Lazy Sequentialization Unbounded Concurrent Programs

Slides:



Advertisements
Similar presentations
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Advertisements

Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer Stellenbosch University, South Africa Salvatore.
Jeremy Morse, Mikhail Ramalho, Lucas Cordeiro, Denis Nicole, Bernd Fischer ESBMC 1.22 (Competition Contribution)
A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Α ϒ ʎ …… Reachability Modulo Theories Akash Lal Shaz Qadeer, Shuvendu Lahiri Microsoft Research.
1 Regression-Verification Benny Godlin Ofer Strichman Technion.
1 1 Regression Verification for Multi-Threaded Programs Sagar Chaki, SEI-Pittsburgh Arie Gurfinkel, SEI-Pittsburgh Ofer Strichman, Technion-Haifa Originally.
1 Symbolic Execution for Model Checking and Testing Corina Păsăreanu (Kestrel) Joint work with Sarfraz Khurshid (MIT) and Willem Visser (RIACS)
1/20 Generalized Symbolic Execution for Model Checking and Testing Charngki PSWLAB Generalized Symbolic Execution for Model Checking and Testing.
1 Eran Yahav Technion Joint work with Martin Vechev (ETH), Greta Yorsh (ARM), Michael Kuperstein (Technion), Veselin Raychev (ETH)
© Anvesh Komuravelli Spacer Automatic Abstraction in SMT-Based Unbounded Software Model Checking Anvesh Komuravelli Carnegie Mellon University Joint work.
Reducing Context-bounded Concurrent Reachability to Sequential Reachability Gennaro Parlato University of Illinois at Urbana-Champaign Salvatore La Torre.
6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.
Verification for Concurrency Part 2: Incomplete techniques and bug finding.
The Tree-Width of auxiliary storage Gennaro Parlato (University of Southampton, UK) Joint work: P. Madhusudan – UIUC, USA.
The Spin Model Checker Promela Introduction Nguyen Tuan Duc Shogo Sawai.
1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.
The Language Theory of Bounded Context-Switching Gennaro Parlato (U. of Illinois, U.S.A.) Joint work with: Salvatore La Torre (U. of Salerno, Italy) P.
Termination Proofs for Systems Code Andrey Rybalchenko, EPFL/MPI joint work with Byron Cook, MSR and Andreas Podelski, MPI PLDI’2006, Ottawa.
On Sequentializing Concurrent Programs Ahmed Bouajjani LIAFA, University of Paris 7, France LIAFA, University of Paris 7, France Michael Emmi LIAFA, University.
Lazy-CSeq A Lazy Sequentialization Tool for C Omar Inverso University of Southampton, UK Ermenegildo Tomasco University of Southampton, UK Bernd Fischer.
1/25 Context-Bounded Analysis of Concurrent Queue Systems Gennaro Parlato University of Illinois at Urbana-Champaign Università degli Studi di Salerno.
Validating High-Level Synthesis Sudipta Kundu, Sorin Lerner, Rajesh Gupta Department of Computer Science and Engineering, University of California, San.
Predicate Abstraction for Software and Hardware Verification Himanshu Jain Model checking seminar April 22, 2005.
Counterexample Guided Invariant Discovery for Parameterized Cache Coherence Verification Sudhindra Pandav Konrad Slind Ganesh Gopalakrishnan.
Formal Verification of SpecC Programs using Predicate Abstraction Himanshu Jain Daniel Kroening Edmund Clarke Carnegie Mellon University.
Model Checking for Embedded Systems Edmund Clarke, CMU High-Confidence Embedded Systems Workshop, May 1 st.
Verifying Concurrent Programs by Memory Unwinding Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer.
272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 4: SMT-based Bounded Model Checking of Concurrent Software.
Thread-modular Abstraction Refinement Thomas A. Henzinger, et al. CAV 2003 Seonggun Kim KAIST CS750b.
Real Time Operating System
Scope-bounded Multistack Pushdown Systems: - fixed-point - sequentialization - tree-width 1 Salvatore La Torre Gennaro Parlato (U. Salerno, Italy) (U.
On Sequentializing Concurrent Programs Gennaro Parlato University of Southampton, UK UPMARC 7 th Summer School on Multicore Computing, June 8-10, 2015.
Joseph Cordina 1/11 The Use of Model-Checking for the Verification of Concurrent Algorithms Joseph Cordina Department of C.S.&A.I.
1 Chapter 10 Synchronization Algorithms and Concurrent Programming Gadi Taubenfeld © 2014 Synchronization Algorithms and Concurrent Programming Synchronization.
On Sequentializing Concurrent Programs (Bounded Model Checking) Gennaro Parlato University of Southampton, UK UPMARC 7 th Summer School on Multicore Computing,
Department of Computer Science and Software Engineering
CS527 Topics in Software Engineering (Software Testing and Analysis) Darko Marinov August 30, 2011.
Compositionality Entails Sequentializability Pranav Garg, P. Madhusudan University of Illinois at Urbana-Champaign.
Getting Rid of Store-Buffers in TSO Analysis Mohamed Faouzi Atig Uppsala University, Sweden Ahmed Bouajjani LIAFA, University of Paris 7, France LIAFA,
Bounded Model Checking of Multi-Threaded C Programs via Lazy Sequentialization Omar Inverso University of Southampton, UK Ermenegildo Tomasco University.
© 2006 Carnegie Mellon University Introduction to CBMC: Part 1 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Arie Gurfinkel,
Operational Semantics Mooly Sagiv Tel Aviv University Textbook: Semantics with Applications Chapter.
Quantified Data Automata on Skinny Trees: an Abstract Domain for Lists Pranav Garg 1, P. Madhusudan 1 and Gennaro Parlato 2 1 University of Illinois at.
Error Explanation with Distance Metrics Authors: Alex Groce, Sagar Chaki, Daniel Kroening, and Ofer Strichman International Journal on Software Tools for.
( = “unknown yet”) Our novel symbolic execution framework: - extends model checking to programs that have complex inputs with unbounded (very large) data.
/ PSWLAB Thread Modular Model Checking by Cormac Flanagan and Shaz Qadeer (published in Spin’03) Hong,Shin Thread Modular Model.
Operational Semantics Mooly Sagiv Tel Aviv University Sunday Scrieber 8 Monday Schrieber.
Operational Semantics Mooly Sagiv Reference: Semantics with Applications Chapter 2 H. Nielson and F. Nielson
© 2006 Carnegie Mellon University Introduction to CBMC: Part 1 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Arie Gurfinkel,
© Anvesh Komuravelli Spacer Model Checking with Proofs and Counterexamples Anvesh Komuravelli Carnegie Mellon University Joint work with Arie Gurfinkel,
Bernd Fischer RW714: SAT/SMT-Based Bounded Model Checking of Software.
On Sequentializing Concurrent Programs
Presentation Title 2/4/2018 Software Verification using Predicate Abstraction and Iterative Refinement: Part Bug Catching: Automated Program Verification.
Lazy Sequentialization via Shared Memory Abstractions
Verification for Concurrent Programs
SS 2017 Software Verification Bounded Model Checking, Outlook
Sequentializing Parameterized Programs
Chapter 4: Multithreaded Programming
Sequentialization by Read-implicit Coarse-grained Memory Unwindings
Ermenegildo Tomasco1, Truc L
VAC - Verifier of Administrative Role-based Access Control Policies
Over-Approximating Boolean Programs with Unbounded Thread Creation
Operating System Concepts
A Refinement Calculus for Promela
A Lazy Sequentialization Tool for Unbounded Context Switches
Ahmed Bouajjani Constantin Enea Michael Emmi Serdar Tasiran
Predicate Abstraction
Abstraction-Guided Synthesis of synchronization
Presentation transcript:

Lazy Sequentialization Unbounded Concurrent Programs for the Safety Verification of Unbounded Concurrent Programs Truc Lam Nguyen University of Southampton, UK Bernd Fischer Stellenbosch University, South Africa Salvatore La Torre Università di Salerno, Italy Gennaro Parlato

Concurrent Program - Reachability Problem concurrent C programs POSIX threads SC memory model reachability assertion failure out-of-bound array division-by-zero, … SHARED MEMORY … T1 T2 TN N THREADS goals: Proving correctness Finding bugs

Concurrent Program - Reachability Problem concurrent C programs POSIX threads SC memory model reachability assertion failure out-of-bound array division-by-zero, … SHARED MEMORY … T1 T2 TN N THREADS goals: Proving correctness Finding bugs Our contribution: an automatic verification approach based on sequentialization

What is Sequentialization? CONC PROGRAM SEQUENTIALIZATION (code-to-code translation) SEQ PROGRAM SEQ TOOL advantages reuse robust sequential analysis tools fast prototyping of concurrency handling delegating all sequential reasoning to an existing target analysis tool easier to implement than full-fledged tools

Sequentialization: literature CONC PROGRAM SEQUENTIALIZATION (code-to-code translation) SEQ PROGRAM SEQ TOOL papers proposal [ Qadeer, Wu - PLDI’04 ] eager, bounded context-switch, finite # threads [ Lal, Reps - CAV’08 ] lazy, finite # threads, parameterized [La Torre, Madhusudan, Parlato - CAV’09, CAV’10] thread creation [Bouajjani, Emmi, Parlato - SAS’11] [Emmi, Qadeer, Rakamaric - POPL’11] Lal/Reps for real-time systems [Chaki, Gurfinkel, Strichman - FMCAD’11] message-passing programs [Bouajjani, Emmi - TACAS’12] lazy sequentialization [Inverso, Tomasco, Fischer, La Torre, Parlato - CAV’14] memory unwinding [Tomasco, Inverso, Fischer, La Torre, Parlato - TACAS’15] weak memory models [Tomasco, Nguyen, Fischer, La Torre, Parlato - FMCAD’16]

Sequentialization: verification tools CONC PROGRAM SEQUENTIALIZATION (code-to-code translation) SEQ PROGRAM SEQ TOOL tools (Implementations of variants of Lal/Reps schema) Corral [ Lal, Qadeer, Lahiri – CAV’12 ] CSeq [ Fischer, Inverso, Parlato – ASE’13,15 ] Rek [ Chaki, Gurfinkel, Strichman – FMCAD’11 ] STORM [ Lahiri,Qadeer,Rakamaric – CAV’09 ] only suitable for finding bugs

Recall Lazy Sequentialization Outline Recall Lazy Sequentialization Unbounded Lazy Sequentialization Tool & Experiments Conclusion & Future Work

Lazy Sequentialization for bug finding CAV’14

Lazy Sequentialization CONC PROGRAM BOUNDED PROGRAM SEQUENTIALIZATION (code-to-code translation) BMC SEQUENTIAL TOOL SEQ PROGRAM Implemented in CSeq framework [Fischer, Inverso, Parlato - ASE’13] C99 + PThread + counter-example [Inverso, Nguyen, Fischer, La Torre, Parlato - ASE’15] Medals at SV-COMP (2014-16), concurrency category Extended for weak memory models [Tomasco, Nguyen, Inverso, Fischer, La Torre, Parlato - FMCAD’16] Very effective at finding bugs in complex benchmarks other approaches fail

… Round robin schedule T0 T1 TN-1 TN main() T0 T1 … TN-1 TN round k captures all bounded Round-Robin computations for a given bound error manifest themselves within very few rounds [ Musuvathi, Qadeer – PLDI’07 ]

Lazy Sequentialization: Schema overview … main() T0 bounded concurrent program T1 TN Sequentialization (code-to-code translation) translates translates … translates … sequential program F0 F1 FN main() Sequentialized functions Driver

Lazy Sequentialization: Main driver pc0=0 ; ..., pcN=0; local0; ..., localN; main() { while(i <= K){ ... if(createdi) Fi(); i++; } bounded loop to simulate K rounds of computations

Lazy Sequentialization: Main driver pc0=0 ; ..., pcN=0; local0; ..., localN; main() { while(i <= K){ ... if(createdi) Fi(); i++; } bounded loop to simulate K rounds of computations thread simulation function (for each thread i)

Lazy Sequentialization: Main driver a global pc for each thread thread locals → thread global main driver pc0=0 ; ..., pcN=0; local0; ..., localN; main() { while(i <= K){ ... if(createdi) Fi(); i++; } bounded loop to simulate K rounds of computations thread simulation function (for each thread i)

Unbounded Lazy Sequentialization

Lazy Sequentialization: Main driver a global pc for each thread thread locals → thread global main driver pc0=0 ; ..., pcN=0; local0; ..., localN; main() { while(i <= K){ ... if(createdi) Fi(); i++; } bounded loop to simulate K rounds of computations thread simulation function (for each thread i)

Lazy Sequentialization: Main driver (extended) a global pc for each thread thread locals → thread global main driver pc0=0 ; ..., pcN=0; local0; ..., localN; main() { while(true){ ... if(createdi) Fi(); } infinite loop to simulate unbounded # rounds thread simulation function (for each thread i)

Lazy Sequentialization: Schema overview … main() T0 bounded concurrent program T1 TN Sequentialization (code-to-code translation) translates translates … translates … sequential program F0 F1 FN main() Sequentialized functions Driver

Lazy Sequentialization: Schema (extended) … main() T0 bounded concurrent program T1 TN Sequentialization (code-to-code translation) translates translates … translates … sequential program F0 F1 FN main() Sequentialized functions Driver

UL Sequentialization: Thread Simulation l1: stmt1; l2: stmt2; l3: stmt3; . lM: stmtM;

UL Sequentialization: Thread Simulation l1: stmt1; l2: stmt2; l3: stmt3; . lM: stmtM; l1: stmt1; l2: stmt2; l3: stmt3; . lM: stmtM; translate

UL Sequentialization: Thread Simulation Fi l1: stmt1; l2: stmt2; l3: stmt3; . lM: stmtM; l1: stmt1; l2: stmt2; l3: stmt3; . lM: stmtM; [[ l1: stmt1 ]]; [[ l2: stmt2 ]]; [[ l3: stmt3 ]]; . [[ lM: stmtM ]]; translate translates

UL Sequentialization: Thread Simulation execute statements Fi [[ l1: stmt1 ]]; [[ l2: stmt2 ]]; [[ l3: stmt3 ]]; . [[ lM: stmtM ]]; skip ... RESUME EXECUTE

UL Sequentialization: Thread Simulation suspend execution Fi [[ l1: stmt1 ]]; [[ l2: stmt2 ]]; [[ l3: stmt3 ]]; . [[ lM: stmtM ]]; skip ... RESUME EXECUTE SUSPEND skip ...

UL Sequentialization: Translation for Simple Stmts Simple statements: assignment, goto, return [[ l: simple_stmt ]]

UL Sequentialization: Translation for Simple Stmts Simple statements: assignment, goto, return [[ l: simple_stmt ]] translates into CONTR(l) l: EXEC(simple_stmt)

UL Sequentialization: Translation for Simple Stmts Simple statements: assignment, goto, return [[ l: simple_stmt ]] translates into CONTR(l) l: EXEC(simple_stmt) #define CONTR(l) if(s=RESUME && pci=l) s:=EXECUTE; if(s=EXECUTE && *) { pci:=l; s:=SUSPEND;}

UL Sequentialization: Translation for Simple Stmts Simple statements: assignment, goto, return [[ l: simple_stmt ]] translates into CONTR(l) l: EXEC(simple_stmt) #define EXEC(stmt) if(s=EXECUTE) {stmt;}

UL Sequentialization: Translation for Loop Stmts [[ l: while (b) do {... k: stm} ]]

UL Sequentialization: Translation for Loop Stmts [[ l: while (b) do {... k: stm} ]] translates into CONTR(l) l: skip

UL Sequentialization: Translation for Loop Stmts [[ l: while (b) do {... k: stm} ]] translates into CONTR(l) l: while( (s=RESUME && pci <= k) || (s=EXECUTE && b) ) do [[{... k: stm}]] skip

UL Sequentialization: Translation for Conditional Stmts [[ l: if (b) {... k: stm1} else {... h: stm2} ]]

UL Sequentialization: Translation for Conditional Stmts [[ l: if (b) {... k: stm1} else {... h: stm2} ]] translates into CONTR(l) l:

UL Sequentialization: Translation for Conditional Stmts [[ l: if (b) {... k: stm1} else {... h: stm2} ]] translates into CONTR(l) l: if((s=RESUME && pci <= k) ||(s=EXECUTE && b)) [[{... k: stm1}]] else if ((s=RESUME && pci <= h) ||(s=EXECUTE)) [[{... h: stm2}]]

Tool / Empirical Evaluation

UL-CSeq UL-CSeq tool sequential tools P P' Implementation concurrent C program sequential non-deterministic C program UL-CSeq ANSWER sequential tools P P' Implementation CSeq framework Input: C99 + POSIX threads Support backends Proving correctness: SeaHorn, Ultimate Automizer, CPAChecker, VVT Finding bugs: CBMC, ESBMC, LLBMC

Experiments: Proving Correctness category #file #LOC UL-CSeq + SeaHorn UL-CSeq + UAutomizer UL-CSeq + CPAChecker UL-CSeq + VVT pass fail t.o. time pthread 15 1285 3 2 10 67.3 390.8 204.9 5 7 247.3 pthread-atomic 9 1136 6 1 167.9 456.7 4 352.6 171.8 pthread-ext 45 3679 27 18 199.1 12 31 226.5 30 214.6 16 24 179.7 pthread-lit 8 427 23.3 544.9 164.1 79.8 pthread-wmm 144 29426 32.5 60 84 421.6 26 118 271.3 141 275.3 [FMCAD’13] 542 51.1 238.6 244.7 133.1 [TACAS’11] 290 5.7 181.8 44.9 17.2 Totals 234 36785 194 37 59.9 87 376.2 171 235.7 180 11 43 248.2 SV-COMP Benchmark [Beyer - TACAS’16] SAFE instances [Watcher, Kroening, Ouaknine - FMCAD’13] [Garg, Madhusudan - TACAS’11]

Experiments: Proving Correctness category #file #LOC UL-CSeq + SeaHorn UL-CSeq + UAutomizer UL-CSeq + CPAChecker UL-CSeq + VVT pass fail t.o. time pthread 15 1285 3 2 10 67.3 390.8 204.9 5 7 247.3 pthread-atomic 9 1136 6 1 167.9 456.7 4 352.6 171.8 pthread-ext 45 3679 27 18 199.1 12 31 226.5 30 214.6 16 24 179.7 pthread-lit 8 427 23.3 544.9 164.1 79.8 pthread-wmm 144 29426 32.5 60 84 421.6 26 118 271.3 141 275.3 [FMCAD’13] 542 51.1 238.6 244.7 133.1 [TACAS’11] 290 5.7 181.8 44.9 17.2 Totals 234 36785 194 37 59.9 87 376.2 171 235.7 180 11 43 248.2 Time is measures in second, t.o is timeout

Experiments: Proving Correctness category #file #LOC UL-CSeq + SeaHorn UL-CSeq + UAutomizer UL-CSeq + CPAChecker UL-CSeq + VVT pass fail t.o. time pthread 15 1285 3 2 10 67.3 390.8 204.9 5 7 247.3 pthread-atomic 9 1136 6 1 167.9 456.7 4 352.6 171.8 pthread-ext 45 3679 27 18 199.1 12 31 226.5 30 214.6 16 24 179.7 pthread-lit 8 427 23.3 544.9 164.1 79.8 pthread-wmm 144 29426 32.5 60 84 421.6 26 118 271.3 141 275.3 [FMCAD’13] 542 51.1 238.6 244.7 133.1 [TACAS’11] 290 5.7 181.8 44.9 17.2 Totals 234 36785 194 37 59.9 87 376.2 171 235.7 180 11 43 248.2 Time is measures in second, t.o is timeout

Experiments: Proving Correctness category #file #LOC UL-CSeq + SeaHorn UL-CSeq + UAutomizer UL-CSeq + CPAChecker UL-CSeq + VVT pass fail t.o. time pthread 15 1285 3 2 10 67.3 390.8 204.9 5 7 247.3 pthread-atomic 9 1136 6 1 167.9 456.7 4 352.6 171.8 pthread-ext 45 3679 27 18 199.1 12 31 226.5 30 214.6 16 24 179.7 pthread-lit 8 427 23.3 544.9 164.1 79.8 pthread-wmm 144 29426 32.5 60 84 421.6 26 118 271.3 141 275.3 [FMCAD’13] 542 51.1 238.6 244.7 133.1 [TACAS’11] 290 5.7 181.8 44.9 17.2 Totals 234 36785 194 37 59.9 87 376.2 171 235.7 180 11 43 248.2 Impara Satabs Threader Time is measures in second, t.o is timeout

Experiments: Proving Correctness category #file #LOC UL-CSeq + SeaHorn UL-CSeq + UAutomizer UL-CSeq + CPAChecker UL-CSeq + VVT pass fail t.o. time pthread 15 1285 3 2 10 67.3 390.8 204.9 5 7 247.3 pthread-atomic 9 1136 6 1 167.9 456.7 4 352.6 171.8 pthread-ext 45 3679 27 18 199.1 12 31 226.5 30 214.6 16 24 179.7 pthread-lit 8 427 23.3 544.9 164.1 79.8 pthread-wmm 144 29426 32.5 60 84 421.6 26 118 271.3 141 275.3 [FMCAD’13] 542 51.1 238.6 244.7 133.1 [TACAS’11] 290 5.7 181.8 44.9 17.2 Totals 234 36785 194 37 59.9 87 376.2 171 235.7 180 11 43 248.2 Impara Satabs Threader 12.2 308.7 128.4 7.3 61.8 1.3 24.4 143.7 8.7 13 17 34.6 36 104.8 38 66.2 0.4 8.1 N/A 120 100 22 312.2 130 14 222.2 0.5 27.5 154.7 2.7 0.8 58.2 8.8 77 154 11.2 134 52 48 244 57 164 88.2 192 172.6 Time is measures in second, t.o is timeout

Experiments: Proving Correctness category #file #LOC UL-CSeq + SeaHorn UL-CSeq + UAutomizer UL-CSeq + CPAChecker UL-CSeq + VVT pass fail t.o. time pthread 15 1285 3 2 10 67.3 390.8 204.9 5 7 247.3 pthread-atomic 9 1136 6 1 167.9 456.7 4 352.6 171.8 pthread-ext 45 3679 27 18 199.1 12 31 226.5 30 214.6 16 24 179.7 pthread-lit 8 427 23.3 544.9 164.1 79.8 pthread-wmm 144 29426 32.5 60 84 421.6 26 118 271.3 141 275.3 [FMCAD’13] 542 51.1 238.6 244.7 133.1 [TACAS’11] 290 5.7 181.8 44.9 17.2 Totals 234 36785 194 37 59.9 87 376.2 171 235.7 180 11 43 248.2 Impara Satabs Threader 12.2 308.7 128.4 7.3 61.8 1.3 24.4 143.7 8.7 13 17 34.6 36 104.8 38 66.2 0.4 8.1 N/A 120 100 22 312.2 130 14 222.2 0.5 27.5 154.7 2.7 0.8 58.2 8.8 77 154 11.2 134 52 48 244 57 164 88.2 192 172.6 Time is measures in second, t.o is timeout

Experiments: Finding Bugs category #file LOC UL-CSEQ + CBMC Lazy-CSeq + CBMC CBMC CIVL Smack pass t.o. time pthread 17 4085 14 3 12.2 19.4 16 1 63.1 14.9 8 9 84.2 atomic 2 204 1.4 0.4 3.4 15 ext 780 0.3 7 12 47.2 lit 148 1.3 0.2 2.7 11.1 wmm 754 237700 1.1 1.2 0.5 6.1 753 78.1 Totals 784 242917 781 1.6 2.9 6.2 772 77.6 SV-COMP Benchmark [Beyer - TACAS’16] UNSAFE instances Time is measures in second, t.o is timeout

Experiments: Finding Bugs category #file LOC UL-CSEQ + CBMC Lazy-CSeq + CBMC pass t.o. time pthread 17 4085 14 3 12.2 19.4 atomic 2 204 1.4 1 ext 8 780 0.3 lit 148 1.3 wmm 754 237700 1.1 1.2 Totals 784 242917 781 1.6 Time is measures in second, t.o is timeout

Experiments: Finding Bugs category #file LOC UL-CSEQ + CBMC Lazy-CSeq + CBMC pass t.o. time pthread 17 4085 14 3 12.2 19.4 atomic 2 204 1.4 1 ext 8 780 0.3 lit 148 1.3 wmm 754 237700 1.1 1.2 Totals 784 242917 781 1.6 Time is measures in second, t.o is timeout

Experiments: Finding Bugs category #file LOC UL-CSEQ + CBMC Lazy-CSeq + CBMC CBMC CIVL Smack pass t.o. time pthread 17 4085 14 3 12.2 19.4 atomic 2 204 1.4 1 ext 8 780 0.3 lit 148 1.3 wmm 754 237700 1.1 1.2 Totals 784 242917 781 1.6 Time is measures in second, t.o is timeout

Experiments: Finding Bugs category #file LOC UL-CSEQ + CBMC Lazy-CSeq + CBMC CBMC CIVL Smack pass t.o. time pthread 17 4085 14 3 12.2 19.4 16 1 63.1 14.9 8 9 84.2 atomic 2 204 1.4 0.4 3.4 15 ext 780 0.3 7 12 47.2 lit 148 1.3 0.2 2.7 11.1 wmm 754 237700 1.1 1.2 0.5 6.1 753 78.1 Totals 784 242917 781 1.6 2.9 6.2 772 77.6 Time is measures in second, t.o is timeout

Conclusions

Conclusion & Future Work We have presented a new sequentialization Lazy Unbounded context switches Preserving loop Simple to implement (CSeq framework), support multiple backends Proving correctness Finding bugs Competitive with existing approaches (bug-finding + correctness) Future Work Application to Embedded systems Extended to unbounded thread creation Weak Memory Models (WMM)

users.ecs.soton.ac.uk/gp4/cseq Thank You users.ecs.soton.ac.uk/gp4/cseq

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.