Handling TSO in Mechanized Linearizability Proofs

Linearizability is the key correctness criterion for concurrent data structures. In recent years, numerous verification techniques for linearizability have been developed, ranging from model checking to mechanized proving. Today, these verification techniques are challenged by the fact that concurrent software is most likely to be run on multi-core processors equipped with a weak memory semantics (like total store order, TSO), making standard techniques unsound. While for model checking and static analysis techniques, approaches for handling weak memory in verification have already emerged, this is lacking for theorem-prover supported, mechanized correctness proofs.

[1]  Maurice Herlihy,et al.  Proving correctness of highly-concurrent linearisable objects , 2006, PPoPP '06.

[2]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[3]  Francesco Zappa Nardelli,et al.  x86-TSO , 2010, Commun. ACM.

[4]  Koushik Sen,et al.  Sound and Complete Monitoring of Sequential Consistency for Relaxed Memory Models , 2011, TACAS.

[5]  Kurt Stenzel,et al.  Structured Specifications and Interactive Proofs with KIV , 1998 .

[6]  Oleg Travkin,et al.  SPIN as a Linearizability Checker under Weak Memory Models , 2013, Haifa Verification Conference.

[7]  John Derrick,et al.  How to Prove Algorithms Linearisable , 2012, CAV.

[8]  Parosh Aziz Abdulla,et al.  Automatic Fence Insertion in Integer Programs via Predicate Abstraction , 2012, SAS.

[9]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[10]  Alexey Gotsman,et al.  Library abstraction for C/C++ concurrency , 2013, POPL.

[11]  C. Greg Plaxton,et al.  Thread Scheduling for Multiprogrammed Multiprocessors , 1998, SPAA.

[12]  Sebastian Burckhardt,et al.  Concurrent Library Correctness on the TSO Memory Model , 2012, ESOP.

[13]  Roland Meyer,et al.  Checking and Enforcing Robustness against TSO , 2013, ESOP.

[14]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[15]  Mark N. Wegman,et al.  Efficiently computing static single assignment form and the control dependence graph , 1991, TOPL.

[16]  Sarita V. Adve,et al.  Shared Memory Consistency Models: A Tutorial , 1996, Computer.

[17]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[18]  Eran Yahav,et al.  Predicate Abstraction for Relaxed Memory Models , 2013, SAS.

[19]  Eran Yahav,et al.  Automatic inference of memory fences , 2010, Formal Methods in Computer Aided Design.

[20]  John Derrick,et al.  Mechanically verified proof obligations for linearizability , 2011, TOPL.

[21]  Eran Yahav,et al.  Experience with Model Checking Linearizability , 2009, SPIN.

[22]  Daniel Kroening,et al.  Software Verification for Weak Memory via Program Transformation , 2012, ESOP.

[23]  Mohamed Faouzi Atig,et al.  Getting Rid of Store-Buffers in TSO Analysis , 2011, CAV.

[24]  Scott Owens,et al.  Reasoning about the Implementation of Concurrency Abstractions on x86-TSO , 2010, ECOOP.

[25]  John Derrick,et al.  Verifying Linearizability on TSO Architectures , 2014, IFM.

[26]  Hongseok Yang,et al.  Show No Weakness: Sequentially Consistent Specifications of TSO Libraries , 2012, DISC.

[27]  Koushik Sen,et al.  Testing concurrent programs on relaxed memory models , 2011, ISSTA '11.

[28]  Theo D'Hondt ECOOP 2010 - Object-Oriented Programming, 24th European Conference, Maribor, Slovenia, June 21-25, 2010. Proceedings , 2010, ECOOP.

[29]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[30]  Corina S. Pasareanu,et al.  A survey of new trends in symbolic execution for software testing and analysis , 2009, International Journal on Software Tools for Technology Transfer.