QB or Not QB: An Efficient Execution Verification Tool for Memory Orderings

We study the problem of formally verifying shared memory multiprocessor executions against memory consistency models—an important step during post-silicon verification of multiprocessor machines. We employ our previously reported style of writing formal specifications for shared memory models in higher order logic (HOL), obtaining intuitive as well as modular specifications. Our specification consists of a conjunction of rules that constrain the global visibility order. Given an execution to be checked, our algorithm generates Boolean constraints that capture the conditions under which the execution is legal under the visibility order. We initially took the approach of specializing the memory model HOL axioms into equivalent (for the execution to be checked) quantified boolean formulae (QBF). As this technique proved inefficient, we took the alternative approach of converting the HOL axioms into a program that generates a SAT instance when run on an execution. In effect, the quantifications in our memory model specification were realized as iterations in the program. The generated Boolean constraints are satisfiable if and only if the given execution is legal under the memory model. We evaluate two different approaches to encode the Boolean constraints, and also incremental techniques to generate and solve Boolean constraints. Key results include a demonstration that we can handle executions of realistic lengths for the modern Intel Itanium memory model. Further research into proper selection of Boolean encodings, incremental SAT checking, efficient handling of transitivity, and the generation of unsatisfiable cores for locating errors are expected to make our technique practical.

[1]  Michael J. C. Gordon,et al.  Why higher-order logic is a good formalism for specifying and verifying hardware , 1985 .

[2]  Yue Yang,et al.  Analyzing the Intel Itanium Memory Ordering Rules Using Logic Programming and SAT , 2003, CHARME.

[3]  Mark D. Hill,et al.  Using Lamport clocks to reason about relaxed memory models , 1999, Proceedings Fifth International Symposium on High-Performance Computer Architecture.

[4]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[5]  Sharad Malik,et al.  The Quest for Efficient Boolean Satisfiability Solvers , 2002, CAV.

[6]  Mikko H. Lipasti,et al.  The complexity of verifying memory coherence , 2003, SPAA '03.

[7]  Sarita V. Adve,et al.  Shared Memory Consistency Models: A Tutorial , 1996, Computer.

[8]  David L Weaver,et al.  The SPARC architecture manual : version 9 , 1994 .

[9]  P. Hilfinger Review of "The Ada programming language by Ian C. Pyle", Prentice-Hall, Inc., Englewood Cliffs, N.J., 1981. , 1982, ALET.

[10]  Sanjit A. Seshia,et al.  A hybrid SAT-based decision procedure for separation logic with uninterpreted functions , 2003, Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451).

[11]  Michael J. C. Gordon,et al.  Programming language theory and its implementation , 1988 .

[12]  Keith Hanna,et al.  Specification and Verification using Higher-Order Logic , 1985 .

[13]  Alonzo Church,et al.  A formulation of the simple theory of types , 1940, Journal of Symbolic Logic.

[14]  Alan J. Hu,et al.  Protocol verification as a hardware design aid , 1992, Proceedings 1992 IEEE International Conference on Computer Design: VLSI in Computers & Processors.

[15]  Greg Nelson,et al.  Simplification by Cooperating Decision Procedures , 1979, TOPL.

[16]  Phillip B. Gibbons,et al.  Testing Shared Memories , 1997, SIAM J. Comput..

[17]  Yue Yang,et al.  Nemos: a framework for axiomatic and executable specifications of memory consistency models , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[18]  Niklas Sörensson,et al.  An Extensible SAT-solver , 2003, SAT.

[19]  Michael Sipser,et al.  Introduction to the Theory of Computation , 1996, SIGA.

[20]  David L. Dill,et al.  Formal specification of abstract memory models , 1993 .

[21]  Sharad Malik,et al.  Conflict driven learning in a quantified Boolean Satisfiability solver , 2002, ICCAD 2002.

[22]  Ganesh Gopalakrishnan,et al.  Towards a formal model of shared memory consistency for Intel Itanium/sup TM/ , 2001, Proceedings 2001 IEEE International Conference on Computer Design: VLSI in Computers and Processors. ICCD 2001.