Towards formally specifying and verifying transactional memory

@article{Doherty2012TowardsFS,
  title={Towards formally specifying and verifying transactional memory},
  author={Simon Doherty and Lindsay J. Groves and Victor Luchangco and Mark Moir},
  journal={Formal Aspects of Computing},
  year={2012},
  volume={25},
  pages={769-799}
}
Over the last decade, great progress has been made in developing practical transactional memory (TM) implementations, but relatively little attention has been paid to precisely specifying what it means for them to be correct, or formally proving that they are. In this paper, we present TMS1 (Transactional Memory Specification 1), a precise specification of correct behaviour of a TM runtime library. TMS1 targets TM runtimes used to implement transactional features in an unmanaged programming… 
View on Springer
doi.org
114 Citations
Highly Influential Citations
16
Background Citations
65
Methods Citations
23
Results Citations
1

114 Citations

Towards Formal Specification and Verification of Transactional Memory : Machine-Checked Proofs
TLDR
Two TM specifications are presented: a high-level specification capturing essential requirements of TM, and a more detailed specification for a broad class of TM implementations, expressed as I/O automata (IOAs) so that the theory of IOAs can be used to model both the specification and the implementation, and thus support hierarchical proofs.
Characterizing Transactional Memory Consistency Conditions Using Observational Refinement
TLDR
This work shows that a variant of Transactional Memory Specification (TMS), a TM consistency condition, is equivalent to observational refinement for a programming language where local variables are rolled back upon a transaction abort, and establishes that TMS is the weakest acceptable condition for this case.
Implementing and Verifying Release-Acquire Transactional Memory (Extended Version)
TLDR
This paper develops TMS2-ra, a relaxed operational TM specification that integrates TMS1-ra with RC11 (the repaired C11 memory model that disallows load-buffering) to provide a formal semantics for TM libraries and their clients and uses a simulation-based verification technique to prove correctness of TML-ra.
Last-use Opacity: A Strong Safety Property for Transactional Memory with Early Release Support
TLDR
Last-use opacity and strong last- use opacity are introduced, a pair of new TM safety properties meant to be a compromise between strong properties like opacity and minimal ones like serializability, which eliminate all but a small class of benign inconsistent views and pose no stringent conditions on transactions.
Safe privatization in transactional memory
TLDR
A notion of transactional DRF is proposed and proved that, if a TM satisfies a certain condition generalizing opacity and a program using it is DRF assuming strong atomicity, then the program indeed has strongly atomic semantics.
A programming language perspective on transactional memory consistency
TLDR
It is shown that, for a particular programming language and notions of observable behavior, a variant of the well-known consistency condition of opacity is sufficient for observational refinement, and its restriction to complete histories is furthermore necessary.
Reducing Opacity to Linearizability: A Sound and Complete Method
TLDR
This paper presents a sound and complete method, based on coarse-grained abstraction, for reducing proofs of opacity to the relatively simpler correctness condition: linearizability.
Zen and the Art of Concurrency Control: An Exploration of TM Safety Property Space with Early Release in Mind
TLDR
The TM safety property space is explored: serializability, opacity virtual world consistency, and the TMS family, and whether they support early release and to what extent, and how serialization can be combined with some database properties to create a broader spectrum of useful early release supporting TM safety properties.
Transactional Memory Repair
TLDR
It is important to make sure that the implementation itself is correct, i.e. that it satisfies safety and liveness properties, as well as to verify if a TM implementation satisfies some safety property.
On the Correctness of Transactional Memory Algorithms
TLDR
A sound program logic called synchronization object logic (SOL) that supports reasoning about the execution order and linearization orders of method calls and also the properties of common synchronization object types is presented.
...
...

References

SHOWING 1-10 OF 40 REFERENCES
On the correctness of transactional memory
TLDR
Opacity is defined as a property of concurrent transaction histories and its graph theoretical interpretation is given and it is proved that every single-version TM system that uses invisible reads and does not abort non-conflicting transactions requires, in the worst case, k steps for an operation to terminate.
High-level small-step operational semantics for transactions
TLDR
This work presents a family of formal languages that model a wide variety of behaviors for software transactions, and proves some key language-equivalence theorems to confirm that under sufficient static restrictions, no program can determine whether the language implementation uses weak isolation or strong isolation.
Sequential Specification of Transactional Memory Semantics
TLDR
This work identifies TM implementations from the literature corresponding to several specific conflict and arbitration functions, and offers candidate sequential specifications to capture the semantics of transactional memory.
Semantics of transactional memory and automatic mutual exclusion
TLDR
This article develops semantics and type systems for the constructs of the Automatic Mutual Exclusion (AME) programming model for STM systems that use in-place update, optimistic concurrency, lazy conflict detection, and rollback.
Principles of Transactional Memory
TLDR
The aim of this book is to provide theoretical foundations for transactional memory, as well as answering precisely when a TM implementation is correct, what kind of properties it can ensure, what are the power and limitations of a TM, and what inherent trade-offs are involved in designing a TM algorithm.
Verifying Correctness of Transactional Memories
TLDR
This paper shows how to specify transactional memory in terms of the admissible interchange of transaction operations, and gives proof rules for showing that an implementation satisfies this specification.
Completeness and Nondeterminism in Model Checking Transactional Memories
TLDR
This paper presents the first deterministicspecification automata for strict serializability and opacity in STMs, using an antichain-based tool and shows their deterministic specifications to be equivalent to more intuitive, nondeterministic specification automata (which are too large to be determinized automatically).
On the Consistency Conditions of Transactional Memories
TLDR
A framework that allows defining a space of consistency conditions whose extreme endpoints are serializability and opacity is presented and a new consistency condition that is called virtual world consistency is extracted that ensures that each transaction (committed or aborted) reads values from a consistent global state.
Software Transactional Memory on Relaxed Memory Models
TLDR
This paper presents RML, a new high-level language for expressing concurrent algorithms with a hardware-level atomicity of instructions, and whose semantics is parametrized by various relaxed memory models, and presents FOIL, a tool which takes as input the RML description of an STM algorithm and the description of a memory model, and automatically determines the locations of fences.
McRT-STM: a high performance software transactional memory system for a multi-core runtime
TLDR
A software transactional memory (STM) system that is part of McRT, an experimental Multi-Core RunTime, and a detailed performance analysis of various STM design tradeoffs such as pessimistic versus optimistic concurrency, undo logging versus write buffering, and cache line based versus object based conflict detection are presented.
...
...