Skip to main content
SpringerLink
Log in

Model checking transactional memories

  • Published:
Distributed Computing Aims and scope Submit manuscript

Abstract

Model checking transactional memories (TMs) is difficult because of the unbounded number, length, and delay of concurrent transactions, as well as the unbounded size of the memory. We show that, under certain conditions satisfied by most TMs we know of, the model checking problem can be reduced to a finite-state problem, and we illustrate the use of the method by proving the correctness of several TMs, including two-phase locking, DSTM, and TL2. The safety properties we consider include strict serializability and opacity; the liveness properties include obstruction freedom, livelock freedom, and wait freedom. Our main contribution lies in the structure of the proofs, which are largely automated and not restricted to the TMs mentioned above. In a first step we show that every TM that enjoys certain structural properties either violates a requirement on some program with two threads and two shared variables, or satisfies the requirement on all programs. In the second step, we use a model checker to prove the requirement for the TM applied to a most general program with two threads and two variables. In the safety case, the model checker checks language inclusion between two finite-state transition systems, a nondeterministic transition system representing the given TM applied to a most general program, and a deterministic transition system representing a most liberal safe TM applied to the same program. The given TM transition system is nondeterministic because a TM can be used with different contention managers, which resolve conflicts differently. In the liveness case, the model checker analyzes fairness conditions on the given TM transition system.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Alur R., McMillan K.L., Peled D.: Model-checking of correctness conditions for concurrent objects. Inf. Comput. 160, 167–188 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  2. Anderson J.H., Kim Y., Herman T.: Shared-memory mutual exclusion: major research trends since 1986. Distrib. Comput. 16, 75–110 (2003)

    Article  Google Scholar 

  3. Browne M.C., Clarke E.M., Grumberg O.: Reasoning about networks with many identical finite state processes. Inf. Comput. 81(11), 13–31 (1989)

    Article  MATH  MathSciNet  Google Scholar 

  4. Burckhardt, S., Alur, R., Martin, M.M.K.: CheckFence: checking consistency of concurrent data types on relaxed memory models. In: PLDI, pp. 12–21 (2007)

  5. Cohen, A., O’Leary, J., Pnueli, A., Tuttle, M.R., Zuck, L.: Verifying correctness of transactional memories. In: FMCAD, pp. 37–44 (2007)

  6. Cohen, A., Pnueli, A., Zuck, L.D.: Mechanical verification of transactional memories with non-transactional memory accesses. In: CAV, pp. 121–134. Springer (2008)

  7. Dice, D., Shalev, O., Shavit, N.: Transactional locking II. In: DISC, pp. 194–208. Springer (2006)

  8. Flé M., Roucairol G.: Maximal serializability of iterated transactions. Theor. Comput. Sci. 38(11), 1–16 (1985)

    Article  MATH  Google Scholar 

  9. Fraser, K., Harris, T.: Concurrent programming without locks. ACM Trans. Comput. Syst. (2007)

  10. Gopalakrishnan, G., Yang, Y., Sivaraj, H.: QB or Not QB: an efficient execution verification tool for memory orderings. In: CAV, pp. 401–413. Springer (2004)

  11. Guerraoui, R., Henzinger, T.A., Jobstmann, B., Singh, V.: Model checking transactional memories. In: PLDI, pp. 372–382 (2008)

  12. Guerraoui, R., Henzinger, T.A., Singh, V.: Completeness and nondeterminism in model checking transactional memories. In: CONCUR, pp. 21–35 (2008)

  13. Guerraoui, R., Henzinger, T.A., Singh, V.: Software transactional memory on relaxed memory models. In: CAV, pp. 321–336 (2009)

  14. Guerraoui, R., Herlihy, M., Pochon, B.: Polymorphic contention management. In: DISC, pp. 303–323 (2005)

  15. Guerraoui, R., Kapalka, M.: On the correctness of transactional memory. In: PPoPP, pp. 175–184 (2008)

  16. Henzinger, T.A., Qadeer, S., Rajamani, S.K.: Verifying sequential consistency on shared-memory multiprocessor systems. In CAV, pp. 301–315. Springer (1999)

  17. Herlihy M.: Wait-free synchronization. ACM Trans. Program. Lang. Syst. 13(1), 124–149 (1991)

    Article  Google Scholar 

  18. Herlihy, M., Luchangco, V., Moir, M.: Obstruction-free synchronization: double-ended queues as an example. In: ICDCS, pp. 522–529. IEEE Computer Society (2003)

  19. Herlihy, M., Luchangco, V., Moir, M., Scherer, W.N.: Software transactional memory for dynamic-sized data structures. In: PODC, pp. 92–101 (2003)

  20. Herlihy, M., Moss, J.E.B.: Transactional memory: architectural support for lock-free data structures. In: ISCA, pp. 289–300. ACM Press (1993)

  21. Larus, J.R., Rajwar, R.: Transactional Memory. Synthesis Lectures on Computer Architecture. Morgan & Claypool (2007)

  22. Papadimitriou C.H.: The serializability of concurrent database updates. J. ACM 26(4), 631–653 (1979)

    Article  MATH  MathSciNet  Google Scholar 

  23. Qadeer, S.: Verifying sequential consistency on shared-memory multiprocessors by model checking. IEEE Transactions on Parallel and Distributed Systems, 730–741 (2003)

  24. Scherer, W.N., Scott, M.L.: Advanced contention management for dynamic software transactional memory. In: PODC, pp. 240–248 (2005)

  25. Scott, M.L.: Sequential specification of transactional memory semantics. In: TRANSACT (2006)

  26. Shavit, N., Touitou, D.: Software transactional memory. In: PODC, pp. 204–213 (1995)

  27. Streett R.S.: Propositional dynamic logic of looping and converse is elementarily decidable. Inf. Control 54, 121–141 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  28. De Wulf, M., Doyen, L., Henzinger, T.A., Raskin, J.-F.: Antichains: a new algorithm for checking universality of finite automata. In: CAV, pp. 17–30. Springer (2006)

Download references

Author information

Authors and Affiliations

  1. LPD, I&C, EPFL, Station 14, 1015, Lausanne, Switzerland

    Rachid Guerraoui

  2. MTC, I&C, EPFL, Station 14, 1015, Lausanne, Switzerland

    Thomas A. Henzinger & Vasu Singh

Authors
  1. Rachid Guerraoui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas A. Henzinger
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vasu Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vasu Singh.

Additional information

This research was supported by the Swiss National Science Foundation. This paper is an extended and revised version of our previous work on model checking transactional memories [11,12].

Rights and permissions

Reprints and permissions

About this article

Cite this article

Guerraoui, R., Henzinger, T.A. & Singh, V. Model checking transactional memories. Distrib. Comput. 22, 129–145 (2010). https://doi.org/10.1007/s00446-009-0092-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00446-009-0092-6

Keywords

Search

Navigation