Safe asynchronous multicore memory operations

Asynchronous memory operations provide a means for coping with the memory wall problem in multicore processors, and are available in many platforms and languages, e.g., the Cell Broadband Engine, CUDA and OpenCL. Reasoning about the correct usage of such operations involves complex analysis of memory accesses to check for races. We present a method and tool for proving memory-safety and race-freedom of multicore programs that use asynchronous memory operations. Our approach uses separation logic with permissions, and our tool automates this method, targeting a C-like core language. We describe our solutions to several challenges that arose in the course of this research. These include: syntactic reasoning about permissions and arrays, integration of numerical abstract domains, and utilization of an SMT solver. We demonstrate the feasibility of our approach experimentally by checking absence of DMA races on a set of programs drawn from the IBM Cell SDK.

[1]  Shengchao Qin,et al.  Loop Invariant Synthesis in a Combined Domain , 2010, ICFEM.

[2]  Peter W. O'Hearn,et al.  Permission accounting in separation logic , 2005, POPL '05.

[3]  Wolfram Schulte,et al.  Separation Logic Verification of C Programs with an SMT Solver , 2009, Electron. Notes Theor. Comput. Sci..

[4]  Matthew J. Parkinson,et al.  Automatic safety proofs for asynchronous memory operations , 2011, PPoPP '11.

[5]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[6]  Daniel Kroening,et al.  Strengthening Induction-Based Race Checking with Lightweight Static Analysis , 2011, VMCAI.

[7]  Michael Kistler,et al.  Detecting race conditions in asynchronous DMA operations with full system simulation , 2011, (IEEE ISPASS) IEEE INTERNATIONAL SYMPOSIUM ON PERFORMANCE ANALYSIS OF SYSTEMS AND SOFTWARE.

[8]  Clark W. Barrett,et al.  The SMT-LIB Standard Version 2.0 , 2010 .

[9]  Daniel Kroening,et al.  Automatic Analysis of Scratch-Pad Memory Code for Heterogeneous Multicore Processors , 2010, TACAS.

[10]  Bertrand Jeannet,et al.  Apron: A Library of Numerical Abstract Domains for Static Analysis , 2009, CAV.

[11]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[12]  Michael Burrows,et al.  Eraser: a dynamic data race detector for multithreaded programs , 1997, TOCS.

[13]  Peter W. O'Hearn,et al.  Smallfoot: Modular Automatic Assertion Checking with Separation Logic , 2005, FMCO.

[14]  Andrew W. Appel,et al.  A Fresh Look at Separation Algebras and Share Accounting , 2009, APLAS.

[15]  Peter W. O'Hearn,et al.  A Local Shape Analysis Based on Separation Logic , 2006, TACAS.

[16]  Peter W. O'Hearn,et al.  Symbolic Execution with Separation Logic , 2005, APLAS.

[17]  Alexander Aiken,et al.  Effective static race detection for Java , 2006, PLDI '06.

[18]  Peter W. O'Hearn,et al.  Compositional Shape Analysis by Means of Bi-Abduction , 2011, JACM.

[19]  Dawson R. Engler,et al.  RacerX: effective, static detection of race conditions and deadlocks , 2003, SOSP '03.

[20]  Matthew J. Parkinson,et al.  jStar: towards practical verification for java , 2008, OOPSLA.

[21]  Sebastian Burckhardt,et al.  Effective Data-Race Detection for the Kernel , 2010, OSDI.

[22]  Radu Grigore,et al.  coreStar : the Core of jStar , 2011 .

[23]  Daniel Kroening,et al.  Automatic analysis of DMA races using model checking and k-induction , 2011, Formal Methods Syst. Des..

[24]  Daniel Kroening,et al.  SCRATCH: a tool for automatic analysis of dma races , 2011, PPoPP '11.

[25]  Nobuko Yoshida,et al.  Type-Directed Compilation for Multicore Programming , 2009, Electron. Notes Theor. Comput. Sci..