Skip to main content
SpringerLink
Log in

Modeling and Verifying PSO Memory Model Using CSP

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

Modern processors deploy a variety of weak memory models for efficiency reasons. Total Store Order (TSO) is a widely used weak memory model which omits store-load constraint by allowing each core to employ a write buffer. Partial Store Order (PSO) is similar to TSO, but in consideration of higher performance, it does not guarantee that writes to different locations propagate to the shared memory following the program order. For understanding the reordering appearing in PSO precisely, we analyze this memory model by utilizing formal methods. In this paper, we apply Communicating Sequential Processes (CSP) to model PSO. By feeding the constructed model into the model checker Process Analysis Toolkit (PAT), we verify four properties. The requirements of TSO are more stringent than PSO, and then PSO must preserve write-read reordering and read-after-write elimination defined by TSO. The programs containing store-store fences between every two writes have the same outcomes under TSO and PSO, which is called outcomes consistency. Last but not the least, PSO should satisfy write-write reordering which indicates that two writes by the same thread may be reordered if they target different locations.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Data Availability

Not Applicable.

References

  1. Sewell P, Sarkar S, Owens S, Nardelli FZ, Myreen MO (2010) x86-tso: a rigorous and usable programmer’s model for x86 multiprocessors. Commun ACM 53(7):89–97. https://doi.org/10.1145/1785414.1785443

    Article  Google Scholar 

  2. Colvin RJ, Smith G (2018) A wide-spectrum language for verification of programs on weak memory models. In: Havelund K, Peleska J, Roscoe B, de Vink EP (eds) Formal Methods - 22nd International Symposium, FM 2018, Held as Part of the Federated Logic Conference, FloC 2018, Oxford, UK, July 15-17, 2018, Proceedings, Lecture Notes in Computer Science, vol 10951. Springer, pp 240–257

  3. Fava DS, Steffen M, Stolz V (2019) Operational semantics of a weak memory model with channel synchronization. J Log Algebraic Methods Program 103:1–30. https://doi.org/10.1016/j.jlamp.2018.10.004

    Article  MathSciNet  Google Scholar 

  4. Sorin DJ, Hill MD, Wood DA (2011) A primer on memory consistency and cache coherence. Synthesis Lectures on Computer Architecture, Morgan & Claypool Publishers. https://doi.org/10.2200/S00346ED1V01Y201104CAC016

  5. (1992) SPARC architecture manual - version 8. Prentice Hall. Accessed 1 Mar 2020

  6. Kang J, Hur C, Lahav O, Vafeiadis V, Dreyer D (2017) A promising semantics for relaxed-memory concurrency. In: Castagna G, Gordon AD (eds) Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages, POPL 2017, Paris, France, January 18-20, 2017. http://dl.acm.org/citation.cfm?id=3009850. ACM, pp 175–189

  7. Hoare CAR (1978) Communicating sequential processes. Commun ACM 21(8):666–677. https://doi.org/10.1145/359576.359585

    Article  Google Scholar 

  8. Sun J, Liu Y, Dong JS, Pang J (2009) PAT: towards flexible verification under fairness. In: Bouajjani A, Maler O (eds) Computer Aided Verification, 21st International Conference, CAV 2009, Grenoble, France, June 26 - July 2, 2009. Proceedings, Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-642-02658-4_59, vol 5643. Springer, pp 709–714

  9. Huang S, Huang J (2016) Maximal causality reduction for TSO and PSO. In: Visser E, Smaragdakis Y (eds) Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, part of SPLASH 2016, Amsterdam, The Netherlands, October 30 - November 4, 2016. https://doi.org/10.1145/2983990.2984025. ACM, pp 447–461

  10. Kavanagh R, Brookes S (2018) A denotational semantics for SPARC TSO. In: Staton S (ed) Proceedings of the Thirty-Fourth Conference on the Mathematical Foundations of Programming Semantics, MFPS 2018, Dalhousie University, Halifax, Canada, June 6-9, 2018, Electronic Notes in Theoretical Computer Science. https://doi.org/10.1016/j.entcs.2018.03.025, vol 341. Elsevier, pp 223–239

  11. Xiang S, Zhu H, Wu X, Xiao L, Bonsangue MM, Xie W, Zhang L (2020) Modeling and verifying the topology discovery mechanism of openflow controllers in software-defined networks using process algebra. Sci Comput Program 187:102,343. https://doi.org/10.1016/j.scico.2019.102343

    Article  Google Scholar 

  12. Buth B, Kouvaras M, Peleska J, Shi H (1997) Deadlock analysis for a fault-tolerant system. In: Johnson M (ed) Algebraic Methodology and Software Technology, 6th International Conference, AMAST ’97, Sydney, Australia, December 13-17, 1997, Proceedings, Lecture Notes in Computer Science. https://doi.org/10.1007/BFb0000463, vol 1349. Springer, pp 60–74

  13. Lowe G, Roscoe AW (1997) Using CSP to detect errors in the TMN protocol. IEEE Trans Software Eng 23(10):659–669. https://doi.org/10.1109/32.637148

    Article  Google Scholar 

  14. Liu Y, Sun J, Dong JS (2010) Analyzing hierarchical complex real-time systems. In: Roman G, van der Hoek A (eds) Proceedings of the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2010, Santa Fe, NM, USA, November 7-11, 2010. https://doi.org/10.1145/1882291.1882350. ACM, pp 365–366

  15. Si Y, Sun J, Liu Y, Dong JS, Pang J, Zhang SJ, Yang X (2014) Model checking with fairness assumptions using PAT. Frontiers Comput Sci 8(1):1–16. https://doi.org/10.1007/s11704-013-3091-5

    Article  MathSciNet  Google Scholar 

  16. Pulte C, Flur S, Deacon W, French J, Sarkar S, Sewell P (2018) Simplifying ARM concurrency: multicopy-atomic axiomatic and operational models for armv8. Proc ACM Program Lang 2(POPL):19:1–19:29. https://doi.org/10.1145/3158107

    Article  Google Scholar 

  17. Lahav O, Vafeiadis V (2016) Explaining relaxed memory models with program transformations. In: Fitzgerald JS, Heitmeyer CL, Gnesi S, Philippou A (eds) FM 2016: Formal Methods - 21st International Symposium, Limassol, Cyprus, November 9-11, 2016, Proceedings, Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-48989-6_29, vol 9995, pp 479–495

  18. Owens S, Sarkar S, Sewell P (2009) A better x86 memory model: x86-tso. In: Berghofer S, Nipkow T, Urban C, Wenzel M (eds) Theorem Proving in Higher Order Logics, 22nd International Conference, TPHOLs 2009, Munich, Germany, August 17-20, 2009. Proceedings, Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-642-03359-9_27, vol 5674. Springer, pp 391–407

  19. Hȯu Z, Sanȧn D, Tiu A, Liu Y, Hoa KC, Dong JS (2021) An isabelle/hol formalisation of the SPARC instruction set architecture and the TSO memory model. J Autom Reason 65(4):569–598. https://doi.org/10.1007/s10817-020-09579-4

    Article  MathSciNet  Google Scholar 

  20. Dodds M, Batty M (2018) Compositional verification of compiler optimisations on relaxed memory. In: Ahmed A (ed) Programming Languages and Systems - 27th European Symposium on Programming, ESOP 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14-20, 2018, Proceedings, Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-89884-1_36, vol 10801. Springer, pp 1027–1055

  21. Alglave J, Kroening D, Tautschnig M (2013) Partial orders for efficient bounded model checking of concurrent software. In: Sharygina N, Veith H (eds) Computer Aided Verification - 25th International Conference, CAV 2013, Saint Petersburg, Russia, July 13-19, 2013. Proceedings, Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-642-39799-8_9, vol 8044. Springer, pp 141–157

  22. Abdulla PA, Aronis S, Atig MF, Jonsson B, Leonardsson C, Sagonas K (2017) Stateless model checking for TSO and PSO. Acta Informatica 54(8):789–818. https://doi.org/10.1007/s00236-016-0275-0

    Article  MathSciNet  Google Scholar 

  23. Margalit R, Lahav O (2021) Verifying observational robustness against a c11-style memory model. Proc ACM Program Lang 5(POPL):1–33. https://doi.org/10.1145/3434285

    Article  Google Scholar 

  24. Flur S, Gray KE, Pulte C, Sarkar S, Sezgin A, Maranget L, Deacon W, Sewell P (2016) Modelling the armv8 architecture, operationally: concurrency and ISA. In: Bodík R, Majumdar R (eds) Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2016, St. Petersburg, FL, USA, January 20 - 22, 2016. https://doi.org/10.1145/2837614.2837615. ACM, pp 608–621

  25. Sarkar S, Sewell P, Alglave J, Maranget L, Williams D (2011) Understanding POWER multiprocessors. In: Hall MW, Padua DA (eds) Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2011, San Jose, CA, USA, June 4-8, 2011. https://doi.org/10.1145/1993498.1993520. ACM, pp 175–186

Download references

Author information

Authors and Affiliations

  1. Shanghai Key Laboratory of Trustworthy Computing, East China Normal University, Shanghai, China

    Lili Xiao & Huibiao Zhu

  2. Faculty of Science and Technology, University of Macau, Macau, China

    Qiwen Xu

  3. Nguyen Tat Thanh University, 300A Nguyen Tat Thanh Street, Ward 13, District 4, Ho Chi Minh City, Vietnam

    Phan Cong Vinh

Authors
  1. Lili Xiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huibiao Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qiwen Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Phan Cong Vinh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Huibiao Zhu.

Ethics declarations

Competing interests

We have no competing interests to declare that are relevant to the content of this article. This article does not involve ethics issues.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix:

Appendix:

Here, we list the whole assertions of properties 1, 3 and 4.

Assertion 1

$$\begin{array}{@{}rcl@{}} &&\#define\ wrr00\{Rtable[0][1]==0\&\&Rtable[1][3]==0\};\\ &&\#assert\ System\ reaches\ wrr00;\\ &&\#define\ wrr01\{Rtable[0][1]==0\&\&Rtable[1][3]==1\};\\ &&\#assert\ System\ reaches\ wrr01;\\ &&\#define\ wrr10\{Rtable[0][1]==1\&\&Rtable[1][3]==0\};\\ &&\#assert\ System\ reaches\ wrr10;\\ &&\#define\ wrr11\{Rtable[0][1]==1\&\&Rtable[1][3]==1\};\\ &&\#assert\ System\ reaches\ wrr11; \end{array}$$

Assertion 3

$$\begin{array}{@{}rcl@{}} &&\#define\ ssf000\{Rtable[0][1]==0\&\&Rtable[1][2]==0\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==0\};\\ &&\#assert\ System1\ reaches\ ssf000;\\ &&\#define\ ssf100\{Rtable[0][1]==1\&\&Rtable[1][2]==0\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==0\};\\ &&\#assert\ System1\ reaches\ ssf100;\\ &&\#define\ ssf001\{Rtable[0][1]==0\&\&Rtable[1][2]==0\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==1\};\\ &&\#assert\ System1\ reaches\ ssf001;\\ &&\#define\ ssf101\{Rtable[0][1]==1\&\&Rtable[1][2]==0\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==1\};\\ &&\#assert\ System1\ reaches\ ssf101;\\ &&\#define\ ssf011\{Rtable[0][1]==0\&\&Rtable[1][2]==1\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==1\};\\ &&\#assert\ System1\ reaches\ ssf011;\\ &&\#define\ ssf111\{Rtable[0][1]==1\&\&Rtable[1][2]==1\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==1\};\\ &&\#assert\ System1\ reaches\ ssf111;\\ &&\#define\ ssf010\{Rtable[0][1]==0\&\&Rtable[1][2]==1\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==0\};\\ &&\#assert\ System1\ reaches\ ssf010;\\ &&\#define\ ssf110\{Rtable[0][1]==1\&\&Rtable[1][2]==1\\ && \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \&\&Rtable[1][3]==0\};\\ &&\#assert\ System1\ reaches\ ssf110; \end{array}$$

Assertion 4

$$\begin{array}{@{}rcl@{}} &&\#define\ wwr00\{Rtable[1][2]==0\&\&Rtable[1][3]==0\};\\ &&\#assert\ System\ reaches\ wwr00;\\ &&\#define\ wwr01\{Rtable[1][2]==0\&\&Rtable[1][3]==1\};\\ &&\#assert\ System\ reaches\ wwr01;\\ &&\#define\ wwr10\{Rtable[1][2]==1\&\&Rtable[1][3]==0\};\\ &&\#assert\ System\ reaches\ wwr10;\\ &&\#define\ wwr11\{Rtable[1][2]==1\&\&Rtable[1][3]==1\};\\ &&\#assert\ System\ reaches\ wwr11; \end{array}$$

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xiao, L., Zhu, H., Xu, Q. et al. Modeling and Verifying PSO Memory Model Using CSP. Mobile Netw Appl 27, 2068–2083 (2022). https://doi.org/10.1007/s11036-022-01989-5

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-022-01989-5

Keywords

Search

Navigation