On library correctness under weak memory consistency: specifying and verifying concurrent libraries under declarative consistency models

Ori Lahav,Lovro Rožić,Azalea Raad,Marko Doko,Viktor Vafeiadis

doi:10.1145/3290381

Abstract

Concurrent libraries are the building blocks for concurrency. They encompass a range of abstractions (locks, exchangers, stacks, queues, sets) built in a layered fashion: more advanced libraries are built out of simpler ones. While there has been a lot of work on verifying such libraries in a sequentially consistent (SC) environment, little is known about how to specify and verify them under weak memory consistency (WMC). We propose a general declarative framework that allows us to specify concurrent libraries declaratively, and to verify library implementations against their specifications compositionally. Our framework is sufficient to encode standard models such as SC, (R)C11 and TSO. Additionally, we specify several concurrent libraries, including mutual exclusion locks, reader-writer locks, exchangers, queues, stacks and sets. We then use our framework to verify multiple weakly consistent implementations of locks, exchangers, queues and stacks.

Highlights

Large software systems are typically structured as layers of abstractions, where higher-level abstractions are constructed using lower-level ones
In several cases, we demonstrate that existing linearisability-style approaches are not suitable for specification under weak memory consistency (WMC)
In ğ3 we describe the semantics of our language

Summary

INTRODUCTION

Large software systems are typically structured as layers of abstractions, where higher-level abstractions are constructed using lower-level ones. Concurrent systems are often verified compositionally: each constituent library of the system is specified separately, and each library implementation is verified against its specification. We seek to specify and verify concurrent libraries in a general fashion, agnostic to the underlying memory model (SC or WMC) To this end, in ğ4 we propose a unifying general framework that allows us (1) to specify concurrent libraries declaratively, in the existing style of declarative models (e.g. RC11 [Lahav et al 2017]); and (2) to verify library implementations against their specifications compositionally. To demonstrate the generality of our framework for library specification, in ğ5 we specify several concurrent libraries, including C11-style atomic memory accesses, mutual exclusion locks, readerwriter locks, exchangers, queues, stacks and sets.

OVERVIEW OF MAIN IDEAS

SEMANTICS

Specifying Concurrent Libraries

Verifying Library Implementations

SPECIFYING CONCURRENT LIBRARIES IN OUR FRAMEWORK

Exchanger Library Specification

Queue Library Specification

Stack Library Specification

Weak Stack Library Specification

VERIFYING CONCURRENT LIBRARY CLIENTS

Exchanger Implementation

Herlihy-Wing Queue Implementations