Abstract
We design an invariance proof method for concurrent programs parameterised by a weak consistency model. The calculational design of the invariance proof method is by abstract interpretation of a truly parallel analytic semantics. This generalises the methods by Lamport and Owicki-Gries for sequential consistency. We use cat as an example of language to write consistency specifications of both concurrent programs and machine architectures.
- M. Abadi and L. Lamport. The existence of refinement mappings. Theor. Comput. Sci., 82(2):253–284, 1991. Google Scholar
Digital Library
- M. Ahamad, G. Neiger, J. E. Burns, P. Kohli, and P. W. Hutto. Causal memory: Definitions, implementation, and programming. Distributed Computing, 9(1):37–49, 1995.Google Scholar
Digital Library
- J. Alglave. A Shared Memory Poetics. PhD thesis, Université Paris 7, 2010.Google Scholar
- J. Alglave. A formal hierarchy of weak memory models. Form. Methods Syst. Des. (2012) 41:178210. Google Scholar
Digital Library
- J. Alglave and P. Cousot. Syntax and analytic semantics of LISA. CoRR, abs/1608.06583, 2016.Google Scholar
- J. Alglave and L. Maranget. herd7. virginia.cs.ucl.ac.uk/herd, 31 Aug. 2015.Google Scholar
- J. Alglave, D. Kroening, V. Nimal, and M. Tautschnig. Software verification for weak memory via program transformation. ESOP 2013, LNCS 7792, 512–532. Springer, 2013. Google Scholar
Digital Library
- J. Alglave, P. Cousot, and L. Maranget. Syntax and semantics of the weak consistency model specification language cat. CoRR, abs/1608.07531, 2016.Google Scholar
- M. F. Atig, A. Bouajjani, S. Burckhardt, and M. Musuvathi. On the verification problem for weak memory models. ACM POPL 2010, 7–18. M. F. Atig, A. Bouajjani, and G. Parlato. Getting rid of store-buffers in TSO analysis. CAV 2011, LNCS 6806, 99–115. Springer, 2011. Google Scholar
Digital Library
- R. Back and J. von Wright. Refinement concepts formalised in higher order logic. Formal Asp. Comput., 2(3):247–272, 1990.Google Scholar
Digital Library
- G. Barthe, C. Kunz, and J. L. Sacchini. Certified reasoning in memory hierarchies. APLAS 2008, LNCS 5356, 75–90. Springer, 2008. Google Scholar
Digital Library
- M. Batty, M. Dodds, and A. Gotsman. Library abstraction for C/C++ concurrency. In Giacobazzi and Cousot (2013), 235–248. R. Bod´ık and R. Majumdar, editors. ACM Proceedings of POPL 2016. Google Scholar
Digital Library
- R. Bornat, J. Alglave, and M. J. Parkinson. New lace and arsenic: adventures in weak memory with a program logic. CoRR, abs/1512.01416, 2015.Google Scholar
- G. Boudol, G. Petri, and B. P. Serpette. Relaxed operational semantics of concurrent programming languages. EXPRESS/SOS 2012, 19–33, 2012.Google Scholar
- S. D. Brookes. A denotational approach to weak memory concurrency. MFPS XXXII, LNCS. Springer, 2016.Google Scholar
- S. Burckhardt and M. Musuvathi. Effective program verification for relaxed memory models. CAV 2008, LNCS 5123, 107–120. Springer, 2008. Google Scholar
Digital Library
- S. Burckhardt, R. Alur, and M. M. K. Martin. Bounded model checking of concurrent data types on relaxed memory models: A case study. CAV 2006, LNCS 4144, 489–502. Springer, 2006. Google Scholar
Digital Library
- S. Burckhardt, R. Alur, and M. M. K. Martin. Checkfence: checking consistency of concurrent data types on relaxed memory models. ACM PLDI 2007, 12–21. E. Cohen. Coherent causal memory. CoRR, abs/1404.2187, 2014. Google Scholar
Digital Library
- J. W. Coleman and C. B. Jones. A structural proof of the soundness of rely/guarantee rules. J. Log. Comput., 17(4):807–841, 2007. Google Scholar
Digital Library
- S. A. Cook. Soundness and completeness of an axiom system for program verification. SIAM J. Comput., 7(1):70–90, 1978.Google Scholar
Digital Library
- S. A. Cook. Corrigendum: Soundness and completeness of an axiom system for program verification. SIAM J. Comput., 10(3):612, 1981.Google Scholar
Digital Library
- P. Cousot. Semantic foundations of program analysis. In Program Flow Analysis: Theory and Applications, 303–342, Prentice-Hall, 1981.Google Scholar
- P. Cousot and R. Cousot. Reasoning about program invariance proof methods. Res. rep. CRIN-80-P050, Centre de Recherche en Informatique de Nancy (CRIN), Institut National Polytechnique de Lorraine, Nancy, France, July 1980.Google Scholar
- P. Cousot and R. Cousot. Induction principles for proving invariance properties of programs. In Tools & Notions for Program Construction: an Advanced Course, 75–119. CUP, Cambridge, UK, 1982.Google Scholar
- P. Cousot, R. Cousot, and R. Giacobazzi. Abstract interpretation of resolution-based semantics. Theor. Comput. Sci., 410(46):4724–4746, 2009. Google Scholar
Digital Library
- K. Crary and M. J. Sullivan. A calculus for relaxed memory. In Rajamani and Walker (2015), 623–636. A. M. Dan, Y. Meshman, M. T. Vechev, and E. Yahav. Effective abstractions for verification under relaxed memory models. VMCAI 2015, LNCS 8931, 449–466. Springer, 2015. Google Scholar
Digital Library
- T. D’Hondt, editor. ECOOP 2010, LNCS 6183, 2010. Springer.Google Scholar
- T. Dinsdale-Young, M. Dodds, P. Gardner, M. J. Parkinson, and V. Vafeiadis. Concurrent abstract predicates. In D’Hondt (2010), 504–528. M. Dodds, A. Haas, and C. M. Kirsch. A scalable, correct time-stamped stack. In Rajamani and Walker (2015), 233–246. M. Doko and V. Vafeiadis. A program logic for C11 memory fences. VMCAI 2016, LNCS 9583, 413–430. Springer, 2016. Google Scholar
Digital Library
- A. Farzan, Z. Kincaid, and A. Podelski. Inductive data flow graphs. In Giacobazzi and Cousot (2013), 129–142. R. W. Floyd. Assigning meaning to programs. Proc. Symp. in Applied Math., volume 19, 19–32. Amer. Math. Soc., 1967. Google Scholar
Digital Library
- R. Giacobazzi and R. Cousot, editors. ACM Proceedings of POPL 2013.Google Scholar
- A. Gotsman, H. Yang, C. Ferreira, M. Najafzadeh, and M. Shapiro. ’cause i’m strong enough: reasoning about consistency choices in distributed systems. In Bod´ık and Majumdar (2016), 371–384. I. Grief. Semantics of communicating parallel processes. PhD thesis, Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science, Sept. 1975. Google Scholar
Digital Library
- A. L. Hosking, P. T. Eugster, and C. V. Lopes, editors. ACM Proceedings of OOPSLA 2013.Google Scholar
- R. Jung, R. Krebbers, L. Birkedal, and D. Dreyer. Higher-order ghost state. ICFP 2016, 256–269. V. Klebanov. A jmm-faithful non-interference calculus for Java. FIDJI 2004, LNCS 3409, 101–111. Springer, 2004. Google Scholar
Digital Library
- O. Lahav and V. Vafeiadis. Owicki-Gries reasoning for weak memory models. ICALP 2015, LNCS 9135, 311–323. Springer, 2015. Google Scholar
Digital Library
- O. Lahav, N. Giannarakis, and V. Vafeiadis. Taming release-acquire consistency. In Bod´ık and Majumdar (2016), 649–662. L. Lamport. Proving the correctness of multiprocess programs. IEEE Trans. Software Eng., 3(2):125–143, 1977. Google Scholar
Digital Library
- L. Lamport. How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Trans. Computers, 28(9):690–691, 1979. Google Scholar
Digital Library
- L. Lamport. How to make a correct multiprocess program execute correctly on a multiprocessor. IEEE Trans. Computers, 46(7):779–782, 1997. Google Scholar
Digital Library
- A. Miné. Static analysis of run-time errors in embedded real-time parallel C programs. Logical Methods in Computer Science, 8(1), 2012.Google Scholar
- A. Miné. Relational thread-modular static value analysis by abstract interpretation. VMCAI 2014, LNCS 8318, 39–58. Springer, 2014. Google Scholar
Digital Library
- M. O. Myreen and M. J. C. Gordon. Hoare logic for realistically modelled machine code. TACAS 2007, LNCS 4424, 568–582. Springer, 2007. Google Scholar
Digital Library
- M. O. Myreen, A. C. J. Fox, and M. J. C. Gordon. Hoare logic for ARM machine code. FSEN 2007, LNCS 4767, 272–286. Springer, 2007. Google Scholar
Digital Library
- M. Najafzadeh, A. Gotsman, H. Yang, C. Ferreira, and M. Shapiro. The CISE tool: proving weakly-consistent applications correct. ACM PaPo-CEuroSys 2016, 2:1–2:3. P. Naur. Proofs of algorithms by general snapshots. BIT, 6:310–316, 1966.Google Scholar
- B. Norris and B. Demsky. CDS CHECKER : checking concurrent data structures written with C/C++ atomics. In Hosking et al. (2013), 131–150. P. W. O’Hearn. Resources, concurrency, and local reasoning. Theor. Comput. Sci., 375(1-3):271–307, 2007. Google Scholar
Digital Library
- S. Owens. Reasoning about the implementation of concurrency abstractions on x86-tso. In D’Hondt (2010), 478–503. S. S. Owicki and D. Gries. An axiomatic proof technique for parallel programs I. Acta Inf., 6:319–340, 1976. Google Scholar
Digital Library
- J. Palsberg and M. Abadi, editors. ACM Proceedings of POPL 2005.Google Scholar
- G. L. Peterson. Myths about the mutual exclusion problem. Inf. Process. Lett., 12(3):115–116, 1981.Google Scholar
Cross Ref
- A. Pnueli, A. Podelski, and A. Rybalchenko. Separating fairness and wellfoundedness for the analysis of fair discrete systems. TACAS, LNCS 3440, 124–139. Springer, 2005. Google Scholar
Digital Library
- A. Podelski and A. Rybalchenko. Transition predicate abstraction and fair termination. In Palsberg and Abadi (2005), 132–144. S. K. Rajamani and D. Walker, editors. ACM Proceedings of POPL 2015. Google Scholar
Digital Library
- D. Shasha and M. Snir. Efficient and correct execution of parallel programs that share memory. ACM Trans. Program. Lang. Syst., 10(2):282–312, 1988. Google Scholar
Digital Library
- F. Sieczkowski, K. Svendsen, L. Birkedal, and J. Pichon-Pharabod. A separation logic for fictional sequential consistency. ESOP 2015, LNCS 9032, 736–761. Springer, 2015.Google Scholar
Cross Ref
- Supported in part by NSF Grant CCF-1617717.Google Scholar
Index Terms
Ogre and Pythia: an invariance proof method for weak consistency models
Recommendations
Ogre and Pythia: an invariance proof method for weak consistency models
POPL '17: Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming LanguagesWe design an invariance proof method for concurrent programs parameterised by a weak consistency model. The calculational design of the invariance proof method is by abstract interpretation of a truly parallel analytic semantics. This generalises the ...
The virtues of conflict: analysing modern concurrency
PPoPP '16Modern shared memory multiprocessors permit reordering of memory operations for performance reasons. These reorderings are often a source of subtle bugs in programs written for such architectures. Traditional approaches to verify weak memory programs ...
The virtues of conflict: analysing modern concurrency
PPoPP '16: Proceedings of the 21st ACM SIGPLAN Symposium on Principles and Practice of Parallel ProgrammingModern shared memory multiprocessors permit reordering of memory operations for performance reasons. These reorderings are often a source of subtle bugs in programs written for such architectures. Traditional approaches to verify weak memory programs ...







Comments