Deriving Linearizable Fine-Grained Concurrent Objects Martin Vechev Eran Yahav IBM T. J. Watson Research Center Martin Vechev Eran Yahav IBM T. J. Watson.

Slides:

Advertisements

Similar presentations

Bounded Model Checking of Concurrent Data Types on Relaxed Memory Models: A Case Study Sebastian Burckhardt Rajeev Alur Milo M. K. Martin Department of.

Advertisements

Fast and Lock-Free Concurrent Priority Queues for Multi-Thread Systems Håkan Sundell Philippas Tsigas.

IBM T. J. Watson Research Center Conditions for Strong Synchronization Maged Michael IBM T J Watson Research Center Joint work with: Martin Vechev, Hagit.

Wait-Free Queues with Multiple Enqueuers and Dequeuers

Hongjin Liang and Xinyu Feng

Greta YorshEran YahavMartin Vechev IBM Research. { ……………… …… …………………. ……………………. ………………………… } P1() Challenge: Correct and Efficient Synchronization { ……………………………

Greta YorshEran YahavMartin Vechev IBM Research. { ……………… …… …………………. ……………………. ………………………… } T1() Challenge: Correct and Efficient Synchronization { ……………………………

Architecture-aware Analysis of Concurrent Software Rajeev Alur University of Pennsylvania Amir Pnueli Memorial Symposium New York University, May 2010.

“FENDER” AUTOMATIC MEMORY FENCE INFERENCE Presented by Michael Kuperstein, Technion Joint work with Martin Vechev and Eran Yahav, IBM Research 1.

Abstract Transformers for Thread Correlation Analysis Michal Segalov, TAU Tal Lev-Ami, TAU Roman Manevich, TAU G. Ramalingam, MSR India Mooly Sagiv, TAU.

1 1 Regression Verification for Multi-Threaded Programs Sagar Chaki, SEI-Pittsburgh Arie Gurfinkel, SEI-Pittsburgh Ofer Strichman, Technion-Haifa Originally.

Paraglide Martin Vechev Eran Yahav Martin Vechev Eran Yahav.

Ch. 7 Process Synchronization (1/2) I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.

Multiprocessor Synchronization Algorithms ( ) Lecturer: Danny Hendler The Mutual Exclusion problem.

Scalable and Lock-Free Concurrent Dictionaries

Linked Lists: Lazy and Non-Blocking Synchronization Based on the companion slides for The Art of Multiprocessor Programming (Maurice Herlihy & Nir Shavit)

PARTIAL-COHERENCE ABSTRACTIONS FOR RELAXED MEMORY MODELS Presented by Michael Kuperstein, Technion Joint work with Martin Vechev, IBM Research and Eran.

Progress Guarantee for Parallel Programs via Bounded Lock-Freedom Erez Petrank – Technion Madanlal Musuvathi- Microsoft Bjarne Steensgaard - Microsoft.

Inferring Synchronization under Limited Observability Martin Vechev Eran Yahav Greta Yorsh IBM T.J. Watson Research Center.

Formalisms and Verification for Transactional Memories Vasu Singh EPFL Switzerland.

COLT: Effective Testing of Concurrent Collection Usage Alex Aiken Nathan Bronson Stanford University Martin Vechev Eran Yahav IBM Research Mooly Sagiv.

Correctness-Preserving Derivation of Concurrent Garbage Collection Algorithms Martin T. Vechev Eran Yahav David F. Bacon University of Cambridge IBM T.J.

1 Martin Vechev IBM T.J. Watson Research Center Joint work with: Hagit Attiya, Rachid Guerraoui, Danny Hendler, Petr Kuznetsov, Maged Michael.

1 Eran Yahav and Mooly Sagiv School of Computer Science Tel-Aviv University Verifying Safety Properties.

Comparison Under Abstraction for Verifying Linearizability Daphna Amit Noam Rinetzky Mooly Sagiv Tom RepsEran Yahav Tel Aviv UniversityUniversity of Wisconsin.

SUPPORTING LOCK-FREE COMPOSITION OF CONCURRENT DATA OBJECTS Daniel Cederman and Philippas Tsigas.

An Introduction to Software Transactional Memory

1 Lock-Free Linked Lists Using Compare-and-Swap by John Valois Speaker’s Name: Talk Title: Larry Bush.

Practical and Lock-Free Doubly Linked Lists Håkan Sundell Philippas Tsigas.

ARTIST Summer School in Europe 2009 Autrans (near Grenoble), France September 7-11, 2009 Invited Speaker: Eran Yahav IBM T.J. Watson Research Center.

Thread Quantification for Concurrent Shape Analysis Josh BerdineMSR Cambridge Tal Lev-AmiTel Aviv University Roman ManevichTel Aviv University Mooly Sagiv.

Verifying Atomicity via Data Independence Ohad Shacham Yahoo Labs, Israel Eran Yahav Technion, Israel Guy Gueta Yahoo Labs, Israel Alex Aiken Stanford.

Testing and Verifying Atomicity of Composed Concurrent Operations Ohad Shacham Tel Aviv University Nathan Bronson Stanford University Alex Aiken Stanford.

Shape Analysis Overview presented by Greta Yorsh.

Martin Vechev Eran Yahav Greta Yorsh IBM T.J. Watson Research Center.

Challenges in Non-Blocking Synchronization Håkan Sundell, Ph.D. Guest seminar at Department of Computer Science, University of Tromsö, Norway, 8 Dec 2005.

L AWS OF ORDER : EXPENSIVE SYNCHRONIZATION IN CONCURRENT ALGORITHMS CANNOT BE ELIMINATED POPL '11 Hagit Attiya, Rachid Guerraoui, Danny Hendler, Petr Kuznetsov,

CGCExplorer: A Semi-Automated Search Procedure for Provably Correct Concurrent Collectors Martin Vechev Eran Yahav David Bacon University of CambridgeIBM.

Non-blocking Data Structures for High- Performance Computing Håkan Sundell, PhD.

Inferring Synchronization under Limited Observability Martin Vechev, Eran Yahav, Greta Yorsh IBM T.J. Watson Research Center (work in progress)

PRACTICAL SYNTHESIS OF CONCURRENT SYSTEMS Martin Vechev Eran Yahav Greta Yorsh IBM T.J. Watson Research Center.

Linked Lists: Optimistic, Lock-Free, … Companion slides for The Art of Multiprocessor Programming by Maurice Herlihy & Nir Shavit Modified by Pavol Černý,

Linked Lists: Locking, Lock- Free, and Beyond … Companion slides for The Art of Multiprocessor Programming by Maurice Herlihy & Nir Shavit Modified by.

Formal verification of skiplist algorithms Student: Trinh Cong Quy Supervisor: Bengt Jonsson Reviewer: Parosh Abdulla.

Concurrent Linked Lists and Linearizability Proofs Companion slides for The Art of Multiprocessor Programming by Maurice Herlihy & Nir Shavit Modified.

Fence Complexity in Concurrent Algorithms Petr Kuznetsov TU Berlin/DT-Labs.

Wait-Free Multi-Word Compare- And-Swap using Greedy Helping and Grabbing Håkan Sundell PDPTA 2009.

Advanced Locking Techniques

Practical concurrent algorithms Mihai Letia Concurrent Algorithms 2012 Distributed Programming Laboratory Slides by Aleksandar Dragojevic.

A Simple Optimistic skip-list Algorithm Maurice Herlihy Brown University & Sun Microsystems Laboratories Yossi Lev Brown University & Sun Microsystems.

Model Checking Linearizability via Refinement 1 ICFEM 2008 Model Checking Linearizability via Refinement Yang LIU, Wei CHEN, Yanhong A. LIU, and Jun SUN.

Distributed Algorithms (22903) Lecturer: Danny Hendler The wait-free hierarchy and the universality of consensus This presentation is based on the book.

An algorithm of Lock-free extensible hash table Yi Feng.

Hazard Pointers: Safe Memory Reclamation for Lock-Free Objects MAGED M. MICHAEL PRESENTED BY NURIT MOSCOVICI ADVANCED TOPICS IN CONCURRENT PROGRAMMING,

Lecture 9 : Concurrent Data Structures Companion slides for The Art of Multiprocessor Programming by Maurice Herlihy & Nir Shavit.

6.852 Lecture 21 ● Techniques for highly concurrent objects – coarse-grained mutual exclusion – read/write locking – fine-grained locking (mutex and read/write)

Distributed Algorithms (22903)

Lecture 6-1 : Concurrent Data Structures (Concurrent Linked Lists)

Håkan Sundell Philippas Tsigas

CO890 CONCURRENCY & PARALLELISM

Practical Non-blocking Unordered Lists

Concurrent Data Structures Concurrent Algorithms 2016

Concurrent Data Structures Concurrent Algorithms 2017

Yiannis Nikolakopoulos

Distributed Algorithms (22903)

Multicore programming

An explicit state model checker

Multicore programming

EECE.3220 Data Structures Instructor: Dr. Michael Geiger Spring 2019

Abstraction-Guided Synthesis of synchronization

Presentation transcript:

Deriving Linearizable Fine-Grained Concurrent Objects Martin Vechev Eran Yahav IBM T. J. Watson Research Center Martin Vechev Eran Yahav IBM T. J. Watson Research Center

2 Lets suppose… I want a concurrent set that is: correct efficient portable QUICKLY

3 Now what…

4 The result… Heller et al. (OPODIS’05) Maged (PODC’02) Harris (DISC’01) Vechev & Yahav (PLDI’08)

5 bool add(int key) { Entry *pred,*curr,*entry restart: locate(pred,curr,key) k = (curr->key == key) if (k) return false entry = new Entry() entry->next = curr val=CAS(&pred->next,  curr,0 ,  entry,0  ) if (  val) goto restart return true } bool remove(int key) { Entry *pred,*curr,*r restart: locate(pred,curr,key) k = (curr->key ≠ key) if (k) return false = curr->next lval=CAS(&curr->next,  r,m ,  r,1  ) if (  lval) goto restart pval=CAS(&pred->next,  curr,0 ,  r,0  ) if (  pval) goto restart return true } New Concurrent Set Algorithm bool contains(int key) { Entry *pred,*curr locate(pred,curr,key) k = (curr->key == key) if (k) return false return true } The Good New algorithm Fine-grained synchronization (CAS) The Good New algorithm Fine-grained synchronization (CAS) The Bad Can you understand what it does? Can you show it is correct? The Bad Can you understand what it does? Can you show it is correct? The Ugly How did you get it? Anything repeatable? Any other similar algorithms? The Ugly How did you get it? Anything repeatable? Any other similar algorithms?

6 bool add(int key){ atomic Entry *pred,*curr,*entry locate(pred,curr,key); k = (curr->key == key) if (k) return false entry = new Entry() entry->next = curr pred->next = entry return true } bool remove(int key){ atomic Entry *pred,*curr,*r locate(pred,curr,key) k = (curr->key ≠ key) if (k) return false r = curr->next pred->next = r return true } Sequential Set Algorithm bool contains(int key) { atomic Entry *pred,*curr locate(pred,curr,key) k = (curr->key == key) if (k) return false return true } Understandable Proving correctness easier Understandable Proving correctness easier

7 bool add(int key) { Entry *pred,*curr,*entry restart: locate(pred,curr,key) k = (curr->key == key) if (k) return false entry = new Entry() entry->next = curr val=CAS(&pred- >next,  curr,0 ,  entry,0  ) if (  val) goto restart return true } bool remove(int key) { Entry *pred,*curr,*r restart: locate(pred,curr,key) k = (curr->key ≠ key) if (k) return false = curr->next lval=CAS(&curr->next,  r,m ,  r,1  ) if (  lval) goto restart pval=CAS(&pred- >next,  curr,0 ,  r,0  ) if (  pval) goto restart return true } Sequential to Highly Concurrent bool add(int key){ atomic Entry *pred,*curr,*entry locate(pred,curr,key); k = (curr->key == key) if (k) return false entry = new Entry() entry->next = curr pred->next = entry return true } bool remove(int key){ atomic Entry *pred,*curr,*r locate(pred,curr,key) k = (curr->key ≠ key) if (k) return false r = curr->next pred->next = r return true } ???

8 Concurrent Objects Constructions Today Performance Manual Effort Sequential Naïve STM Fine-grained STM Expert Design This Work Goal

Bridging the Gap: Our Approach Find small repeatable transformations  NO magic insights Some transformations applied manually, others automatically 9

Computer Assisted Construction

Atomicity Reduction: Transformations Removing redundant atomicity Reordering statements Optimistic concurrency Add synchronization meta-data 11 s1 s2 s3 s4 s1 s2 s3 s4 If (validate) update else restart read s1 s2 s3 s4 s2 s1 s3 s4 s3 s4 read update s1 s2 s1 If (t > 0) s2 s3 s4

12 A journey from a sequential algorithm to efficient concurrent algorithms Schema Correct Algorithm DCAS Sequential DCAS CAS with LOCKS Priority Queue Stack CAS/DCAS … … Michael (PODC’02) Heller et al. (OPODIS’05) Trieber Stack Existing Algorithm New Algorithm

locate(pred,curr,key) 13 Step 1: Optimistic Concurrency [Kung & Robinson’81] bool remove(int key){ Entry *pred,*curr,*r atomic locate(pred,curr,key) k = (curr->key ≠ key) if (k) return false r = curr->next pred->next = r return true } bool remove(int key){ Entry *pred,*curr,*r restart: Read atomic if ( validate ) { Update } goto restart } k = (curr->key ≠ key) if (k) return false r = curr->next pred->next = r return true Update Read

Step 2: Run Paraglide 14 Paraglide No correct completion found Insufficient information to write a validation condition bool remove(int key){ Entry *pred,*curr,*r locate(pred,curr,key) atomic if (validate) { k = (curr->key ≠ key) if (k) return false r = curr->next pred->next = r return true } goto restart } truepred->next == currpred == curr ( (pred | curr) (->next)? == (pred | curr) (->next)? ) | true

Step 2: Counterexample 15 head add(4) starts 1 tail pred curr remove(1) executes add(4) ends 1 headtail pred curr 4 1 headtail How to deal with removed nodes? add(4) || remove(1) Addition of key 4 is lost

But What Now ? Coordination Meta-data SynchronizationTime

17 Step 3: Add Synchronization Metadata keynextkeynext marked REMOVE = { R1: k = (curr->key ≠ key) R2: if (k) return false R3: curr->marked = true R4: mp =  pred->marked R5: mc =  curr->marked R6: val= (pred->next == curr) (  mp)? (  mc)? R7: if (  val) goto restart R8: r = curr->next R9: pred->next = r } OBJECT

Step 4: Run Paraglide 18 bool remove(int key) { Entry *pred,*curr,*r restart: locate(pred,curr,key) REMOVE return true } REMOVE = { R1: k = (curr->key ≠ key) R2: if (k) return false R3: curr->marked = true R4: mp =  pred->marked R5: mc =  curr->marked R6: val= (pred->next == curr) ? (  mp) ? (  mc) R7: if (  val) goto restart R8: r = curr->next R9: pred->next = r } bool remove(int key) { Entry *pred,*curr,*r restart: locate(pred,curr,key) REMOVE return true } REMOVE = { k = (curr->key ≠ key) if (k) return false curr->marked = true r = curr->next atomic mp =  pred->marked val=(pred->next==curr)  mp if (  val) goto restart pred->next = r } Paraglide

19 Concurrent Objects: Constructions Performance Manual Effort Sequential Naïve STM Fine-grained STM Expert Design We are now here Low-level synchronization (e.g., CAS, locks) ?

Step 5: Transform to synchronization primitives 20 bool remove(int key) { Entry *pred,*curr,*r restart: locate(pred,curr,key) k = (curr->key ≠ key) if (k) return false curr->marked = true r = curr->next atomic mp =  pred->marked val=(pred->next==curr)  mp if (  val) goto restart pred->next = r return true } Implementations CAS (if bit in pointer supported) LOCKS and TRY-LOCKS DCAS REENTRANT LOCKS and TRY-LOCKS LOCKS

Challenge: Checking Lineariziability Linearizability [Herlihy and Wing’91]  The accepted correctness criterion for concurrent objects  Compositional What do we check?  Linearizability without specified linearization points x Bounded sequence of operations (e.g. 2 adds) x No user input required x Important for automation  Linearizability with (fixed and dynamic) points x Unbounded sequences of operations x Important for deeper checking x Requires user input (instrumentation) 21

22 bool add(int key) { Entry *pred,*curr,*entry restart: locate(pred,curr,key) k = (curr->key == key) if (k) return false entry = new Entry() entry->next = curr val=CAS(&pred->next,  curr,0 ,  entry,0  ) if (  val) goto restart return true } bool remove(int key) { Entry *pred,*curr,*r restart: locate(pred,curr,key) k = (curr->key ≠ key) if (k) return false = curr->next lval=CAS(&curr->next,  r,m ,  r,1  ) if (  lval) goto restart pval=CAS(&pred->next,  curr,0 ,  r,0  ) if (  pval) goto restart return true } Answers bool contains(int key) { Entry *pred,*curr locate(pred,curr,key) k = (curr->key == key) if (k) return false return true } The Good New algorithm Fine-grained synchronization with CAS The Good New algorithm Fine-grained synchronization with CAS The Bad Can you understand what it does? Can you show it is correct? The Bad Can you understand what it does? Can you show it is correct? The Ugly How did you get it? Anything repeatable? Any other similar algorithms? The Ugly How did you get it? Anything repeatable? Any other similar algorithms?

23 Concurrent Set Algorithms – Recap DCAS Sequential DCAS CAS with LOCKS Priority Queue Stack CAS/DCAS … … Michael (PODC’02) Heller et al. (OPODIS’05) Trieber Stack Schema Correct Algorithm Existing Algorithm New Algorithm

Summary 24 Automatic Tool New Algorithms Systematic Construction Thanks Maged Michael (IBM Watson) Greta Yorsh (IBM Watson) David Bacon (IBM Watson) Mooly Sagiv (Tel-Aviv University) Hagit Attiya (Technion) Noam Rinetzky (Queen Mary) Gerard Holzmann (NASA) Steven German (IBM Watson) Dragan Bosnacki (Eindhoven U) Ras Bodik (Berkeley) Armando Solar-Lezama (Berkeley) Chris Jones (Berkeley)