TY - GEN
T1 - Checking linearizability of encapsulated extended operations
AU - Zomer, Oren
AU - Golan-Gueta, Guy
AU - Ramalingam, G.
AU - Sagiv, Mooly
N1 - Funding Information:
Zomer, Gueta, and Sagiv were funded by the European Research Council under the European Unions Seventh Framework Program (FP7/2007-2013) / ERC grant agreement no. [321174-VSSC].
PY - 2014
Y1 - 2014
N2 - Linearizable objects (data-structures) provide operations that appear to execute atomically. Modern mainstream languages provide many linearizable data-structures, simplifying concurrent programming. In practice, however, programmers often find a need to execute a sequence of operations (on linearizable objects) that executes atomically and write extended operations for this purpose. Such extended operations are a common source of atomicity bugs. This paper focuses on the problem of verifying that a set of extension operations (to a linearizable library) are themselves linearizable. We present several reduction theorems that simplify this verification problem enabling more efficient verification. We first introduce the notion of an encapsulated extension: this is an extension that (a) does not introduce new shared state (beyond the shared state in the base linearizable library), and (b) accesses or modifies the shared state only through the base operations. We show that encapsulated extensions are widely prevalent in real applications. We show that linearizability of encapsulated extended operations can be verified by considering only histories with one occurrence of an extended operation, interleaved with atomic occurrences of base and extended operations. As a consequence, this verification needs to consider only histories with two threads, whereas general linearizability verification requires considering histories with an unbounded number of threads. We show that when the operations satisfy certain properties, each extended operation can be verified independently of the others, enabling further reductions. We have implemented a simple static analysis algorithm that conservatively verifies linearizabilty of encapsulated extensions of Java concurrent maps. We present empirical results illustrating the benefits of the reduction theorems.
AB - Linearizable objects (data-structures) provide operations that appear to execute atomically. Modern mainstream languages provide many linearizable data-structures, simplifying concurrent programming. In practice, however, programmers often find a need to execute a sequence of operations (on linearizable objects) that executes atomically and write extended operations for this purpose. Such extended operations are a common source of atomicity bugs. This paper focuses on the problem of verifying that a set of extension operations (to a linearizable library) are themselves linearizable. We present several reduction theorems that simplify this verification problem enabling more efficient verification. We first introduce the notion of an encapsulated extension: this is an extension that (a) does not introduce new shared state (beyond the shared state in the base linearizable library), and (b) accesses or modifies the shared state only through the base operations. We show that encapsulated extensions are widely prevalent in real applications. We show that linearizability of encapsulated extended operations can be verified by considering only histories with one occurrence of an extended operation, interleaved with atomic occurrences of base and extended operations. As a consequence, this verification needs to consider only histories with two threads, whereas general linearizability verification requires considering histories with an unbounded number of threads. We show that when the operations satisfy certain properties, each extended operation can be verified independently of the others, enabling further reductions. We have implemented a simple static analysis algorithm that conservatively verifies linearizabilty of encapsulated extensions of Java concurrent maps. We present empirical results illustrating the benefits of the reduction theorems.
KW - atomicity
KW - composition
KW - concurrency
KW - extension
KW - linearizability
KW - verification
UR - http://www.scopus.com/inward/record.url?scp=84900547270&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-54833-8_17
DO - 10.1007/978-3-642-54833-8_17
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84900547270
SN - 9783642548321
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 311
EP - 330
BT - Programming Languages and Systems - 23rd European Symposium on Programming, ESOP 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Proceedings
PB - Springer Verlag
T2 - 23rd European Symposium on Programming, ESOP 2014 - Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014
Y2 - 5 April 2014 through 13 April 2014
ER -