Staged concurrent program analysis

@inproceedings{Sinha2010StagedCP,
  title={Staged concurrent program analysis},
  author={Nishant Sinha and Chao Wang},
  booktitle={FSE '10},
  year={2010}
}
Concurrent program verification is challenging because it involves exploring a large number of possible thread interleavings together with complex sequential reasoning. As a result, concurrent program verifiers resort to bi-modal reasoning, which alternates between reasoning over intra-thread (sequential) semantics and inter-thread (concurrent) semantics. Such reasoning often involves repeated intra-thread reasoning for exploring each interleaving (inter-thread reasoning) and leads to… 

Figures from this paper

Bounded Model Checking of Multi-threaded C Programs via Lazy Sequentialization
TLDR
This approach first translates a multi-threaded C program into a nondeterministic sequential C program that preserves reachability for all round-robin schedules with a given bound on the number of rounds, and re-uses existing high-performance BMC tools as backends for the sequential verification problem.
Bounded Verification of Multi-threaded Programs via Lazy Sequentialization
TLDR
A new approach to BMC of sequentially consistent imperative programs that use POSIX threads is described, which translates the multi-threaded program into a nondeterministic sequential program that preserves reachability for all round-robin schedules with a given bound on the number of rounds.
Computing Approximate Happens-Before Order with Static and Dynamic Analysis
TLDR
The may-happen-before analysis combines static data flow analysis and usage of information available from the dynamic program state, and results of experiments with several Java programs are provided showing that usage of the may-H Happen- before analysis together with the field access analysis improves the scalability of JPF.
Flow-sensitive composition of thread-modular abstract interpretation
TLDR
This work proposes a constraint-based flow-sensitive static analysis for concurrent programs by iteratively composing thread-modular abstract interpreters via the use of a system of lightweight constraints, which has the advantage of being more accurate than existing, flow-insensitive, static analyzers while remaining scalable and providing the expected soundness and termination guarantees even for programs with unbounded data.
Approximating happens-before order: interplay between static analysis and state space traversal
TLDR
This work focuses on the approach to partial order reduction used in tools such as Java Pathfinder (JPF), which construct the program state space on-the-fly, and therefore can use only information available in the current program state and execution history to identify statements that may be globally-relevant.
A Thread Modularity Approach for Verification Concurrent Software Based on Abstract Interpretation
TLDR
A constraint-based flow-sensitive static analysis for concurrent avionics software by iteratively composing thread-modular abstract interpreters is proposed, which has the advantage of being more accurate than existing, flow-insensitive, static avionics analyzers while remaining scalable and providing the expected soundness and termination guarantees.
Canary: practical static detection of inter-thread value-flow bugs
TLDR
This work is the first to convert the concurrency bug detection to a source-sink reachability problem, effectively reducing redundant thread interleavings, and presents a value flow analysis framework for concurrent programs called Canary that is practical to statically find diversified inter-thread value-flow bugs.
Lazy-CSeq: A Context-Bounded Model Checking Tool for Multi-threaded C-Programs
TLDR
Lazy-CSeq translates a multi-threaded C program into a bounded nondeterministic sequential C program that preserves bounded reachability for all round-robin schedules up to a given number of rounds, and reuses existing high-performance bounded model checkers as sequential verification backends.
Assertion guided symbolic execution of multithreaded programs
TLDR
A new assertion guided pruning framework is proposed that identifies executions guaranteed not to lead to an error and removes them during symbolic execution and can reduce the overall computational cost significantly.
Verifying a quantitative relaxation of linearizability via refinement
TLDR
This paper proposes the first automated method for formally verifying quasi linearizability of the implementation model of a concurrent data structure with respect to its sequential specification, and can directly handle concurrent systems where each thread or process makes infinitely many method calls.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 48 REFERENCES
Thread-Modular Shape Analysis
TLDR
It is shown that the precision of thread-modular analysis is improved by tracking some correlations between the local variables of different threads, and techniques for reducing the analysis time for common situations are described.
Thread-Modular Model Checking
We present thread-modular model checking, a novel technique for verifying correctness properties of loosely-coupled multithreaded software systems. Thread-modular model checking verifies each thread
Static and Precise Detection of Concurrency Errors in Systems Code Using SMT Solvers
TLDR
This work adapts the encoding to work for systems programs written in C with the heap and accompanying low-level operations such as pointer arithmetic and casts and uses a verification condition generator and SMT solvers, instead of a boolean model checker, to avoid manual extraction of boolean programs and false alarms introduced by the abstraction.
Context-Bounded Model Checking of Concurrent Software
TLDR
This paper proves that the problem of verifying a concurrent boolean program is decidable, even in the presence of unbounded parallelism, if the analysis is restricted to executions in which the number of context switches is bounded by an arbitrary constant.
Iterative context bounding for systematic testing of multithreaded programs
TLDR
This paper proposes iterative context-bounding, a new search algorithm that systematically explores the executions of a multithreaded program in an order that prioritizes executions with fewer context switches, and shows both theoretically and empirically that context-bounded search is an effective method for exploring the behaviors of multith readed programs.
CheckFence: checking consistency of concurrent data types on relaxed memory models
TLDR
The CheckFence prototype automatically translates the C implementation code and the test program into a SAT formula, hands the latter to a standard SAT solver, and constructs counter example traces if there exist incorrect executions.
Race checking by context inference
TLDR
This work uses richer context models to infer suitable context models automatically by a combination of counterexample-guided abstraction refinement, bisimulation minimization, circular assume-guarantee reasoning, and parametric reasoning about an unbounded number of threads.
Bounded Model Checking of Concurrent Programs
TLDR
This work proposes a SAT-based bounded verification technique, called TCBMC, for threaded C programs, based on CBMC, and obtains an efficient modeling that can be sent to a SAT solver for property checking.
Efficient Modeling of Concurrent Systems in BMC
We present an efficient method for modeling multi-threaded concurrent systems with shared variables and locks in Bounded Model Checking (BMC), and use it to improve the detection of safety properties
Symbolic pruning of concurrent program executions
TLDR
A new algorithm for verifying concurrent programs, which uses concrete executions to partition the program into a set of lean partitions called concurrent trace programs (CTPs), and symbolically verifies each CTP using a satisfiability solver, facilitates more powerful pruning of the search space during the enumerative exploration.
...
1
2
3
4
5
...