Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lazy Sequentialization via Shared Memory Abstractions

Published byEmery Sharp Modified over 6 years ago

Similar presentations

Presentation on theme: "Lazy Sequentialization via Shared Memory Abstractions"— Presentation transcript:

1 Lazy Sequentialization via Shared Memory Abstractions
for TSO and PSO via Shared Memory Abstractions Ermenegildo Tomasco University of Southampton, UK Truc Lam Nguyen Omar Inverso Gran Sasso Science Institute, Italy Bernd Fischer Stellenbosch University, South Africa Salvatore La Torre Università di Salerno, Italy Gennaro Parlato FMCAD 2016, Mountain View, CA, USA

2 Relaxed Memory Consistency
sequential consistency (SC) memory operations executed in program order within each thread changes to the shared memory immediately visible to all threads relatively simple to reason about but not realistic weak memory models (WMMs) memory operations may be reordered used in practice to fully exploit modern hardware SHARED MEMORY t1 tN

3 Relaxed Memory Consistency
total store order (TSO) writes executed in their order for each thread reads may overtake writes partial store order (PSO) writes to the same location executed in their order for each thread writes to different locations may be reordered SHARED MEMORY STORE BUFFER STORE BUFFER t1 tT

4 Relaxed Memory Consistency
limitations of testing generally ineffective for rare concurrency errors cannot control additional nondeterminism introduced by WMMs need to be complemented with symbolic analysis SHARED MEMORY STORE BUFFER STORE BUFFER t1 tT

5 Symbolic Bug Finding: BMC
concurrency handling at formula level encode threads separately add φc to capture thread interleaving [Sinha, Wang – POPL 2011] VC φt ∧ φc TRUE FALSE + CEX PSC/WMM IR

6 Symbolic Bug Finding: BMC
concurrency handling at formula level encode threads separately add φc to capture thread interleaving [Sinha, Wang – POPL 2011] extension to WMMs is natural change φc to capture extra interactions due to weaker consistency [Alglave, Kroening, Tautschnig – CAV 2013] VC φt ∧ φc TRUE FALSE + CEX PSC/WMM IR

7 Symbolic Bug Finding: Lazy Sequentialization + BMC
concurrency handling at code level reduction to sequential programs analysis implemented as source transformation lazy sequentialization tailored to BMC for effective in bug-hunting [Inverso, Tomasco, Fischer, La Torre, Parlato – CAV 2014] VC φ TRUE FALSE + CEX PSC PSEQ IR

8 Symbolic Bug Finding: Lazy Sequentialization + BMC
concurrency handling at code level reduction to sequential programs analysis implemented as source transformation lazy sequentialization tailored to BMC for effective in bug-hunting [Inverso, Tomasco, Fischer, La Torre, Parlato – CAV 2014] how to extend to WMMs? how does it compare? VC φ TRUE FALSE + CEX PSC PSEQ IR

9 Extending Lazy Sequentialization to TSO and PSO
how to extend to WMMs? reduction to concurrent program analysis under SC again, implemented as source transformation VC φ TRUE FALSE + CEX PWMM PSC PSEQ IR

10 Extending Lazy Sequentialization to TSO and PSO
how to extend to WMMs? reduction to concurrent program analysis under SC again, implemented as source transformation replace shared memory access with explicit function calls to SMA API: read(v,t), write(v,val,t) lock(m,t), unlock(m,t), fence(t), … example: x=y+3 is changed to write(x,read(y)+3) VC φ TRUE FALSE + CEX PWMM PSC PSEQ IR

11 Extending Lazy Sequentialization to TSO and PSO
how to extend to WMMs? reduction to concurrent program analysis under SC again, implemented as source transformation replace shared memory access with explicit function calls to SMA API: read(v,t), write(v,val,t) lock(m,t), unlock(m,t), fence(t), … example: x=y+3 is changed to write(x,read(y)+3) plug in implementation for specific semantics TSO-SMA - simple implementation eTSO-SMA - efficient implementation PSO-SMA - extension to PSO VC φ TRUE FALSE + CEX PWMM PSC PSEQ IR

12 simple simulation of the store buffer
TSO-SMA simple simulation of the store buffer introduce one array for each thread read(v,t) look up buffer for pending writes fetch from memory write(v,val,t) update store buffer inject nondeterministic memory flush SHARED MEMORY STORE BUFFER STORE BUFFER t1 tT

13 simple simulation of the store buffer
TSO-SMA simple simulation of the store buffer introduce one array for each thread read(v,t) look up buffer for pending writes fetch from memory write(v,val,t) update store buffer inject nondeterministic memory flush SHARED MEMORY STORE BUFFER STORE BUFFER t1 tT formula size depends on store buffer size

14 simple simulation of the store buffer
TSO-SMA simple simulation of the store buffer introduce one array for each thread read(v,t) look up buffer for pending writes fetch from memory write(v,val,t) update store buffer inject nondeterministic memory flush SHARED MEMORY STORE BUFFER STORE BUFFER t1 tT formula size depends on store buffer size formula size proportional to no. memory accesses no. of store buffers max no. of elems in the buffer

15 efficient simulation of the store buffer
eTSO-SMA efficient simulation of the store buffer introduce one list for each shared variable and thread use global clock and timestamp memory writes read(v,t) buffer look up, return value from latest pending write return value from latest expired write write(v,val,t) guess timestamp, enforce non-decreasing order update buffer SHARED MEMORY l1,1 l1,1 l1,V l1,V l1,1 lT,1 l1,V lT,V t1 tT

16 efficient simulation of the store buffer
eTSO-SMA efficient simulation of the store buffer introduce one list for each shared variable and thread use global clock and timestamp memory writes read(v,t) buffer look up, return value from latest pending write return value from latest expired write write(v,val,t) guess timestamp, enforce non-decreasing order update buffer SHARED MEMORY l1,1 l1,1 l1,V l1,V l1,1 lT,1 l1,V lT,V t1 tT constant size constant size

17 Variable Write Lists (T-CDLL)
store pairs (value,timestamp) clock determines expired nodes expired nodes not removed special nodes sentinel node has max timestamp does not correspond to any actual write head only node to contain an expired write followed by a non-expired write

18 Variable Write Lists (T-CDLL)
store pairs (value,timestamp) clock determines expired nodes expired nodes not removed special nodes sentinel node has max timestamp does not correspond to any actual write head only node to contain an expired write followed by a non-expired write head sentinel

19 Variable Write Lists (T-CDLL)
store pairs (value,timestamp) clock determines expired nodes expired nodes not removed special nodes sentinel node has max timestamp does not correspond to any actual write head only node to contain an expired write followed by a non-expired write head sentinel expired nodes actual variable write list

20 Auxiliary Data Structures
parameters T max no. of threads V max no. of tracked locations (or write lists) N max no. of nodes for each variable write list K max timestamp variables int clock; variable write lists int value[V][N+1], tstamp[V][N+1], prev[V][N+1], next[V][N+1]; last values and timestamps int last_value[V][T], last_tstamp[V][T]; max timestamp so far int max_tstamp[T];

21 eTSO-SMA: read operation
int clock_update() { int tmp = *; assume(clock <= tmp && tmp <= K); clock = tmp; } int read(int v, int t) { clock_update(); if (last_tstamp[v][t] > clock) return last_value[v][t]; int node = *; assume(node < N && tstamp[v][node] <= clock && tstamp[v][next[v][node]] > clock); return value[v][node];

22 eTSO-SMA: read operation
int clock_update() { int tmp = *; assume(clock <= tmp && tmp <= K); clock = tmp; } int read(int v, int t) { clock_update(); if (last_tstamp[v][t] > clock) return last_value[v][t]; int node = *; assume(node < N && tstamp[v][node] <= clock && tstamp[v][next[v][node]] > clock); return value[v][node]; clock follows non-decreasing order

23 eTSO-SMA: read operation
int clock_update() { int tmp = *; assume(clock <= tmp && tmp <= K); clock = tmp; } int read(int v, int t) { clock_update(); if (last_tstamp[v][t] > clock) return last_value[v][t]; int node = *; assume(node < N && tstamp[v][node] <= clock && tstamp[v][next[v][node]] > clock); return value[v][node]; clock follows non-decreasing order if the last write by t on v has not expired, return the corresponding value

24 eTSO-SMA: read operation
int clock_update() { int tmp = *; assume(clock <= tmp && tmp <= K); clock = tmp; } int read(int v, int t) { clock_update(); if (last_tstamp[v][t] > clock) return last_value[v][t]; int node = *; assume(node < N && tstamp[v][node] <= clock && tstamp[v][next[v][node]] > clock); return value[v][node]; clock follows non-decreasing order if the last write by t on v has not expired, return the corresponding value return the value from the latest expired write, which is guaranteed to exist and correspond to the value of v in the memory

25 eTSO-SMA: read operation
int clock_update() { int tmp = *; assume(clock <= tmp && tmp <= K); clock = tmp; } int read(int v, int t) { clock_update(); if (last_tstamp[v][t] > clock) return last_value[v][t]; int node = *; assume(node < N && tstamp[v][node] <= clock && tstamp[v][next[v][node]] > clock); return value[v][node]; clock follows non-decreasing order if the last write by t on v has not expired, return the corresponding value return the value from the latest expired write, which is guaranteed to exist and correspond to the value of v in the memory representation of the memory no longer needed

26 eTSO-SMA: write operation
int write(int v, int t) { clock_update(); int node = next[v][N]; assume(tstamp[v][next[v][node]] <= clock); next[v][N] = next[v][node]; prev[v][next[v][N]] = N; int succ = *; assume(succ <= N && tstamp[v][succ] > clock); int pred = prev[v][succ]; int ts = *; assume(ts >= clock && ts >= max_tstamp[t]); assume(ts >= tstamp[v][pred] && ts < tstamp[v][succ]); value[v][node] = val; tstamp[v][t] = ts; last_tstamp[v][t] = ts; last_value[v][t] = val; max_tstamp[t] = ts; } select expired node with min timestamp for the new write

27 eTSO-SMA: write operation
int write(int v, int t) { clock_update(); int node = next[v][N]; assume(tstamp[v][next[v][node]] <= clock); next[v][N] = next[v][node]; prev[v][next[v][N]] = N; int succ = *; assume(succ <= N && tstamp[v][succ] > clock); int pred = prev[v][succ]; int ts = *; assume(ts >= clock && ts >= max_tstamp[t]); assume(ts >= tstamp[v][pred] && ts < tstamp[v][succ]); value[v][node] = val; tstamp[v][t] = ts; last_tstamp[v][t] = ts; last_value[v][t] = val; max_tstamp[t] = ts; } select expired node with min timestamp for the new write position the new node by nondeterministically selecting its successor among the non-expired nodes

28 eTSO-SMA: write operation
int write(int v, int t) { clock_update(); int node = next[v][N]; assume(tstamp[v][next[v][node]] <= clock); next[v][N] = next[v][node]; prev[v][next[v][N]] = N; int succ = *; assume(succ <= N && tstamp[v][succ] > clock); int pred = prev[v][succ]; int ts = *; assume(ts >= clock && ts >= max_tstamp[t]); assume(ts >= tstamp[v][pred] && ts < tstamp[v][succ]); value[v][node] = val; tstamp[v][t] = ts; last_tstamp[v][t] = ts; last_value[v][t] = val; max_tstamp[t] = ts; } select expired node with min timestamp for the new write position the new node by nondeterministically selecting its successor among the non-expired nodes guess suitable timestamp, must respect non-decreasing order

29 eTSO-SMA: write operation
int write(int v, int t) { clock_update(); int node = next[v][N]; assume(tstamp[v][next[v][node]] <= clock); next[v][N] = next[v][node]; prev[v][next[v][N]] = N; int succ = *; assume(succ <= N && tstamp[v][succ] > clock); int pred = prev[v][succ]; int ts = *; assume(ts >= clock && ts >= max_tstamp[t]); assume(ts >= tstamp[v][pred] && ts < tstamp[v][succ]); value[v][node] = val; tstamp[v][t] = ts; last_tstamp[v][t] = ts; last_value[v][t] = val; max_tstamp[t] = ts; } select expired node with min timestamp for the new write position the new node by nondeterministically selecting its successor among the non-expired nodes guess suitable timestamp, must respect non-decreasing order update variable write list and auxiliary variables

30 extension to PSO int write(int v, int t) { }
clock_update(); int node = next[v][N]; assume(tstamp[v][next[v][node]] <= clock); next[v][N] = next[v][node]; prev[v][next[v][N]] = N; int succ = *; assume(succ <= N && tstamp[v][succ] > clock); int pred = prev[v][succ]; int ts = *; assume(ts >= clock && ts >= max_tstamp[t]); assume(ts >= tstamp[v][pred] && ts < tstamp[v][succ]); value[v][node] = val; tstamp[v][t] = ts; last_tstamp[v][t] = ts; last_value[v][t] = val; max_tstamp[t] = ts; } write to different variables may be reordered, guessed timestamps no longer need to be the maximum over all variables, but the maximum for the relevant variable: ts >= last_tstamp[t][v]

31 max_tstamp[t] = max(max_tstamp[t],ts)
extension to PSO int write(int v, int t) { clock_update(); int node = next[v][N]; assume(tstamp[v][next[v][node]] <= clock); next[v][N] = next[v][node]; prev[v][next[v][N]] = N; int succ = *; assume(succ <= N && tstamp[v][succ] > clock); int pred = prev[v][succ]; int ts = *; assume(ts >= clock && ts >= max_tstamp[t]); assume(ts >= tstamp[v][pred] && ts < tstamp[v][succ]); value[v][node] = val; tstamp[v][t] = ts; last_tstamp[v][t] = ts; last_value[v][t] = val; max_tstamp[t] = ts; } write to different variables may be reordered, guessed timestamps no longer need to be the maximum over all variables, but the maximum for the relevant variable: ts >= last_tstamp[t][v] guessed timestamps may be smaller than the max timestamp: max_tstamp[t] = max(max_tstamp[t],ts)

32 Experimental Evaluation: common benchmarks
timeout = 600s transformation overhead shows on small programs

33 Experimental Evaluation: common benchmarks
timeout = 600s competitive on twisted interleavings

34 Experimental Evaluation: common benchmarks
timeout = 600s slower

35 Experimental Evaluation: common benchmarks
timeout = 600s faster than Nidhugg

36 Experimental Evaluation: Safestack
maxclock=K=1 forces SC analysis, TSO puts 3x-4x overhead on lazy schema (SC times not shown in table)

37 Experimental Evaluation: Safestack
quicker to spot the bug under PSO as it requires a smaller number of thread interactions; performance comparable when no bugs are found

38 Experimental Evaluation: Safestack
increase maxlock to covers more reorderings, more resource demanding..

39 users.ecs.soton.ac.uk/gp4/cseq
Thank You users.ecs.soton.ac.uk/gp4/cseq

Download ppt "Lazy Sequentialization via Shared Memory Abstractions"

Similar presentations

Dataflow Analysis for Datarace-Free Programs (ESOP 11) Arnab De Joint work with Deepak DSouza and Rupesh Nasre Indian Institute of Science, Bangalore.

Dataflow Analysis for Datarace-Free Programs (ESOP 11) Arnab De Joint work with Deepak DSouza and Rupesh Nasre Indian Institute of Science, Bangalore.
Bounded Model Checking of Concurrent Data Types on Relaxed Memory Models: A Case Study Sebastian Burckhardt Rajeev Alur Milo M. K. Martin Department of.

Bounded Model Checking of Concurrent Data Types on Relaxed Memory Models: A Case Study Sebastian Burckhardt Rajeev Alur Milo M. K. Martin Department of.
Time-based Transactional Memory with Scalable Time Bases Torvald Riegel, Christof Fetzer, Pascal Felber Presented By: Michael Gendelman.

Time-based Transactional Memory with Scalable Time Bases Torvald Riegel, Christof Fetzer, Pascal Felber Presented By: Michael Gendelman.
Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer Stellenbosch University, South Africa Salvatore.

Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer Stellenbosch University, South Africa Salvatore.
A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.

A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.
Memory Consistency Models Kevin Boos. Two Papers Shared Memory Consistency Models: A Tutorial – Sarita V. Adve & Kourosh Gharachorloo – September 1995.

Memory Consistency Models Kevin Boos. Two Papers Shared Memory Consistency Models: A Tutorial – Sarita V. Adve & Kourosh Gharachorloo – September 1995.
Gwendolyn Voskuilen, Faraz Ahmad, and T. N. Vijaykumar Electrical & Computer Engineering ISCA 2010.

Gwendolyn Voskuilen, Faraz Ahmad, and T. N. Vijaykumar Electrical & Computer Engineering ISCA 2010.
“FENDER” AUTOMATIC MEMORY FENCE INFERENCE Presented by Michael Kuperstein, Technion Joint work with Martin Vechev and Eran Yahav, IBM Research 1.

“FENDER” AUTOMATIC MEMORY FENCE INFERENCE Presented by Michael Kuperstein, Technion Joint work with Martin Vechev and Eran Yahav, IBM Research 1.
Chapter 6: Process Synchronization

Chapter 6: Process Synchronization
Reducing Context-bounded Concurrent Reachability to Sequential Reachability Gennaro Parlato University of Illinois at Urbana-Champaign Salvatore La Torre.

Reducing Context-bounded Concurrent Reachability to Sequential Reachability Gennaro Parlato University of Illinois at Urbana-Champaign Salvatore La Torre.
Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.

Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.
1 Lecture 12: Hardware/Software Trade-Offs Topics: COMA, Software Virtual Memory.

1 Lecture 12: Hardware/Software Trade-Offs Topics: COMA, Software Virtual Memory.
On Sequentializing Concurrent Programs Ahmed Bouajjani LIAFA, University of Paris 7, France LIAFA, University of Paris 7, France Michael Emmi LIAFA, University.

On Sequentializing Concurrent Programs Ahmed Bouajjani LIAFA, University of Paris 7, France LIAFA, University of Paris 7, France Michael Emmi LIAFA, University.
Lazy-CSeq A Lazy Sequentialization Tool for C Omar Inverso University of Southampton, UK Ermenegildo Tomasco University of Southampton, UK Bernd Fischer.

Lazy-CSeq A Lazy Sequentialization Tool for C Omar Inverso University of Southampton, UK Ermenegildo Tomasco University of Southampton, UK Bernd Fischer.
Formalisms and Verification for Transactional Memories Vasu Singh EPFL Switzerland.

Formalisms and Verification for Transactional Memories Vasu Singh EPFL Switzerland.
Memory Model Safety of Programs Sebastian Burckhardt Madanlal Musuvathi Microsoft Research EC^2, July 7, 2008.

Memory Model Safety of Programs Sebastian Burckhardt Madanlal Musuvathi Microsoft Research EC^2, July 7, 2008.
CS510 Concurrent Systems Class 5 Threads Cannot Be Implemented As a Library.

CS510 Concurrent Systems Class 5 Threads Cannot Be Implemented As a Library.
Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.

Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.
Verifying Concurrent Programs by Memory Unwinding Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer.

Verifying Concurrent Programs by Memory Unwinding Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer.
Memory Consistency Models Some material borrowed from Sarita Adve’s (UIUC) tutorial on memory consistency models.

Memory Consistency Models Some material borrowed from Sarita Adve’s (UIUC) tutorial on memory consistency models.

Similar presentations

Ads by Google