Abstract

We present a method for proving that a program running under the Total Store Ordering (TSO) memory model is robust, i.e., all its TSO computations are equivalent to computations under the Sequential Consistency (SC) semantics. This method is inspired by Lipton’s reduction theory for proving atomicity of concurrent programs. For programs which are not robust, we introduce an abstraction mechanism that allows to construct robust programs over-approximating their TSO semantics. This enables the use of proof methods designed for the SC semantics in proving invariants that hold on the TSO semantics of a non-robust program. These techniques have been evaluated on a large set of benchmarks using the infrastructure provided by CIVL, a generic tool for reasoning about concurrent programs under the SC semantics.

Highlights

  • A classical memory model for shared-memory concurrency is Sequential Consistency (SC) [16], where the actions of different threads are interleaved while the program order between actions of each thread is preserved

  • We address the problem of checking robustness in the case of Total Store Ordering (TSO)

  • We present a methodology for proving robustness which uses the concepts of left/right mover in Lipton’s reduction theory [17]

Read more

Summary

Introduction

A classical memory model for shared-memory concurrency is Sequential Consistency (SC) [16], where the actions of different threads are interleaved while the program order between actions of each thread is preserved. Robustness can be seen as an atomicity problem: every write statement corresponds to two events, inserting the write into the buffer and flushing the write from the buffer to the main memory, which must be proved to happen atomically, one after the other. Differently from Lipton’s reduction theory, the events that must be proved atomic do not correspond syntactically to different statements in the program This leads to different uses of these concepts which cannot be seen as a direct instantiation of this theory. We tested the applicability of the proposed reduction and abstraction based techniques on an exhaustive benchmark suite containing 34 challenging programs (from [2,7]) These techniques were precise enough for proving robustness of 32 of these programs. An extended version of this paper with missing proofs can be found at [8]

Overview
TSO Robustness
A Reduction Theory for Checking Robustness
In the last state of ρ, x has the value written by β
Abstractions and Verifying Non-robust Programs
Experimental Evaluation
Related Work
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.