Verifying Local Transformations on Relaxed Memory Models

  • Sebastian Burckhardt
  • Madanlal Musuvathi
  • Vasu Singh
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6011)

Abstract

The problem of locally transforming or translating programs without altering their semantics is central to the construction of correct compilers. For concurrent shared-memory programs this task is challenging because (1) concurrent threads can observe transformations that would be undetectable in a sequential program, and (2) contemporary multiprocessors commonly use relaxed memory models that complicate the reasoning.

In this paper, we present a novel proof methodology for verifying that a local program transformation is sound with respect to a specific hardware memory model, in the sense that it is not observable in any context. The methodology is based on a structural induction and relies on a novel compositional denotational semantics for relaxed memory models that formalizes (1) the behaviors of program fragments as a set of traces, and (2) the effect of memory model relaxations as local trace rewrite operations.

To apply this methodology in practice, we implemented a semi- automated tool called Traver and used it to verify/falsify several compiler transformations for a number of different hardware memory models.

References

  1. 1.
    Adve, S., Gharachorloo, K.: Shared memory consistency models: a tutorial. Computer 29(12), 66–76 (1996)CrossRefGoogle Scholar
  2. 2.
    Adve, S., Hill, M.: A unified formalization of four shared-memory models. IEEE Trans. Parallel Distrib. Syst. 4(6), 613–624 (1993)CrossRefGoogle Scholar
  3. 3.
    Arvind, Maessen, J.-W.: Memory model = instruction reordering + store atomicity. In: ISCA, pp. 29–40 (2006)Google Scholar
  4. 4.
    Boehm, H.-J., Adve, S.V.: Foundations of the C++ concurrency memory model. In: Programming Language Design and Implementation (PLDI), pp. 68–78 (2008)Google Scholar
  5. 5.
    Boudol, G., Petri, G.: Relaxed memory models: an operational approach. In: Principles of Programming Languages, POPL (2009)Google Scholar
  6. 6.
    Brookes, S.: Full abstraction for a shared variable parallel language. In: LICS, pp. 98–109 (1993)Google Scholar
  7. 7.
  8. 8.
    Burckhardt, S., Musuvathi, M., Singh, V.: Verification of compiler transformations for concurrent programs. Technical Report MSR-TR-2008-171, Microsoft Research (2008)Google Scholar
  9. 9.
    Cenciarelli, P., Sibilio, E.: The java memory model: Operationally, denotationally, axiomatically. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 331–346. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Compaq Computer Corporation. Alpha Architecture Reference Manual, 4th edn. (January 2002)Google Scholar
  11. 11.
    de Moura, L.M., Bjørner, N.: Z3: An efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
  13. 13.
    Sarkar, S., et al.: The semantics of x86-CC multiprocessor machine code. In: Principles of Programming Languages, POPL (2009)Google Scholar
  14. 14.
    Gharachorloo, K.: Memory Consistency Models for Shared-Memory Multiprocessors. PhD thesis, University of Utah (2005)Google Scholar
  15. 15.
    Intel Corporation. Intel 64 Architecture Memory Ordering White Paper (August 2007)Google Scholar
  16. 16.
    International Business Machines Corporation. z/Architecture Principles of Operation, 1st edn. (December 2000)Google Scholar
  17. 17.
    Klein, G., Nipkow, T.: A machine-checked model for a java-like language, virtual machine, and compiler. ACM Transactions on Programming Languages and Systems 28(4), 619–695 (2006)CrossRefGoogle Scholar
  18. 18.
    Lerner, S., Millstein, T., Chambers, C.: Automatically proving the correctness of compiler optimizations. In: Programming Language Design and Implementation (PLDI), pp. 220–231 (2003)Google Scholar
  19. 19.
    Leroy, X.: Formal certification of a compiler back-end or: programming a compiler with a proof assistant. In: Principles of programming languages (POPL), pp. 42–54 (2006)Google Scholar
  20. 20.
    Manson, J., Pugh, W., Adve, S.: The Java memory model. In: Principles of Programming Languages (POPL), pp. 378–391 (2005)Google Scholar
  21. 21.
    Morrison, V.: Understand the impact of low-lock techniques in multithreaded apps. MSDN Magazine 20(10) (October 2005)Google Scholar
  22. 22.
    Owens, S., Sarkar, S., Sewell, P.: A better x86 memory model: x86-TSO (extended version). Technical Report UCAM-CL-TR-745, Univ. of Cambridge (2009)Google Scholar
  23. 23.
    Park, S., Dill, D.L.: An executable specification, analyzer and verifier for RMO (relaxed memory order). In: Symposium on Parallel Algorithms and Architectures (SPAA), pp. 34–41 (1995)Google Scholar
  24. 24.
    Saraswat, V., Jagadeesan, R., Michael, M., von Praun, C.: A theory of memory models. In: PPoPP 2007: Principles and practice of parallel programming, pp. 161–172 (2007)Google Scholar
  25. 25.
    Sevcik, J.: Program Transformations in Weak Memory Models. PhD thesis, University of Edinburgh (2008)Google Scholar
  26. 26.
    Sevcik, J., Aspinall, D.: On validity of program transformations in the Java memory model. In: Vitek, J. (ed.) ECOOP 2008. LNCS, vol. 5142, pp. 27–51. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  27. 27.
    Shen, X., Arvind, Rudolph, L.: Commit-reconcile & fences (crf): A new memory model for architects and compiler writers. In: ISCA, pp. 150–161 (1999)Google Scholar
  28. 28.
    Weaver, D., Germond, T. (eds.): The SPARC Architecture Manual Version 9. PTR Prentice Hall, Englewood Cliffs (1994)Google Scholar
  29. 29.
    Young, W.D.: A mechanically verified code generator. Journal of Automated Reasoning 5(4), 493–518 (1989)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Sebastian Burckhardt
    • 1
  • Madanlal Musuvathi
    • 1
  • Vasu Singh
    • 2
  1. 1.Microsoft Research 
  2. 2.EPFLSwitzerland

Personalised recommendations