Abstract
We present a linearizability proof for the concurrent Chase–Lev work-stealing queue (WSQ) implementation on sequentially consistent memory. We used the CIVL proof system to carry out the proof. The lowest-level description of the WSQ is the data structure code described in terms of fine-grained actions whose atomicity is guaranteed by hardware. Higher level descriptions consist of increasingly coarser action blocks obtained using a combination of Owicki–Gries (OG) annotations and reduction and abstraction. We believe that the OG annotations (location invariants) we provided to carry out the refinement proofs at each level provide insight into the correctness of the algorithm. The top-level description for the WSQ consists of a single atomic action for each data structure operation, where the specification of the action is tight enough to show that the WSQ data structure is linearizable.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
CIVL proof files can be obtained from: http://msrc.ku.edu.tr/projects/chase-lev-wsq/.
References
Arora NS, Blumofe RD, Plaxton CG (2001) Thread scheduling for multiprogrammed multiprocessors. Theory Comput Syst 34(2):115–144
Chase D, Lev Y (2005) Dynamic circular work-stealing deque. In: Proceedings of the seventeenth annual ACM symposium on parallelism in algorithms and architectures. ACM, pp 21–28
Dodds M, Haas A, Kirsch CM (2015) A scalable, correct time-stamped stack. ACM SIGPLAN Not 50(1):233–246
Elmas T, Qadeer S, Tasiran S (2009) A calculus of atomic actions. In: ACM symposium on principles of programming languages. Association for Computing Machinery, Inc., p 14. http://research.microsoft.com/apps/pubs/default.aspx?id=70608. Retrieved 25 Sept 2017
Frigo M, Leiserson CE, Randall KH (1998) The implementation of the Cilk-5 multithreaded language. In: ACM Sigplan Notices. ACM, vol 33, pp 212–223
Hawblitzel C, Qadeer S, Tasiran S (2015) Automated and modular refinement reasoning for concurrent programs. In: Computer aided verification
Herlihy M, Luchangco V, Moir M (2003) Obstruction-free synchronization: Double-ended queues as an example. In: Distributed computing systems, 2003. Proceedings. 23rd international conference on, IEEE, pp 522–529
Khorsandi Aghai M (2012) Verification of work-stealing deque implementation. Master’s thesis, Uppsala University
Lê NM, Pop A, Cohen A, Zappa Nardelli F (2013) Correct and efficient work-stealing for weak memory models. In: ACM SIGPLAN Notices, vol 48. ACM, pp 69–80
Lipton RJ (1975) Reduction: a method of proving properties of parallel programs. Commun ACM 18(12):717–721
Liu F, Nedev N, Prisadnikov N, Vechev M, Yahav E (2012) Dynamic synthesis for relaxed memory models. In: ACM SIGPLAN Notices, vol 47. ACM, pp 429–440
Michael MM, Vechev MT, Saraswat VA (2009) Idempotent work stealing, vol 44. ACM
Morrison A, Afek Y (2014) Fence-free work stealing on bounded TSO processors. ACM SIGPLAN Not 49(4):413–426
Owicki S, Gries D (1976) An axiomatic proof technique for parallel programs I. Acta Inform 6(4):319–340
Travkin O, Wehrheim H (2014) Handling TSO in mechanized linearizability proofs. In: Haifa verification conference. Springer, pp 132–147
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Mutluergil, S.O., Tasiran, S. A mechanized refinement proof of the Chase–Lev deque using a proof system. Computing 101, 59–74 (2019). https://doi.org/10.1007/s00607-018-0635-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00607-018-0635-4