Proving Non-opacity (General Track)

نویسندگان

  • Mohsen Lesani
  • Jens Palsberg
چکیده

Guerraoui and Kapalka defined opacity as a safety criterion for transactional memory algorithms in 2008. Researchers have shown how to prove opacity, while little is known about pitfalls that can lead to non-opacity. In this paper, we identify two problems that lead to non-opacity and we prove an impossibility result. We first show that the well-known TM algorithms DSTM and McRT don’t satisfy opacity. DSTM suffers from a write-skew anomaly, while McRT suffers from a write-exposure anomaly. We then prove that for direct-update TM algorithms, opacity is incompatible with a liveness criterion called local progress, even for fault-free systems. Our result implies that if TM algorithm designers want both opacity and local progress, they should avoid direct-update algorithms.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Opacity with Orwellian Observers and Intransitive Non-Interference

Opacity is a general behavioural security scheme flexible enough to account for several specific properties. Some secret set of behaviors of a system is opaque if a passive attacker can never tell whether the observed behavior is a secret one or not. Instead of considering the case of static observability where the set of observable events is fixed off-line or dynamic observability where the se...

متن کامل

Putting Opacity in its Place

We clarify the relationships between Guerraoui and Kapalka’s opacity correctness condition for Transactional Memory (TM) algorithms and the TMS1 and TMS2 conditions we have previously proposed. Using formal, machine checked simulation proofs constructed using the PVS theorem proving system, we have shown that all algorithms that satisfy opacity also satisfy TMS1, and that all algorithms that sa...

متن کامل

Proving Non-opacity

Guerraoui and Kapalka defined opacity as a safety criterion for transactional memory algorithms in 2008. Researchers have shown how to prove opacity, while little is known about pitfalls that can lead to non-opacity. In this paper, we identify two problems that lead to nonopacity, we present automatic tool support for finding those problems, and we prove an impossibility result. We first show t...

متن کامل

Proving Opacity via Linearizability: A Sound and Complete Method

Transactional memory (TM) is a mechanism that manages thread synchronisation on behalf of a programmer so that blocks of code execute with the illusion of atomicity. The main safety criterion for transactional memory is opacity, which defines conditions for serialising concurrent transactions. Verifying opacity is complex because one must not only consider the orderings between fine-grained (an...

متن کامل

Reducing Opacity to Linearizability: A Sound and Complete Method

Transactional memory is a mechanism that manages thread synchronisation on behalf of a programmer so that blocks of code execute with an illusion of atomicity. The main safety criterion for transactional memory is opacity, which defines conditions for serialising concurrent transactions. Proving opacity is complicated because it allows concurrent transactions to observe distinct memory states, ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012