Relational Thread-Modular Static Value Analysis by Abstract Interpretation

We study thread-modular static analysis by abstract interpretation to infer the values of variables in concurrent programs. We show how to go beyond the state of the art and increase an analysis precision by adding the ability to infer some relational and history-sensitive properties of thread interferences. The fundamental basis of this work is the formalization by abstract interpretation of a rely-guarantee concrete semantics which is thread-modular, constructive, and complete for safety properties. We then show that previous analyses based on non-relational interferences can be retrieved as coarse computable abstractions of this semantics; additionally, we present novel abstraction examples exploiting our ability to reason more precisely about interferences, including domains to infer relational lock invariants and the monotonicity of counters. Our method and domains have been implemented in the AstreeA static analyzer that checks for run-time errors in embedded concurrent C programs, where they enabled a significant reduction of the number of false alarms.

[1]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[2]  Martin C. Rinard,et al.  Analysis of Multithreaded Programs , 2001, SAS.

[3]  Antoine Miné,et al.  The octagon abstract domain , 2001, High. Order Symb. Comput..

[4]  Gilberto Filé,et al.  Static Analysis, 14th International Symposium, SAS 2007, Kongens Lyngby, Denmark, August 22-24, 2007, Proceedings , 2007, SAS.

[5]  Bertrand Jeannet Relational interprocedural verication of concurrent programs , 2009 .

[6]  Patrick Cousot,et al.  Invariance proof methods and analysis techniques for parallel programs , 1984 .

[7]  Susan Owicki,et al.  An axiomatic proof technique for parallel programs I , 1976, Acta Informatica.

[8]  C.B. Watkins,et al.  Transitioning from federated avionics architectures to Integrated Modular Avionics , 2007, 2007 IEEE/AIAA 26th Digital Avionics Systems Conference.

[9]  Patrick Cousot,et al.  A static analyzer for large safety-critical software , 2003, PLDI '03.

[10]  Charles Hymans,et al.  From Single-thread to Multithreaded: An Efficient Static Analysis Algorithm , 2009, ArXiv.

[11]  Patrick Cousot,et al.  Static determination of dynamic properties of programs , 1976 .

[12]  Bertrand Jeannet Relational Interprocedural Verification of Concurrent Programs , 2009, SEFM.

[13]  Cormac Flanagan,et al.  Thread-Modular Model Checking , 2003, SPIN.

[14]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[15]  Antoine Miné,et al.  Static analysis by abstract interpretation of concurrent programs. (Analyse statique par interprétation abstraite de programmes concurrents) , 2013 .

[16]  Andreas Podelski,et al.  Thread-Modular Verification Is Cartesian Abstract Interpretation , 2006, ICTAC.

[17]  Antoine Mid The Octagon Abstract Domain , 2001 .

[18]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[19]  Antoine Miné,et al.  Static Analysis of Run-Time Errors in Embedded Real-Time Parallel C Programs , 2012, Log. Methods Comput. Sci..

[20]  Kamel Barkaoui,et al.  Theoretical Aspects of Computing - ICTAC 2006, Third International Colloquium, Tunis, Tunisia, November 20-24, 2006, Proceedings , 2006, ICTAC.

[21]  Cliff B. Jones,et al.  Developing methods for computer programs including a notion of interference , 1981 .

[22]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[23]  Richard Bornat,et al.  Towards Automatic Stability Analysis for Rely-Guarantee Proofs , 2008, VMCAI.

[24]  Patrick Cousot,et al.  Constructive design of a hierarchy of semantics of a transition system by abstract interpretation , 2002, MFPS.

[25]  Sanjit A. Seshia,et al.  Modular verification of multithreaded programs , 2005, Theor. Comput. Sci..

[26]  Antoine Miné Static Analysis by Abstract Interpretation of Sequential and Multi-Thread Programs , 2012 .

[27]  Jean Souyris,et al.  Astrée: From Research to Industry , 2007, SAS.

[28]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[29]  Xavier Rival,et al.  Trace Partitioning in Abstract Interpretation Based Static Analyzers , 2005, ESOP.

[30]  Sebastian Burckhardt,et al.  On the verification problem for weak memory models , 2010, POPL '10.