Modelling the ARMv8 architecture, operationally: concurrency and ISA

Shaked Flur, Kathryn Gray, Christopher Pulte, Susmit Sarkar, Ali Sezgin, Luc Maranget, Will Deacon, Peter Sewell

Research output: Chapter in Book/Report/Conference proceedingConference contribution

28 Citations (Scopus)
6 Downloads (Pure)

Abstract

In this paper we develop semantics for key aspects of the ARMv8 multiprocessor architecture: the concurrency model and much of the 64-bit application-level instruction set (ISA). Our goal is to clarify what the range of architecturally allowable behaviour is, and thereby to support future work on formal verification, analysis, and testing of concurrent ARM software and hardware.Establishing such models with high confidence is intrinsically difficult: it involves capturing the vendor's architectural intent, aspects of which (especially for concurrency) have not previously been precisely defined. We therefore first develop a concurrency model with a microarchitectural flavour, abstracting from many hardware implementation concerns but still close to hardware-designer intuition. This means it can be discussed in detail with ARM architects. We then develop a more abstract model, better suited for use as an architectural specification, which we prove sound w.r.t.~the first. The instruction semantics involves further difficulties, handling the mass of detail and the subtle intensional information required to interface to the concurrency model. We have a novel ISA description language, with a lightweight dependent type system, letting us do both with a rather direct representation of the ARM reference manual instruction descriptions. We build a tool from the combined semantics that lets one explore, either interactively or exhaustively, the full range of architecturally allowed behaviour, for litmus tests and (small) ELF executables. We prove correctness of some optimisations needed for tool performance.We validate the models by discussion with ARM staff, and by comparison against ARM hardware behaviour, for ISA single- instruction tests and concurrent litmus tests.
Original languageEnglish
Title of host publicationProceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '16)
EditorsAndy Gill
Place of PublicationNew York
PublisherACM
Pages608-621
Number of pages14
ISBN (Print)9781450335492
DOIs
Publication statusPublished - 11 Jan 2016
EventPOPL '16 The 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - Hilton St Petersburg Bayfront, St Petersburg, Florida, United States
Duration: 20 Jan 201622 Jan 2016

Publication series

NameACM SIGPLAN Notices
PublisherACM
Number1
Volume51
ISSN (Print)0362-1340
ISSN (Electronic)1558-1160

Conference

ConferencePOPL '16 The 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Country/TerritoryUnited States
CitySt Petersburg, Florida
Period20/01/1622/01/16

Keywords

  • Relaxed Memory Models
  • Semantics
  • ISA

Fingerprint

Dive into the research topics of 'Modelling the ARMv8 architecture, operationally: concurrency and ISA'. Together they form a unique fingerprint.

Cite this