Verifying linearizability with Hindsight

Peter W. O'Hearn; Noam Rinetzky; Martin T. Vechev; Eran Yahav; Greta Yorsh

doi:10.1145/1835698.1835722

Verifying linearizability with Hindsight

Peter W. O'Hearn, Noam Rinetzky, Martin T. Vechev, Eran Yahav, Greta Yorsh

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

60 Scopus citations

Abstract

We present a proof of safety and linearizability of a highly-concurrent optimistic set algorithm. The key step in our proof is the Hindsight Lemma, which allows a thread to infer the existence of a global state in which its operation can be linearized based on limited local atomic observations about the shared state. The Hindsight Lemma allows us to avoid one of the most complex and non-intuitive steps in reasoning about highly concurrent algorithms: considering the linearization point of an operation to be in a different thread than the one executing it. The Hindsight Lemma assumes that the algorithm maintains certain simple invariants which are resilient to interference, and which can themselves be verified using purely thread-local proofs. As a consequence, the lemma allows us to unlock a perhaps-surprising intuition: a high degree of interference makes non-trivial highly-concurrent algorithms in some cases much easier to verify than less concurrent ones.

Original language	English
Title of host publication	PODC'10 - Proceedings of the 2010 ACM Symposium on Principles of Distributed Computing
Pages	85-94
Number of pages	10
DOIs	https://doi.org/10.1145/1835698.1835722
State	Published - 2010
Externally published	Yes
Event	29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, PODC 2010 - Zurich, Switzerland Duration: 25 Jul 2010 → 28 Jul 2010

Publication series

Name	Proceedings of the Annual ACM Symposium on Principles of Distributed Computing

Conference

Conference	29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, PODC 2010
Country/Territory	Switzerland
City	Zurich
Period	25/07/10 → 28/07/10

Keywords

Hindsight
Linearizability
Optimistic concurrency
Wait- freedom

Access to Document

10.1145/1835698.1835722

Cite this

@inproceedings{2d11e31a30254e418cf13b571bfd5b5d,

title = "Verifying linearizability with Hindsight",

abstract = "We present a proof of safety and linearizability of a highly-concurrent optimistic set algorithm. The key step in our proof is the Hindsight Lemma, which allows a thread to infer the existence of a global state in which its operation can be linearized based on limited local atomic observations about the shared state. The Hindsight Lemma allows us to avoid one of the most complex and non-intuitive steps in reasoning about highly concurrent algorithms: considering the linearization point of an operation to be in a different thread than the one executing it. The Hindsight Lemma assumes that the algorithm maintains certain simple invariants which are resilient to interference, and which can themselves be verified using purely thread-local proofs. As a consequence, the lemma allows us to unlock a perhaps-surprising intuition: a high degree of interference makes non-trivial highly-concurrent algorithms in some cases much easier to verify than less concurrent ones.",

keywords = "Hindsight, Linearizability, Optimistic concurrency, Wait- freedom",

author = "O'Hearn, {Peter W.} and Noam Rinetzky and Vechev, {Martin T.} and Eran Yahav and Greta Yorsh",

year = "2010",

doi = "10.1145/1835698.1835722",

language = "אנגלית",

isbn = "9781605588889",

series = "Proceedings of the Annual ACM Symposium on Principles of Distributed Computing",

pages = "85--94",

booktitle = "PODC'10 - Proceedings of the 2010 ACM Symposium on Principles of Distributed Computing",

note = "29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, PODC 2010 ; Conference date: 25-07-2010 Through 28-07-2010",

}

O'Hearn, PW, Rinetzky, N, Vechev, MT, Yahav, E & Yorsh, G 2010, Verifying linearizability with Hindsight. in PODC'10 - Proceedings of the 2010 ACM Symposium on Principles of Distributed Computing. Proceedings of the Annual ACM Symposium on Principles of Distributed Computing, pp. 85-94, 29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, PODC 2010, Zurich, Switzerland, 25/07/10. https://doi.org/10.1145/1835698.1835722

Verifying linearizability with Hindsight. / O'Hearn, Peter W.; Rinetzky, Noam; Vechev, Martin T. et al.
PODC'10 - Proceedings of the 2010 ACM Symposium on Principles of Distributed Computing. 2010. p. 85-94 (Proceedings of the Annual ACM Symposium on Principles of Distributed Computing).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Verifying linearizability with Hindsight

AU - O'Hearn, Peter W.

AU - Rinetzky, Noam

AU - Vechev, Martin T.

AU - Yahav, Eran

AU - Yorsh, Greta

PY - 2010

Y1 - 2010

N2 - We present a proof of safety and linearizability of a highly-concurrent optimistic set algorithm. The key step in our proof is the Hindsight Lemma, which allows a thread to infer the existence of a global state in which its operation can be linearized based on limited local atomic observations about the shared state. The Hindsight Lemma allows us to avoid one of the most complex and non-intuitive steps in reasoning about highly concurrent algorithms: considering the linearization point of an operation to be in a different thread than the one executing it. The Hindsight Lemma assumes that the algorithm maintains certain simple invariants which are resilient to interference, and which can themselves be verified using purely thread-local proofs. As a consequence, the lemma allows us to unlock a perhaps-surprising intuition: a high degree of interference makes non-trivial highly-concurrent algorithms in some cases much easier to verify than less concurrent ones.

AB - We present a proof of safety and linearizability of a highly-concurrent optimistic set algorithm. The key step in our proof is the Hindsight Lemma, which allows a thread to infer the existence of a global state in which its operation can be linearized based on limited local atomic observations about the shared state. The Hindsight Lemma allows us to avoid one of the most complex and non-intuitive steps in reasoning about highly concurrent algorithms: considering the linearization point of an operation to be in a different thread than the one executing it. The Hindsight Lemma assumes that the algorithm maintains certain simple invariants which are resilient to interference, and which can themselves be verified using purely thread-local proofs. As a consequence, the lemma allows us to unlock a perhaps-surprising intuition: a high degree of interference makes non-trivial highly-concurrent algorithms in some cases much easier to verify than less concurrent ones.

KW - Hindsight

KW - Linearizability

KW - Optimistic concurrency

KW - Wait- freedom

UR - http://www.scopus.com/inward/record.url?scp=77956250840&partnerID=8YFLogxK

U2 - 10.1145/1835698.1835722

DO - 10.1145/1835698.1835722

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:77956250840

SN - 9781605588889

T3 - Proceedings of the Annual ACM Symposium on Principles of Distributed Computing

SP - 85

EP - 94

BT - PODC'10 - Proceedings of the 2010 ACM Symposium on Principles of Distributed Computing

T2 - 29th ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, PODC 2010

Y2 - 25 July 2010 through 28 July 2010

ER -

Verifying linearizability with Hindsight

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this