Partial Orders for Efficient Bounded Model Checking of Concurrent Software

Alglave, Jade; Kroening, Daniel; Tautschnig, Michael

doi:10.1007/978-3-642-39799-8_9

Cited by 135 publications

(202 citation statements)

References 74 publications

(155 reference statements)

Supporting

Mentioning

199

Contrasting

Order By: Relevance

“…We used CBMC [4] (v5.4) 9 both as sequential backend (for UL-CSeq and LazyCSeq) and stand-alone bug-finding tool. It is a mature SAT-based bounded software model checker that uses a partial-order approach [1] to handle concurrent programs. We further used Lazy-CSeq [12] (v1.0), 10 a lazy sequentialization for bounded programs; CIVL [28] (v1.5), 11 a framework that uses a combination of explicit model checking and symbolic execution for verification; and SMACK [24] (v1.5.2), 12 a bounded software model checker that verifies programs up to a given bound on loop iterations and recursion depth.…”

Section: Ul-cseqmentioning

confidence: 99%

Lazy Sequentialization for the Safety Verification of Unbounded Concurrent Programs

Nguyen

Fischer

Torre

et al. 2016

Automated Technology for Verification and Analysis

View full text Add to dashboard Cite

Abstract. Lazy sequentialization has emerged as one of the most promising approaches for concurrent program analysis but the only efficient implementation given so far works just for bounded programs. This restricts the approach to bugfinding purposes. In this paper, we describe and evaluate a new lazy sequentialization translation that does not unwind loops and thus allows to analyze unbounded computations, even with an unbounded number of context switches. In connection with an appropriate sequential backend verification tool it can thus also be used for the safety verification of concurrent programs, rather than just for bug-finding. The main technical novelty of our translation is the simulation of the thread resumption in a way that does not use gotos and thus does not require that each statement is executed at most once. We have implemented this translation in the UL-CSeq tool for C99 programs that use the pthreads API. We evaluate UL-CSeq on several benchmarks, using different sequential verification backends on the sequentialized program, and show that it is more effective than previous approaches in proving the correctness of the safe benchmarks, and still remains competitive with state-of-the-art approaches for finding bugs in the unsafe benchmarks.

show abstract

Section: Ul-cseqmentioning

confidence: 99%

Lazy Sequentialization for the Safety Verification of Unbounded Concurrent Programs

Nguyen

Fischer

Torre

et al. 2016

Automated Technology for Verification and Analysis

View full text Add to dashboard Cite

show abstract

“…There are two competing frameworks for constructing a truly concurrent semantics, one based on event structures [39] and the other on pomsets [32]. A recent paper [9], the work that is closest to ours, uses partial orders (pomsets) to capture the semantics of shared memory program. The main insight is that partial orders neatly capture the causality of events in the dynamic execution of weak memory programs.…”

Section: Our Approachmentioning

confidence: 99%

“…The main insight is that partial orders neatly capture the causality of events in the dynamic execution of weak memory programs. But such a model cannot directly capture the control and data flow choices present in the programs: the semantics of programs with multiple, conflicting (that is, mutually exclusive) dynamic executions is captured simply as a set of candidate executions [9]. In this work, we advocate integrating program choices directly into the true concurrency semantics: we show that this results in a more succinct, algebraic presentation, leading to a more efficient analysis.…”

Section: Our Approachmentioning

confidence: 99%

The virtues of conflict

Narayanaswamy

Joshi

Kroening

2016

Proceedings of the 21st ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming

Self Cite

View full text Add to dashboard Cite

Modern shared memory multiprocessors permit reordering of memory operations for performance reasons. These reorderings are often a source of subtle bugs in programs written for such architectures. Traditional approaches to verify weak memory programs often rely on interleaving semantics, which is prone to state space explosion, and thus severely limits the scalability of the analysis. In recent times, there has been a renewed interest in modelling dynamic executions of weak memory programs using partial orders. However, such an approach typically requires ad-hoc mechanisms to correctly capture the data and control-flow choices/conflicts present in real-world programs. In this work, we propose a novel, conflict-aware, composable, truly concurrent semantics for programs written using C/C++ for modern weak memory architectures. We exploit our symbolic semantics based on general event structures to build an efficient decision procedure that detects assertion violations in bounded multi-threaded programs. Using a large, representative set of benchmarks, we show that our conflict-aware semantics outperforms the state-of-the-art partial-order based approaches.

show abstract

“…Request permissions from permissions@acm.org. PPDP'17, October 9ś11, 2017, Namur, Belgium timing constraints and paths can be encoded, and software analysis, for example of concurrent programs [2].…”

Section: Introductionmentioning

confidence: 99%

Theory learning with symmetry breaking

Howe

Robbins

King

2017

Proceedings of the 19th International Symposium on Principles and Practice of Declarative Programming

View full text Add to dashboard Cite

This paper investigates the use of a Prolog coded SMT solver in tackling a well known constraints problem, namely packing a given set of consecutive squares into a given rectangle, and details the developments in the solver that this motivates. The packing problem has a natural model in the theory of quantiier-free integer diference logic, a theory supported by many SMT solvers. The solver used in this work exploits a data structure consisting of an incremental Floyd-Warshall matrix paired with a watch matrix that monitors the entailment status of integer diference constraints. It is shown how this structure can be used to build unsatisiable theory cores on the ly, which in turn allows theory learning to be incorporated into the solver. Further, it is shown that a problem-speciic and non-standard approach to learning can be taken where symmetry breaking is incorporated into the learning stage, magnifying the efect of learning. It is argued that the declarative framework allows the solver to be used in this white box manner and is a strength of the solver. The approach is experimentally evaluated. CCS CONCEPTS· Theory of computation → Shortest paths; Packing and covering problems; · Software and its engineering → Constraint and logic languages;

show abstract

Partial Orders for Efficient Bounded Model Checking of Concurrent Software

Cited by 135 publications

References 74 publications

Lazy Sequentialization for the Safety Verification of Unbounded Concurrent Programs

Lazy Sequentialization for the Safety Verification of Unbounded Concurrent Programs

The virtues of conflict

Theory learning with symmetry breaking

Contact Info

Product

Resources

About