TY - JOUR
T1 - Verifying concurrent multicopy search structures
AU - Patel, Nisarg
AU - Krishna, Siddharth
AU - Shasha, Dennis
AU - Wies, Thomas
N1 - Funding Information:
This work is funded in parts by the National Science Foundation under grants 1925605, 1815633, 1934388, 1840761, and 1339362. Further funding came from NYU WIRELESS and from the New York University Abu Dhabi Center for Interacting Urban Networks (CITIES). We thank Elizabeth Dietrich and Raphael Sofaer for their help on mechanizing the proofs of the differential file template. We also extend our gratitude to the anonymous reviewers of OOPSLA’21 whose questions helped us clarify the presentation. We would also like to thank the reviewers of the book [Krishna et al. 2021], specifically Maurice Herlihy, Eddie Kohler, Robbert Krebbers, K. Rustan M. Leino, and Peter Müller, for their suggestions to improve the presentation.
Publisher Copyright:
© 2021 Owner/Author.
PY - 2021/10
Y1 - 2021/10
N2 - Multicopy search structures such as log-structured merge (LSM) trees are optimized for high insert/update/delete (collectively known as upsert) performance. In such data structures, an upsert on key k, which adds (k,v) where v can be a value or a tombstone, is added to the root node even if k is already present in other nodes. Thus there may be multiple copies of k in the search structure. A search on k aims to return the value associated with the most recent upsert. We present a general framework for verifying linearizability of concurrent multicopy search structures that abstracts from the underlying representation of the data structure in memory, enabling proof-reuse across diverse implementations. Based on our framework, we propose template algorithms for (a) LSM structures forming arbitrary directed acyclic graphs and (b) differential file structures, and formally verify these templates in the concurrent separation logic Iris. We also instantiate the LSM template to obtain the first verified concurrent in-memory LSM tree implementation.
AB - Multicopy search structures such as log-structured merge (LSM) trees are optimized for high insert/update/delete (collectively known as upsert) performance. In such data structures, an upsert on key k, which adds (k,v) where v can be a value or a tombstone, is added to the root node even if k is already present in other nodes. Thus there may be multiple copies of k in the search structure. A search on k aims to return the value associated with the most recent upsert. We present a general framework for verifying linearizability of concurrent multicopy search structures that abstracts from the underlying representation of the data structure in memory, enabling proof-reuse across diverse implementations. Based on our framework, we propose template algorithms for (a) LSM structures forming arbitrary directed acyclic graphs and (b) differential file structures, and formally verify these templates in the concurrent separation logic Iris. We also instantiate the LSM template to obtain the first verified concurrent in-memory LSM tree implementation.
KW - concurrent data structures
KW - flow framework
KW - log-structured merge trees
KW - separation logic
KW - template-based verification
UR - http://www.scopus.com/inward/record.url?scp=85115823130&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115823130&partnerID=8YFLogxK
U2 - 10.1145/3485490
DO - 10.1145/3485490
M3 - Article
AN - SCOPUS:85115823130
SN - 2475-1421
VL - 5
JO - Proceedings of the ACM on Programming Languages
JF - Proceedings of the ACM on Programming Languages
IS - OOPSLA
M1 - 113
ER -