skip to main content
research-article

Ogre and Pythia: an invariance proof method for weak consistency models

Published:01 January 2017Publication History
Skip Abstract Section

Abstract

We design an invariance proof method for concurrent programs parameterised by a weak consistency model. The calculational design of the invariance proof method is by abstract interpretation of a truly parallel analytic semantics. This generalises the methods by Lamport and Owicki-Gries for sequential consistency. We use cat as an example of language to write consistency specifications of both concurrent programs and machine architectures.

References

  1. M. Abadi and L. Lamport. The existence of refinement mappings. Theor. Comput. Sci., 82(2):253–284, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. M. Ahamad, G. Neiger, J. E. Burns, P. Kohli, and P. W. Hutto. Causal memory: Definitions, implementation, and programming. Distributed Computing, 9(1):37–49, 1995.Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. J. Alglave. A Shared Memory Poetics. PhD thesis, Université Paris 7, 2010.Google ScholarGoogle Scholar
  4. J. Alglave. A formal hierarchy of weak memory models. Form. Methods Syst. Des. (2012) 41:178210. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. J. Alglave and P. Cousot. Syntax and analytic semantics of LISA. CoRR, abs/1608.06583, 2016.Google ScholarGoogle Scholar
  6. J. Alglave and L. Maranget. herd7. virginia.cs.ucl.ac.uk/herd, 31 Aug. 2015.Google ScholarGoogle Scholar
  7. J. Alglave, D. Kroening, V. Nimal, and M. Tautschnig. Software verification for weak memory via program transformation. ESOP 2013, LNCS 7792, 512–532. Springer, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. J. Alglave, P. Cousot, and L. Maranget. Syntax and semantics of the weak consistency model specification language cat. CoRR, abs/1608.07531, 2016.Google ScholarGoogle Scholar
  9. M. F. Atig, A. Bouajjani, S. Burckhardt, and M. Musuvathi. On the verification problem for weak memory models. ACM POPL 2010, 7–18. M. F. Atig, A. Bouajjani, and G. Parlato. Getting rid of store-buffers in TSO analysis. CAV 2011, LNCS 6806, 99–115. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. R. Back and J. von Wright. Refinement concepts formalised in higher order logic. Formal Asp. Comput., 2(3):247–272, 1990.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. G. Barthe, C. Kunz, and J. L. Sacchini. Certified reasoning in memory hierarchies. APLAS 2008, LNCS 5356, 75–90. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. M. Batty, M. Dodds, and A. Gotsman. Library abstraction for C/C++ concurrency. In Giacobazzi and Cousot (2013), 235–248. R. Bod´ık and R. Majumdar, editors. ACM Proceedings of POPL 2016. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. R. Bornat, J. Alglave, and M. J. Parkinson. New lace and arsenic: adventures in weak memory with a program logic. CoRR, abs/1512.01416, 2015.Google ScholarGoogle Scholar
  14. G. Boudol, G. Petri, and B. P. Serpette. Relaxed operational semantics of concurrent programming languages. EXPRESS/SOS 2012, 19–33, 2012.Google ScholarGoogle Scholar
  15. S. D. Brookes. A denotational approach to weak memory concurrency. MFPS XXXII, LNCS. Springer, 2016.Google ScholarGoogle Scholar
  16. S. Burckhardt and M. Musuvathi. Effective program verification for relaxed memory models. CAV 2008, LNCS 5123, 107–120. Springer, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. S. Burckhardt, R. Alur, and M. M. K. Martin. Bounded model checking of concurrent data types on relaxed memory models: A case study. CAV 2006, LNCS 4144, 489–502. Springer, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. S. Burckhardt, R. Alur, and M. M. K. Martin. Checkfence: checking consistency of concurrent data types on relaxed memory models. ACM PLDI 2007, 12–21. E. Cohen. Coherent causal memory. CoRR, abs/1404.2187, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. J. W. Coleman and C. B. Jones. A structural proof of the soundness of rely/guarantee rules. J. Log. Comput., 17(4):807–841, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. S. A. Cook. Soundness and completeness of an axiom system for program verification. SIAM J. Comput., 7(1):70–90, 1978.Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. S. A. Cook. Corrigendum: Soundness and completeness of an axiom system for program verification. SIAM J. Comput., 10(3):612, 1981.Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. P. Cousot. Semantic foundations of program analysis. In Program Flow Analysis: Theory and Applications, 303–342, Prentice-Hall, 1981.Google ScholarGoogle Scholar
  23. P. Cousot and R. Cousot. Reasoning about program invariance proof methods. Res. rep. CRIN-80-P050, Centre de Recherche en Informatique de Nancy (CRIN), Institut National Polytechnique de Lorraine, Nancy, France, July 1980.Google ScholarGoogle Scholar
  24. P. Cousot and R. Cousot. Induction principles for proving invariance properties of programs. In Tools & Notions for Program Construction: an Advanced Course, 75–119. CUP, Cambridge, UK, 1982.Google ScholarGoogle Scholar
  25. P. Cousot, R. Cousot, and R. Giacobazzi. Abstract interpretation of resolution-based semantics. Theor. Comput. Sci., 410(46):4724–4746, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. K. Crary and M. J. Sullivan. A calculus for relaxed memory. In Rajamani and Walker (2015), 623–636. A. M. Dan, Y. Meshman, M. T. Vechev, and E. Yahav. Effective abstractions for verification under relaxed memory models. VMCAI 2015, LNCS 8931, 449–466. Springer, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. T. D’Hondt, editor. ECOOP 2010, LNCS 6183, 2010. Springer.Google ScholarGoogle Scholar
  28. T. Dinsdale-Young, M. Dodds, P. Gardner, M. J. Parkinson, and V. Vafeiadis. Concurrent abstract predicates. In D’Hondt (2010), 504–528. M. Dodds, A. Haas, and C. M. Kirsch. A scalable, correct time-stamped stack. In Rajamani and Walker (2015), 233–246. M. Doko and V. Vafeiadis. A program logic for C11 memory fences. VMCAI 2016, LNCS 9583, 413–430. Springer, 2016. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. A. Farzan, Z. Kincaid, and A. Podelski. Inductive data flow graphs. In Giacobazzi and Cousot (2013), 129–142. R. W. Floyd. Assigning meaning to programs. Proc. Symp. in Applied Math., volume 19, 19–32. Amer. Math. Soc., 1967. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. R. Giacobazzi and R. Cousot, editors. ACM Proceedings of POPL 2013.Google ScholarGoogle Scholar
  31. A. Gotsman, H. Yang, C. Ferreira, M. Najafzadeh, and M. Shapiro. ’cause i’m strong enough: reasoning about consistency choices in distributed systems. In Bod´ık and Majumdar (2016), 371–384. I. Grief. Semantics of communicating parallel processes. PhD thesis, Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science, Sept. 1975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. A. L. Hosking, P. T. Eugster, and C. V. Lopes, editors. ACM Proceedings of OOPSLA 2013.Google ScholarGoogle Scholar
  33. R. Jung, R. Krebbers, L. Birkedal, and D. Dreyer. Higher-order ghost state. ICFP 2016, 256–269. V. Klebanov. A jmm-faithful non-interference calculus for Java. FIDJI 2004, LNCS 3409, 101–111. Springer, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. O. Lahav and V. Vafeiadis. Owicki-Gries reasoning for weak memory models. ICALP 2015, LNCS 9135, 311–323. Springer, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. O. Lahav, N. Giannarakis, and V. Vafeiadis. Taming release-acquire consistency. In Bod´ık and Majumdar (2016), 649–662. L. Lamport. Proving the correctness of multiprocess programs. IEEE Trans. Software Eng., 3(2):125–143, 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. L. Lamport. How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Trans. Computers, 28(9):690–691, 1979. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. L. Lamport. How to make a correct multiprocess program execute correctly on a multiprocessor. IEEE Trans. Computers, 46(7):779–782, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. A. Miné. Static analysis of run-time errors in embedded real-time parallel C programs. Logical Methods in Computer Science, 8(1), 2012.Google ScholarGoogle Scholar
  39. A. Miné. Relational thread-modular static value analysis by abstract interpretation. VMCAI 2014, LNCS 8318, 39–58. Springer, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. M. O. Myreen and M. J. C. Gordon. Hoare logic for realistically modelled machine code. TACAS 2007, LNCS 4424, 568–582. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. M. O. Myreen, A. C. J. Fox, and M. J. C. Gordon. Hoare logic for ARM machine code. FSEN 2007, LNCS 4767, 272–286. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. M. Najafzadeh, A. Gotsman, H. Yang, C. Ferreira, and M. Shapiro. The CISE tool: proving weakly-consistent applications correct. ACM PaPo-CEuroSys 2016, 2:1–2:3. P. Naur. Proofs of algorithms by general snapshots. BIT, 6:310–316, 1966.Google ScholarGoogle Scholar
  43. B. Norris and B. Demsky. CDS CHECKER : checking concurrent data structures written with C/C++ atomics. In Hosking et al. (2013), 131–150. P. W. O’Hearn. Resources, concurrency, and local reasoning. Theor. Comput. Sci., 375(1-3):271–307, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. S. Owens. Reasoning about the implementation of concurrency abstractions on x86-tso. In D’Hondt (2010), 478–503. S. S. Owicki and D. Gries. An axiomatic proof technique for parallel programs I. Acta Inf., 6:319–340, 1976. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. J. Palsberg and M. Abadi, editors. ACM Proceedings of POPL 2005.Google ScholarGoogle Scholar
  46. G. L. Peterson. Myths about the mutual exclusion problem. Inf. Process. Lett., 12(3):115–116, 1981.Google ScholarGoogle ScholarCross RefCross Ref
  47. A. Pnueli, A. Podelski, and A. Rybalchenko. Separating fairness and wellfoundedness for the analysis of fair discrete systems. TACAS, LNCS 3440, 124–139. Springer, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. A. Podelski and A. Rybalchenko. Transition predicate abstraction and fair termination. In Palsberg and Abadi (2005), 132–144. S. K. Rajamani and D. Walker, editors. ACM Proceedings of POPL 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. D. Shasha and M. Snir. Efficient and correct execution of parallel programs that share memory. ACM Trans. Program. Lang. Syst., 10(2):282–312, 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. F. Sieczkowski, K. Svendsen, L. Birkedal, and J. Pichon-Pharabod. A separation logic for fictional sequential consistency. ESOP 2015, LNCS 9032, 736–761. Springer, 2015.Google ScholarGoogle ScholarCross RefCross Ref
  51. Supported in part by NSF Grant CCF-1617717.Google ScholarGoogle Scholar

Index Terms

  1. Ogre and Pythia: an invariance proof method for weak consistency models

                    Recommendations

                    Comments

                    Login options

                    Check if you have access through your login credentials or your institution to get full access on this article.

                    Sign in

                    Full Access

                    PDF Format

                    View or Download as a PDF file.

                    PDF

                    eReader

                    View online with eReader.

                    eReader
                    About Cookies On This Site

                    We use cookies to ensure that we give you the best experience on our website.

                    Learn more

                    Got it!