Joint work with byron cook matthew parkinson and viktor vafeiadis
Download
1 / 16

Joint work with Byron Cook, Matthew Parkinson, and Viktor Vafeiadis - PowerPoint PPT Presentation


  • 83 Views
  • Uploaded on

Proving that non-blocking algorithms don't block. Alexey Gotsman University of Cambridge. Joint work with Byron Cook, Matthew Parkinson, and Viktor Vafeiadis. TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A A A A A A A A A.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Joint work with Byron Cook, Matthew Parkinson, and Viktor Vafeiadis' - hinto


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Joint work with byron cook matthew parkinson and viktor vafeiadis

Proving that non-blocking algorithms don't block

Alexey Gotsman

University of Cambridge

Joint work with Byron Cook, Matthew Parkinson,

and Viktor Vafeiadis

TexPoint fonts used in EMF.

Read the TexPoint manual before you delete this box.: AAAAAAAAAAAA


Proving that non blocking algorithms don t block
Proving that non-blocking algorithms don't block

  • Automatically proving liveness properties of non-blocking concurrent algorithms

  • Stay awake: nice links between programming, logic, and automatic verification

    • Pick a class of programs

    • Pick an appropriate logic

    • Observe that proofs are simple and follow the same pattern

    • Infer proofs automatically

  • Best of both worlds: automatic tool + understanding of the algorithms


Coarse grained locking
Coarse-grained locking

42

13

1

4

Top

NULL

Inefficient as only one

thread operates on the

list at a time


Non blocking concurrency
Non-blocking concurrency

  • Multiple threads operating on the data structure at the same time

  • Typical programming idiom:

    ...

    L: read from a part of the data structure

    do some work on the results

    try to change the data structure

    if interference is detected go to L

    ...


Non blocking concurrency1
Non-blocking concurrency

  • Stacks, queues, skip lists, hash tables, etc.

  • Used in practice: e.g., java.util.concurrent

  • Complicated and hard to get right

  • Formal verification:

    • Safety properties

    • [Yahav+ 2003, Calcagno+ 2007, Amit+ 2007, Manevich+ 2008, Vafeiadis 2009]

    • Termination

?


Non blocking concurrency treiber s stack
Non-blocking concurrency: Treiber's stack

42

13

1

4

6

42

13

12

structNode {

Node *next;

data_t val;

} *Top;

void push(data_t v) {

Node *t, *x;

x = new Node();

x->val = v;

do {

t = Top;

x->next = t;

} while(!CAS(&Top,t,x));

}

data_t pop() {

Node *t, *x;

do {

t = Top;

if (t == NULL)

return EMPTY;

x = t->next;

} while(!CAS(&Top,t,x));

return t->val;

}

Top

NULL


Treiber s non blocking stack termination
Treiber's non-blocking stack: termination

structNode {

Node *next;

data_t val;

} *Top;

void push(data_t v) {

Node *t, *x;

x = new Node();

x->val = v;

do {

t = Top;

x->next = t;

} while(!CAS(&Top,t,x));

}

data_t pop() {

Node *t, *x;

do {

t = Top;

if (t == NULL)

return EMPTY;

x = t->next;

} while(!CAS(&Top,t,x));

return t->val;

}

  • push or pop may not terminate if other threads continually modify Top

  • However: some operation will always terminate

  • This talk: logic & tool for proving lock-freedom

lock-freedom



Lock freedom of treiber s stack
Lock-freedom of Treiber's stack

data_t pop() {

Node *t, *x;

do {

t = Top;

if (t == NULL)

return EMPTY;

x = t->next;

} while(!CAS(&Top,t,x));

return t->val;

}

structNode {

Node *next;

data_t val;

} *Top;

void push(data_t v) {

Node *t, *x;

x = new Node();

x->val = v;

do {

t = Top;

x->next = t;

} while(!CAS(&Top,t,x));

}

Pushor Id

Pop or Id

Shared state

Rely/guarantee +

separation logic for safety

[Vafeiadis-Parkinson 2007]


Lock freedom of treiber s stack1
Lock-freedom of Treiber's stack

data_t pop() {

Node *t, *x;

do {

t = Top;

if (t == NULL)

return EMPTY;

x = t->next;

} while(!CAS(&Top,t,x));

return t->val;

}

structNode {

Node *next;

data_t val;

} *Top;

void push(data_t v) {

Node *t, *x;

x = new Node();

x->val = v;

do {

t = Top;

x->next = t;

} while(!CAS(&Top,t,x));

}

Pushor Id

Pop or Id


Lock freedom of treiber s stack2
Lock-freedom of Treiber's stack

data_t pop() {

Node *t, *x;

do {

t = Top;

if (t == NULL)

return EMPTY;

x = t->next;

} while(!CAS(&Top,t,x));

return t->val;

}

structNode {

Node *next;

data_t val;

} *Top;

void push(data_t v) {

Node *t, *x;

x = new Node();

x->val = v;

do {

t = Top;

x->next = t;

} while(!CAS(&Top,t,x));

}

Pushor Id

Pop or Id

  • The do loops terminate if no-one else executes Push or Pop infinitely often

  • No-one executes PushorPop infinitely often

  • Hence, push and popterminate


Layered proof
Layered proof

“I execute only Push, Pop, or Id”

“I execute only Push, Pop, or Id”

“I don’t execute Push or Pop infinitely often”

“I don’t execute Push or Pop infinitely often”

“I terminate”

“I terminate”


Layered proof1
Layered proof

Formalised in a logic for liveness and heaps

Guarantees of the form


Proof search strategy
Proof search strategy

Proof valid for an arbitrary

number of threads

  • Run the safety checker:

  • Iteratively eliminate actions:


Case studies
Case studies

  • Treiber's stack [Treiber 1986]

  • HSY stack [Hendler+ 2004]

  • Non-blocking queue [Michael, Scott 1996]

  • Linked list [Michael 2002]

  • RDCSS [Harris+ 2002]


Conclusion
Conclusion

  • Automatic method with proofs reflecting algorithm structure

  • Hope the general approach can be reused

  • Lock-based lock-free algorithms require more complex environment assumptions


ad