race analysis for systemc using model checking
play

Race Analysis for SystemC using Model Checking Nicolas Blanc, - PowerPoint PPT Presentation

Mar 12, 2024 •324 likes •1.22k views

Race Analysis for SystemC using Model Checking Nicolas Blanc, Daniel Kroening Outline Motivation Partial-Order Reduction Scoot Experimental Results D. Kroening: Race Analysis for SystemCusing Model Checking 2 Introduction Oxford is a

  1. Race Analysis for SystemC using Model Checking Nicolas Blanc, Daniel Kroening

  2. Outline Motivation Partial-Order Reduction Scoot Experimental Results D. Kroening: Race Analysis for SystemCusing Model Checking 2

  3. Introduction ◮ Oxford is a major verification center: 9 full-time academics, 30+ post-docs ◮ My group ◮ 10 PhD students, 8 post-docs (hiring 2 more) ◮ GBP 3m funding for verification (industry, Artemis, FP7) D. Kroening: Race Analysis for SystemCusing Model Checking 3

  4. High-Level Models ◮ Emergence of system design languages ◮ HardwareC, SpecC, Handel-C, and SystemC ◮ Based on C / C++ ◮ Allow joint modeling of both hardware and software components of a system ◮ Support for bit vectors, concurrency, synchronization, exception handling D. Kroening: Race Analysis for SystemCusing Model Checking 4

  5. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler D. Kroening: Race Analysis for SystemCusing Model Checking 5

  6. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler SystemC Model SystemC Model SystemC Library SystemC Library D. Kroening: Race Analysis for SystemCusing Model Checking 5

  7. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler SystemC Model SystemC Model g++ Executable Executable SystemC Library SystemC Library D. Kroening: Race Analysis for SystemCusing Model Checking 5

  8. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler SystemC Model SystemC Model g++ Executable Executable SystemC Library SystemC Library + Stimulus = Traces D. Kroening: Race Analysis for SystemCusing Model Checking 5

  9. SystemC ◮ Originally for fast, low-level circuit simulations ◮ Verilog-like multi-valued logic (0, 1, X, Z) ◮ Multiple drivers for a single signal ◮ Also offers ◮ Bit-vector types ◮ Fixed-point arithmetic ◮ Concurrency ◮ Parts of SystemC are synthesizable D. Kroening: Race Analysis for SystemCusing Model Checking 6

  10. SystemC C/C++ Verilog/VHDL D. Kroening: Race Analysis for SystemCusing Model Checking 7

  11. SystemC C/C++ Verilog/VHDL D. Kroening: Race Analysis for SystemCusing Model Checking 7

  12. SystemC C/C++ Verilog/VHDL Convenient modeling of both hardware and software D. Kroening: Race Analysis for SystemCusing Model Checking 7

  13. Applications of SystemC Possible applications: ◮ Hardware model for co-simulation of embedded software ◮ Synthesis of algorithms ◮ Can serve as high-level model for hardware, in particular at the transaction level D. Kroening: Race Analysis for SystemCusing Model Checking 8

  14. Concurrency in SystemC ◮ Asynchronous interleaving semantics → Thread schedule is non-deterministic D. Kroening: Race Analysis for SystemCusing Model Checking 9

  15. Concurrency in SystemC ◮ Asynchronous interleaving semantics → Thread schedule is non-deterministic ◮ But: Interleaving only at specific locations ◮ wait() ◮ End of thread → No issues with atomicity → Does not really map onto usual pthread model ◮ Makes synthesis and model checking much easier! D. Kroening: Race Analysis for SystemCusing Model Checking 9

  16. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =0, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  17. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  18. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  19. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =20 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  20. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =20 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  21. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =21 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  22. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =0, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  23. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  24. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  25. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =1 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  26. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =1 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  27. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =20 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  28. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule D. Kroening: Race Analysis for SystemCusing Model Checking 12

  29. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule ◮ Standard: thread schedule non-deterministic, but must be consistent between simulation runs → many programmers don’t care about those races D. Kroening: Race Analysis for SystemCusing Model Checking 12

  30. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule ◮ Standard: thread schedule non-deterministic, but must be consistent between simulation runs → many programmers don’t care about those races ◮ But: source of error, and simulation/synthesis differences D. Kroening: Race Analysis for SystemCusing Model Checking 12

  31. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule ◮ Standard: thread schedule non-deterministic, but must be consistent between simulation runs → many programmers don’t care about those races ◮ But: source of error, and simulation/synthesis differences ◮ SystemC offers synchronization constructs to make the schedule deterministic ◮ Explicit events ◮ FIFOs ◮ ... D. Kroening: Race Analysis for SystemCusing Model Checking 12

  32. Concurrency in High-Level Modeling How about concurrency in high-level models? D. Kroening: Race Analysis for SystemCusing Model Checking 13

  33. Concurrency in High-Level Modeling How about concurrency in high-level models? FIFO ✲ ✲ ✲ D. Kroening: Race Analysis for SystemCusing Model Checking 13

  34. Concurrency in High-Level Modeling How about concurrency in high-level models? CLK 1 CLK 2 FIFO ✲ ✲ ✲ D. Kroening: Race Analysis for SystemCusing Model Checking 13

  35. Concurrency in High-Level Modeling How about concurrency in high-level models? CLK 1 CLK 2 FIFO ✲ ✲ ✲ ◮ The ordering of events is crucial ◮ We want the schedule to be non-deterministic! ◮ Similar: bus systems, arbiters, ... D. Kroening: Race Analysis for SystemCusing Model Checking 13

  36. Hunting Schedule-Related Bugs Goal: explore multiple schedules to find schedule-related bugs ◮ Often done by means of “random” waits ◮ Not promising due to exponential number of schedules D. Kroening: Race Analysis for SystemCusing Model Checking 14

  37. Hunting Schedule-Related Bugs Goal: explore multiple schedules to find schedule-related bugs ◮ Often done by means of “random” waits ◮ Not promising due to exponential number of schedules ◮ Alternative: try to explore relevant schedules exhaustively D. Kroening: Race Analysis for SystemCusing Model Checking 14

  38. Hunting Schedule-Related Bugs “Relevant” schedules? D. Kroening: Race Analysis for SystemCusing Model Checking 15

  39. Hunting Schedule-Related Bugs “Relevant” schedules? Observation: Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) The relative ordering of thread 2 and thread 3 is irrelevant for the state that is finally reached! D. Kroening: Race Analysis for SystemCusing Model Checking 15

  40. Commutativity of Transitions Key observation: x++ and y++ are commutative ⑦ ♥ s 1 D. Kroening: Race Analysis for SystemCusing Model Checking 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius

725 views • 59 slides
Race Details Checking In Transition Area and Race Hub will be located at Salina Bay, opposite

Race Details Checking In Transition Area and Race Hub will be located at Salina Bay, opposite

In Collaboration With Race Details Checking In Transition Area and Race Hub will be located at Salina Bay, opposite Salini Hotel Transition Area will be open to athletes from 5am onwards on Race Day Body Marking will also start at that time

440 views • 22 slides
Model Checking & Program Analysis Markus Mller-Olm Dortmund University Overview

Model Checking & Program Analysis Markus Mller-Olm Dortmund University Overview

Model Checking & Program Analysis Markus Mller-Olm Dortmund University Overview Introduction Model Checking Flow Analysis Some Links between MC and FA Conclusion Apology for not giving proper credit to other

535 views • 41 slides
Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree Logic Dominic Mulligan Based on previous slides by Alan Mycroft and Mike Gordon Programming, Logic, and Semantics Group University of Cambridge

402 views • 25 slides
Praktikum: SystemC SystemC-TLM Tutorial Joachim Falk ( falk@cs.fau.de )

Praktikum: SystemC SystemC-TLM Tutorial Joachim Falk ( falk@cs.fau.de )

Praktikum: SystemC SystemC-TLM Tutorial Joachim Falk ( falk@cs.fau.de ) Friedrich-Alexander-Universitt Erlangen-Nrnberg Joachim Falk 1 Agenda SystemC and TLM Transaction TLM 2.0 Overview Interfaces

963 views • 26 slides
Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model

Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model

Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model checking historically not the first symbolic model checking approach scales better than original BDD based techniques mostly incomplete in

521 views • 28 slides
CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms

CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms

CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms for ( U ) Counter Examples and witnesses Symbolic Model Checking (Thursday) Binary Decision Trees

740 views • 40 slides
Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of

Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of

Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of compiling one into the other? Both have very different models of time How do they compare? We have seen two widely used temporal logics Relative

510 views • 10 slides
Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL

Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL

Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL Other interesting books: Model Checking by Clarke, Grumberg, and Peled Principles of Model Checking by Baier and Katoen 3 Course

636 views • 11 slides
Lecture 5. Symbolic model checking. NuSMV and SPIN model checkers. User-friendly model checking

Lecture 5. Symbolic model checking. NuSMV and SPIN model checkers. User-friendly model checking

Lecture 5. Symbolic model checking. NuSMV and SPIN model checkers. User-friendly model checking ELEC-E8110 Automation Systems Synthesis and Analysis Igor Buzhinsky igor.buzhinskii@aalto.fi 2018 Igor Buzhinsky Lecture 5 2018 1 / 28 Symbolic

833 views • 61 slides
Introduction to SystemC Damien Hubaux - CETIC Supported by the European Union (ERDF) and the

Introduction to SystemC Damien Hubaux - CETIC Supported by the European Union (ERDF) and the

www.cetic.be Introduction to SystemC Damien Hubaux - CETIC Supported by the European Union (ERDF) and the Walloon Region (DGTRE) Outline Why SystemC? www.cetic.be What is SystemC? A language A C++ library Why SystemC

431 views • 16 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

628 views • 34 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

777 views • 31 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

301 views • 8 slides
Tutorial Intro. to Modern Formal Methods: Mechanized Formal Analysis Using Model Checking,

Tutorial Intro. to Modern Formal Methods: Mechanized Formal Analysis Using Model Checking,

Tutorial Intro. to Modern Formal Methods: Mechanized Formal Analysis Using Model Checking, Theorem Proving SMT Solving, Abstraction, and Static Analysis With SAL, PVS, and Yices, and more John Rushby Computer Science Laboratory SRI

1.89k views • 161 slides
Formal Verification by Model Checking Jonathan Aldrich Carnegie Mellon University Based on

Formal Verification by Model Checking Jonathan Aldrich Carnegie Mellon University Based on

Formal Verification by Model Checking Jonathan Aldrich Carnegie Mellon University Based on slides developed by Natasha Sharygina 17-654/17-754: Analysis of Software Artifacts Spring 2006 1 CTL Model Checking AG (Start AF Heat)

307 views • 20 slides
f zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA A Petri Network based Simulation Tool for

f zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA A Petri Network based Simulation Tool for

TOPAS zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA ; F - B e n z Aerospace of Armed Forces zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA f zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA A Petri Network based Simulation Tool for

390 views • 12 slides
Bringing Family Medicine to the Students - Where

Bringing Family Medicine to the Students - Where

Bringing Family Medicine to the Students - Where They Are!! Tochi Iroku-Malize MD MPH Chair Family Medicine Hofstra North Shore LIJ

361 views • 33 slides
Data requirements for simula0ng vapor shielding with radia0on- hydrodynamic and

Data requirements for simula0ng vapor shielding with radia0on- hydrodynamic and

Data requirements for simula0ng vapor shielding with radia0on- hydrodynamic and collisional-radia0ve modeling IAEA Consultancy Mee1ng on Vapor Shielding in Fusion Devices Howard Sco? March 19-20, 2018 LLNL-PRES-748293 This work was performed

239 views • 21 slides
Hi Most of you know my studio, Home Run Pictures, as a long-;me producer of fulldome content

Hi Most of you know my studio, Home Run Pictures, as a long-;me producer of fulldome content

Hi Most of you know my studio, Home Run Pictures, as a long-;me producer of fulldome content but we also have been crea;ng content for educa;onal documentaries even longer. A while back we bought an Oculus and a VIVE to experiment with and

480 views • 24 slides
Clinical Simulation at UCLH STeLi 30 million across London since 2008 CMOs

Clinical Simulation at UCLH STeLi 30 million across London since 2008 CMOs

Clinical Simulation at UCLH STeLi 30 million across London since 2008 CMOs Report 2008 Safe medical practice, machines and manequins Theatre Ward GP surgery MAS Why use Simulation?

361 views • 11 slides
IMCA Ivan van Winsen Engineering with the Human Factor in the Loop September-2018 HMC Offshore

IMCA Ivan van Winsen Engineering with the Human Factor in the Loop September-2018 HMC Offshore

Heerema Simulation Center IMCA Ivan van Winsen Engineering with the Human Factor in the Loop September-2018 HMC Offshore Construction Contractor OIL & GAS REMOVAL RENEWABLES Fixed platforms Transformer platforms Removal

367 views • 12 slides
UNIT IT 3: Overheads Distribution BY: JYOTSNA KHAITAN Direct and indirect expenses: 1.Direct

UNIT IT 3: Overheads Distribution BY: JYOTSNA KHAITAN Direct and indirect expenses: 1.Direct

UNIT IT 3: Overheads Distribution BY: JYOTSNA KHAITAN Direct and indirect expenses: 1.Direct expenses are expenses that can be directly identified with a specific cost unit or cost center. There are few examples of direct expenses but royalties

385 views • 11 slides
Dynamics www.njctl.org Slide 3 / 139 Table of Contents Click on the topic to go to that section

Dynamics www.njctl.org Slide 3 / 139 Table of Contents Click on the topic to go to that section

Slide 1 / 139 Slide 2 / 139 Dynamics www.njctl.org Slide 3 / 139 Table of Contents Click on the topic to go to that section Introduction Sliding Blocks Fixed Axis Pulley Suspended Pulleys Plumb bob in car The Banked Curve

807 views • 47 slides

More recommend