An Integrated Specification and Verification Technique for Highly Concurrent Data Structures

  • Parosh Aziz Abdulla
  • Frédéric Haziza
  • Lukáš Holík
  • Bengt Jonsson
  • Ahmed Rezine
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7795)

Abstract

We present a technique for automatically verifying safety properties of concurrent programs, in particular programs which rely on subtle dependencies of local states of different threads, such as lock-free implementations of stacks and queues in an environment without garbage collection. Our technique addresses the joint challenges of infinite-state specifications, an unbounded number of threads, and an unbounded heap managed by explicit memory allocation. Our technique builds on the automata-theoretic approach to model checking, in which a specification is given by an automaton that observes the execution of a program and accepts executions that violate the intended specification. We extend this approach by allowing specifications to be given by a class of infinite-state automata. We show how such automata can be used to specify queues, stacks, and other data structures, by extending a data-independence argument. For verification, we develop a shape analysis, which tracks correlations between pairs of threads, and a novel abstraction to make the analysis practical. We have implemented our method and used it to verify programs, some of which have not been verified by any other automatic method before.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdulla, P., Jonsson, B., Nilsson, M., d’Orso, J., Saksena, M.: Regular model checking for LTL(MSO). STTT 14(2), 223–241 (2012)CrossRefGoogle Scholar
  2. 2.
    Abdulla, P.A., Haziza, F., Holík, L.: All for the Price of Few (Parameterized Verification through View Abstraction). In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 476–495. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  3. 3.
    Amit, D., Rinetzky, N., Reps, T., Sagiv, M., Yahav, E.: Comparison Under Abstraction for Verifying Linearizability. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 477–490. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Berdine, J., Lev-Ami, T., Manevich, R., Ramalingam, G., Sagiv, M.: Thread Quantification for Concurrent Shape Analysis. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 399–413. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Bingham, J., Rakamarić, Z.: A Logic and Decision Procedure for Predicate Abstraction of Heap-Manipulating Programs. In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 207–221. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Burckhardt, S., Dern, C., Musuvathi, M., Tan, R.: Line-up: a complete and automatic linearizability checker. In: Proc. of PLDI 2010, pp. 330–340. ACM (2010)Google Scholar
  7. 7.
    Černý, P., Radhakrishna, A., Zufferey, D., Chaudhuri, S., Alur, R.: Model Checking of Linearizability of Concurrent List Implementations. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 465–479. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Colvin, R., Groves, L., Luchangco, V., Moir, M.: Formal Verification of a Lazy Concurrent List-Based Set Algorithm. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 475–488. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Dill, D.L.: Timing Assumptions and Verification of Finite-State Concurrent Systems. In: Sifakis, J. (ed.) CAV 1989. LNCS, vol. 407, pp. 197–212. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  10. 10.
    Doherty, S., Detlefs, D., Groves, L., Flood, C., Luchangco, V., Martin, P., Moir, M., Shavit, N., Steele Jr., G.: Dcas is not a silver bullet for nonblocking algorithm design. In: Proc. of SPAA 2004, pp. 216–224. ACM (2004)Google Scholar
  11. 11.
    Doherty, S., Groves, L., Luchangco, V., Moir, M.: Formal Verification of a Practical Lock-Free Queue Algorithm. In: de Frutos-Escrig, D., Núñez, M. (eds.) FORTE 2004. LNCS, vol. 3235, pp. 97–114. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Elmas, T., Qadeer, S., Sezgin, A., Subasi, O., Tasiran, S.: Simplifying Linearizability Proofs with Reduction and Abstraction. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 296–311. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Emmi, M., Jhala, R., Kohler, E., Majumdar, R.: Verifying Reference Counting Implementations. In: Kowalewski, S., Philippou, A. (eds.) TACAS 2009. LNCS, vol. 5505, pp. 352–367. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  14. 14.
    Flanagan, C., Freund, S.: Atomizer: A dynamic atomicity checker for multithreaded programs. Science of Computer Programming 71(2), 89–109 (2008)MathSciNetMATHCrossRefGoogle Scholar
  15. 15.
    Habermehl, P., Holík, L., Rogalewicz, A., Šimáček, J., Vojnar, T.: Forest automata for verification of heap manipulation. Formal Methods in System Design, 1–24 (2012)Google Scholar
  16. 16.
    Herlihy, M., Wing, J.M.: Linearizability: A correctness condition for concurrent objects. ACM Trans. Program. Lang. Syst. 12(3), 463–492 (1990)CrossRefGoogle Scholar
  17. 17.
    IBM. System/370 principles of operation (1983)Google Scholar
  18. 18.
    Kidd, N., Reps, T., Dolby, J., Vaziri, M.: Finding concurrency-related bugs using random isolation. STTT 13(6), 495–518 (2011)CrossRefGoogle Scholar
  19. 19.
    Michael, M., Scott, M.: Correction of a memory management method for lock-free data structures. Technical Report TR599, University of Rochester, Rochester, NY, USA (1995)Google Scholar
  20. 20.
    Michael, M., Scott, M.: Simple, fast, and practical non-blocking and blocking concurrent queue algorithms. In: Proc. 15th ACM Symp. on PoDC, pp. 267–275 (1996)Google Scholar
  21. 21.
    Michael, M.M.: Safe memory reclamation for dynamic lock-free objects using atomic reads and writes. In: Proc. 21st Annual Symp. on PoDC, pp. 21–30 (2002)Google Scholar
  22. 22.
    Naik, M., Aiken, A., Whaley, J.: Effective static race detection for java. In: Proc. of PLDI 2006, pp. 308–319. ACM (2006)Google Scholar
  23. 23.
    Naik, M., Park, C.-S., Sen, K., Gay, D.: Effective static deadlock detection. In: Proc. of ICSE, pp. 386–396. IEEE (2009)Google Scholar
  24. 24.
    Segalov, M., Lev-Ami, T., Manevich, R., Ganesan, R., Sagiv, M.: Abstract Transformers for Thread Correlation Analysis. In: Hu, Z. (ed.) APLAS 2009. LNCS, vol. 5904, pp. 30–46. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  25. 25.
    Shacham, O.: Verifying Atomicity of Composed Concurrent Operations. PhD thesis, Department of Computer Science, Tel Aviv University (2012)Google Scholar
  26. 26.
    Treiber, R.: Systems programming: Coping with parallelism. Technical Report RJ5118, IBM Almaden Res. Ctr. (1986)Google Scholar
  27. 27.
    Vafeiadis, V.: Shape-Value Abstraction for Verifying Linearizability. In: Jones, N.D., Müller-Olm, M. (eds.) VMCAI 2009. LNCS, vol. 5403, pp. 335–348. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  28. 28.
    Vafeiadis, V.: Automatically Proving Linearizability. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 450–464. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  29. 29.
    Vafeiadis, V.: RGSep Action Inference. In: Barthe, G., Hermenegildo, M. (eds.) VMCAI 2010. LNCS, vol. 5944, pp. 345–361. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  30. 30.
    Vardi, M.Y., Wolper, P.: An automata-theoretic approach to automatic program verification. In: Proc. of LICS 1986, pp. 332–344 (June 1986)Google Scholar
  31. 31.
    Vechev, M., Yahav, E.: Deriving linearizable fine-grained concurrent objects. In: Proc. of PLDI 2008, pp. 125–135. ACM (2008)Google Scholar
  32. 32.
    Vechev, M., Yahav, E., Yorsh, G.: Experience with Model Checking Linearizability. In: Păsăreanu, C.S. (ed.) SPIN 2009. LNCS, vol. 5578, pp. 261–278. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  33. 33.
    Wang, L., Stoller, S.: Static analysis of atomicity for programs with non-blocking synchronization. In: Proc. of PPOPP 2005, pp. 61–71. ACM (2005)Google Scholar
  34. 34.
    Wolper, P.: Expressing interesting properties of programs in propositional temporal logic (extended abstract). In: Proc. of POPL 1986, pp. 184–193 (1986)Google Scholar
  35. 35.
    Yahav, E., Sagiv, S.: Automatically verifying concurrent queue algorithms. Electr. Notes Theor. Comput. Sci. 89(3) (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Parosh Aziz Abdulla
    • 1
  • Frédéric Haziza
    • 1
  • Lukáš Holík
    • 1
    • 2
  • Bengt Jonsson
    • 1
  • Ahmed Rezine
    • 3
  1. 1.Uppsala UniversitySweden
  2. 2.Brno University of TechnologyCzech Republic
  3. 3.Linköping UniversitySweden

Personalised recommendations