Slides

Download Report

Transcript Slides 

Parosh Aziz Abdulla1, Mohamed Faouzi Atig1,
Zeinab Ganjei2, Ahmed Rezine2 and Yunyun Zhu1
1. Uppsala University, Sweden
2. Linköping University, Sweden
FMCAD 2015

Transactional memories

Formal model

Small model theorem
◦ Limit the analysis to a finite number of variables

Verification algorithm for cache coherence
◦ Backward reachability analysis with monotonic abstraction

Prototype
◦ Two cache protocols verified

To simplify concurrent programming
Init: x = 0
void add() {
atomic {
int t = x;
t = t + 5;
x = t;
}
}
void add() {
atomic {
int t = x;
t = t + 10;
x = t;
}
}
Thread 1
Thread 2
transaction
read x: 0
Thread1
int t = x
t=t+5
Thread2
t = t + 10
Conflict!
write x: 5
x=t
commit
abort
Init: x = 0
void add() {
atomic {
int tt == x;
x;
int
5;
tt == tt ++ 5;
xx == t;
}
}
Thread 1
void add() {
atomic {
int tt == x;
int
10;
tt == tt ++ 10;
xx == t;
}
}
Thread 2
read x: 0
int t = x
x=t
write x: 10
commit
Properties of TMs:
◦ Atomicity
◦ Isolation
read x: 0
Thread1
int t = x
t=t+5
write x: 5
x=t
commit
abort
Thread2
int t = x
read x: 0
t = t + 10
x=t
write x: 10
commit
Init: x = 0
void add() {
atomic {
int t = x;
t = t + 5;
x = t;
}
}
Thread 1
void add() {
atomic {
int t = x;
t = t + 10;
x = t;
}
}
Thread 2
Hardware TM
Thread1
Thread2
int t = x
int t = x
t=t+5

x=t
x=t
Conflict manager
◦ Decide if an instruction
can be executed
t = t + 10
commit
commit
abort
instruction
response
◦ Adapted with TM context
line state data
x
I
0
y
I
0
z
I
0
Cache C2
Cache protocol
Memory

Cache C1
Conflict manager
line state data
x
I
0
y
I
0
z
I
0
line state data
x
I
0
y
I
0
z
I
0
Thread1
Thread2
write x
Write within
a transaction
Modified
commit
commit
abort
Commit
Exclusive
read x
write x
Trace
notwrite
Trace
x
allowed!
allowed
Filter
instruction
response
Invalid
Read while another
writes within a
transaction
line state data
M
x TMI
I
0
y
I
0
z
I
0
line state data
x TMI
I
M
0
y
I
0
z
I
0
Incoherent
states!
Memory
Abort
Cache C1
Shared
Cache C2
Conflict manager
line state data
x
I
0
y
I
0
z
I
0
Thread
Thread1ThreadThread
n
2 Thread
2
1
write x write x
read y
read y
write y
read x
commit
commit commit
abort
abort
write y write y
commit
abort write x
Verification of coherence
in presence of filters

.
.
.
.
.
.
write y read z
write x
...
read x write z
abort
commit
commit
write y write z
.
.
.
.
instruction
instruction
response response
Conflict
manager
Filter
Challenges:
Cache C
Cache
C22
Cache C
Cache Cn
...
line
data
state data
line state
x
I
0
y
I
0
z
I
0
...
...
◦ Unbounded number of variables
Cache C
2
n
data
statedata
line state
line
statedata
linestate
data
line
xx I I 00
x x TMI
I I 00
M
...
...
yy TMI
yy I I 00
I 00
TMI
zz
z z TMI
I I 00
I
00
...
◦ Unbounded number of threads
Cache C1
Memory
Memory
Memory
◦ Unbounded number of transactions
Cache CC1
Cache
1


Formal model for protocols with filters

Small model theorem
◦ Reduces the problem to finite number of variables

Backward reachability analysis

Prototype

Configuration
◦ Maps each cache line to a state

Transitions:
◦ Concerns the same cache line of different threads
I
required E, TI, I , forbidden TMI , broadcast{E→S}
All the remote
cache lines of x in
M transits to S
None remote
cache line of
x is TMI
At least one
remote cache line
of x is E, TI or I
state
S
Cache C1
Cache C2
Cache C3
line state
x
S
I
y
TI
z TMI
line state
x
S
E
y
I
z
I
line state
x
I
y
I
z
I
local
remote
remote
Thread2
Thread1
write x
write x
Finite set of forbidden
Forbidden pattern
patterns

write, x, t1
write, x, t2
commit, t1
commit
commit
commit, t2
instruction
response
Filter
write, x, t1
trace
write, y, t2 Trace
write,
x, allowed!
t2
read, z, t1
not
commit, t2
commit, t2
Cache C1
Cache C2
Cache C3
line state
x
I
y
I
z
I
line state
x
I
y
I
z
I
line state
x
I
y
I
z
I
Thread1
Thread2
write x
Reduces the analysis to a finite number
of variables

write, x, t1
read, y, t2
read y
write x
write z
commit
commit
commit
commit
response
write, z, t1 write, x, t2 commit, t2 commit,
t1
instruction
write, x, t1 write, x, t2 commit, t1 commit, t2
Incorrect
Filter
Reaches incoherent state,
and passes the filter
Only x
involved
Cache C1
Cache C2
line state
x
I
M
y
I
z
M
I
line state
x
M
I
y
EI
z
I

Define a well-quasi-order on configurations

Prove transition relation is monotonic

Provide an algorithm to compute the set of
predecessors of an upward closed set
Achievable with techniques

Define a well-quasi-order on configurations
Conf1
Conf2
Cache C1
Cache C2
line state
x
S
z
E
line state
x
S
z
I
⊑
Cache C1
Cache C2
Cache C3
line state
x
S
y
E
z TMI
line state
x
S
y
I
z
I
line state
x
S
y
I
z
I
Prove transition relation is monotonic
Conf
C
2
C1
x
x
I
S
⊑
I
⊑
x
Conf4
C3
2
Conf1
Conf3
⊑

C1
x
C2
I
x
I
I
forbidden {S, E}
Due to
forbidden sets
in transitions
C2
C1
E
x
E
x
I


Define a well-quasi-order on configurations
Prove transition relation is
Monotonic
monotonicabstraction
needed
Incoherent states representable
by finite caches

M M I
I
S
M M I

With more caches still incoherent
M M
Minimal
element
Upward closed sets: symbolic representations
for incoherent states


Monotonic
abstraction
Start from bad set
Compute the set of predecessors,
and make it upward-closed if needed

t3
∩ Init = ∅⊒ ?
Stop if no more new configuration
discovered.


t1
t2
t1
A searching branch closed if
◦ The minimal element is subsumed
By an older minimal element
◦ The trace fails the filter
t3
Trace (t3, t2)
fails the filter
t2


Extension of Zaama, which implements
constrained monotonic abstraction
Applied to
◦ Two cache protocols
◦ With six filters

Results obtained a 2.9 Ghz Intel Core i7 with
8GB of RAM
Cache protocol (filter) #rules #bad states Reachable(Y/N) Execution time
UTCP (serial. filter)
70
47
Yes, bad state (M, M)
117.3s
TMESI (serial. filter)
42
38
Yes, bad state (M, M)
35.8s

Formal model for protocols with filters

Small model theorem
◦ Reduces the problem to finite number of variables

Backward reachability analysis

Prototype