Abstract
Weak shared memory consistency models, especially those used by modern microprocessor families, are quite complex. The bus and/or directory-based protocols that help realize shared memory multiprocessors using these microprocessors are also exceedingly complex. Thus, the correctness problem — that all the executions generated by the multiprocessor for any given concurrent program are also allowed by the memory model — is a major challenge. In this paper, we present a formal approach to verify protocol implementation models against weak shared memory models through automatable refinement checking supported by a model checker. We define a taxonomy of weak shared memory models that includes most published commercial memory models, and detail how our approach applies over all these models. In our approach, the designer follows a prescribed procedure to build a highly simplified intermediate abstraction for the given implementation. The intermediate abstraction and the implementation are concurrently run using a model-checker, checking for refinement. The intermediate abstraction can be proved correct against the memory model specification using theorem proving. We have verified four different Alpha as well as Itanium memory model implementations1 against their respective specifications. The results are encouraging in terms of the uniformity of the procedure, the high degree of automation, acceptable run-times, and empirically observed bug-hunting efficacy. The use of parallel model-checking, based on a version of the parallel Murϕ model checker we have recently developed for the MPI library, has been essential to finish the search in a matter of a few hours.
This work was supported by NSF Grants CCR-9987516 and CCR-0081406
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Sarita V. Adve and Kourosh Gharachorloo. Shared memory consistency models: A tutorial. Computer, 29(12):66–76, December 1996.
http://research.microsoft.com/users/lamport/tla/wildfire-challenge.html.
Gil Neiger, 2001. http://www.cs.utah.edu/mpv/papers/neiger/fmcad2001.pdf.
Prosenjit Chatterjee and Ganesh Gopalakrishnan. Towards a formal model of shared memory consistency for intel itanium. In ICCD, pages 515–518, 2001.
Mpv: Workshop on specification and verification of shared memory systems, 2001. http://www.cs.utah.edu/mpv/.
Thomas Henzinger, Shaz Qadeer, and Sriram Rajamani. Verifying sequential consistency on shared-memory multiprocessor systems. In CAV, LNCS 1633, pages 301–315, 1999.
Shaz Qadeer. Verifying sequential consistency on shared-memory multiprocessors by model checking. Technical report, SRC, December 2001. Research Report 176.
Anne Condon and Alan J. Hu. Automatable verification of sequential consistency. In Symposium on Parallel Algorithms and Architectures (SPAA), July 2001.
Michael Merritt. Guest editorial: Special issue on shared memory systems. Distributed Computing, 12(12): 55–56, 1999.
Ratan Nalumasu, Rajnish Ghughal, Abdel Mokkedem, and Ganesh Gopalakrishnan. The ‘test model-checking’ approach to the verification of formal memory models of multiprocessors. In CAV, LNCS 1427, pages 464–476, 1998.
D. Sorin et.al. Specifying and verifying a broadcast and a multicast snooping cache coherence protocol. Technical Report #1412, CS Department, U. Wisconsin, Madison, March 2000.
Seungjoon Park. Computer Assisted Analysis of Multiprocessor Memory Systems. PhD thesis, Stanford University, jun 1996. Department of Computer Science.
David L. Weaver and Tom Germond. The SPARC Architecture Manual-Version 9. P T R, Prentice-Hall, Englewood Cliffs, NJ 07632, USA, 1994.
Prosenjit Chatterjee. Formal specification and verification of memory consistency models of shared memory multiprocessors. Master’s thesis, Univ Utah, School of Computing, 2002.
Anne Condon, Mark Hill, Manoj Plakal, and David Sorin. Using lamport clocks to reason about relaxed memory models. In Proceedings of HPCA-5, January 1999.
A. Singhal et.al. Gigaplane: A high performance bus for large smps. In Proc. 4th Annual Symp on High Performance Interconnects, Stanford University, pages 41–52, 1996.
The Ultra Enterprise 10000 Server, http://www.sun.com/servers/highend/10000/
Ulrich Stern and David Dill. Parallelizing the Muro verifier. Formal Methods in System Design, 18(2):117–129, 2001. (Journal version of their CAV 1997 paper).
W. W. Collier. Reasoning About Parallel Architectures. Prentice-Hall, Englewood Cliffs, NJ, 1992.
Rajnish Ghughal and Ganesh Gopalakrishnann. Verification methods for weaker shared memory consistency models. In Jose Rolim et al. (Eds.), editor, Proc. FMPPTA, pages 985–992, May 2000. LNCS 1800.
Jason F. Cantin, Mikko H. Lipasti, and James E. Smith. Dynamic verification of cache coherence protocol. In ?, June 2001. Workshop on Memory Performance Issues, in conjunction with ISCA.
David L. Dill, Seungjoon Park, and Andreas Nowatzyk. Formal specification of abstract memory models. In Gaetano Borriello and Carl Ebeling, editors, Research on Integrated Systems, pages 38–52. MIT Press, 1993.
P. Ladkin, L. Lamport, B. Olivier, and D. Roegel. Lazy caching in TLA. Distributed Computing, 1997.
Jeremy Manson and William Pugh. Core semantics of multithreaded Java. In ACM Java Grande Conference, June 2001.
Yue Yang, Ganesh Gopalakrishnan, and Gary Lindstrom. Formalizing the java memory model for multithreaded program correctness and optimization. Technical Report UUCS-02-011, University of Utah, School of Computing, 2002. Also at http://www.cs.utah.edu/-yyang/research.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chatterjee, P., Sivaraj, H., Gopalakrishnan, G. (2002). Shared Memory Consistency Protocol Verification Against Weak Memory Models: Refinement via Model-Checking. In: Brinksma, E., Larsen, K.G. (eds) Computer Aided Verification. CAV 2002. Lecture Notes in Computer Science, vol 2404. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45657-0_10
Download citation
DOI: https://doi.org/10.1007/3-540-45657-0_10
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43997-4
Online ISBN: 978-3-540-45657-5
eBook Packages: Springer Book Archive