Abstract
Verifying concurrent programs is challenging due to the exponentially large thread interleaving space. The problem is exacerbated by relaxed memory models such as Total Store Order (TSO) and Partial Store Order (PSO) which further explode the interleaving space by reordering instructions. A recent advance, Maximal Causality Reduction (MCR), has shown great promise to improve verification effectiveness by maximally reducing redundant explorations. However, the original MCR only works for the Sequential Consistency (SC) memory model, but not for TSO and PSO. In this paper, we develop novel extensions to MCR by solving two key problems under TSO and PSO: 1) generating interleavings that can reach new states by encoding the operational semantics of TSO and PSO with first-order logical constraints and solving them with SMT solvers, and 2) enforcing TSO and PSO interleavings by developing novel replay algorithms that allow executions out of the program order. We show that our approach successfully enables MCR to effectively explore TSO and PSO interleavings. We have compared our approach with a recent Dynamic Partial Order Reduction (DPOR) algorithm for TSO and PSO and a SAT-based stateless model checking approach. Our results show that our approach is much more effective than the other approaches for both state-space exploration and bug finding – on average it explores 5-10X fewer executions and finds many bugs that the other tools cannot find.
- ASM bytecode analysis framework. http://asm.ow2.org/.Google Scholar
- A real-world bug caused by relaxed consistency. http: //stackoverflow.com/questions/16159203/.Google Scholar
- P. Abdulla, S. Aronis, B. Jonsson, and K. Sagonas. Optimal dynamic partial order reduction. In Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2014. Google Scholar
Digital Library
- P. A. Abdulla, S. Aronis, M. F. Atig, B. Jonsson, C. Leonardsson, and K. F. Sagonas. Stateless model checking for TSO and PSO. CoRR, 2015.Google Scholar
Digital Library
- S. V. Adve and K. Gharachorloo. Shared memory consistency models: A tutorial. computer, 29(12):66–76, 1996. Google Scholar
Digital Library
- M. F. Atig, A. Bouajjani, S. Burckhardt, and M. Musuvathi. On the verification problem for weak memory models. In Proceedings of the 37th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2010. Google Scholar
Digital Library
- M. F. Atig, A. Bouajjani, S. Burckhardt, and M. Musuvathi. What’s decidable about weak memory models? In Programming Languages and Systems, pages 26–46. Springer, 2012. Google Scholar
Digital Library
- S. Burckhardt, R. Alur, and M. M. K. Martin. Checkfence: Checking consistency of concurrent data types on relaxed memory models. In Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2007. Google Scholar
Digital Library
- S. Burckhardt, P. Kothari, M. Musuvathi, and S. Nagarakatte. A randomized scheduler with probabilistic guarantees of finding bugs. In Proceedings of the Fifteenth Edition of ASPLOS on Architectural Support for Programming Languages and Operating Systems, 2010. Google Scholar
Digital Library
- S. Burckhardt and M. Musuvathi. Effective program verification for relaxed memory models. In Computer Aided Verification, pages 107–120. Springer, 2008. Google Scholar
Digital Library
- J. Burnim, K. Sen, and C. Stergiou. Testing concurrent programs on relaxed memory models. In Proceedings of the 2011 International Symposium on Software Testing and Analysis, pages 122–132. ACM, 2011. Google Scholar
Digital Library
- E. M. Clarke, O. Grumberg, and D. Peled. Model checking. MIT press, 1999. Google Scholar
Digital Library
- K. E. Coons, M. Musuvathi, and K. S. Mckinley. Bounded partial-order reduction. In In Proceedings of the 2013 Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, pages 833–848, 2013. Google Scholar
Digital Library
- L. De Moura and N. Bjørner. Z3: An efficient SMT solver. In Tools and Algorithms for the Construction and Analysis of Systems, pages 337–340. Springer, 2008. Google Scholar
Digital Library
- B. Demsky and P. Lam. SATCheck: SAT-directed stateless model checking for SC and TSO. In Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications. ACM, 2015. Google Scholar
Digital Library
- C. Flanagan and P. Godefroid. Dynamic partial-order reduction for model checking software. In Proceedings of the 32Nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2005. Google Scholar
Digital Library
- P. Godefroid. Model checking for programming languages using verisoft. In Proceedings of the 24th ACM SIGPLANSIGACT symposium on Principles of programming languages. ACM, 1997. Google Scholar
Digital Library
- P. Godefroid. Software model checking: The VeriSoft approach. Formal Methods in System Design, 2005. Google Scholar
Digital Library
- P. Godefroid, J. van Leeuwen, J. Hartmanis, G. Goos, and P. Wolper. Partial-order methods for the verification of concurrent systems: an approach to the state-explosion problem, volume 1032. Springer Heidelberg, 1996. Google Scholar
Digital Library
- G. J. Holzmann. The SPIN model checker: Primer and reference manual, volume 1003. Addison-Wesley Reading, 2004. Google Scholar
Digital Library
- J. Huang. Stateless model checking concurrent programs with maximal causality reduction. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2015. Google Scholar
Digital Library
- J. Huang, P. O. Meredith, and G. Rosu. Maximal sound predictive race detection with control flow abstraction. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2014. Google Scholar
Digital Library
- S. International. The SPARC Architecture Manual: Version 8. 1992.Google Scholar
- L. Lamport. How to make a multiprocessor computer that correctly executes multiprocess programs. Computers, IEEE Transactions on, 100(9):690–691, 1979. Google Scholar
Digital Library
- A. Linden and P. Wolper. An automata-based symbolic approach for verifying programs on relaxed memory models. In Proceedings of the 17th International SPIN Conference on Model Checking Software, SPIN’10, 2010. Google Scholar
Digital Library
- A. Linden and P. Wolper. A verification-based approach to memory fence insertion in relaxed memory systems. In Proceedings of the 18th International SPIN Conference on Model Checking Software, 2011. Google Scholar
Digital Library
- S. Lu, W. Jiang, and Y. Zhou. A study of interleaving coverage criteria. In Joint European Software Engineering Conference and ACM SIGSOFT Symposium on Foundations of Software Engineering, pages 533–536, 2007. Google Scholar
Digital Library
- J. Manson, W. Pugh, and S. V. Adve. The java memory model. In Proceedings of the 32Nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, 2005. Google Scholar
Digital Library
- A. Mazurkiewicz. Trace theory. In Petri nets: applications and relationships to other models of concurrency, pages 278–324. Springer, 1986. Google Scholar
Digital Library
- T. Mitra, A. Roychoudhury, and Q. Shen. Impact of Java Memory Model on Out-of-Order Multiprocessors. In Proceedings of the 13th International Conference on Parallel Architectures and Compilation Techniques, PACT, 2004. Google Scholar
Digital Library
- M. Musuvathi and S. Qadeer. Partial-order reduction for context-bounded state exploration. Technical report, MSRTR-2007-12, Microsoft Research, 2007.Google Scholar
- M. Musuvathi, S. Qadeer, T. Ball, G. Basler, P. A. Nainar, and I. Neamtiu. Finding and reproducing heisenbugs in concurrent programs. In OSDI, volume 8, pages 267–280, 2008. Google Scholar
Digital Library
- S. Owens, S. Sarkar, P. Sewell, and A. Better. x86 Memory Model: x86-TSO. In Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics, 2009. Google Scholar
Digital Library
- A. Roychoudhury. Formal reasoning about hardware and software memory models. In Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering, ICFEM, 2002. Google Scholar
Digital Library
- T. F. ¸Serbănu¸tă, F. Chen, and G. Ro¸su. Maximal causal models for sequentially consistent systems. In Runtime Verification, pages 136–150. Springer, 2013.Google Scholar
- E. Torlak, M. Vaziri, and J. Dolby. MemSAT: Checking Axiomatic Specifications of Memory Models. In Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation, 2010. Google Scholar
Digital Library
- Y. Yang, X. Chen, G. Gopalakrishnan, and R. M. Kirby. Efficient stateful dynamic partial order reduction. In Proceedings of the 15th International Workshop on Model Checking Software, SPIN, 2008. Google Scholar
Digital Library
- N. Zhang, M. Kusano, and C. Wang. Dynamic partial order reduction for relaxed memory models. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2015. Google Scholar
Digital Library
Index Terms
Maximal causality reduction for TSO and PSO
Recommendations
Stateless model checking concurrent programs with maximal causality reduction
PLDI '15: Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and ImplementationWe present maximal causality reduction (MCR), a new technique for stateless model checking. MCR systematically explores the state-space of concurrent programs with a provably minimal number of executions. Each execution corresponds to a distinct ...
Stateless model checking concurrent programs with maximal causality reduction
PLDI '15We present maximal causality reduction (MCR), a new technique for stateless model checking. MCR systematically explores the state-space of concurrent programs with a provably minimal number of executions. Each execution corresponds to a distinct ...
Maximal causality reduction for TSO and PSO
OOPSLA 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and ApplicationsVerifying concurrent programs is challenging due to the exponentially large thread interleaving space. The problem is exacerbated by relaxed memory models such as Total Store Order (TSO) and Partial Store Order (PSO) which further explode the ...







Comments