Verifying Linearisability with Potential Linearisation Points
Linearisability is the key correctness criterion for concurrent implementations of data structures shared by multiple processes. In this paper we present a proof of linearisability of the lazy implementation of a set due to Heller et al. The lazy set presents one of the most challenging issues in verifying linearisability: a linearisation point of an operation set by a process other than the one executing it. For this we develop a proof strategy based on refinement which uses thread local simulation conditions and the technique of potential linearisation points. The former allows us to prove linearisability for arbitrary numbers of processes by looking at only two processes at a time, the latter permits disposing with reasoning about the past. All proofs have been mechanically carried out using the interactive prover KIV.
KeywordsModel Check Proof Obligation Proof Strategy Abstract Operation Separation Logic
Unable to display preview. Download preview PDF.
- 10.Hendler, D., Shavit, N., Yerushalmi, L.: A scalable lock-free stack algorithm. In: SPAA 2004, pp. 206–215. ACM Press, New York (2004)Google Scholar
- 12.Web presentation of linearizability theory and the lazy set algorithm (2010),http://www.informatik.uniaugsburg.de/swt/projects/possibilities.html
- 15.Michael, M.M., Scott, M.L.: Simple, fast, and practical non-blocking and blocking concurrent queue algorithms. In: Proc. 15th ACM Symp. on Principles of Distributed Computing, pp. 267–275 (1996)Google Scholar
- 16.O’Hearn, P.W., Rinetzky, N., Vechev, M.T., Yahav, E., Yorsh, G.: Verifying linearizability with hindsight. In: 29th Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (PODC), pp. 85–94 (2010)Google Scholar
- 18.Vafeiadis, V.: Modular fine-grained concurrency verification. PhD thesis, University of Cambridge (2007)Google Scholar
- 20.Vafeiadis, V., Herlihy, M., Hoare, T., Shapiro, M.: Proving correctness of highly-concurrent linearisable objects. In: PPoPP 2006, pp. 129–136. ACM, New York (2006)Google Scholar