05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

Metadata
On distributed systems broadly defined and other curiosities. The opinions on this
site are my own.

Linearizability: A Correctness Condition

for Concurrent Objects
- August 09, 2024

This paper is from Herlihy and Wing appeared in ACM Transactions on

Programming Languages and Systems 1990. This is the canonical reference for
the linearizability definition.

I had not read this paper in detail before, so I thought it would be good to go to
the source to see if there are additional delightful surprises in the original text.
Hence, this post.

I will dive into a technical analysis of the paper first, and then discuss some of
my takes toward the end.

I had written an accessible explanation of linearizability earlier; you may want to

read that first. I will assume an understanding of linearizability to keep this
review at reasonable length.

Introduction
I love how the old papers just barge in with the model, without bothered by
pleasantries such as motivation of the problem. These are the first two
sentences of the introduction.

"A concurrent system consists of a collection of sequential processes that

communicate through shared typed objects. This model encompasses both
message-passing architectures in which the shared objects are message queues,
and shared-memory architectures in which the shared objects are data structures
in memory."

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 1/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

The major thing that pops up is the emphasis on the "object" model. C++
appeared in 1985, and object-oriented was all the hype at the time. And this is a
programming language journal, so the emphasis objects is warranted.

A friend of mine is very impressed that this linearizability paper did not just
consider read/writes on values for illustrating linearizability, but instead used a
queue object (with state and methods proper). He likes the generality this
definition affords (compared to a read/write register model), and thinks this
could have applications for improving availability. After considering the context
of the paper, though, I am not sure if this was a conscious choice by the authors
or was just a historical accident.

The queue object has two methods, enqueue and dequeue. The paper uses a
weird notation, but after correcting for it, you understand what is going on in this
examples. E(x) A represents process A enqueues item x: the invocation is the
start of the interval, and the receipt of the response marks the end of the
interval. Similarly, D(y) A means that A dequeued an item from the queue, and
the returned item turned out to be item y.

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 2/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

Linearizability provides the illusion that each operation applied by concurrent

processes takes effect instantaneously at some point between its invocation
and its response, implying that the meaning of a concurrent object’s operations
can be given by pre- and post-conditions. History in Fig 1.b is not acceptable
because clearly x was enqueued first, so the first dequeue operation should
return x, not y--which is enqueued behind x. History in Fig 1.d is not acceptable
because you cannot dequeue y twice. It would have been acceptable if the
second dequeue operation returned x, because the enqueue of x and y
overlapped, and it is possible that y overtook x in linearization order in the
queue. (Alex Miller created a tool to create diagrams similar to Figure 1 by just
taking text annotation as input. Check this out.)

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 3/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

Behind the curtain, linearizability still admits a lot of concurrency/interleaving. I

loved Fig 5 as it provides a great illustration of how an observation by the client
leads to collapse of multiple possible worlds behind the curtain. There is one
reality, but there are multiple worlds/possibilities that fits the current
observation, and a new observation leads to a collapse of multiple worlds.

Here are some things I didn't like in the paper's explanations. In the queue
implementation, the atomic blocks are unclear. Is the entire Enqueue method
atomic? How about Deq, is each iteration of while atomic, or the entire while
atomic. The paper tries to be very precise in other places but drops the ball big
time in this discussion. Also I am bothered that they provided an inefficient naive
implementation of the queue.

Theorems about Linearizability

This is the big theorem in the paper and this is also supposed to be the big
selling point of linearizability.

A property P of a concurrent system is said to be local if the system as a whole

satisfies P whenever each individual object satisfies P. Linearizability is a local
property:

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 4/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

THEOREM 1. H is linearizable if and only if, for each object x, H|x is linearizable.

This seems to be a bit tautological and straightforward. I found Theorem 2

much more impressive.

Linearizability is a nonblocking property: a pending invocation of a totally- defined

operation is never required to wait for another pending invocation to complete.

THEOREM 2. Let inv be an invocation of a total operation. If <x inv P> is a pending
invocation in a linearizable history H, then there exists a response <x res P> such
that H . <x res P> is linearizable.

Serializability and linearizability

The paper then says that serializability lacks these nice properties of
linearizability. I mean, yeah, because it is not a single object property. It is an
isolation property, not a consistency property like linearizability.

https://jepsen.io/consistency

The paper says this: Linearizability can be viewed as a special case of strict
serializability where transactions are restricted to consist of a single operation
applied to a single object. Nevertheless, this single-operation restriction has far-
reaching practical and formal consequences, giving linearizable computations a
https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 5/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

different flavor from their serializable counterparts. An immediate practical

consequence is that concurrency control mechanisms appropriate for serializability
are typically inappropriate for linearizability because they introduce unnecessary
overhead and place unnecessary restrictions on concurrency. For example, the
queue implementation given below in Section 4 is much more efficient and much
more concurrent than an analogous implementation using conventional
serializability oriented techniques such as two-phase locking or multi-version
timestamping.

The comparison is somewhat unwarranted, and also this whole thing is a bit
confusing to me. When this paper was written, people already knew about strict
serializability which includes per object linearizability. I find it weird that strict
serializability came to be before a formal definition of linearizability. Isn't that
backwards?

Swept under the rug

The model swipes under the rug an important behavior. You don't always get a
response. You may get a timeout. Or the response message may be lost. In
these cases you don't know if the operation succeeded or not! Then what do you
do? The paper concerns itself with only complete histories. In the absence of
missing responses, things get much harder.

In practice, differentiated histories trick is used for resolving this problem. "We
prove that reasoning about causal consistency w.r.t. the RWM abstraction
becomes tractable under the natural assumption of data independence (i.e.,
read and write instructions is insensitive to the actual data values that are read
or written)." The idea is that if you use a monotonous sequencer (or true time)
as the identifier of requests, you can simplify things back, and manage
complexity. Furthermore operations that over-write a previous value completely,
like write/update operations in key-value stores (e.g., S3) make the linearizability
reasoning even simpler because you get a clean the slate when you get a
notification of a later timestamped operation, and collapse all the doubts about
lesser timestamped unacknowledged operations. Either they took effect, and
now it is irrelevant because this recent update overwrote them, or they were not
yet processed, but they will never be processed by the system because a higher

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 6/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

timestamped operation has already been processed. In either case, you

collapsed the uncertainties.

consistency

Post a Comment

Popular posts from this blog

Hints for Distributed Systems Design

- October 02, 2023

This is with apologies to Butler Lampson, who published the " Hints for
computer system design " paper 40 years ago in SOSP'83. I don't claim to match
that work of course. I just thought I could draft this post to organize my thinking…

READ MORE >>

Learning about distributed systems: where to start?

- June 10, 2020

This is definitely not a "learn distributed systems in 21 days" post. I recommend

a principled, from the foundations-up, studying of distributed systems, which will
take a good three months in the first pass, and many more months to build …

READ MORE >>

Making database systems usable

- August 19, 2024

C. J. Date's Sigmod 1983 keynote, "Database Usability", was prescient. Usability

is the most important thing to the customers. They care less about impressive
benchmarks or clever algorithms, and more about whether they can operate and…

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 7/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

READ MORE >>

Looming Liability Machines (LLMs)

- August 24, 2024

As part of our zoom reading group ( wow, 4.5 years old now ), we discussed a
paper that uses LLMs for automatic root cause analysis (RCA) for cloud
incidents. This was a pretty straightforward application of LLMs. The proposed …

READ MORE >>

Foundational distributed systems papers

- February 27, 2021

I talked about the importance of reading foundational papers last week. To

followup, here is my compilation of foundational papers in the distributed
…
systems area. (I focused on the core distributed systems area, and did not cover

READ MORE >>

Advice to the young

- July 30, 2024

I notice I haven't written any advice posts recently. Here is a

collection of my advice posts pre 2020. I've been feeling all this
elderly wisdom pent up in me, ready to pour at any moment. So…

READ MORE >>

Scalable OLTP in the Cloud: What’s the BIG DEAL?

- January 17, 2024

This paper is from Pat Helland, the apostate philosopher of

database systems, overall a superb person, and a good friend of
mine. The paper appeared this week at CIDR'24. (Check out the…

READ MORE >>

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 8/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

Understanding the Performance Implications of Storage-

Disaggregated Databases
- July 23, 2024

Storage-compute disaggregation in databases has emerged as

a pivotal architecture in cloud environments, as evidenced by
Amazon ( Aurora ), Microsoft ( Socrates ), Google (AlloyDB), …

READ MORE >>

Designing Data Intensive Applications (DDIA) Book

- August 06, 2024

We started reading this book as part of Alex Petrov's book club .

We just got started, so you can join us, by joining the discord
channel above. We meet Wednesday's 11am Eastern Time. …

READ MORE >>

Powered by Blogger

Theme images by Michael Elkan

Murat Demirbas

MURAT

I am a principal research scientist at

MongoDB Research. Ex-AWS. On
leave as a computer science and
engineering professor at SUNY

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 9/10
05/11/2024, 23:54 Linearizability: A Correctness Condition for Concurrent Objects

Buffalo. I work on distributed

systems, distributed consensus, and
cloud computing. You can follow me
on Mastodon or Twitter

VISIT PROFILE

Pageviews

4602458

Recent Posts

Topics

https://muratbuffalo.blogspot.com/2024/08/linearizability-correctness-condition.html 10/10