Cache coherence protocols: evaluation using a multiprocessor simulation model
ACM Transactions on Computer Systems (TOCS)
Reasoning about networks with many identical finite state processes
Information and Computation
A structural induction theorem for processes
Proceedings of the eighth annual ACM Symposium on Principles of distributed computing
Proving sequential consistency of high-performance shared memories (extended abstract)
SPAA '91 Proceedings of the third annual ACM symposium on Parallel algorithms and architectures
ACM Transactions on Programming Languages and Systems (TOPLAS)
Verification of a multiprocessor cache protocol using simulation relations and higher-order logic
Formal Methods in System Design - Special issue on computer-aided verification: special methods I
Better verification through symmetry
Formal Methods in System Design - Special issue on symmetry in automatic verification
Lamport clocks: verifying a directory cache-coherence protocol
Proceedings of the tenth annual ACM symposium on Parallel algorithms and architectures
Computer architecture (2nd ed.): a quantitative approach
Computer architecture (2nd ed.): a quantitative approach
A New Approach for the Verification of Cache Coherence Protocols
IEEE Transactions on Parallel and Distributed Systems
Verifying Properties of Large Sets of Processes with Network Invariants
Proceedings of the International Workshop on Automatic Verification Methods for Finite State Systems
Construction of Abstract State Graphs with PVS
CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
Verification of Parameterized Bus Arbitration Protocol
CAV '98 Proceedings of the 10th International Conference on Computer Aided Verification
MOCHA: Modularity in Model Checking
CAV '98 Proceedings of the 10th International Conference on Computer Aided Verification
The 'Test Model-Checking' Approach to the Verification of Formal Memory Models of Multiprocessors
CAV '98 Proceedings of the 10th International Conference on Computer Aided Verification
Verification of a Distributed Cache Memory by Using Abstractions
CAV '94 Proceedings of the 6th International Conference on Computer Aided Verification
Using Formal Verification/Analysis Methods on the Critical Path in System Design: A Case Study
Proceedings of the 7th International Conference on Computer Aided Verification
Protocol Verification by Aggregation of Distributed Transactions
CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
Verification of the Futurebus+ Cache Coherence Protocol
CHDL '93 Proceedings of the 11th IFIP WG10.2 International Conference sponsored by IFIP WG10.2 and in cooperation with IEEE COMPSOC on Computer Hardware Description Languages and their Applications
Model-checking of correctness conditions for concurrent objects
LICS '96 Proceedings of the 11th Annual IEEE Symposium on Logic in Computer Science
Distributed Computing - Special issue: Verification of lazy caching
How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs
IEEE Transactions on Computers
A Specification and Verification Framework for Developing Weak Shared Memory Consistency Protocols
FMCAD '02 Proceedings of the 4th International Conference on Formal Methods in Computer-Aided Design
Proofs of Correctness of Cache-Coherence Protocols
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
Using Timestamping and History Variables to Verify Sequential Consistency
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Software Transactional Memory on Relaxed Memory Models
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Verifying concurrent programs against sequential specifications
ESOP'13 Proceedings of the 22nd European conference on Programming Languages and Systems
Verifying eventual consistency of optimistic replication systems
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Hi-index | 0.00 |
In shared-memory multiprocessors sequential consistency offers a natural tradeoff between the flexibility afforded to the implementor and the complexity of the programmer's view of the memory. Sequential consistency requires that some interleaving of the local temporal orders of read/write events at different processors be a trace of serial memory. We develop a systematic methodology for proving sequential consistency for memory systems with three parameters --number of processors, number of memory locations, and number of data values. From the definition of sequential consistency it suffices to construct a non-interfering observer that watches and reorders read/write events so that a trace of serial memory is obtained. While in general such an observer must be unbounded even for fixed values of the parameters --checking sequential consistency is undecidable!-- we show that for two paradigmatic protocol classes--lazy caching and snoopy cache coherence--there exist finite-state observers. In these cases, sequential consistency for fixed parameter values can thus be checked by language inclusion between finite automata. In order to reduce the arbitrary-parameter problem to the fixed-parameter problem, we develop a novel framework for induction over the number of processors. Classical induction schemas, which are based on process invariants that are inductive with respect to an implementation preorder that preserves the temporal sequence of events, are inadequate for our purposes, because proving sequential consistency requires the reordering of events. Hence we introduce merge invariants, which permit certain reorderings of read/write events. We show that under certain reasonable assumptions about the memory system, it is possible to conclude sequential consistency for any number of processors, memory locations, and data values by model checking two finite-state lemmas about process and merge invariants: they involve two processors each accessing a maximum of three locations, where each location stores at most two data values. For both lazy caching and snoopy cache coherence we are able to discharge the two lemmas using the model checker MOCHA.