research-article

Line-up: a complete and automatic linearizability checker

Authors:

Sebastian Burckhardt,

Madanlal Musuvathi,

Roy TanAuthors Info & Claims

ACM SIGPLAN Notices, Volume 45, Issue 6

Pages 330 - 340

https://doi.org/10.1145/1809028.1806634

Published: 05 June 2010 Publication History

Abstract

Modular development of concurrent applications requires thread-safe components that behave correctly when called concurrently by multiple client threads. This paper focuses on linearizability, a specific formalization of thread safety, where all operations of a concurrent component appear to take effect instantaneously at some point between their call and return. The key insight of this paper is that if a component is intended to be deterministic, then it is possible to build an automatic linearizability checker by systematically enumerating the sequential behaviors of the component and then checking if each its concurrent behavior is equivalent to some sequential behavior.

We develop this insight into a tool called Line-Up, the first complete and automatic checker for deterministic linearizability. It is complete, because any reported violation proves that the implementation is not linearizable with respect to any sequential deterministic specification. It is automatic, requiring no manual abstraction, no manual specification of semantics or commit points, no manually written test suites, no access to source code.

We evaluate Line-Up by analyzing 13 classes with a total of 90 methods in two versions of the .NET Framework 4.0. The violations of deterministic linearizability reported by Line-Up exposed seven errors in the implementation that were fixed by the development team.

References

[1]

M. Abadi and L. Lamport. The existence of refinement mappings. Theor. Comput. Sci., 82(2), 1991.

Digital Library

[2]

S. Burckhardt, R. Alur, and M. Martin. CheckFence: Checking consistency of concurrent data types on relaxed memory models. In Programming Language Design and Impl. (PLDI), pages 12--21, 2007.

Digital Library

[3]

S. Burckhardt and M. Musuvathi. Effective program verification for relaxed memory models. In Computer-Aided Verification (CAV), pages 107--120, 2008.

Digital Library

[4]

R. Colvin, L. Groves, V. Luchangco, and M. Moir. Formal verification of a lazy concurrent list-based set algorithm. In Computer-Aided Verification (CAV), LNCS 4144, pages 475--488. Springer, 2006.

Digital Library

[5]

K. Coons, M. Musuvathi, and S. Burckhardt. Gambit: Effective unit testing of concurrency libraries. In Principles and Practice of Parallel Programming (PPoPP), 2010.

Digital Library

[6]

S. Doherty, D. Detlefs, L. Grove, C. Flood, V. Luchangco, P. Martin, M. Moir, N. Shavit, and G. Steele. DCAS is not a silver bullet for nonblocking algorithm design. In Symposium on Parallel Algorithms and Architectures (SPAA), pages 216--224, 2004.

Digital Library

[7]

T. Elmas, S. Qadeer, and S. Tasiran. A calculus of atomic actions. In Principles of Programming Languages (POPL), 2009.

Digital Library

[8]

T. Elmas and S. Tasiran. VyrdMC: Driving runtime refinement checking with model checkers. Electr. Notes Theor. Comput. Sci., 144:41--56, 2006.

Digital Library

[9]

T. Elmas, S. Tasiran, and S. Qadeer. VYRD: verifying concurrent programs by runtime refinement-violation detection. In Programming Language Design and Impl. (PLDI), pages 27--37, 2005.

Digital Library

[10]

A. Farzan and P. Madhusudan. Monitoring atomicity in concurrent programs. In Computer-Aided Verification (CAV), 2008.

Digital Library

[11]

C. Flanagan and S. Freund. Efficient and precise dynamic race detection. In Programming Language Design and Impl. (PLDI), 2009.

Digital Library

[12]

C. Flanagan, S. Freund, and J.Yi. Velodrome: A sound and complete dynamic atomicity checker for multithreaded programs. In Programming Language Design and Impl. (PLDI), 2008.

Digital Library

[13]

K. Fraser. Practical Lock-Freedom. PhD thesis, University of Cambridge, 2004.

[14]

K. Fraser and T. Harris. Concurrent programming without locks. ACM Trans. Comput. Syst., 25(2), 2007.

Digital Library

[15]

M. Herlihy and J. Wing. Linearizability: a correctness condition for concurrent objects. ACM Trans. Program. Lang. Syst., 12(3):463--492, 1990.

Digital Library

[16]

L. Lamport. How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Trans. Comp., C-28(9):690--691, 1979.

Digital Library

[17]

D. Marino, M. Musuvathi, and S. Narayanasamy. LiteRace: Effective sampling for lightweight data-race detection. In Programming Language Design and Impl. (PLDI), 2009.

Digital Library

[18]

M. Michael and M. Scott. Correction of a memory management method for lock-free data structures. Technical Report TR599, University of Rochester, 1995.

Digital Library

[19]

MSDN, http://blogs.msdn.com/somasegar/archive/2007/11/29/parallel-extensions-to-the-net-fx-ctp.aspx. Parallel Extensions to the .NET FX CTP, November 2007.

[20]

MSDN, http://msdn.microsoft.com/en-us/library/dd460718(VS.100).aspx. .NET Framework 4 Data Structures for Parallel Programming, November 2009.

[21]

M. Musuvathi and S. Qadeer. Fair stateless model checking. In Programming Language Design and Impl. (PLDI), 2008.

Digital Library

[22]

M. Musuvathi, S. Qadeer, T. Ball, G. Basler, P. Nainar, and I. Neamtiu. Finding and reproducing heisenbugs in concurrent programs. In Operating Systems Design and Impl. (OSDI), pages 267--280, 2008.

Digital Library

[23]

C. H. Papadimitriou. The serializability of concurrent database updates. J. ACM, 4(26), October 1979.

Digital Library

[24]

S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic data race detector for multithreaded programs. ACM Trans. Comp. Sys., 15(4):391--411, 1997.

Digital Library

[25]

V. Vafeiadis. Shape-value abstraction for verifying linearizability. In Verification, Model Checking and Abstract Interpretation (VMCAI). Springer-Verlag, 2009.

Digital Library

[26]

V. Vafeiadis, M. Herlihy, T. Hoare, and M. Shapiro. Proving correctness of highly-concurrent linearisable objects. In Principles and Practice of Parallel Programming (PPoPP), pages 129--136, 2006.

Digital Library

[27]

M. Vechev, E. Yahav, and G. Yorsh. Experience with model checking linearizability. In SPIN, 2009.

Digital Library

Cited By

Al‐Mahfoudh MStutsman RGopalakrishnan G(2023)Efficient linearizability checking for actor‐based systemsSoftware: Practice and Experience10.1002/spe.325153:11(2163-2199)Online publication date: 22-Aug-2023
https://doi.org/10.1002/spe.3251
Ko YZhu BKim J(2022)Fuzzing with automatically controlled interleavings to detect concurrency bugsJournal of Systems and Software10.1016/j.jss.2022.111379191:COnline publication date: 1-Sep-2022
https://dl.acm.org/doi/10.1016/j.jss.2022.111379
Cook VPeterson CPainter ZDechev D(2022)Quantifiability: a concurrent correctness condition modeled in vector spaceComputing10.1007/s00607-022-01092-3105:5(955-978)Online publication date: 7-Jun-2022
https://doi.org/10.1007/s00607-022-01092-3
Show More Cited By

Index Terms

Line-up: a complete and automatic linearizability checker
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging
  2. Software organization and properties
    1. Software functional properties
      1. Formal methods
        Model checking
2. Theory of computation
  1. Logic
    1. Verification by model checking

Recommendations

Line-up: a complete and automatic linearizability checker
PLDI '10: Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation

Modular development of concurrent applications requires thread-safe components that behave correctly when called concurrently by multiple client threads. This paper focuses on linearizability, a specific formalization of thread safety, where all ...
Help when needed, but no more: Efficient read/write partial snapshot

An atomic snapshot object is an object that can be concurrently accessed by asynchronous processes prone to crash. It is made of m components (base atomic registers) and is defined by two operations: an update operation that allows a process to ...
Static analysis of atomicity for programs with non-blocking synchronization
PPoPP '05: Proceedings of the tenth ACM SIGPLAN symposium on Principles and practice of parallel programming

In concurrent programming, non-blocking synchronization is very efficient but difficult to design correctly. This paper presents a static analysis to show that code blocks are atomic, i.e., that every execution of the program is equivalent to one in ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 45, Issue 6

PLDI '10

June 2010

496 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/1809028

Issue’s Table of Contents

PLDI '10: Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation
June 2010
514 pages
ISBN:9781450300193
DOI:10.1145/1806596
General Chair:
Ben Zorn
Microsoft Research
,
Program Chair:
Alex Aiken
Stanford University

Copyright � 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 June 2010

Published in�SIGPLAN�Volume 45, Issue 6

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

126
Total Citations
View Citations
743
Total Downloads

Downloads (Last 12 months)39
Downloads (Last 6 weeks)3

Reflects downloads up to 16 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Al‐Mahfoudh MStutsman RGopalakrishnan G(2023)Efficient linearizability checking for actor‐based systemsSoftware: Practice and Experience10.1002/spe.325153:11(2163-2199)Online publication date: 22-Aug-2023
https://doi.org/10.1002/spe.3251
Ko YZhu BKim J(2022)Fuzzing with automatically controlled interleavings to detect concurrency bugsJournal of Systems and Software10.1016/j.jss.2022.111379191:COnline publication date: 1-Sep-2022
https://dl.acm.org/doi/10.1016/j.jss.2022.111379
Cook VPeterson CPainter ZDechev D(2022)Quantifiability: a concurrent correctness condition modeled in vector spaceComputing10.1007/s00607-022-01092-3105:5(955-978)Online publication date: 7-Jun-2022
https://doi.org/10.1007/s00607-022-01092-3
Kingsbury KAlvaro P(2021)ElleProceedings of the VLDB Endowment10.14778/3430915.343091814:3(268-280)Online publication date: 9-Dec-2021
https://dl.acm.org/doi/10.14778/3430915.3430918
Peterson CCook VDechev D(2021)Concurrent Correctness in Vector SpaceVerification, Model Checking, and Abstract Interpretation10.1007/978-3-030-67067-2_8(151-173)Online publication date: 12-Jan-2021
https://doi.org/10.1007/978-3-030-67067-2_8
Pobee EChan WDumas MPfahl DApel SRusso A(2019)AggrePlay: efficient record and replay of multi-threaded programsProceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3338906.3338959(567-577)Online publication date: 12-Aug-2019
https://dl.acm.org/doi/10.1145/3338906.3338959
Kolluri ANikolic ISergey IHobor ASaxena PZhang DM�ller A(2019)Exploiting the laws of order in smart contractsProceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3293882.3330560(363-373)Online publication date: 10-Jul-2019
https://dl.acm.org/doi/10.1145/3293882.3330560
Zhang ZWu PZhang Y(2018)Localization of Linearizability Faults on the Coarse-Grained LevelInternational Journal of Software Engineering and Knowledge Engineering10.1142/S021819401740007127:09n10(1483-1505)Online publication date: 28-Jan-2018
https://doi.org/10.1142/S0218194017400071
Al-Mahfoudh MGopalakrishnan GStutsman R(2017)Operational Semantics for the Rigorous Analysis of Distributed SystemsQuality Software Through Reuse and Integration10.1007/978-3-319-56157-8_10(209-231)Online publication date: 17-Aug-2017
https://doi.org/10.1007/978-3-319-56157-8_10
Yuan XWilliams-King DYang JSethumadhavan S(2016)Making Lock-free Data Structures Verifiable with Artificial TransactionsACM SIGOPS Operating Systems Review10.1145/2883591.288360349:2(57-63)Online publication date: 20-Jan-2016
https://dl.acm.org/doi/10.1145/2883591.2883603
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents