Portability Analysis for Weak Memory Models porthos: OneToolfor allModels

  • Hernán Ponce-de-León
  • Florian Furbach
  • Keijo Heljanko
  • Roland Meyer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10422)


We present porthos, the first tool that discovers porting bugs in performance-critical code. porthos takes as input a program and the memory models of the source architecture for which the program has been developed and the target model to which it is ported. If the code is not portable, porthos finds a bug in the form of an unexpected execution — an execution that is consistent with the target but inconsistent with the source memory model. Technically, porthos implements a bounded model checking method that reduces the portability analysis problem to satisfiability modulo theories (SMT). There are two main problems in the reduction that we present novel and efficient solutions for. First, the formulation of the portability problem contains a quantifier alternation (consistent + inconsistent). We introduce a formula that encodes both in a single existential query. Second, the supported memory models (e.g., Power) contain recursive definitions. We compute the required least fixed point semantics for recursion (a problem that was left open in [48]) efficiently in SMT. Finally we present the first experimental analysis of portability from TSO to Power.



We thank John Wickerson for his explanations about dead executions, Luc Maranget for several discussions about CAT models, and Egor Derevenetc for providing help with the mutual exclusion benchmarks. This work has been partially developed under contracting of Liebherr Aerospace Lindenberg GmbH and supported by the Academy of Finland project 277522. Florian Furbach was supported by the DFG project R2M2: Robustness against Relaxed Memory Models.


  1. 1.
    Abdulla, P.A., Aronis, S., Atig, M.F., Jonsson, B., Leonardsson, C., Sagonas, K.: Stateless Model Checking for TSO and PSO. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 353–367. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46681-0_28 Google Scholar
  2. 2.
    Abdulla, P.A., Atig, M.F., Jonsson, B., Leonardsson, C.: Stateless model checking for POWER. In: Chaudhuri, S., Farzan, A. (eds.) CAV 2016. LNCS, vol. 9780, pp. 134–156. Springer, Cham (2016). doi: 10.1007/978-3-319-41540-6_8 Google Scholar
  3. 3.
    Alglave, J.: A Shared Memory Poetics. Thèse de doctorat, L’université Paris Denis Diderot (2010)Google Scholar
  4. 4.
    Alglave, J., Cousot, P., Maranget, L.: Syntax and semantics of the weak consistency model specification language CAT. CoRR (2016). abs/1608.07531Google Scholar
  5. 5.
    Alglave, J., Kroening, D., Nimal, V., Poetzl, D.: Don’t sit on the fence—a static analysis approach to automatic fence insertion. In: CAV, LNCS, vol. 8559, pp. 508–524. Springer, Vienna (2014)Google Scholar
  6. 6.
    Alglave, J., Kroening, D., Tautschnig, M.: Partial orders for efficient bounded model checking of concurrent software. In: CAV, LNCS, vol. 8044, pp. 141–157. Springer, Saint Petersburg (2013)Google Scholar
  7. 7.
    Alglave, J., Maranget, L.: Stability in weak memory models. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 50–66. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22110-1_6 CrossRefGoogle Scholar
  8. 8.
    Alglave, J., Maranget, L., Tautschnig, M.: Herding cats: Modelling, simulation, testing, and data mining for weak memory. ACM Trans. Program. Lang. Syst. 36(2), 7:1–7:74 (2014)Google Scholar
  9. 9.
    Atig, M.F., Bouajjani, A., Burckhardt, S., Musuvathi, M.: On the verification problem for weak memory models. In: POPL, pp. 7–18. ACM, Madrid (2010)Google Scholar
  10. 10.
    Batty, M., Donaldson, A.F., Wickerson, J.: Overhauling SC atomics in C11 and OpenCL. In: POPL, pp. 634–648. ACM, St. Petersburg (2016)Google Scholar
  11. 11.
    Batty, M., Owens, S., Sarkar, S., Sewell, P., Weber, T.: Mathematizing C++ concurrency. In: POPL, pp. 55–66. ACM, Austin (2011)Google Scholar
  12. 12.
    Bouajjani, A., Derevenetc, E., Meyer, R.: Checking and enforcing robustness against TSO. In: Felleisen, M., Gardner, P. (eds.) ESOP 2013. LNCS, vol. 7792, pp. 533–553. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-37036-6_29 CrossRefGoogle Scholar
  13. 13.
    Burckhardt, S., Alur, R., Martin, M.M.K.: CheckFence: checking consistency of concurrent data types on relaxed memory models. In: PLDI, pp. 12–21. ACM, San Diego (2007)Google Scholar
  14. 14.
    Burckhardt, S., Musuvathi, M.: Effective program verification for relaxed memory models. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 107–120. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-70545-1_12 CrossRefGoogle Scholar
  15. 15.
    Burns, J.E., Lynch, N.A.: Bounds on shared memory for mutual exclusion. Inf. Comput. 107(2), 171–184 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Cantin, J.F., Lipasti, M.H., Smith, J.E.: The complexity of verifying memory coherence and consistency. IEEE Trans. Parallel Distrib. Syst. 16(7), 663–671 (2005)CrossRefGoogle Scholar
  17. 17.
    Collavizza, H., Rueher, M.: Exploration of the capabilities of constraint programming for software verification. In: Hermanns, H., Palsberg, J. (eds.) TACAS 2006. LNCS, vol. 3920, pp. 182–196. Springer, Heidelberg (2006). doi: 10.1007/11691372_12 CrossRefGoogle Scholar
  18. 18.
    Collier, W.W.: Reasoning About Parallel Architectures. Prentice Hall, Upper Saddle River (1992)zbMATHGoogle Scholar
  19. 19.
    Cotton, S., Asarin, E., Maler, O., Niebert, P.: Some progress in satisfiability checking for difference logic. In: Lakhnech, Y., Yovine, S. (eds.) FORMATS/FTRTFT -2004. LNCS, vol. 3253, pp. 263–276. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-30206-3_19 CrossRefGoogle Scholar
  20. 20.
    Dan, A.M., Meshman, Y., Vechev, M., Yahav, E.: Predicate abstraction for relaxed memory models. In: Logozzo, F., Fähndrich, M. (eds.) SAS 2013. LNCS, vol. 7935, pp. 84–104. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38856-9_7 CrossRefGoogle Scholar
  21. 21.
    Dan, A.M., Yuri, M., Yahav, M.T., Eran, Y.: Effective abstractions for verification under relaxed memory models. In: D ’Souza, D., Lal, A., Larsen, K.G. (eds.) VMCAI 2015. LNCS, vol. 8931, pp. 449–466. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46081-8_25
  22. 22.
    Derevenetc, E., Meyer, R.: Robustness against power is PSpace-complete. In: Esparza, J., Fraigniaud, P., Husfeldt, T., Koutsoupias, E. (eds.) ICALP 2014. LNCS, vol. 8573, pp. 158–170. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-43951-7_14 Google Scholar
  23. 23.
    Dijkstra, E.W.: Cooperating sequential processes. In: The Origin of Concurrent Programming, pp. 65–138. Springer, New York (2002)Google Scholar
  24. 24.
    Enea, C., Farzan, A.: On atomicity in presence of non-atomic writes. In: Chechik, M., Raskin, J.-F. (eds.) TACAS 2016. LNCS, vol. 9636, pp. 497–514. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49674-9_29 CrossRefGoogle Scholar
  25. 25.
    Farzan, A., Madhusudan, P.: Monitoring atomicity in concurrent programs. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 52–65. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-70545-1_8 CrossRefGoogle Scholar
  26. 26.
    Flur, S., Gray, K.E., Pulte, C., Sarkar, S., Sezgin, A., Maranget, L., Deacon, W., Sewell, P.: Modelling the ARMv8 architecture, operationally: concurrency and ISA. In: POPL, pp. 608–621. ACM, St. Petersburg (2016)Google Scholar
  27. 27.
    Furbach, F., Meyer, R., Schneider, K., Senftleben, M.: Memory-model-aware testing: a unified complexity analysis. ACM Trans. Embedded Comput. Syst. 14(4), 63 (2015)CrossRefGoogle Scholar
  28. 28.
    Gebser, M., Janhunen, T., Rintanen, J.: SAT modulo graphs: Acyclicity. In: Fermé, E., Leite, J. (eds.) JELIA 2014. LNCS (LNAI), vol. 8761, pp. 137–151. Springer, Cham (2014). doi: 10.1007/978-3-319-11558-0_10 Google Scholar
  29. 29.
    Gibbons, P.B., Korach, E.: Testing shared memories. SIAM J. Comput. 26, 1208–1244 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
  30. 30.
    Heljanko, K., Keinänen, M., Lange, M., Niemelä, I.: Solving parity games by a reduction to SAT. J. Comput. Syst. Sci. 78(2), 430–440 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Kuperstein, M., Vechev, M.T., Yahav, E.: Automatic inference of memory fences. SIGACT News 43(2), 108–123 (2012)CrossRefGoogle Scholar
  32. 32.
    Lamport, L.: A new solution of Dijkstra’s concurrent programming problem. Commun. ACM 17(8), 453–455 (1974)MathSciNetCrossRefzbMATHGoogle Scholar
  33. 33.
    Lamport, L.: A fast mutual exclusion algorithm. ACM Trans. Comput. Syst. 5(1), 1–11 (1987)CrossRefGoogle Scholar
  34. 34.
    Liu, F., Nedev, N., Prisadnikov, N., Vechev, M.T., Yahav, E.: Dynamic synthesis for relaxed memory models. In: PLDI, pp. 429–440. ACM, Beijing (2012)Google Scholar
  35. 35.
    Mador-Haim, S., Alur, R., Martin, M.M.K.: Generating litmus tests for contrasting memory consistency models. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 273–287. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14295-6_26 CrossRefGoogle Scholar
  36. 36.
    Mador-Haim, S., Maranget, L., Sarkar, S., Memarian, K., Alglave, J., Owens, S., Alur, R., Martin, M.M.K., Sewell, P., Williams, D.: An axiomatic memory model for POWER multiprocessors. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 495–512. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31424-7_36 CrossRefGoogle Scholar
  37. 37.
    Peterson, G.L.: Myths about the mutual exclusion problem. Inf. Process. Lett. 12(3), 115–116 (1981)CrossRefzbMATHGoogle Scholar
  38. 38.
    Ponce de León, H., Furbach, F., Heljanko, K., Meyer, R.: Portability analysis for axiomatic memory models. PORTHOS: One tool for all models. CoRR (2017). abs/1702.06704Google Scholar
  39. 39.
    Rice, H.G.: Classes of recursively enumerable sets and their decision problems. Trans. Am. Math. Soc. 74(2), 358–366 (1953)MathSciNetCrossRefzbMATHGoogle Scholar
  40. 40.
    Sarkar, S., Sewell, P., Alglave, J., Maranget, L., Williams, D.: Understanding POWER multiprocessors. In: PLDI, pp. 175–186. ACM, San Jose (2011)Google Scholar
  41. 41.
    Sarkar, S., Sewell, P., Nardelli, F.Z., Owens, S., Ridge, T., Braibant, T., Myreen, M.O, Alglave, J.: The semantics of x86-CC multiprocessor machine code. In: POPL, pp. 379–391. ACM, Savannah (2009)Google Scholar
  42. 42.
    Stockmeyer, L.J.: The polynomial-time hierarchy. Theor. Comput. Sci. 3(1), 1–22 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  43. 43.
    Stoltenberg-Hansen, V., Griffor, E.R., Lindstrom, I.: Mathematical Theory of Domains. Cambridge Tracts in Theoretical Computer Science. Cambridge University Press, Cambridge (1994)CrossRefzbMATHGoogle Scholar
  44. 44.
    Szymanski, B.K.: A simple solution to Lamport’s concurrent programming problem with linear wait. In: ICS, pp. 621–626. ACM, Saint Malo (1988)Google Scholar
  45. 45.
    Torlak, E., Vaziri, M., Dolby, J.: MemSAT: Checking axiomatic specifications of memory models. In: PLDI, pp. 341–350. ACM, Toronto (2010)Google Scholar
  46. 46.
    Turon, A., Vafeiadis, V., Dreyer, D.: GPS: Navigating weak memory with ghosts, protocols, and separation. In: OOPSLA, pp. 691–707. ACM, Portland (2014)Google Scholar
  47. 47.
    Vafeiadis, V., Narayan, C.: Relaxed separation logic: A program logic for C11 concurrency. In: OOPSLA, pp. 867–884. ACM, Indianapolis (2013)Google Scholar
  48. 48.
    Wickerson, J., Batty, M., Sorensen, T., Constantinides, G.A.: Automatically comparing memory consistency models. In: POPL, pp. 190–204. ACM, Paris (2017)Google Scholar
  49. 49.
    Yang, Y., Gopalakrishnan, G., Lindstrom, G., Slind, K.: Nemos: A framework for axiomatic and executable specifications of memory consistency models. IEEE Computer Society, In: IPDPS (2004)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Hernán Ponce-de-León
    • 1
  • Florian Furbach
    • 2
  • Keijo Heljanko
    • 3
  • Roland Meyer
    • 4
  1. 1.fortiss GmbHMünchenGermany
  2. 2.TU KaiserslauternKaiserslauternGermany
  3. 3.Aalto University and HIITEspooFinland
  4. 4.TU BraunschweigBraunschweigGermany

Personalised recommendations