Lamport clocks: verifying a directory cache-coherence protocol

Modern shared-memory multiprocessors use complex memory system implementations that include a variety of non-trivial and interacting optimizations. More time is spent in verifying the correctness of such implementations than in designing the system. In particular, large-scale Distributed Shared Memory (DSM) systems usually rely on a directory cache-coherence protocol to provide the illusion of a sequentially consistent shar ed address space. Verifying that such a distributed protocol satisfies sequential consistency is a difficult task. Current formal protocol verification techniques [18] complement simulation, but ar e some what nonintuitive to system designers and verifiers, and they do not scale well to practical systems. In this paper, we examine a new reasoning technique that is precise and (we find) intuitive. Our technique is based on Lamport’ s logical clocks, which were originally used in distributed systems. We make modest extensions to Lamport’ s logical clocking scheme to assign timestamps to r elevant protocol events to construct a total ordering of such events. Such total orderings can be used to verify that the requirements of a particular memory consistency model have been satisfied. We apply Lamport clocks to prove that a non-trivial directory protocol implements sequential consistency. T o do this, we describe an SGI Origin 2000-like protocol [12] in detail, provide a timestamping scheme that totally orders all protocol events, and then prove sequential consistency (i.e., a load always returns the value of the “last” stor e to the same address in timestamp order).

[1]  Anoop Gupta,et al.  Specifying system requirements for memory consistency models , 1993 .

[2]  William W. Collier,et al.  Reasoning about parallel architectures , 1992 .

[3]  V AdveSarita,et al.  Weak orderinga new definition , 1990 .

[4]  Mark D. Hill,et al.  Lamport Clocks: Reasoning About Shared Memory Correctness1 , 1999 .

[5]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[6]  David L. Dill,et al.  Verification of FLASH cache coherence protocol by aggregation of distributed transactions , 1996, SPAA '96.

[7]  Veljko M. Milutinovic,et al.  Distributed shared memory: concepts and systems , 1997, IEEE Parallel Distributed Technol. Syst. Appl..

[8]  Michel Dubois,et al.  Access ordering and coherence in shared memory multiprocessors , 1989 .

[9]  Michel Dubois,et al.  Design Verification of the S3.mp Cache-Coherent Shared-Memory System , 1998, IEEE Trans. Computers.

[10]  Kourosh Gharachorloo,et al.  Proving sequential consistency of high-performance shared memories (extended abstract) , 1991, SPAA '91.

[11]  D. Lenoski,et al.  The SGI Origin: A ccnuma Highly Scalable Server , 1997, Conference Proceedings. The 24th Annual International Symposium on Computer Architecture.

[12]  LamportLeslie Time, clocks, and the ordering of events in a distributed system , 1978 .

[13]  Michel Dubois,et al.  Verification techniques for cache coherence protocols , 1997, CSUR.

[14]  Michel Dubois,et al.  Memory access buffering in multiprocessors , 1998, ISCA '98.

[15]  Anoop Gupta,et al.  Memory consistency and event ordering in scalable shared-memory multiprocessors , 1990, [1990] Proceedings. The 17th Annual International Symposium on Computer Architecture.

[16]  Kenneth L. McMillan,et al.  Using Formal Verification/Analysis Methods on the Critical Path in System Design: A Case Study , 1995, CAV.

[17]  David L. Dill,et al.  An executable specification, analyzer and verifier for RMO (relaxed memory order) , 1995, SPAA '95.

[18]  Mark D. Hill,et al.  Lamport Clocks : Reasoning About Shared Memory Correctness , 1998 .

[19]  Anoop Gupta,et al.  Memory consistency and event ordering in scalable shared-memory multiprocessors , 1990, ISCA '90.

[20]  Hugh Garraway Parallel Computer Architecture: A Hardware/Software Approach , 1999, IEEE Concurrency.

[21]  Dennis Shasha,et al.  Efficient and correct execution of parallel programs that share memory , 1988, TOPL.

[22]  Roy Friedman,et al.  A Correctness Condition for High-Performance Multiprocessors , 1998, SIAM J. Comput..

[23]  Gil Neiger,et al.  Simulating synchronized clocks and common knowledge in distributed systems , 1993, JACM.

[24]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[25]  Roy Friedman,et al.  A correctness condition for high-performance multiprocessors (extended abstract) , 1992, STOC '92.

[26]  Mark D. Hill,et al.  Weak ordering—a new definition , 1998, ISCA '98.