concept implementation.
The corresponding author was at Oracle Labs, Australia during the initial stages of this work.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note that reconstruction of histories required adding a global index variable which would not normally be used in checking with linearization points and inflates the state space for reasons explained later in this section. The number of states and number of histories listed for checking with linearization points are therefore over-estimates.
- 2.
Note that histories are limited to a given length to make model checking feasible.
References
Baier, C., Katoen, J.-P.: Principles of Model Checking. The MIT Press, Cambridge (2008)
Bouajjani, A., Emmi, M., Enea, C., Hamza, J.: Verifying concurrent programs against sequential specifications. In: Felleisen, M., Gardner, P. (eds.) ESOP 2013. LNCS, vol. 7792, pp. 290–309. Springer, Heidelberg (2013). doi:10.1007/978-3-642-37036-6_17
Bouajjani, A., Emmi, M., Enea, C., Hamza, J.: On reducing linearizability to state reachability. In: Halldórsson, M.M., Iwama, K., Kobayashi, N., Speckmann, B. (eds.) ICALP 2015. LNCS, vol. 9135, pp. 95–107. Springer, Heidelberg (2015). doi:10.1007/978-3-662-47666-6_8
Burckhardt, S., Dern, C., Musuvathi, M., Tan, R.: Line-up: a complete and automatic linearizability checker. In: PLDI 2010, Proceedings of 2010 ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 330–340. ACM, New York (2010)
Černý, P., Radhakrishna, A., Zufferey, D., Chaudhuri, S., Alur, R.: Model checking of linearizability of concurrent list implementations. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 465–479. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14295-6_41
Colvin, R., Groves, L.: Formal verification of an array-based nonblocking queue. In: ICECCS 2005, pp. 507–516. IEEE, Los Alamitos (2005)
Detlefs, D.L., Flood, C.H., Garthwaite, A.T., Martin, P.A., Shavit, N.N., Steele, G.L.: Even better DCAS-based concurrent deques. In: Herlihy, M. (ed.) DISC 2000. LNCS, vol. 1914, pp. 59–73. Springer, Heidelberg (2000). doi:10.1007/3-540-40026-5_4
Doherty, S., Detlefs, D.L., Groves, L., Flood, C.H., Luchangco, V., Martin, P.A., Moir, M., Shavit, N., Steele Jr., G.L.: DCAS is not a silver bullet for nonblocking algorithm design. In: Gibbons, P.B., Adler, M. (eds.) SPAA 2004, pp. 216–224. ACM, New York (2004)
Filipovic, I., O’Hearn, P.W., Rinetzky, N., Yang, H.: Abstraction for concurrent objects. Theor. Comput. Sci. 411(51–52), 4379–4398 (2010)
Herlihy, M.P., Wing, J.M.: Linearizability: a correctness condition for concurrent objects. ACM Trans. Program. Lang. Syst. 12(3), 463–492 (1990)
Holzmann, G.J.: The SPIN Model Checker: Primer and Reference Manual. Addison-Wesley, Reading (2003)
Liu, Y., Chen, W., Liu, Y.A., Sun, J.: Model checking linearizability via refinement. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 321–337. Springer, Heidelberg (2009). doi:10.1007/978-3-642-05089-3_21
Long, Z., Zhang, Y.: Checking linearizability with fine-grained traces. In: SAC 2016, pp. 1394–1400. ACM, New York (2016)
Moir, M., Shavit, N.: Concurrent data structures. In: Mehta, D.P., Sahni, S. (eds.) Handbook of Data Structures and Applications, Chap. 47, pp. 1–30. Chapman and Hall, CRC Press (2004)
Research in Software Engineering Group (RiSE). http://chesstool.codeplex.com/
Schellhorn, G., Derrick, J., Wehrheim, H.: A sound and complete proof technique for linearizability of concurrent data structures. ACM Trans. Comput. Log. 15(4), 31:1–31:37 (2014)
School of Computing, National University of Singapore. http://pat.comp.nus.edu.sg/
Shann, C.H., Huang, T.L., Chen, C.: A practical nonblocking queue algorithm using compare-and-swap. In: ICPADS 2000, pp. 470–475. IEEE, Los Alamitos (2000)
Smith, G.: Model checking simulation rules for linearizability. In: De Nicola, R., Kühn, E. (eds.) SEFM 2016. LNCS, vol. 9763, pp. 188–203. Springer, Cham (2016). doi:10.1007/978-3-319-41591-8_13
Sun, J., Liu, Y., Dong, J.S., Pang, J.: PAT: towards flexible verification under fairness. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 709–714. Springer, Heidelberg (2009). doi:10.1007/978-3-642-02658-4_59
Treiber, R.K.: Systems Programming: Coping with Parallelism. International Business Machines Incorporated, Thomas J. Watson Research Center, New York (1986)
Vafeiadis, V., Parkinson, M.: A marriage of rely/guarantee and separation logic. In: Caires, L., Vasconcelos, V.T. (eds.) CONCUR 2007. LNCS, vol. 4703, pp. 256–271. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74407-8_18
Vafeiadis, V.: Shape-value abstraction for verifying linearizability. In: Jones, N.D., Müller-Olm, M. (eds.) VMCAI 2009. LNCS, vol. 5403, pp. 335–348. Springer, Heidelberg (2008). doi:10.1007/978-3-540-93900-9_27
Vechev, M., Yahav, E., Yorsh, G.: Experience with model checking linearizability. In: Păsăreanu, C.S. (ed.) SPIN 2009. LNCS, vol. 5578, pp. 261–278. Springer, Heidelberg (2009). doi:10.1007/978-3-642-02652-2_21
Vechev, M., Yahav, E., Yorsh, G.: Paraglide: SPIN Models. http://researcher.watson.ibm.com/researcher/view_group_subpage.php?id=1290
Wolff, S.: Thread-modular reasoning for heap-manipulating programs: exploiting pointer race freedom. Master’s thesis, University of Kaiserslautern (2015)
Zhang, L., Chattopadhyay, A., Wang, C.: Round-up: runtime checking quasi linearizability of concurrent data structures. In: Denney, E., Bultan, T., Zeller, A. (eds.) ASE 2013, pp. 4–14. IEEE, Los Alamitos (2013)
Zhang, S.J.: Scalable automatic linearizability checking. In: ICSE 2011, Proceedings of 33rd International Conference on Software Engineering, pp. 1185–1187. ACM, New York (2011)
Acknowledgments
The authors would like to thank Martin Vechev for providing extra materials that allowed evaluation of the automatic checking in [24]. This work is partially supported by ARC Discovery Grant DP160102457.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Doolan, P., Smith, G., Zhang, C., Krishnan, P. (2017). Improving the Scalability of Automatic Linearizability Checking in SPIN. In: Duan, Z., Ong, L. (eds) Formal Methods and Software Engineering. ICFEM 2017. Lecture Notes in Computer Science(), vol 10610. Springer, Cham. https://doi.org/10.1007/978-3-319-68690-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-68690-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68689-9
Online ISBN: 978-3-319-68690-5
eBook Packages: Computer ScienceComputer Science (R0)