TY - GEN
T1 - Verifying concurrent search structure templates
AU - Krishna, Siddharth
AU - Patel, Nisarg
AU - Shasha, Dennis
AU - Wies, Thomas
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/6/11
Y1 - 2020/6/11
N2 - Concurrent separation logics have had great success reasoning about concurrent data structures. This success stems from their application of modularity on multiple levels, leading to proofs that are decomposed according to program structure, program state, and individual threads. Despite these advances, it remains difficult to achieve proof reuse across different data structure implementations. For the large class of search structures, we demonstrate how one can achieve further proof modularity by decoupling the proof of thread safety from the proof of structural integrity. We base our work on the template algorithms of Shasha and Goodman that dictate how threads interact but abstract from the concrete layout of nodes in memory. Building on the recently proposed flow framework of compositional abstractions and the separation logic Iris, we show how to prove correctness of template algorithms, and how to instantiate them to obtain multiple verified implementations. We demonstrate our approach by mechanizing the proofs of three concurrent search structure templates, based on link, give-up, and lock-coupling synchronization, and deriving verified implementations based on B-trees, hash tables, and linked lists. These case studies include algorithms used in real-world file systems and databases, which have been beyond the capability of prior automated or mechanized verification techniques. In addition, our approach reduces proof complexity and is able to achieve significant proof reuse.
AB - Concurrent separation logics have had great success reasoning about concurrent data structures. This success stems from their application of modularity on multiple levels, leading to proofs that are decomposed according to program structure, program state, and individual threads. Despite these advances, it remains difficult to achieve proof reuse across different data structure implementations. For the large class of search structures, we demonstrate how one can achieve further proof modularity by decoupling the proof of thread safety from the proof of structural integrity. We base our work on the template algorithms of Shasha and Goodman that dictate how threads interact but abstract from the concrete layout of nodes in memory. Building on the recently proposed flow framework of compositional abstractions and the separation logic Iris, we show how to prove correctness of template algorithms, and how to instantiate them to obtain multiple verified implementations. We demonstrate our approach by mechanizing the proofs of three concurrent search structure templates, based on link, give-up, and lock-coupling synchronization, and deriving verified implementations based on B-trees, hash tables, and linked lists. These case studies include algorithms used in real-world file systems and databases, which have been beyond the capability of prior automated or mechanized verification techniques. In addition, our approach reduces proof complexity and is able to achieve significant proof reuse.
KW - Concurrent data structures
KW - Flow framework
KW - Separation logic
KW - Template-based verification
UR - http://www.scopus.com/inward/record.url?scp=85086825648&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85086825648&partnerID=8YFLogxK
U2 - 10.1145/3385412.3386029
DO - 10.1145/3385412.3386029
M3 - Conference contribution
AN - SCOPUS:85086825648
T3 - Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)
SP - 181
EP - 196
BT - PLDI 2020 - Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation
A2 - Donaldson, Alastair F.
A2 - Torlak, Emina
PB - Association for Computing Machinery
T2 - 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2020
Y2 - 15 June 2020 through 20 June 2020
ER -