diff options
Diffstat (limited to 'src/mm-herd.adoc')
| -rw-r--r-- | src/mm-herd.adoc | 155 |
1 files changed, 155 insertions, 0 deletions
diff --git a/src/mm-herd.adoc b/src/mm-herd.adoc new file mode 100644 index 0000000..f1c0fd8 --- /dev/null +++ b/src/mm-herd.adoc @@ -0,0 +1,155 @@ +[[sec:herd]] +== Formal Axiomatic Specification in Herd + +The tool [.sans-serif]#herd# takes a memory model and a litmus test as +input and simulates the execution of the test on top of the memory +model. Memory models are written in the domain specific language Cat. +This section provides two Cat memory model of RVWMO. The first model, +Figure #fig:herd2[[fig:herd2]], follows the _global memory order_, +Chapter #ch:memorymodel[[ch:memorymodel]], definition of RVWMO, as much +as is possible for a Cat model. The second model, +Figure #fig:herd3[[fig:herd3]], is an equivalent, more efficient, +partial order based RVWMO model. + +The simulator [.sans-serif]#herd# is part of the [.sans-serif]#diy# tool +suite — see http://diy.inria.fr for software and documentation. The +models and more are available online +at http://diy.inria.fr/cats7/riscv/. + +` ` + +.... +(*************) +(* Utilities *) +(*************) + +(* All fence relations *) +let fence.r.r = [R];fencerel(Fence.r.r);[R] +let fence.r.w = [R];fencerel(Fence.r.w);[W] +let fence.r.rw = [R];fencerel(Fence.r.rw);[M] +let fence.w.r = [W];fencerel(Fence.w.r);[R] +let fence.w.w = [W];fencerel(Fence.w.w);[W] +let fence.w.rw = [W];fencerel(Fence.w.rw);[M] +let fence.rw.r = [M];fencerel(Fence.rw.r);[R] +let fence.rw.w = [M];fencerel(Fence.rw.w);[W] +let fence.rw.rw = [M];fencerel(Fence.rw.rw);[M] +let fence.tso = + let f = fencerel(Fence.tso) in + ([W];f;[W]) | ([R];f;[M]) + +let fence = + fence.r.r | fence.r.w | fence.r.rw | + fence.w.r | fence.w.w | fence.w.rw | + fence.rw.r | fence.rw.w | fence.rw.rw | + fence.tso + +(* Same address, no W to the same address in-between *) +let po-loc-no-w = po-loc \ (po-loc?;[W];po-loc) +(* Read same write *) +let rsw = rf^-1;rf +(* Acquire, or stronger *) +let AQ = Acq|AcqRel +(* Release or stronger *) +and RL = RelAcqRel +(* All RCsc *) +let RCsc = Acq|Rel|AcqRel +(* Amo events are both R and W, relation rmw relates paired lr/sc *) +let AMO = R & W +let StCond = range(rmw) + +(*************) +(* ppo rules *) +(*************) + +(* Overlapping-Address Orderings *) +let r1 = [M];po-loc;[W] +and r2 = ([R];po-loc-no-w;[R]) \ rsw +and r3 = [AMO|StCond];rfi;[R] +(* Explicit Synchronization *) +and r4 = fence +and r5 = [AQ];po;[M] +and r6 = [M];po;[RL] +and r7 = [RCsc];po;[RCsc] +and r8 = rmw +(* Syntactic Dependencies *) +and r9 = [M];addr;[M] +and r10 = [M];data;[W] +and r11 = [M];ctrl;[W] +(* Pipeline Dependencies *) +and r12 = [R];(addr|data);[W];rfi;[R] +and r13 = [R];addr;[M];po;[W] + +let ppo = r1 | r2 | r3 | r4 | r5 | r6 | r7 | r8 | r9 | r10 | r11 | r12 | r13 +.... + +` ` + +.... +Total + +(* Notice that herd has defined its own rf relation *) + +(* Define ppo *) +include "riscv-defs.cat" + +(********************************) +(* Generate global memory order *) +(********************************) + +let gmo0 = (* precursor: ie build gmo as an total order that include gmo0 *) + loc & (W\FW) * FW | # Final write after any write to the same location + ppo | # ppo compatible + rfe # includes herd external rf (optimization) + +(* Walk over all linear extensions of gmo0 *) +with gmo from linearizations(M\IW,gmo0) + +(* Add initial writes upfront -- convenient for computing rfGMO *) +let gmo = gmo | loc & IW * (M\IW) + +(**********) +(* Axioms *) +(**********) + +(* Compute rf according to the load value axiom, aka rfGMO *) +let WR = loc & ([W];(gmo|po);[R]) +let rfGMO = WR \ (loc&([W];gmo);WR) + +(* Check equality of herd rf and of rfGMO *) +empty (rf\rfGMO)|(rfGMO\rf) as RfCons + +(* Atomicity axiom *) +let infloc = (gmo & loc)^-1 +let inflocext = infloc & ext +let winside = (infloc;rmw;inflocext) & (infloc;rf;rmw;inflocext) & [W] +empty winside as Atomic +.... + +` ` + +.... +Partial + +(***************) +(* Definitions *) +(***************) + +(* Define ppo *) +include "riscv-defs.cat" + +(* Compute coherence relation *) +include "cos-opt.cat" + +(**********) +(* Axioms *) +(**********) + +(* Sc per location *) +acyclic co|rf|fr|po-loc as Coherence + +(* Main model axiom *) +acyclic co|rfe|fr|ppo as Model + +(* Atomicity axiom *) +empty rmw & (fre;coe) as Atomic +.... |