Foundations of Multi-Core Memory Models

Seminar in Theoretical CS, Summer Semester 2012

News

22.12.2011 - Setup of this web site

23.01.2012 - Changed to bi-weekly scheduling of talks (see specific dates below)

Schedule

13 January 16:00 Introduction to seminar (incl. assignment of topics)

at seminar room of I2

-10 weeks Table of contents due

-8 weeks Preliminary version of report due

-4 weeks Final version of report due

-2 weeks Preliminary version of slides due

-1 week Final version of slides due

(relative to date of

presentation)

Overview

The current and future trend to multi-core computing systems suggests that within the next decade, concurrent multi-threaded programming will replace sequential programming as the standard programming paradigm. However, concurrency and modern computer architecture do not go together easily:

Current programming language memory models are still incomplete. Mainstream languages such as Java increasingly promise sequential consistency for data-race-free programs. But we do not know how to handle data races in a way that supports reasonable performance, security, and debuggability.
Hardware specifications are so informal that it is very hard to know whether we have a correct implementation of the language specifications (if we knew how to specify those fully).
The concurrent algorithms that are now being developed, and which are key to exploiting multiprocessors (via high-performance operating systems, hypervisor kernels, and concurrency libraries), are very subtle, so informal reasoning cannot give high confidence in their correctness.
While there is a rich literature on concurrency theory, and extensive prior work on software verification for concurrency software (including process calculi, model-checking, temporal logics, rely-guarantee reasoning, and separation logic), almost all of it assumes a global notion of time, unrealistic though that is for these systems and algorithms.

The memory (consistency) model is at the heart of the concurrency semantics of a shared-memory program. It defines the interface between the program and any hardware or software that may transform that program.

In this seminar, the following topics will be considered:

Survey of problem domain: state of the practice in multi-core-programming and state of the art in memory consistency models.
Application of concurrency theory approaches to reveal underlying concepts of parallelism, reordering, causality, and consistency.
Formal approaches to memory consistency models and semantics of multithreaded programming.

More information on formal models for multi-core memory is available from the CACM article by Adve and Boehm.

Topics

(Double presentations start at 16:00 in the I2 seminar room, and will roughly take 90 mins)

A. Introduction: The following papers give an introduction to the issues arising with shared-memory computations, ordered chronologically. This material is intended for a single seminar
- (1a) Leslie Lamport: How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs. IEEE Trans. Computers 28(9): 690-691 (1979)
- (1b) Sarita V. Adve, Kourosh Gharachorloo: Shared Memory Consistency Models: A Tutorial. IEEE Computer 29(12): 66-76 (1996)
- (1c) Sarita V. Adve, Hans-Juergen Boehm: Memory models: a case for rethinking parallel languages and hardware. Commun. ACM 53(8): 90-101 (2010)
- Student: Tobias Roy?
- Advisor: Friedrich Gretz
- Date: April 24

B. Historical accounts to shared memory computing: The papers in this section give an historical account of attempts towards formalization of shared-memory computations, and are of relevance to understand and judge modern approaches for multi-core memory models.
- The first two papers are rather classical. Lamport presents two theorems for a shared memory setting in which one process at a time can modify the data, but concurrent readings and writings are possible. Misra presents the weakest axioms for a similar setting to facilitate correctness proofs of shared memory programs.
  - (2a) Leslie Lamport: Concurrent Reading and Writing. Commun. ACM 20(11): 806-811 (1977
  - (2b) Jayadev Misra: Axioms for Memory Access in Asynchronous Hardware Systems. ACM Trans. Program. Lang. Syst. 8(1): 142-153 (1986)
  - Student: Chih-Song Kuo
  - Advisor: Friedrich Gretz
  - Date: April 24
- Shasha and Snir describe an approach to determine the minimal delay within a process such as to accommodate sequential consistency.
  - (3) Dennis Shasha, Marc Snir: Efficient and Correct Execution of Parallel Programs that Share Memory. ACM Trans. Program. Lang. Syst. 10(2): 282-312 (1988)
  - Canceled
- Ahamad et al. give a first formalisation of a so-called weak memory model. Such model allows for more concurrent memory accesses than for sequentially consistent memories. Besides the formalisation, an implementation is described in detail.
  - (4) Mustaque Ahamad, Gil Neiger, James E. Burns, Prince Kohli, Phillip W. Hutto: Causal Memory: Definitions, Implementation, and Programming. Distributed Computing 9(1): 37-49 (1995)
  - Student: Jean Louis Tekam
  - Advisor: Thomas Noll
  - Date: May 8

C. Semantics: All papers in this section are devoted to providing a formal semantics to memory models for either actual programming languages such as Java and C++, as well as for modern multi-core processors and optimising compilers.
- Manson et al. define the semantics of multithreaded Java programs and partially determines legal implementations of Java virtual machines and compilers. It provides a simple interface for correctly synchronized programs -- it guarantees sequential consistency to data-race-free programs. Flaws in this model were found and (partially) repaired by Aspinall and Ševč?k.
  - (5a) Jeremy Manson, William Pugh, Sarita V. Adve: The Java memory model. POPL 2005: 378-391
  - (5b) David Aspinall, Jaroslav Ševč?k: Java Memory Model Examples: Good, Bad and Ugly . VAMP 2007
  - Student: Philipp Kuinke
  - Advisor: Haidi Yue
  - Date: May 22
- Saraswat et al. establish that all models in their mathematical framework satisfy the following (fundamental) property of relaxed memory models: programs whose sequentially consistent (SC) executions have no races must have have only SC executions.
  - (6) Vijay A. Saraswat, Radha Jagadeesan, Maged M. Michael, Christoph von Praun: A theory of memory models. PPOPP 2007: 161-172
  - Student: Levin Gerdes
  - Advisor: Haidi Yue
  - Date: May 22
- Recently, Jagadeesan and co-workers presented an attempt to fit relaxed memory models into structured operational semantics and showed that the basic properties of the Java Memory Model hold in their formalisation.
  - (7) Radha Jagadeesan, Corin Pitcher, James Riely: Generative Operational Semantics for Relaxed Memory Models. ESOP 2010: 307-326
  - Student: Tim Lange
  - Advisor: Thomas Noll
  - Date: June 5
- An alternative approach to that of Jagadeesan et al. is followed by Boudol and Petri:
  - (8) Gérard Boudol, Gustavo Petri: Relaxed memory models: an operational approach. POPL 2009: 392-403
  - Student: Thomas R?hl
  - Advisor: Friedrich Gretz
  - Date: June 5
- A popular technique in "optimising" compilers for multi-core machines is so-called speculative re-ordering of instructions. This speeds up program execution as it allows more concurrency. Boudol and Petri recently gave a first formalisation of this technique.
  - (9) Gérard Boudol, Gustavo Petri: A Theory of Speculative Computation. ESOP 2010: 165-184
  - Student: Dominik Schmithausen
  - Advisor: Haidi Yue
  - Date: June 12
- The last two papers of this section (intended for a single seminar) present two approaches towards the mathematical semantics of C++ concurrency.
  - (10a) Mark Batty, Scott Owens, Susmit Sarkar, Peter Sewell, Tjark Weber: Mathematizing C++ concurrency. POPL 2011: 55-66
  - (10b) Hans-Juergen Boehm, Sarita V. Adve: Foundations of the C++ concurrency memory model. PLDI 2008: 68-78
  - Student: Isaak Lim
  - Advisor: Thomas Noll
  - Date: June 12
D. Verification: All papers in this section intend to verify (using different means) basic properties of shared memory systems, with or without local caches.
- Brinksma gives a process algebraic account to proving the correctness of a lazy caching algorithm. The proof is based on refinement.
  - (11a) Rob Gerth: Sequential Consistency and the Lazy Caching Algorithm. Distributed Computing 12(2-3): 57-59 (1999)
  - (11b) Ed Brinksma: Cache Consistency by Design. Distributed Computing 12(2-3): 61-74 (1999)
  - Canceled
- Model checking transactional memories (TMs) is difficult because of the unbounded number, length, and delay of concurrent transactions, as well as the unbounded size of the memory. Recently, Guerraoui et al. showed that, under certain conditions satisfied by most TMs, the model checking problem can be reduced to a finite-state problem.
  - (12) Rachid Guerraoui, Thomas A. Henzinger, Vasu Singh: Model checking transactional memories. Distributed Computing 22(3): 129-145 (2010)
  - Student: Rafal Korzeniewski
  - Advisor: Hao Wu
  - Date: June 26
- Atig et al. define abstract operational models for three different weak memory models. Their models are based on state machines with (potentially unbounded) FIFO buffers. The authors investigate the decidability of their reachability and their repeated reachability problems.
  - (13) Mohamed Faouzi Atig, Ahmed Bouajjani, Sebastian Burckhardt, Madanlal Musuvathi: On the verification problem for weak memory models . POPL 2010: 7-18
  - Student: Sergey Sazonov
  - Advisor: Hao Wu
  - Date: June 26
- At Microsoft, they developed a monitor algorithm that can detect the presence of program executions that are not sequentially consistent due to store buffers. Such monitor is combined with a stateless model checker that verifies that every sequentially consistent execution is correct. Practical results are provided.
  - (14) Sebastian Burckhardt, Madanlal Musuvathi: Effective Program Verification for Relaxed Memory Models. CAV 2008: 107-120
  - Student: Mathias Obster
  - Advisor: Hao Wu
  - Date: July 3

Additional Material

Contact

Thomas Noll <noll at cs.rwth-aachen.de>

BSc/MSc/Diploma Topics

Teaching WS 2012/13

Hybrid Systems Group

March 12, 2014

We are looking for a HiWi for the Compiler Construction course. If you are interested, please contact Thomas Noll.

Sept. 17, 2013

Joost-Pieter Katoen has been appointed as a member of the renowned Academia Europaea (Academy of Europe), a European, non-governmental association acting as an Academy whose members are scientists and scholars who collectively aim to promote learning, education and research.

July 15, 2013

Vacancies for postdoctoral researchers in "Automated Analysis of Probabilistic Programs". Application deadline: August 15, 2013.

May 6, 2013

Joost-Pieter Katoen has been awarded a Distinguished Professorship from the RWTH Aachen University.

April 11, 2013

The Hybrid Systems: Computation and Control (HSCC'13) conference in Philadelphia has been very successful: Hongfei Fu received the best student paper award for his paper "Approximating acceptance probabilities of CTMC-paths on multi-clock deterministic timed automata". Besides, the paper by Ilya Tkachev, Alexandru Mereacre, Alessandro Abate and Joost-Pieter Katoen was ranked second in the overall best paper award selection.

March 20, 2013

Joost-Pieter Katoen has been elected as Steering Committee Chair of ETAPS (www.etaps.org), the largest conference on theory and practice of software in Europe. He is the first non-UK ETAPS SC chair since the conference was initiated in 1998. More information here.

February 6, 2013

The Alumni-Magazine of RWTH Aachen University contains an interview with our former PhD student and postdoctoral researcher, Dr. Tingting Han.

21 December, 2012

HiWi's wanted to work in a new European Space Agency project for enhancing state-of-the-art design and analysis tools (COMPASS) for the next generation European rockets. Need programming and model checking affinity. See here for details and contact.

August 16, 2012

We offer openings for several PhD candidates in the area of
"Model-Based Design and Analysis for Dependable Software Systems". Deadline for application: September 14, 2012. For further information click here.

July 20, 2012

The Theory of Hybrid Systems Group offers two jobs as student assistants within the CEBug project. For more information, look here.

April 2, 2012

Dino Distefano received the prestigious Roger Needham Award for his work on software verification. This award is for a distinguished research contribution in computer science by a UK based researcher who has completed up to 10 years of post-doctoral research. Dr. Distefano was the first PhD student supervised by Joost-Pieter Katoen.

March 19, 2012

Marijn Jongerden received the German MMB (Messung, Modellierung und Bewertung von Rechensystemen) Award 2012 of the GI/ITG-Committee for Measurement, Modelling and Evaluation of Computing Systems for his PhD-thesis on "Model-based energy analysis of battery powered systems". His work was supervised by Boudewijn Haverkort (Twente) and Joost-Pieter Katoen.

March 1, 2012

Our paper "Formal Correctness, Safety, Dependability and Performance Analysis of a Satellite" has been accepted to ICSE 2012 in the track SE in Practice (18% acceptance rate). The paper treats a new satellite from the European Space Agency that was modeled and analyzed with modern tools during the actual satellite design.

January 27, 2012

Joost-Pieter Katoen will act as DJ in the "Nacht der Professoren" in the Apollo bar and cinema.

Older news