Precise Thread-Modular Abstract Interpretation of Concurrent Programs Using Relational Interference Abstractions

Monat, Raphaël; Miné, Antoine

doi:10.1007/978-3-319-52234-0_21

Cited by 13 publications

(19 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…De et al [11] propose the sync-CFG and value-set analysis for race-free programs, while Mukherjee et al [21] extend the framework to region and relational analyses. Gotsman et al [12] and Miné et al [18,19] define relational shape/value analyses for concurrent programs that exploit race-freedom and lock invariants respectively. All these works are for classical lock-based synchronization while we target interrupt-driven programs.…”

Section: Related Workmentioning

confidence: 99%

Data Races and Static Analysis for Interrupt-Driven Kernels

Chopra

Pai

D’Souza

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We consider a class of interrupt-driven programs that model the kernel API libraries of some popular real-time embedded operating systems and the synchronization mechanisms they use. We define a natural notion of data races and a happens-before ordering for such programs.The key insight is the notion of disjoint blocks to define the synchronizeswith relation. This notion also suggests an efficient and effective lockset based analysis for race detection. It also enables us to define efficient "sync-CFG" based static analyses for such programs, which exploit data race freedom. We use this theory to carry out static analysis on the FreeRTOS kernel library to detect races and to infer simple relational invariants on key kernel variables and data-structures.

show abstract

Section: Related Workmentioning

confidence: 99%

Data Races and Static Analysis for Interrupt-Driven Kernels

Chopra

Pai

D’Souza

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…This graph has a size which is exponential in the number of threads and linear in each thread size: it does not scale up. Thread-modular analyses have been designed to alleviate this combinatorial explosion [8,10,[15][16][17]. Amongst them, we use the formal system of interferences, that has been proposed by Miné [15] to analyse each thread in isolation, generating the effects it can have on the execution of other threads, and taking into account the effects generated by these other threads.…”

Section: Interferences: Thread-modular Abstract Interpretationmentioning

confidence: 99%

“…They are non-relational (in particular, there is no relation between the old value of a variable and its new value in an interference) and flow insensitive. To alleviate this problem, previous works [15,16] introduced relational interferences, that model sets of possible state transitions caused by thread instructions between pairs of program points, i.e., they model the effect of the thread in a fully relational and flow-sensitive way, which is more precise and more costly, while still being amenable to classic abstraction techniques. For instance, in the program of Figure 2, one such interference would be "When x is equal to 1, and Thread 1 is not in its critical section, Thread 0 can write 0 in x; and by doing so it will go from label l1 to label l2".…”

Section: Interferences: Thread-modular Abstract Interpretationmentioning

confidence: 99%

“…For instance, in the program of Figure 2, one such interference would be "When x is equal to 1, and Thread 1 is not in its critical section, Thread 0 can write 0 in x; and by doing so it will go from label l1 to label l2". The relational interference framework is complete for reachability properties thus not computable, but Monat and Miné [16] developed precise abstractions of interferences in SC that allow proving this kind of programs in a decidable way.…”

Section: Interferences: Thread-modular Abstract Interpretationmentioning

confidence: 99%

See 1 more Smart Citation

Relational Thread-Modular Abstract Interpretation Under Relaxed Memory Models

Suzanne

Miné

2018

Programming Languages and Systems

Self Cite

View full text Add to dashboard Cite

We address the verification problem of numeric properties in many-threaded concurrent programs under weakly consistent memory models, especially TSO. We build on previous work that proposed an abstract interpretation method to analyse these programs with relational domains. This method was not sufficient to analyse more than two threads in a decent time. Our contribution here is to rely on a relyguarantee framework with automatic inference of thread interferences to design an analysis with a thread-modular approach and describe relational abstractions of both thread states and interferences. We show how to adapt the usual computing procedure of interferences to the additional issues raised by weakly consistent memories. We demonstrate the precision and the performance of our method on a few examples, operating a prototype analyser that verifies safety properties like mutual exclusion. We discuss how weak memory models affect the scalability results compared to a sequentially consistent environment.

show abstract

“…We address the interleaving explosion using the unfolding as an algorithmic approach to compute a flow and path-sensitive thread interference analysis. A recent approach [20] uses relational domains and trace partitioning to recover precision in thread modular analysis but requires manual annotations to guide the partitioning and does not scale with the number of global variables. The analysis in [8] is not as precise as our approach (confirmed by experiments with Duet on a simpler version of our benchmarks) as it employs an abstraction for unbounded parallelism.…”

Section: Related Workmentioning

confidence: 99%

Abstract Interpretation with Unfoldings

Sousa

D’Silva

Kroening

2017

Computer Aided Verification

View full text Add to dashboard Cite

Abstract. We present and evaluate a technique for computing pathsensitive interference conditions during abstract interpretation of concurrent programs. In lieu of fixed point computation, we use prime event structures to compactly represent causal dependence and interference between sequences of transformers. Our main contribution is an unfolding algorithm that uses a new notion of independence to avoid redundant transformer application, thread-local fixed points to reduce the size of the unfolding, and a novel cutoff criterion based on subsumption to guarantee termination of the analysis. Our experiments show that the abstract unfolding produces an order of magnitude fewer false alarms than a mature abstract interpreter, while being several orders of magnitude faster than solver-based tools that have the same precision.

show abstract

Precise Thread-Modular Abstract Interpretation of Concurrent Programs Using Relational Interference Abstractions

Cited by 13 publications

References 29 publications

Data Races and Static Analysis for Interrupt-Driven Kernels

Data Races and Static Analysis for Interrupt-Driven Kernels

Relational Thread-Modular Abstract Interpretation Under Relaxed Memory Models

Abstract Interpretation with Unfoldings

Contact Info

Product

Resources

About