An axiomatic memory model for POWER multiprocessors

Authors:
Sela Mador-Haim;Luc Maranget;Susmit Sarkar;Kayvan Memarian;Jade Alglave;Scott Owens;Rajeev Alur;Milo M. K. Martin;Peter Sewell;Derek Williams
Affiliations:
University of Pennsylvania;INRIA Rocquencourt-Paris, France;University of Cambridge;University of Cambridge;University of Oxford;University of Cambridge;University of Pennsylvania;University of Pennsylvania;University of Cambridge;IBM, Austin
Venue:
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Year:
2012

Citing 8
Cited 2

Storage in the PowerPC

IEEE Micro
Information-Flow Models for Shared Memory with an Application to the PowerPC Architecture

IEEE Transactions on Parallel and Distributed Systems
The semantics of power and ARM multiprocessor machine code

Proceedings of the 4th workshop on Declarative aspects of multicore programming
Litmus: running tests against hardware

TACAS'11/ETAPS'11 Proceedings of the 17th international conference on Tools and algorithms for the construction and analysis of systems: part of the joint European conferences on theory and practice of software
Understanding POWER multiprocessors

Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Lem: a lightweight tool for heavyweight semantics

ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Fences in weak memory models

CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Synchronising C/C++ and POWER

Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation

Correct and efficient work-stealing for weak memory models

Proceedings of the 18th ACM SIGPLAN symposium on Principles and practice of parallel programming
Partial orders for efficient bounded model checking of concurrent software

CAV'13 Proceedings of the 25th international conference on Computer Aided Verification

Quantified Score

Hi-index	0.00

Visualization

Abstract

The growing complexity of hardware optimizations employed by multiprocessors leads to subtle distinctions among allowed and disallowed behaviors, posing challenges in specifying their memory models formally and accurately, and in understanding and analyzing the behavior of concurrent software. This complexity is particularly evident in the IBM® Power Architecture®, for which a faithful specification was published only in 2011 using an operational style. In this paper we present an equivalent axiomatic specification, which is more abstract and concise. Although not officially sanctioned by the vendor, our results indicate that this axiomatic specification provides a reasonable basis for reasoning about current IBM® POWER® multiprocessors. We establish the equivalence of the axiomatic and operational specifications using both manual proof and extensive testing. To demonstrate that the constraint-based style of axiomatic specification is more amenable to computer-aided verification, we develop a SAT-based tool for evaluating possible outcomes of multi-threaded test programs, and we show that this tool is significantly more efficient than a tool based on an operational specification.