Sebastian Wolff scite author profile

Sebastian Wolff

4Publications

53Citation Statements Received

183Citation Statements Given

How they've been cited

How they cite others

194

182

Affiliations

New York University, Technische Universität Braunschweig, University of Kaiserslautern

Publications

Order By: Most citations

Decoupling lock-free data structures from memory reclamation for static analysis

Meyer

Wolff

2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

Verification of concurrent data structures is one of the most challenging tasks in software verification. The topic has received considerable attention over the course of the last decade. Nevertheless, human-driven techniques remain cumbersome and notoriously difficult while automated approaches suffer from limited applicability. The main obstacle for automation is the complexity of concurrent data structures. This is particularly true in the absence of garbage collection. The intricacy of lock-free memory management paired with the complexity of concurrent data structures makes automated verification prohibitive.In this work we present a method for verifying concurrent data structures and their memory management separately. We suggest two simpler verification tasks that imply the correctness of the data structure. The first task establishes an over-approximation of the reclamation behavior of the memory management. The second task exploits this over-approximation to verify the data structure without the need to consider the implementation of the memory management itself. To make the resulting verification tasks tractable for automated techniques, we establish a second result. We show that a verification tool needs to consider only executions where a single memory location is reused. We implemented our approach and were able to verify linearizability of Michael&Scott's queue and the DGLM queue for both hazard pointers and epoch-based reclamation. To the best of our knowledge, we are the first to verify such implementations fully automatically.Otherwise, this equality may not hold.Property (G5) holds by definition together with Property (P5). It remains to show Properties (G2) to (G4) and (G6).Ad Property (G2). First consider the case where we have q ∈ valid τ . By Auxiliary (A1) we also have q ∈ valid σ . We getThe second equality holds because m τ (q) = b. That is, we preserve b.data in m τ | valid τ and only need to update the mapping of p. Similarly, we getNow consider the case q valid τ . By Auxiliary (A1) we also have q valid σ . We getThe last equality holds because the update does not survive the restriction to a set which is guaranteed not to contain p. Similarly, we getWe now get:The first equality is by definition of restrictions, the second equality is due to Property (P2), the third one is by Auxiliary (A1), and the last is again by definition. This concludes the property.Ad Property (G3). Only the valuation of p is changed by both act and act ′ . So by Property (P3) it suffices to show m τ .act (p)=a ⇐⇒ m σ .act ′ (p)=a. This follows easily:where the first and last equivalence hold due to the updates up and up ′ and the second equality holds by Property (P3).Ad Property (G4). Let c ∈ m τ .act (valid τ .act ). We have c ∈ m τ (valid τ ). To see this, consider some pexp ∈ valid τ .act such that m τ .act (pexp) = c. If pexp p, then m τ .act (pexp) = m τ (pexp) and pexp ∈ valid τ by definition. So c ∈ m τ (valid τ ) follows immediately. Otherwise, in the case of pexp ≡ p, we have m τ .act (p) = m τ (q). ...

show abstract

Pointer Race Freedom

Haziza

Holík

Meyer

et al. 2015

View full text Add to dashboard Cite

We propose a novel notion of pointer race for concurrent programs manipulating a shared heap. A pointer race is an access to a memory address which was freed, and it is out of the accessor's control whether or not the cell has been re-allocated. We establish two results. (1) Under the assumption of pointer race freedom, it is sound to verify a program running under explicit memory management as if it was running with garbage collection. (2) Even the requirement of pointer race freedom itself can be verified under the garbage-collected semantics. We then prove analogues of the theorems for a stronger notion of pointer race needed to cope with performance-critical code purposely using racy comparisons and even racy dereferences of pointers. As a practical contribution, we apply our results to optimize a thread-modular analysis under explicit memory management. Our experiments confirm a speed-up of up to two orders of magnitude.

show abstract

A concurrent program logic with a future and history

Meyer

Wies

Wolff

2022

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

Verifying fine-grained optimistic concurrent programs remains an open problem. Modern program logics provide abstraction mechanisms and compositional reasoning principles to deal with the inherent complexity. However, their use is mostly confined to pencil-and-paper or mechanized proofs. We devise a new separation logic geared towards the lacking automation. While local reasoning is known to be crucial for automation, we are the first to show how to retain this locality for (i) reasoning about inductive properties without the need for ghost code, and (ii) reasoning about computation histories in hindsight. We implemented our new logic in a tool and used it to automatically verify challenging concurrent search structures that require inductive properties and hindsight reasoning, such as the Harris set.

show abstract

Effect Summaries for Thread-Modular Analysis

Holík

Meyer

Vojnar

et al. 2017

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Sebastian Wolff

Decoupling lock-free data structures from memory reclamation for static analysis

Pointer Race Freedom

A concurrent program logic with a future and history

Effect Summaries for Thread-Modular Analysis

Contact Info

Product

Resources

About