Thinking About Transactional Memory, Axiomatically

Title 44pt Title Case Thinking about Transactional Memory, Axiomatically

Nathan Chong Affiliations 24pt sentence case ARM Research (Security and Correctness)

ARM v8.0 Axiomatic Model by Will Deacon (ARM) 20pt sentence case TM work with John Wickerson and Tyler Sorensen (Imperial) 10+ Years of Academic Research [AMT14]

Multiprocessor program

T0 T1 ... Tn-1 a sequence of assembly instructions (ADD, CMP, B, LDR, STR, …)

Essential Question: What values can this load return? 2 Weaker Alpha

Power ARM RISC-V

x86 (TSO)

Stronger Sequential Consistency

3 Weaker Alpha

Power ARM RISC-V

ARM v8.0

x86 (TSO)

Stronger Sequential Consistency

4 Weaker Alpha

Power ARM RISC-V

ARM v8.0 TM Design Space x86 (TSO)

Stronger Sequential Consistency

5 This Talk

- ARM’s new, stronger v8.0 memory model - Multi-copy atomicity - Store token optimisation (disallowed) - False data and control dependencies (enforced)

- Extending weak memory with transactional memory

6 Part 1: The ARM v8.0 Memory Model

Work by Will Deacon (ARM)

7 The set of all executions

ARM v8.0

8 The v8.0 Memory Model is Multi-Copy Atomic

9 a: W[x]=1

10 rfe a: W[x]=1 b: R[x]=1

11 *Parameterised by memory-model

rfe happens-before a: W[x]=1 b: R[x]=1 c: R[x]=?

12 *Parameterised by memory-model

rfe happens-before a: W[x]=1 b: R[x]=1 c: R[x]=?

13 rfe a: W[x]=1 b: R[x]=1 happens-before

R[x]=0

14 WRC+addrs Prev: Allowed / v8.0: Disallowed rfe a: W[x]=1 b: R[x]=1 d: R[y]=1 rf fr addr addr

c: W[y]=1 e: R[x]=0

15 IRIW+addrs Prev: Allowed / v8.0: Disallowed rf rf a: W[x]=1 b: R[x]=1 d: W[y]=1 e: R[y]=1 fr fr addr addr

c: R[y]=0 f: R[x]=0

16 IWP2.4+addrs Prev: Allowed / v8.0: Allowed a: W[x]=1 d: W[y]=1 fr fr rf rf

b: R[x]=1 e: R[y]=1

addr addr

c: R[y]=0 f: R[x]=0

17 Part 2: Transactional Memory Extension

Joint work with John Wickerson and Tyler Sorensen (Imperial)

18 Transactional Memory

[HM93] A transaction is a finite sequence of machine instructions, executed by a single process, satisfying the following properties:

- Serializability - Atomicity (All or Nothing)

Iceberg Photomontage (Uwe Kils) (CC BY-SA 3.0) 19 Tx1 Shared Memory Tx2

20 Tx1 Shared Memory Tx2

conflict!

21 Shared Memory Tx2

Abort Tx1

22 Tx1 Shared Memory

Replay Tx1

23 Transactional Memory Architectural Changes

ISA Changes: TXSTART, TXCOMMIT, TXABORT, TXTEST

Impact on Memory Model

Interaction with exceptions, virtualisation, SVE, debug, …

Iceberg Photomontage (Uwe Kils) (CC BY-SA 3.0) 24 An Execution is a Structure

Execution X =

a set of basic sets basic relations events

25 Introduce a Same-Transaction Relation

Execution X =

an equivalence relation identifying events of the same (successfully committed) transaction

Define T = domain(stxn) // the set of transactional events

26 stxn po po is equivalent to

po po

27 stxn Must Be Contiguous in po

stxn po po

po po

(Power TM supports transaction pausing) 28 Can’t Express Some Instruction Sequences

TXSTART // Nested // No commit // Unbalanced […] TXSTART TXSTART TXCOMMIT TXCOMMIT TXSTART […] […] […] TXCOMMIT TXCOMMIT

Ill- defined program?

29 A Transactional Variant of MP