170 likes | 389 Views
Exploring Linearizability. 刘高昂. Definition :. Q : What is linearizability ?. Overview. A correctness property describe the program’s behaviour . Principle: Each method call should appear to take effect instantaneously at some moment between its invocation and response.
E N D
Definition : Q : What is linearizability ?
Overview • A correctness property describe the program’s behaviour . • Principle: Each method call should appear to take effect instantaneously at some moment between its invocation and response
For concurrent history A sequential specification : FIFO (first in first out) LIFO (last ... out)
For concurrent history A concurrent history is linearizable comply with the sequential specification , If there is a sequential history S extracted from the concurrent history H, so that the sequential history S satisfies this specification
Example_1 non_linearizable & Spec : FIFO |--------ta.enq(1)-------| |--------ta.enq(2)---------| |--------tb.deq(2)--------|
Example_2 linearizable & Spec : FIFO |----ta.enq(1)----| |----ta.enq(2)----| |-------tb.deq(2)-------| |--------tc.deq(1)--------|
Formal Definition : > Linearizable : A history H is linearizable if it has an extension H’ and there is a legal sequential history S such that : L1 : complete(H’) is equivalent to S , and L2: if method call m0 precedes method call m1 in H , then the same is true is S . > Refer S as a linearization of H Detailed explanation could be found in "Linearizability : a correctness condition for concurrent objects"
Definitions >> Method call : a pair consist of an invocation and the next matching response if history H . <inv(m), res(m)>
Definitions • Extension H' of H : H' is a history by appending responses to zero or more pending invocations of H Say : H = q Enq(x) A q OK() A q Enq(y) B q OK() B q Deq() B q Deq() A • H ' = H . q OK(x) B . q OK(y) A
Definitions • Complete(H) : the maximal subsequence of H consisting only of invocations and matching responses . Complete (H) = q Enq(x) A q OK() A q Enq(y) B q OK() B
Why linearizability ? Compositionality : H is linearizable if ,and only if , for each object x , H|x is linearizable . Compositionality if import as it 1 .allows concurrent systems to designed and constructed in a modular fashion 2. Linearizable objects can be implemented , verified , and executed independently .
Nonblocking : every pending invocation has a correct response . No deadlock , No non_terminating loop .
How to prove linearizability ? > Theorem proving , abstract the code into semantics ,and supply that to theorem prover . Need hand-crafted > Enumerate , state explosion E.g: 5 Threads , 1 method for each thread The worst case : 5 ! = 120
Locate LP • Alternative solution : locate linearizable point (LP) Potential LP : write / read • Tools : VeriTrace • implemented though JPF(java path finder) , to get the traces of each execution ,and then check the properties of traces histories . • sound but not complete