Abstract
We present a method and a tool for generating succinct representations of sets of concurrent traces. We focus on trace sets that contain all correct or all incorrect permutations of events from a given trace. We represent trace sets as HB-Formulas that are Boolean combinations of happens-before constraints between events. To generate a representation of incorrect interleavings, our method iteratively explores interleavings that violate the specification and gathers generalizations of the discovered interleavings into an HB-Formula; its complement yields a representation of correct interleavings.
We claim that our trace set representations can drive diverse verification, fault localization, repair, and synthesis techniques for concurrent programs. We demonstrate this by using our tool in three case studies involving synchronization synthesis, bug summarization, and abstraction refinement based verification. In each case study, our initial experimental results have been promising.
In the first case study, we present an algorithm for inferring missing synchronization from an HB-Formula representing correct interleavings of a given trace. The algorithm applies rules to rewrite specific patterns in the HB-Formula into locks, barriers, and wait-notify constructs. In the second case study, we use an HB-Formula representing incorrect interleavings for bug summarization. While the HB-Formula itself is a concise counterexample summary, we present additional inference rules to help identify specific concurrency bugs such as data races, define-use order violations, and two-stage access bugs. In the final case study, we present a novel predicate learning procedure that uses HB-Formulas representing abstract counterexamples to accelerate counterexample-guided abstraction refinement (CEGAR). In each iteration of the CEGAR loop, the procedure refines the abstraction to eliminate multiple spurious abstract counterexamples drawn from the HB-Formula.
Supplemental Material
- A. Albarghouthi and K. McMillan. Beautiful interpolants. In CAV, pages 313--329, 2013. Google Scholar
Digital Library
- S. Basu, D. Saha, Y. Lin, and S. Smolka. Generation of all counter-examples for push-down systems. In FORTE, pages 79--94. 2003.Google Scholar
- D. Beyer. Status report on software verification. In TACAS, pages 373--388. 2014. http://sv-comp.sosy-lab.org/.Google Scholar
Cross Ref
- D. Beyer, T. Henzinger, R. Majumdar, and A. Rybalchenko. Path invariants. In PLDI, pages 300--309, 2007. Google Scholar
Digital Library
- D. Beyer and E. Keremoglu. CPACHECKER: A tool for configurable software verification. In CAV, pages 184--190, 2011. http://cpachecker.sosy-lab.org/. Google Scholar
Digital Library
- P. Bjesse and J. Kukula. Using counter example guided abstraction refinement to find complex bugs. In DATE, pages 156--161, 2004. Google Scholar
Digital Library
- N. Bjørner, K. McMillan, and A. Rybalchenko. On solving universally quantified horn clauses. In SAS, pages 105--125, 2013.Google Scholar
Cross Ref
- P. Černy, T. Henzinger, A. Radhakrishna, L. Ryzhyk, and T. Tarrach. Efficient synthesis for concurrency by semantics-preserving transformations. In CAV, pages 951--967, 2013. Google Scholar
Digital Library
- P. Černy, T. Henzinger, A. Radhakrishna, L. Ryzhyk, and T. Tarrach. Regression-free synthesis for concurrency. In CAV, pages 568--584. 2014. https://github.com/thorstent/ConRepair. Google Scholar
Digital Library
- S. Cherem, T. Chilimbi, and S. Gulwani. Inferring locks for atomic sections. In PLDI, pages 304--315, 2008. Google Scholar
Digital Library
- E. Clarke, D. Kroening, and F. Lerda. A tool for checking ANSI-C programs. In TACAS, pages 168--176, 2004. http://www.cprover.org/cbmc/.Google Scholar
Cross Ref
- E. Clarke, D. Kroening, N. Sharygina, and K. Yorav. SATABS: SAT-based predicate abstraction for ANSI-C. In TACAS, pages 570--574, 2005. Google Scholar
Digital Library
- E. M. Clarke and E. A. Emerson. Design and synthesis of synchronization skeletons using branching time temporal logic. Springer, 1982.Google Scholar
Cross Ref
- E. M. Clarke, O. Grumberg, S. Jha, Y. Lu, and H. Veith. Counterexample-guided abstraction refinement. In CAV, pages 154--169, 2000. Google Scholar
Digital Library
- L. De Moura and N. Bjørner. Z3: An efficient smt solver. In CACAS, pages 337--340. 2008. http://z3.codeplex.com/. Google Scholar
Digital Library
- A. Donaldson, A. Kaiser, D. Kroening, and T. Wahl. Symmetry-aware predicate abstraction for shared-variable concurrent programs. In CAV, pages 356--371, 2011. Google Scholar
Digital Library
- D. Engler and K. Ashcraft. Racerx: effective, static detection of race conditions and deadlocks. In SOSP, pages 237--252, 2003. Google Scholar
Digital Library
- E. Farchi, Y. Nir, and S. Ur. Concurrent bug patterns and how to test them. In PDPS, page 7 pp., 2003. Google Scholar
Digital Library
- A. Farzan, A. Holzer, N. Razavi, and H. Veith. Con2colic testing. In FSE, pages 37--47, 2013. Google Scholar
Digital Library
- A. Farzan, Z. Kincaid, and A. Podelski. Inductive data flow graphs. In POPL, pages 129--142. 2013. Google Scholar
Digital Library
- M. Glusman, G. Kamhi, S. Mador-Haim, R. Fraer, and M. Vardi. Multiple-counterexample guided iterative abstraction refinement: An industrial evaluation. In TACAS, pages 176--191. 2003. Google Scholar
Digital Library
- A. Gupta, C. Popeea, and A. Rybalchenko. Solving recursion-free horn clauses over li+uif. In APLAS, pages 188--203, 2011. Google Scholar
Digital Library
- T. A. Henzinger, R. Jhala, R. Majumdar, and K. L. McMillan. Abstractions from proofs. In POPL, pages 232--244, 2004. Google Scholar
Digital Library
- J. Huang, P. Meredith, and G. Roşu. Maximal sound predictive race detection with control flow abstraction. In PLDI, pages 337--348, 2014. Google Scholar
Digital Library
- N. Jalbert and K. Sen. A trace simplification technique for effective debugging of concurrent programs. In FSE, pages 57--66, 2010. Google Scholar
Digital Library
- G. Jin, W. Zhang, D. Deng, B. Liblit, and S. Lu. Automated Concurrency-Bug Fixing. In OSDI, pages 221--236. 2012. Google Scholar
Digital Library
- V. Kahlon and C. Wang. Universal causality graphs: a precise happens- before model for detecting bugs in concurrent programs. In CAV, pages 434--449, 2010. Google Scholar
Digital Library
- S. Kashyap and V. Garg. Producing short counterexamples using "crucial events". In CAV, pages 491--503. 2008. Google Scholar
Digital Library
- S. Lu, S. Park, E. Seo, and Y. Zhou. Learning from mistakes: a comprehensive study on real world concurrency bug characteristics. In ASPLOS, pages 329--339, 2008. Google Scholar
Digital Library
- Z. Manna and P. Wolper. Synthesis of communicating processes from temporal logic specifications. In TOPLAS, pages 68--93, 1984. Google Scholar
Digital Library
- J. Morse, M. Ramalho, L. Cordeiro, D. Nicole, and B. Fischer. ES-BMC 1.22. In TACAS, pages 405--407. 2014. http://www.esbmc.org/.Google Scholar
- M. Said, C. Wang, Z. Yang, and K. Sakallah. Generating data race witnesses by an smt-based analysis. In NASA Formal Methods, pages 313--327. 2011. Google Scholar
Digital Library
- T. Sakunkonchak, S. Komatsu, and M. Fujita. Using counterexample analysis to minimize the number of predicates for predicate abstraction. In ATVA, pages 553--563. 2007. Google Scholar
Digital Library
- S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic data race detector for multithreaded programs. ACM Trans. on Computer Systems (TOCS), pages 391--411, 1997. Google Scholar
Digital Library
- K. Sen, G. Roşu, and G. Agha. Detecting errors in multithreaded programs by generalized predictive analysis of executions. In FMOODS, pages 211--226, 2005. Google Scholar
Digital Library
- R. Sharma, A. V. Nori, and A. Aiken. Interpolants as classifiers. In CAV, pages 71--87, 2012. Google Scholar
Digital Library
- N. Sinha and C. Wang. On Interference Abstractions. In POPL, pages 423--434, 2011. Google Scholar
Digital Library
- Y. Smaragdakis, J. Evans, C. Sadowski, J. Yi, and C. Flanagan. Sound predictive race detection in polynomial time. ACM SIGPLAN Notices, pages 387--400, 2012. Google Scholar
Digital Library
- M. Vechev, E. Yahav, and G. Yorsh. Abstraction-guided synthesis of synchronization. In POPL, pages 327--338, 2010. Google Scholar
Digital Library
- M. T. Vechev, E. Yahav, and G. Yorsh. Inferring synchronization under limited observability. In TACAS, pages 139--154, 2009. Google Scholar
Digital Library
- C. Wang, S. Kundu, M. Ganai, and A. Gupta. Symbolic predictive analysis for concurrent programs. In FM, pages 256--272. 2009. Google Scholar
Digital Library
- C. Wang, B. Li, H. Jin, G. Hachtel, and F. Somenzi. Improving ariadne's bundle by following multiple threads in abstraction refinement. IEEE TCAD, pages 2297--2316, 2006. Google Scholar
Digital Library
- C. Wang, R. Limaye, M. Ganai, and A. Gupta. Trace-based symbolic analysis for atomicity violations. In TACAS, pages 328--342. 2010. Google Scholar
Digital Library
Index Terms
Succinct Representation of Concurrent Trace Sets







Comments