dynamic reductions for model checking concurrent software
play

Dynamic Reductions for Model Checking Concurrent Software Alfons - PowerPoint PPT Presentation

Sep 21, 2022 •382 likes •905 views

Introduction Transactions Dynamic Experiments Conclusion Dynamic Reductions for Model Checking Concurrent Software Alfons Laarman alfons@laarman.com Henning G unther , Ana Sokolova and Georg Weissenbacher Formal Methods in Systems

  1. Introduction Transactions Dynamic Experiments Conclusion Dynamic Reductions for Model Checking Concurrent Software Alfons Laarman alfons@laarman.com Henning G¨ unther , Ana Sokolova and Georg Weissenbacher Formal Methods in Systems Engineering Vienna University of Technology March 21, 2017 1/14 Alfons Laarman (TU Wien)

  2. Introduction Transactions Dynamic Experiments Conclusion Reductions Model Checking of Concurrent Software 1 Explosion of interleavings 2 Partial-order reduction vs Lipton reduction 3 Symbolic is a challenge 4 Global commutativity is needed, but a severe bottleneck 2/14 Alfons Laarman (TU Wien)

  3. Introduction Transactions Dynamic Experiments Conclusion Reductions Model Checking of Concurrent Software 1 Explosion of interleavings 2 Partial-order reduction vs Lipton reduction 3 Symbolic is a challenge 4 Global commutativity is needed, but a severe bottleneck x = 1; � a = 1; x += 2; b = 2; x += 3; 2/14 Alfons Laarman (TU Wien)

  4. Introduction Transactions Dynamic Experiments Conclusion Reductions Model Checking of Concurrent Software 1 Explosion of interleavings 2 Partial-order reduction vs Lipton reduction 3 Symbolic is a challenge 4 Global commutativity is needed, but a severe bottleneck x = 1; x = 1; � a = 1; x += 2; b = 2; x += 3; 2/14 Alfons Laarman (TU Wien)

  5. Introduction Transactions Dynamic Experiments Conclusion Lipton vs Partial-Order Reduction (POR) l 1 l a a=0; x=1; l 2 l b b=2; y=2; l 3 l c 3/14 Alfons Laarman (TU Wien)

  6. Introduction Transactions Dynamic Experiments Conclusion Lipton vs Partial-Order Reduction (POR) l 1 l a a=0; x=1; a=0; x=1; b=2; x=1; a=0; y=2; l 2 l b b=2; y=2; x=1; b=2; y=2; a=0; l 3 l c y=2; b=2; 3/14 Alfons Laarman (TU Wien)

  7. Introduction Transactions Dynamic Experiments Conclusion Lipton vs Partial-Order Reduction (POR) l 1 l a a=0; a=0; x=1; a=0; x=1; x=1; b=2; x=1; a=0; y=2; l 2 l b b=2; y=2; x=1; b=2; b=2; y=2; a=0; l 3 l c y=2; y=2; b=2; 3/14 Alfons Laarman (TU Wien)

  8. Introduction Transactions Dynamic Experiments Conclusion Lipton vs Partial-Order Reduction (POR) a,b=0,2; x,y=1,2; l 1 l a a=0; a=0; x=1; a=0; x=1; x=1; b=2; x=1; a=0; y=2; l 2 l b b=2; y=2; x=1; b=2; b=2; y=2; a=0; l 3 l c y=2; y=2; b=2; x,y=1,2; a,b=0,2; 3/14 Alfons Laarman (TU Wien)

  9. Introduction Transactions Dynamic Experiments Conclusion Transactions in databases lock A lock B lock C UPDATE unlock C unlock B unlock A 4/14 Alfons Laarman (TU Wien)

  10. Introduction Transactions Dynamic Experiments Conclusion Transactions in databases internal lock A lock B lock C UPDATE unlock C unlock B unlock A 4/14 Alfons Laarman (TU Wien)

  11. Introduction Transactions Dynamic Experiments Conclusion Transactions in databases internal lock A lock B lock C UPDATE unlock C unlock B unlock A commit pre-phase post-phase 4/14 Alfons Laarman (TU Wien)

  12. Introduction Transactions Dynamic Experiments Conclusion Commutativity Action α right commutes with β , i ff α can always be delayed after β : β β α α � 5/14 Alfons Laarman (TU Wien)

  13. Introduction Transactions Dynamic Experiments Conclusion Commutativity Action α right commutes with β , i ff α can always be delayed after β : β β α α � → Definition (Right commutativity ( ⊲ ⊳ )) σ 1 σ 1 β σ 4 → → α ⊲ ⊳ β i ff ∀ σ 1 ,σ 2 ,σ 3 : → ⇒ ∃ σ 4 : → → α α α σ 2 β σ 3 σ 2 β σ 3 → → 5/14 Alfons Laarman (TU Wien)

  14. Introduction Transactions Dynamic Experiments Conclusion Commutativity Action α right commutes with β , i ff α can always be delayed after β : β β α α � → Definition (Right commutativity ( ⊲ ⊳ )) σ 1 σ 1 β σ 4 → → α ⊲ ⊳ β i ff ∀ σ 1 ,σ 2 ,σ 3 : → ⇒ ∃ σ 4 : → → α α α σ 2 β σ 3 σ 2 β σ 3 → → Example An action both-commutes with all actions that access a disjoint set of variables. A lock(/unlock) right(/right)-commutes with other lock and unlock operations. 5/14 Alfons Laarman (TU Wien)

  15. Introduction Transactions Dynamic Experiments Conclusion Commutativity Action α right commutes with β , i ff α can always be delayed after β : β β α α � → Definition (Right commutativity ( ⊲ ⊳ )) σ 1 σ 1 β σ 4 → → α ⊲ ⊳ β i ff ∀ σ 1 ,σ 2 ,σ 3 : → ⇒ ∃ σ 4 : → → α α α σ 2 β σ 3 σ 2 β σ 3 → → Example An action both-commutes with all actions that access a disjoint set of variables. A lock(/unlock) right(/right)-commutes with other lock and unlock operations. Definition (Right-Movability) The action α of thread i is a right-mover, i ff for all j � i : α → → i ⊲ ⊳ → j 5/14 Alfons Laarman (TU Wien)

  16. Introduction Transactions Dynamic Experiments Conclusion Lipton Reduction [Lipton ’77, Lamport et al. ’89] Example (A statement sequence, where x is the only global variable) a = 1; x = 2; b = 3; c = 4; 6/14 Alfons Laarman (TU Wien)

  17. Introduction Transactions Dynamic Experiments Conclusion Lipton Reduction [Lipton ’77, Lamport et al. ’89] Example (A statement sequence, where x is the only global variable) a = 1; x = 2; b = 3; c = 4; a, x, b, c = 1, 2, 3, 4; � 6/14 Alfons Laarman (TU Wien)

  18. Introduction Transactions Dynamic Experiments Conclusion Lipton Reduction [Lipton ’77, Lamport et al. ’89] Lipton Reduction A statement α 1 ; ... ; α n of thread i can be reduced to α 1 ◦ ··· ◦ α n , if for some 1 ≤ k < n , and all j � i : → α 1 ,...,α k − 1 ⊲ ⊳ → j ( pre-phase statements (before α k ) are right movers ) 1 ← ⊳ → j ( post-phase statements (after α k ) are left movers ) α k + 1 ,...,α n ⊲ 2 α 2 α n ∀ σ ∃ σ ′ : σ → i σ ′ → i ◦···◦ (statements after α 1 do not block) 3 Example (A statement sequence, where x is the only global variable) a = 1; x = 2; b = 3; c = 4; a, x, b, c = 1, 2, 3, 4; � 6/14 Alfons Laarman (TU Wien)

  19. Introduction Transactions Dynamic Experiments Conclusion Lipton Reduction [Lipton ’77, Lamport et al. ’89] Lipton Reduction A statement α 1 ; ... ; α n of thread i can be reduced to α 1 ◦ ··· ◦ α n , if for some 1 ≤ k < n , and all j � i : → α 1 ,...,α k − 1 ⊲ ⊳ → j ( pre-phase statements (before α k ) are right movers ) 1 ← ⊳ → j ( post-phase statements (after α k ) are left movers ) α k + 1 ,...,α n ⊲ 2 α 2 α n ∀ σ ∃ σ ′ : σ → i σ ′ → i ◦···◦ (statements after α 1 do not block) 3 Example (A statement sequence, where x is the only global variable) a = 1; x = 2; b = 3; c = 4; a, x, b, c = 1, 2, 3, 4; � x = 6 a = 1 x = 7 x = 8 x = 2 b = 3 x = 9 c = 4 6/14 Alfons Laarman (TU Wien)

  20. Introduction Transactions Dynamic Experiments Conclusion Lipton Reduction [Lipton ’77, Lamport et al. ’89] Lipton Reduction A statement α 1 ; ... ; α n of thread i can be reduced to α 1 ◦ ··· ◦ α n , if for some 1 ≤ k < n , and all j � i : → α 1 ,...,α k − 1 ⊲ ⊳ → j ( pre-phase statements (before α k ) are right movers ) 1 ← ⊳ → j ( post-phase statements (after α k ) are left movers ) α k + 1 ,...,α n ⊲ 2 α 2 α n ∀ σ ∃ σ ′ : σ → i σ ′ → i ◦···◦ (statements after α 1 do not block) 3 Example (A statement sequence, where x is the only global variable) a = 1; x = 2; b = 3; c = 4; a, x, b, c = 1, 2, 3, 4; � x = 6 a = 1 x = 7 x = 8 x = 2 b = 3 x = 9 c = 4 x = 6 x = 7 a = 1 x = 8 x = 2 b = 3 x = 9 c = 4 6/14 Alfons Laarman (TU Wien)

  21. Introduction Transactions Dynamic Experiments Conclusion Lipton Reduction [Lipton ’77, Lamport et al. ’89] Lipton Reduction A statement α 1 ; ... ; α n of thread i can be reduced to α 1 ◦ ··· ◦ α n , if for some 1 ≤ k < n , and all j � i : → α 1 ,...,α k − 1 ⊲ ⊳ → j ( pre-phase statements (before α k ) are right movers ) 1 ← ⊳ → j ( post-phase statements (after α k ) are left movers ) α k + 1 ,...,α n ⊲ 2 α 2 α n ∀ σ ∃ σ ′ : σ → i σ ′ → i ◦···◦ (statements after α 1 do not block) 3 Example (A statement sequence, where x is the only global variable) a = 1; x = 2; b = 3; c = 4; a, x, b, c = 1, 2, 3, 4; � x = 6 a = 1 x = 7 x = 8 x = 2 b = 3 x = 9 c = 4 x = 6 x = 7 a = 1 x = 8 x = 2 b = 3 x = 9 c = 4 x = 6 x = 7 x = 8 a = 1 x = 2 b = 3 x = 9 c = 4 6/14 Alfons Laarman (TU Wien)

  22. Introduction Transactions Dynamic Experiments Conclusion Lipton Reduction [Lipton ’77, Lamport et al. ’89] Lipton Reduction A statement α 1 ; ... ; α n of thread i can be reduced to α 1 ◦ ··· ◦ α n , if for some 1 ≤ k < n , and all j � i : → α 1 ,...,α k − 1 ⊲ ⊳ → j ( pre-phase statements (before α k ) are right movers ) 1 ← ⊳ → j ( post-phase statements (after α k ) are left movers ) α k + 1 ,...,α n ⊲ 2 α 2 α n ∀ σ ∃ σ ′ : σ → i σ ′ → i ◦···◦ (statements after α 1 do not block) 3 Example (A statement sequence, where x is the only global variable) a = 1; x = 2; b = 3; c = 4; a, x, b, c = 1, 2, 3, 4; � x = 6 a = 1 x = 7 x = 8 x = 2 b = 3 x = 9 c = 4 x = 6 x = 7 a = 1 x = 8 x = 2 b = 3 x = 9 c = 4 x = 6 x = 7 x = 8 a = 1 x = 2 b = 3 x = 9 c = 4 x = 6 x = 7 x = 8 a = 1 x = 2 b = 3 c = 4 x = 9 6/14 Alfons Laarman (TU Wien)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Checking Consistency Properties: Tractable Reductions to Reachability Constantin Enea IRIF ,

Checking Consistency Properties: Tractable Reductions to Reachability Constantin Enea IRIF ,

Checking Consistency Properties: Tractable Reductions to Reachability Constantin Enea IRIF , University Paris Diderot Concurrent/Distributed Objects Modern computer software is increasingly concurrent performance improvements often

522 views • 29 slides
Dynamic Partial-Order Reduction for Model Checking Software Cormac Flanagan Patrice Godefroid

Dynamic Partial-Order Reduction for Model Checking Software Cormac Flanagan Patrice Godefroid

Dynamic Partial-Order Reduction for Model Checking Software Cormac Flanagan Patrice Godefroid UC Santa Cruz Bell Labs Presented by: Ulrich Mller Model Checking Given a multithreaded program Wed like to check for deadlocks and

462 views • 17 slides
Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is Model Checking? Model checking is an automated technique that, given a finite-state model of a system and a logical property , systematically

484 views • 36 slides
Software Model Checking Software Model Checking via Static and Dynamic via Static and Dynamic

Software Model Checking Software Model Checking via Static and Dynamic via Static and Dynamic

Software Model Checking Software Model Checking via Static and Dynamic via Static and Dynamic Program Analysis Program Analysis Patrice Godefroid Godefroid Patrice Bell Laboratories, Lucent Technologies Bell Laboratories, Lucent

1.05k views • 56 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

628 views • 34 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

777 views • 31 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

301 views • 8 slides
Towards efficient model checking for variants of ATL under different semantics Wojciech Penczek

Towards efficient model checking for variants of ATL under different semantics Wojciech Penczek

Specification of Strategic Abilities in ATL* Model checking Multi-Valued ATL* Partial order reductions for sATL* Simpler strategies for Timed ATL Conclusions Towards efficient model checking for variants of ATL under different semantics

1.1k views • 88 slides
SMT-based Software Model Checking: Experimental Comparison of Four Algorithms Matthias Dangl

SMT-based Software Model Checking: Experimental Comparison of Four Algorithms Matthias Dangl

SMT-based Software Model Checking: Experimental Comparison of Four Algorithms Matthias Dangl Joint work with Dirk Beyer University of Passau, Germany SMT-based Software Model Checking Bounded Model Checking ( Cbmc , CPAchecker , Esbmc ,

496 views • 26 slides
Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas

Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas

Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole Model Checking C Model checking: normally applied to formal state transition systems checks safety and

439 views • 17 slides
Model Checking Concurrent Systems with Unboundedly Many Processes Using Data Logics Ahmet Kara

Model Checking Concurrent Systems with Unboundedly Many Processes Using Data Logics Ahmet Kara

Model Checking Concurrent Systems with Unboundedly Many Processes Using Data Logics Ahmet Kara MOVEP 2012, Marseille Interaction of Unboundedly Many Processes n m o 1 2 3 p 4 Ahmet Kara Model Checking Concurrent Systems with

852 views • 59 slides
SMT-Based Bounded Model Checking for Embedded ANSI-C Software for Embedded ANSI-C Software

SMT-Based Bounded Model Checking for Embedded ANSI-C Software for Embedded ANSI-C Software

SMT-Based Bounded Model Checking for Embedded ANSI-C Software for Embedded ANSI-C Software Lucas Cordeiro, Bernd Fischer, Joao Marques-Silva b.fischer@ecs.soton.ac.uk Bounded Model Checking (BMC) Basic Idea: check negation of given property

957 views • 33 slides
McErlang a Model Checker for Erlang Programs Lars- Ake Fredlund, Clara Benac Earle

McErlang a Model Checker for Erlang Programs Lars- Ake Fredlund, Clara Benac Earle

McErlang a Model Checker for Erlang Programs Lars- Ake Fredlund, Clara Benac Earle Universidad Polit ecnica de Madrid McErlang basics McErlang is useful for checking concurrent software , not for checking sequential software

957 views • 78 slides
Finding and Understanding Bugs in Software Model Checkers Chengyu Zhang , Ting Su, Yichen Yan,

Finding and Understanding Bugs in Software Model Checkers Chengyu Zhang , Ting Su, Yichen Yan,

Finding and Understanding Bugs in Software Model Checkers Chengyu Zhang , Ting Su, Yichen Yan, Fuyuan Zhang, Geguang Pu, Zhendong Su Software Model Checking 2 Software Model Checking P 3 Software Model Checking P 4 Software

1.41k views • 114 slides
Heuristics for Checking Liveness Properties with Partial Order Reductions A. Duret-Lutz, F.

Heuristics for Checking Liveness Properties with Partial Order Reductions A. Duret-Lutz, F.

Heuristics for Checking Liveness Properties with Partial Order Reductions A. Duret-Lutz, F. Kordon, D. Poitrenaud, E. Renault Tuesday, October 18th E. Renault ATVA16 Tuesday, October 18th 1 / 17 State Space Explosion Two concurrent

941 views • 52 slides
Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius

725 views • 59 slides
Results for different matrices and comparisons Dense Matrices Rectangular Matrices

Results for different matrices and comparisons Dense Matrices Rectangular Matrices

Results for different matrices and comparisons Dense Matrices Rectangular Matrices Rectangular Matrices Symmetric Matrices Sparse Matrices Dense Rectangular matrices Dense Rectangular matrices Dense Rectangular matrices Dense

515 views • 25 slides
Modelling and Simulation of Mechatronic Systems 02PCYQW Examples Matrix Calculus Basilio Bona

Modelling and Simulation of Mechatronic Systems 02PCYQW Examples Matrix Calculus Basilio Bona

Modelling and Simulation of Mechatronic Systems 02PCYQW Examples Matrix Calculus Basilio Bona Politecnico di Torino October 20, 2016 1 Matrix Calculus Example 1. Given the matrix 3 1 4 M = 6 5 12 31

314 views • 4 slides
Novel measurements of anomalous triple gauge couplings for the LHC Elena Venturini SISSA and

Novel measurements of anomalous triple gauge couplings for the LHC Elena Venturini SISSA and

Novel measurements of anomalous triple gauge couplings for the LHC Elena Venturini SISSA and INFN Trieste 23 May 2018 PLANCK2018 1707.08060 with A.Azatov, J.Elias-Miro, Y.Reyimuaji In progress with G.Panico, F.Riva, A.Wulzer, A.Azatov,

375 views • 34 slides
Conditionals in Translation Towards Translation Mining in a compositional setting Jos Tellings

Conditionals in Translation Towards Translation Mining in a compositional setting Jos Tellings

Conditionals in Translation Towards Translation Mining in a compositional setting Jos Tellings Utrecht University j.tellings@gmail.com 30 Oct 2020 Jos Tellings Conditionals in Translation 30 Oct 2020 1 / 19 Conditionals: motivation

301 views • 19 slides
moviCompile: An LLVM based compiler for heterogeneous SIMD code generation Erkan Diken, Roel

moviCompile: An LLVM based compiler for heterogeneous SIMD code generation Erkan Diken, Roel

B ACKGROUND C ODE G ENERATION R ESULTS C ONCLUSION moviCompile: An LLVM based compiler for heterogeneous SIMD code generation Erkan Diken, Roel Jordans, *Martin J. ORiordan Eindhoven University of Technology, Eindhoven (*) Movidius Ltd.,

714 views • 23 slides
Sparse Convex Optimization Methods for Machine Learning PhD Defense Talk 2011 / 10 / 04 Martin

Sparse Convex Optimization Methods for Machine Learning PhD Defense Talk 2011 / 10 / 04 Martin

Sparse Convex Optimization Methods for Machine Learning PhD Defense Talk 2011 / 10 / 04 Martin Jaggi Examiner: Co-Examiners: Emo Welzl Bernd Grtner, Elad Hazan, Joachim Giesen, Joachim Buhmann Convex Optimization D R n f ( x ) x

523 views • 20 slides
Conic Optimization: Relaxing at the Cutting Edge Miguel F . Anjos Professor and Canada Research

Conic Optimization: Relaxing at the Cutting Edge Miguel F . Anjos Professor and Canada Research

Background Integrated IPM New Relaxations Conclusion Conic Optimization: Relaxing at the Cutting Edge Miguel F . Anjos Professor and Canada Research Chair Various parts are joint work with E. Adams (Poly Mtl), A. Engau (U.

529 views • 38 slides
. ~-1&lt;~ 1 1~~ [-Se-~-~ ~.ef SJvn.,..~ ~I.ca..o A.;.\'ti,:. ~ ~~~: IV-

. ~-1&lt;~ 1 1~~ [-Se-~-~ ~.ef SJvn.,..~ ~I.ca..o A.;.\'ti,:. ~ ~~~: IV-

?RO ~Pr\ G~-ric... '&quot;fU&gt;~ L~( os b~ rno~eJt~ of e)&lt;.~o~ pn:&gt; b. lr\ lA~ t.'c. W ~ (A~SLuM f&quot;F&quot;fI\.4J'\ , ... \ - L %s~, ~. U-f\tV..:AlN. wJ;.o.! 'P~~ . ~-1&lt;~ 1 1~~ [-Se-~-~

369 views • 19 slides

More recommend