A Generic Operational Memory Model Speciflcation Framework for Multithreaded Program Veriflcation

Given the complicated nature of modern architectural and language level memory model designs, it is vital to have a systematic approach for specifying memory consistency requirements that can support verification and promote understanding. In this paper, we develop a specification methodology that defines a memory model operationally using a generic transition system with integrated model checking capability to enable formal reasoning about program correctness in a multithreaded environment. Based on a simple abstract machine, our system can be configured to define a variety of consistency models in a uniform notation. We then apply this framework as a taxonomy to formalize several well known memory models. We also provide an alternative specification for the Java memory model based on a proposal from Manson and Pugh and demonstrate how to conduct computer aided analysis for Java thread semantics. Finally, we compare this operational approach with axiomatic approaches and discuss a method to convert a memory model definition from one style to the other.

[1]  Xiaowei Shen,et al.  Improving the Java memory model using CRF , 2000, OOPSLA '00.

[2]  William W. Collier,et al.  Reasoning about parallel architectures , 1992 .

[3]  Rida A. Bazzi,et al.  The power of processor consistency , 1993, SPAA '93.

[4]  Yue Yang,et al.  Analyzing the Intel Itanium Memory Ordering Rules Using Logic Programming and SAT , 2003, CHARME.

[5]  Gary L. Peterson,et al.  Myths About the Mutual Exclusion Problem , 1981, Inf. Process. Lett..

[6]  William Pugh,et al.  Semantics of Multithreaded Java , 2001 .

[7]  Gil Neiger,et al.  Causal memory: definitions, implementation, and programming , 1995, Distributed Computing.

[8]  Cormac Flanagan,et al.  A type and effect system for atomicity , 2003, PLDI.

[9]  William Pugh,et al.  Core semantics of multithreaded Java , 2001, JGI '01.

[10]  Tulika Mitra,et al.  Specifying multithreaded Java semantics for program verification , 2002, ICSE '02.

[11]  Vivek Sarkar,et al.  Location Consistency-A New Memory Model and Cache Consistency Protocol , 2000, IEEE Trans. Computers.

[12]  Ganesh Gopalakrishnan,et al.  Shared Memory Consistency Protocol Verification Against Weak Memory Models: Refinement via Model-Checking , 2002, CAV.

[13]  David L. Dill,et al.  Formal specification of abstract memory models , 1993 .

[14]  Klaus Havelund,et al.  Model checking JAVA programs using JAVA PathFinder , 2000, International Journal on Software Tools for Technology Transfer.

[15]  Larry Rudolph,et al.  Commit-reconcile & fences (CRF): a new memory model for architects and compiler writers , 1999, ISCA.

[16]  David L. Dill,et al.  Java model checking , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[17]  Ganesh Gopalakrishnan,et al.  Analyzing the CRF Java memory model , 2001, Proceedings Eighth Asia-Pacific Software Engineering Conference.

[18]  James C. Corbett,et al.  Evaluating Deadlock Detection Methods for Concurrent Software , 1996, IEEE Trans. Software Eng..

[19]  Brian Case,et al.  SPARC architecture , 1992 .

[20]  W. Visser,et al.  Second Generation of a Java Model Checker , 2000 .

[21]  Leslie Lamport,et al.  Checking Cache-Coherence Protocols with TLA+ , 2003, Formal Methods Syst. Des..

[22]  James C. Corbett,et al.  Bandera: extracting finite-state models from Java source code , 2000, ICSE.

[23]  William Pugh The Java memory model is fatally flawed , 2000, Concurr. Pract. Exp..

[24]  David L Weaver,et al.  The SPARC architecture manual : version 9 , 1994 .

[25]  Alan L. Cox,et al.  Lazy release consistency for software distributed shared memory , 1992, ISCA '92.

[26]  David L. Dill,et al.  An Executable Specification and Verifier for Relaxed Memory Order , 1999, IEEE Trans. Computers.

[27]  Sarita V. Adve,et al.  Shared Memory Consistency Models: A Tutorial , 1996, Computer.

[28]  Rob Gerth Sequential consistency and the lazy caching algorithm , 1999, Distributed Computing.

[29]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[30]  MooreRobert,et al.  Formal Models of Java at the JVM Level A Survey from the ACL2 Perspective , 2001 .

[31]  K. Gharachodoo,et al.  Memory consistency models for shared memory multiprocessors , 1996 .

[32]  Charles Wallace,et al.  Investigating Java Concurrency Using Abstract State Machines , 2000, Abstract State Machines.