Symbolic predictive analysis for concurrent programs

Predictive analysis aims at detecting concurrency errors during runtime by monitoring a concrete execution trace of a concurrent program. In recent years, various models based on the happens-before causality relations have been proposed for predictive analysis. However, these models often rely on only the observed runtime events and typically do not utilize the program source code. Furthermore, the enumerative algorithms they use for verifying safety properties in the predicted traces often suffer from the interleaving explosion problem. In this paper, we introduce a precise predictive model based on both the program source code and the observed execution events, and propose a symbolic algorithm to check whether a safety property holds in all feasible permutations of events of the given trace. Rather than explicitly enumerating and checking the interleavings, our method conducts the search using a novel encoding and symbolic reasoning with a satisfiability modulo theory solver. We also propose a technique to bound the number of context switches allowed in the interleavings during the symbolic search, to further improve the scalability of the algorithm.

[1]  Bruno Dutertre,et al.  A Fast Linear-Arithmetic Solver for DPLL(T) , 2006, CAV.

[2]  Stephen N. Freund,et al.  Atomizer: A dynamic atomicity checker for multithreaded programs , 2008, Sci. Comput. Program..

[3]  Chao Wang,et al.  Trace-Based Symbolic Analysis for Atomicity Violations , 2010, TACAS.

[4]  Colin J. Fidge,et al.  Logical time in distributed computing systems , 1991, Computer.

[5]  Shuvendu K. Lahiri,et al.  Back to the future: revisiting precise program verification using SMT solvers , 2008, POPL '08.

[6]  Chao Wang,et al.  Universal Causality Graphs: A Precise Happens-Before Model for Detecting Bugs in Concurrent Programs , 2010, CAV.

[7]  Yuanyuan Zhou,et al.  AVIO: Detecting Atomicity Violations via Access-Interleaving Invariants , 2007, IEEE Micro.

[8]  Sebastian Burckhardt,et al.  CheckFence: checking consistency of concurrent data types on relaxed memory models , 2007, PLDI '07.

[9]  Orna Grumberg,et al.  Bounded Model Checking of Concurrent Programs , 2005, CAV.

[10]  Chao Wang,et al.  Symbolic Predictive Analysis for Concurrent Programs , 2009, FM.

[11]  Yu Yang,et al.  Automatic Discovery of Transition Symmetry in Multithreaded Programs Using Dynamic Analysis , 2009, SPIN.

[12]  LamportLeslie Time, clocks, and the ordering of events in a distributed system , 1978 .

[13]  Swarat Chaudhuri,et al.  Symbolic pruning of concurrent program executions , 2009, ESEC/FSE '09.

[14]  Chao Wang,et al.  Coverage guided systematic concurrency testing , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[15]  Michael Burrows,et al.  Eraser: a dynamic data race detector for multithreaded programs , 1997, TOCS.

[16]  Yu Yang,et al.  Dynamic Model Checking with Property Driven Pruning to Detect Race Conditions , 2008, ATVA.

[17]  David A. Padua,et al.  Basic compiler algorithms for parallel programs , 1999, PPoPP '99.

[18]  Vineet Kahlon,et al.  Reasoning About Threads Communicating via Locks , 2005, CAV.

[19]  Shuvendu K. Lahiri,et al.  Static and Precise Detection of Concurrency Errors in Systems Code Using SMT Solvers , 2009, CAV.

[20]  Francesco Sorrentino,et al.  Meta-analysis for Atomicity Violations under Nested Locking , 2009, CAV.

[21]  Eitan Farchi,et al.  Concurrent bug patterns and how to test them , 2003, Proceedings International Parallel and Distributed Processing Symposium.

[22]  Thomas W. Reps,et al.  Reducing Concurrent Analysis Under a Context Bound to Sequential Analysis , 2008, CAV.

[23]  Azadeh Farzan,et al.  The Complexity of Predicting Atomicity Violations , 2009, TACAS.

[24]  James C. Corbett,et al.  Constructing compact models of concurrent Java programs , 1998, ISSTA '98.

[25]  Cormac Flanagan,et al.  A type and effect system for atomicity , 2003, PLDI.

[26]  Armin Biere,et al.  Symbolic Model Checking without BDDs , 1999, TACAS.

[27]  Madan Musuvathi,et al.  CHESS: Systematic Stress Testing of Concurrent Software , 2006, LOPSTR.

[28]  G. Gopalakrishnan,et al.  Inspect : A Runtime Model Checker for Multithreaded C Programs , 2008 .

[29]  Chao Wang,et al.  Model checking C programs using F-Soft , 2005, 2005 International Conference on Computer Design.

[30]  Stephen N. Freund,et al.  SingleTrack: A Dynamic Determinism Checker for Multithreaded Programs , 2009, ESOP.

[31]  Chao Wang,et al.  Peephole Partial Order Reduction , 2008, TACAS.

[32]  Chao Wang,et al.  Predicate learning and selective theory deduction for a difference logic solver , 2006, 2006 43rd ACM/IEEE Design Automation Conference.

[33]  Zijiang Yang,et al.  F-Soft: Software Verification Platform , 2005, CAV.

[34]  Min Xu,et al.  A serializability violation detector for shared-memory server programs , 2005, PLDI '05.

[35]  Robert J. Simmons,et al.  Proofs from Tests , 2008, IEEE Transactions on Software Engineering.

[36]  Lori A. Clarke,et al.  Data flow analysis for verifying properties of concurrent programs , 1994, SIGSOFT '94.

[37]  Azadeh Farzan,et al.  Causal Atomicity , 2006, CAV.

[38]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[39]  Koushik Sen,et al.  Detecting Errors in Multithreaded Programs by Generalized Predictive Analysis of Executions , 2005, FMOODS.

[40]  Klaus Havelund,et al.  Model checking JAVA programs using JAVA PathFinder , 2000, International Journal on Software Tools for Technology Transfer.

[41]  Patrice Godefroid,et al.  Dynamic partial-order reduction for model checking software , 2005, POPL '05.

[42]  Grigore Rosu,et al.  Parametric and Sliced Causality , 2007, CAV.

[43]  Patrice Godefroid,et al.  Software Model Checking: The VeriSoft Approach , 2005, Formal Methods Syst. Des..

[44]  Azadeh Farzan,et al.  Monitoring Atomicity in Concurrent Programs , 2008, CAV.

[45]  Thomas R. Gross,et al.  Static Detection of Atomicity Violations in Object-Oriented Programs , 2004, J. Object Technol..

[46]  Stephen N. Freund,et al.  Velodrome: a sound and complete dynamic atomicity checker for multithreaded programs , 2008, PLDI '08.

[47]  Friedemann Mattern,et al.  Efficient Algorithms for Distributed Snapshots and Global Virtual Time Approximation , 1993, J. Parallel Distributed Comput..

[48]  Jakob Rehof,et al.  Context-Bounded Model Checking of Concurrent Software , 2005, TACAS.

[49]  Daniel Kroening,et al.  A Tool for Checking ANSI-C Programs , 2004, TACAS.

[50]  Grigore Rosu,et al.  Maximal Causal Models for Multithreaded Systems , 2008 .

[51]  Chao Wang,et al.  Monotonic Partial Order Reduction: An Optimal Symbolic Partial Order Reduction Technique , 2009, CAV.

[52]  Chao Wang,et al.  Deciding Separation Logic Formulae by SAT and Incremental Negative Cycle Elimination , 2005, LPAR.

[53]  Ilkka Niemelä,et al.  BMC via on-the-fly determinization , 2004, International Journal on Software Tools for Technology Transfer.

[54]  Chao Wang,et al.  Generating Data Race Witnesses by an SMT-Based Analysis , 2011, NASA Formal Methods.

[55]  George C. Necula,et al.  CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs , 2002, CC.

[56]  Scott D. Stoller,et al.  Runtime analysis of atomicity for multithreaded programs , 2006, IEEE Transactions on Software Engineering.