Caches, Transactions and Memories : Models, Coherence and Consistency

Abstract: Computers have brought us inestimable convenience in recent years. We have become dependent on them and more sensitive to their performance. During the past decades, we have been trying to improve program efficiency. The invention of multi-core systems is regarded as the new era of boosting performance of computer programs. When we focus on improving program efficiency, we also need to pay attention to program correctness. In some specific areas, errors, aka bugs, of programs can cause disastrous consequences. The dominant approach to bug detection is testing, which is conducted by executing a program against test cases generated based on scenarios. A bug is found when the output of the program does not match the expected output defined in the test case. One main drawback of testing is that it only shows the presence of bugs. An alternative approach is formal verification, which is a method that can exhaustively analyze the program executions and therefore show the absence of bugs. This thesis focuses on one of the main areas of formal verification - model checking. Model checking analyzes a mathematical model extracted from a program and automatically checks if it satisfies the desired properties.In this thesis, we first consider verifying safety and liveness properties for transactional memories. In particular, we consider the FlexTM hybrid transactional memory. We build a formal model of FlexTM, and apply a small model theorem that restricts the number of threads and variables in the model. This allows us to reduce the problem of verifying safety and liveness properties of FlexTM to checking language inclusion between the automata of FlexTM and a reference transactional memory. Second, we present a method for automatic verification of cache coherence protocols in the presence of transactional memories. We build a formal model containing a filter that represents the conflict resolution strategies of the transactional memory. We also apply a small model theorem which limits the number of cache lines of the protocol. To check cache coherence, we extend a backward reachability algorithm for infinite state systems, by removing the traces not allowed by the filter. Using this technique, we verify two cache protocols under different transactional memories respectively and conclude that they both maintain coherence.  Finally, we consider verification of safety properties of programs running over Self-Invalidate and Self-Downgrade cache coherence protocols. To that end, we define a formal model which captures the weak memory model induced by such protocols. We design an algorithm for inserting a set of optimal fences in the program, which guarantees the safety property while still maintaining the efficiency of a maximal degree.