Linearizability: a correctness condition for concurrent objects

  title={Linearizability: a correctness condition for concurrent objects},
  author={Maurice Herlihy and Jeannette M. Wing},
  journal={ACM Trans. Program. Lang. Syst.},
A concurrent object is a data object shared by concurrent processes. Linearizability is a correctness condition for concurrent objects that exploits the semantics of abstract data types. It permits a high degree of concurrency, yet it permits programmers to specify and reason about concurrent objects using known techniques from the sequential domain. Linearizability provides the illusion that each operation applied by concurrent processes takes effect instantaneously at some point between its… 

Figures from this paper

Towards linking correctness conditions for concurrent objects and contextual trace refinement
This paper presents the main issues that surround correctness conditions for concurrent objects and provides some answers by linking different correctness conditions with a form of trace refinement.
Modular Verification of Concurrency-Aware Linearizability
A thread- and procedure-modular verification technique for reasoning about CA-objects and their clients is developed and the first proof of linearizability of the elimination stack is presented, in which the stack's elimination subcomponent is specified and verified independently of its particular usage by the stack.
Speculative linearizability
This work rigorously defines speculative linearizability and proves the intra-object composition theorem in a trace-based as well as an automaton-based model, and expects this framework to enable, for the first time, scalable specifications and mechanical proofs of speculative implementations of linearizable objects.
A Simple Way to Verify Linearizability of Concurrent Stacks
The proof technique reduces linearizability of concurrent stacks to establishing a set of conditions that intuitively express the “LIFO” semantics and can be proved by simple arguments.
Brief announcement: concurrency-aware linearizability
This paper presents Concurrency Aware Linearizability (CAL), a new correctness condition which allows to formally specify the behaviour of a certain class of concurrency-aware objects and believes that CAL can be used as a basis for modular formal verification techniques for concurrency -aware objects.
Concurrent Specifications Beyond Linearizability
With the advent of parallel architectures, distributed programs are used intensively and the question of how to formally specify the behaviors expected from such programs becomes crucial. A very
Proving correctness of highly-concurrent linearisable objects
These examples are demonstrative of common design patterns such as lock coupling, optimistic, and lazy synchronisation, and it is proved that they are linearisable, safe, and they correctly implement a high-level abstraction.
A Universal Construction for Concurrent Objects
  • R. Guerraoui, M. Raynal
  • Computer Science
    The Second International Conference on Availability, Reliability and Security (ARES'07)
  • 2007
The design of the construction presented here is based on the simple and well-known state machine replication paradigm and consequently allows to better understand not only the power of consensus objects but also the subtleties of wait-free computations and the way the consensus objects allow coping with both process failures and non-determinism.
Mechanically verified proof obligations for linearizability
This article defines simulation-based proof conditions for linearizability and applies them to two concurrent implementations, a lock-free stack and a set with lock-coupling, and employs a theorem prover to mechanize the proofs.
Token-based sequential consistency in asynchronous distributed systems
  • M. Raynal
  • Computer Science
    17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003.
  • 2003
A new, surprisingly simple protocol is proposed that ensures sequential consistency when the shared memory abstraction is supported by the local memories of nodes that can communicate only by exchanging messages through reliable channels.


Axioms for concurrent objects
This paper defines and discusses linearizability, and gives examples of how to reason about concurrent objects and verify their implementations based on their (sequential) axiomatic specifications.
Verification of concurrent programs, Part I: The temporal framework
The temporal formalism is introduced as a tool for reasoning about sequences of states and the set of interesting properties is classified into invariance (safety), eventuality (liveness, and precedence) properties.
Impossibility and universality results for wait-free synchronization
A hierarchy of objects is derived such that no object at one level has a wait-free implementation in terms of objects at lower levels, and it is shown that atomic read/write registers are at the bottom of the hierarchy: they cannot be used to constructWait-free implementations of many simple and familiar data types.
Local atomicity properties: modular concurrency control for abstract data types
This paper introduces several local constraints on individual objects that suffice to ensure global atomicity of actions and presents three local atomicity properties, each of which is optimal.
Proving monitors revisited : a first step towards verifying object oriented systems
An axiomatic characterization of monitors, based on assumption-commitment style reasoning, is given that is sound and (relatively) complete that is a first step towards the formal verification of object oriented systems.
Proving Liveness Properties of Concurrent Programs
A formal proof method, based on temporal logic, for deriving liveness properties is presented, which allows a rigorous formulation of simple informal arguments and how to reason with temporal logic and use safety (invariance) properties in proving liveness is shown.
Efficient locking for concurrent operations on B-trees
The B-tree and its variants have been found to be highly useful for storing large amounts of information, especially on secondary storage devices, and a single additional “link” pointer in each node allows a process to easily recover from tree modifications performed by other concurrent processes.
Implementing atomic actions on decentralized data
A mechanism that solves both problems of synchronization of accesses to shared data and recovering the state of such data in the case of failures simultaneously in a way that is compatible with requirements of decentralized systems is described.
The serializability of concurrent database updates
Several efficiently recognizable subclasses of the class of senahzable histories are introduced and it is shown how these results can be extended to far more general transaction models, to transactions with partly interpreted functions, and to distributed database systems.
Abstract data types and software validation
The major thrust of the paper is shown how the use of algebraic axiomatizations can simplify the process of proving the correctness of an implementation of an abstract data type.