Abstract
A fundamental problem in concurrent system design is to identify flexible programming disciplines under which weak memory models provide sequential consistency. For x86-TSO, a suitable reduction theorem for threads that communicate only through shared memory was given by Cohen and Schirmer [6]. However, this theorem cannot handle programs that edit their own page tables (e.g., memory managers, hypervisors, and some device drivers). The problem lies in the interaction between a program thread and the hardware MMU that provides its address translation: the MMU cannot be treated as a separate thread (since it implicitly communicates with the program thread), nor as part of the program thread itself (since MMU reads do not snoop the store buffer of the program thread). We generalize the Cohen-Schirmer reduction theorem to handle programs that edit their page tables. The added conditions prevent the MMU of a thread from walking page table entries owned by other threads.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We rely on a C-idiom, where shared portions of memory are identified by a volatile tag. The volatile tag prevents a compiler from applying certain optimizations to shared accesses which could cause undesired behavior, e.g., store intermediate values in registers instead of writing them to the memory. Shared memory accesses are also called volatile.
- 2.
Non-present PTEs cannot be used to produce an address translation. Instead, they are used to signal a page fault.
References
Advanced Micro Devices: AMD64 Architecture Programmer’s Manual Volume 2: System Programming, 3.19 edn., Sep 2011
Alkassar, E., Cohen, E., Kovalev, M., Paul, W.J.: Verification of TLB virtualization implemented in C. In: Joshi, R., Müller, P., Podelski, A. (eds.) VSTTE 2012. LNCS, vol. 7152, pp. 209–224. SPRINGER, Heidelberg (2012)
Chen, G., Cohen, E., Kovalev, M.: Store buffer reduction with MMUs: complete paper-and-pencil proof. Technical report, Saarland University, Saarbrücken (2013). http://www-wjp.cs.uni-saarland.de/publikationen/CCK13.pdf
Cohen, E., Dahlweid, M., Hillebrand, M., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: a practical system for verifying concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23–42. Springer, Heidelberg (2009)
Cohen, E., Paul, W., Schmaltz, S.: Theory of multi core hypervisor verification. In: van Emde Boas, P., Groen, F.C.A., Italiano, G.F., Nawrocki, J., Sack, H. (eds.) SOFSEM 2013. LNCS, vol. 7741, pp. 1–27. Springer, Heidelberg (2013)
Cohen, E., Schirmer, B.: From total store order to sequential consistency: a practical reduction theorem. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 403–418. Springer, Heidelberg (2010)
Gotsman, A., Musuvathi, M., Yang, H.: Show no weakness: sequentially consistent specifications of tso libraries. In: Aguilera, M.K. (ed.) DISC 2012. LNCS, vol. 7611, pp. 31–45. Springer, Heidelberg (2012)
Hillebrand, M., Leinenbach, D.: Formal verification of a reader-writer lock implementation in C. In: 4th International Workshop on Systems Software Verification (SSV09). Electronic Notes in Theoretical Computer Science, vol. 254, pp. 123–141. Elsevier Science B. V. (2009)
Kolanski, R.: Verification of programs in virtual memory using separation logic. Ph.D. thesis, School of Computer Science and Engineering, University of NSW, Sydney 2052, Australia, July 2011
Lamport, L.: How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Trans. Comput. 28(9), 690–691 (1979)
Owens, S.: Reasoning about the implementation of concurrency abstractions on x86-TSO. In: D’Hondt, T. (ed.) ECOOP 2010. LNCS, vol. 6183, pp. 478–503. Springer, Heidelberg (2010)
Sewell, P., Sarkar, S., Owens, S., Nardelli, F.Z., Myreen, M.O.: x86-TSO: a rigorous and usable programmer’s model for x86 multiprocessors. Commun. ACM 53(7), 89–97 (2010)
Verisoft XT Consortium: The Verisoft XT Project (2007–2010). http://www.verisoftxt.de
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Chen, G., Cohen, E., Kovalev, M. (2014). Store Buffer Reduction with MMUs. In: Giannakopoulou, D., Kroening, D. (eds) Verified Software: Theories, Tools and Experiments. VSTTE 2014. Lecture Notes in Computer Science(), vol 8471. Springer, Cham. https://doi.org/10.1007/978-3-319-12154-3_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-12154-3_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12153-6
Online ISBN: 978-3-319-12154-3
eBook Packages: Computer ScienceComputer Science (R0)