Presentation is loading. Please wait.

Presentation is loading. Please wait.

On Sequentializing Concurrent Programs

Published byHugh Baker Modified over 7 years ago

Similar presentations

Presentation on theme: "On Sequentializing Concurrent Programs"— Presentation transcript:

1 On Sequentializing Concurrent Programs
Ahmed Bouajjani LIAFA, University of Paris 7, France Michael Emmi Gennaro Parlato ✓ University of Southampton, UK

2 What is this talk about? Use of verification tools for sequential programs to analyze concurrent programs Write a sequential program that simulates the concurrent program Kiss: Keep It Simple and Sequential [Qadeer, Wu— PLDI’04] Many efficient solutions have been developed for sequential programs: SMT-based Bounded Model-Checkers, BDD-based model-checkers, approximation techniques, deductive verification, … Why don’t we exploit them?

3 code-to-code translation as a plug-in for sequential tools
shared vars (SC semantics) Sequ. tool Concsequ tranlsation Instrumentation for the Sequ. tool Concurrent Program T1 T2 Tn SC tools: Bounded model checking: ESBMC (FSE’11) Poirot (by MSR) Storm (CAV’09) Boolean Programs: Boom, Boppo GETAFIX (PLDI’09) jMoped [SPIN’08] CHESS (MSR) Sequentialization + sequ. tools Sequ. program A convenient way to get new tools for conc. programs …

4 What would it be a good sequential simulation?
First attempt: Tracking state: C1 X C2 X … Ci … X Cn X Shared Simulation: at each step simulate one move of a thread State space explosion ! Q: Can we avoid such an explosion (cross product of locals)? Yes, if we consider at most 2 context-switches [Qadeer, Wu—PLDI’04] Q: Can we avoid such an explosion (cross product of locals)? A: YES, for certain under-approximation Q: What about complete simulations ? A: NO! (for theoretical reasons) 2 3 3 1 2 1

5 Related works Up 2 context-switches [Qadeer, Wu—PLDI’04]
Many concurrency errors manifest themselves within few context- switches [Musuvathi, Qadeer—PLDI`07] Any fixed # context-switches (finite # of threads) Eager [Lal, Reps—CAV`08] Lazy [La Torre, Parlato, Madhusudan—CAV`09] Round-Robin schedules & parametrized programs Lazy [La Torre, Parlato, Madhusudan—CAV`10] Delay-bounded schedules (thread creation) [Emmi, Qadeer, Rakamaric—POPL`11] Over-approximation [Garg, Madhusudan, TACAS`11]

6 Proposed sequentializations common characteristics
Avoid cross product (compositional) 1 stack for the simulation 1 local state, fixed # of shared states Conc. & Sequ. Programs are in the same class i.e. no additional data structures to simulate parallelism Example: Boolean conc. programs  Boolean (sequential) program Parametrized: increasing the parameter more and more behaviors are captured at the expense of more computational resources Explore as many behaviors as possible Goal

7 Our contribution General mechanism enabling compositional sequentializations Under-approximations Captures at least or more behaviors than existing sequentializations Existing sequentializations can be seen as a restrictions of ours

8 Our Concurrent  Sequential Translation
- Compositional semantics - Thread interfaces - Bounded semantics (restricted compositional semantics)

9 Compositional Semantics (code-to-code translation to sequ. programs)
P ::= var g:T H H ::= proc p (var l:T ) s s ::= s; s | x := e | skip | assume e | if e then s else s | while e do s | call x := p e | return e | post p e | yield //Concurrent stmt x ::= g | l T1 T2 Tn shared vars (SC semantics) Main idea of the sequentialization Transform each thread creation into a procedure call: post p e  call g:=p e Only one interaction Solution (return all possible interactions) post p e  call INTERFACE:=p e

10 Key concept: Thread interface
s1 s1’ Thread interface An interface of a thread T in an execution captures the interactions (shared states) of T and all its sub-threads with the remaining threads involved in the execution s2 s2’ s3 s3’ s4 s4’ s5 s5’

11 How to compute Thread interface
Every thread creation is transformed into a procedure call A thread procedure computes an interface of the thread by simulating its code The thread procedure keeps the following data structure to compute the interface EXP: Interface to export BAG: Interfaces imported from posted threads

12 Updating the interface data-structure: initialization
EXP: Interface to export BAG: Interfaces imported from posted threads s1 The procedure that simulates a thread first initializes the interface data- structure: interface to export is initialized with one round ( s1, s1 ) ( s1 is a guessed shared state) bag of imported interfaces is empty

13 Updating the interface data-structure: thread creation (post)
EXP: Interface to export BAG: Interfaces imported from posted threads At any thread creation: post p e  transformed interface := call thread-p e; Add( BAG, interface );

14 Updating the interface data-structure context-switch (yield)
EXP: Interface to export BAG: Interfaces imported from posted threads a b b At any yield point non deterministically either interact at least once with internal threads, or interact with an external thread

15 Updating the interface data-structure context-switch (yield)
EXP: Interface to export BAG: Interfaces imported from posted threads a At any yield point non deterministically either interact at least once with internal threads, or interact with an external thread Add a new round (a,a) to the interface to export ( a is guessed )

16 Sequential semantics for conc. programs
We’ve obtained a sequential program that simulates the conc. program by computing interfaces Each Thread code p is replaced by the procedure thread-p: Variables: Locals + Interface data-structure Initialize the interface data-structure The code of the original thread is attached Only post, and yield statement are replaced with new code (simulating the operations presented previously) At yield a yield statement (or return) return the exported interface interface data-structure is unbounded

17 Bounding & Compressing
An interface as a list: a b c d e f g h a c e g b d f h

18 Bounding & Compressing
Bound the # nodes in the interface data structure Compress the bag of exported interface as a DAG We merge two node (x, y) and (y,z) into (x,z) x y z Ex 1. Ex 2. x y z

19 Our Sequentialization
Compositional Semantics + Bounding & Compressing

20 All existing sequentializations can be simulated
- Up 2 context-switches [Qadeer, Wu—PLDI’04] - Any fixed # context-switches (finite # of threads) - Eager [Lal, Reps—CAV`08] - Lazy [La Torre, Parlato, Madhusudan—CAV`09] - Round-Robin schedules & parametrized programs - Lazy [La Torre, Parlato, Madhusudan—CAV`10] - Delay bounded schedules (thread creation) [Emmi, Qadeer, Rakamaric—POPL`11]

21 Sequ. for any fixed # context-switches (finite # of threads) [Lal, Reps—CAV`08]
initial shared state T1 T2 Tn round 1 round 2 round k 3 1 2

22 Conclusions

23 Thanks! Conclusions: Future works:
We have presented a general mechanism enabling compositional sequentializations of concurrent programs (under SC) parameterized (bounding & compressing the # of nodes in the interfaces) more behaviors than existing sequentializations Thread creation, parameterized programs, finite # threads All existing sequentializations can be explained within our framework Weak Memory models: Translation TSO  SC [Atig, Bouajjani, Parlato—CAV`11] TSO  SC  sequential Future works: Experimental evaluation Sequentializations for distributed programs (FIFO channels) ? The Tree-width of Auxiliary Storage [Madhusudan, Parlato—POPL`11] Lazy transformation of our sequentialization [La Torre, Madhusudan, Parlato—CAV`09, CAV`10] Thanks!

Download ppt "On Sequentializing Concurrent Programs"

Similar presentations

Bounded Model Checking of Concurrent Data Types on Relaxed Memory Models: A Case Study Sebastian Burckhardt Rajeev Alur Milo M. K. Martin Department of.

Bounded Model Checking of Concurrent Data Types on Relaxed Memory Models: A Case Study Sebastian Burckhardt Rajeev Alur Milo M. K. Martin Department of.
Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer Stellenbosch University, South Africa Salvatore.

Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer Stellenbosch University, South Africa Salvatore.
Gennaro Parlato (LIAFA, Paris, France) Joint work with P. Madhusudan Xiaokang Qie University of Illinois at Urbana-Champaign.

Gennaro Parlato (LIAFA, Paris, France) Joint work with P. Madhusudan Xiaokang Qie University of Illinois at Urbana-Champaign.
Gennaro Parlato (LIAFA, Paris, France) Joint work with P. Madhusudan Xiaokang Qie University of Illinois at Urbana-Champaign.

Gennaro Parlato (LIAFA, Paris, France) Joint work with P. Madhusudan Xiaokang Qie University of Illinois at Urbana-Champaign.
A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.

A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Α ϒ ʎ …… Reachability Modulo Theories Akash Lal Shaz Qadeer, Shuvendu Lahiri Microsoft Research.

Α ϒ ʎ …… Reachability Modulo Theories Akash Lal Shaz Qadeer, Shuvendu Lahiri Microsoft Research.
1 Symbolic Execution for Model Checking and Testing Corina Păsăreanu (Kestrel) Joint work with Sarfraz Khurshid (MIT) and Willem Visser (RIACS)

1 Symbolic Execution for Model Checking and Testing Corina Păsăreanu (Kestrel) Joint work with Sarfraz Khurshid (MIT) and Willem Visser (RIACS)
1/20 Generalized Symbolic Execution for Model Checking and Testing Charngki PSWLAB Generalized Symbolic Execution for Model Checking and Testing.

1/20 Generalized Symbolic Execution for Model Checking and Testing Charngki PSWLAB Generalized Symbolic Execution for Model Checking and Testing.
Background for “KISS: Keep It Simple and Sequential” cs264 Ras Bodik spring 2005.

Background for “KISS: Keep It Simple and Sequential” cs264 Ras Bodik spring 2005.
Reducing Context-bounded Concurrent Reachability to Sequential Reachability Gennaro Parlato University of Illinois at Urbana-Champaign Salvatore La Torre.

Reducing Context-bounded Concurrent Reachability to Sequential Reachability Gennaro Parlato University of Illinois at Urbana-Champaign Salvatore La Torre.
Iterative Context Bounding for Systematic Testing of Multithreaded Programs Madan Musuvathi Shaz Qadeer Microsoft Research.

Iterative Context Bounding for Systematic Testing of Multithreaded Programs Madan Musuvathi Shaz Qadeer Microsoft Research.
Requirements on the Execution of Kahn Process Networks Marc Geilen and Twan Basten 11 April 2003 /e.

Requirements on the Execution of Kahn Process Networks Marc Geilen and Twan Basten 11 April 2003 /e.
The Tree-Width of auxiliary storage Gennaro Parlato (University of Southampton, UK) Joint work: P. Madhusudan – UIUC, USA.

The Tree-Width of auxiliary storage Gennaro Parlato (University of Southampton, UK) Joint work: P. Madhusudan – UIUC, USA.
The Language Theory of Bounded Context-Switching Gennaro Parlato (U. of Illinois, U.S.A.) Joint work with: Salvatore La Torre (U. of Salerno, Italy) P.

The Language Theory of Bounded Context-Switching Gennaro Parlato (U. of Illinois, U.S.A.) Joint work with: Salvatore La Torre (U. of Salerno, Italy) P.
On Sequentializing Concurrent Programs Ahmed Bouajjani LIAFA, University of Paris 7, France LIAFA, University of Paris 7, France Michael Emmi LIAFA, University.

On Sequentializing Concurrent Programs Ahmed Bouajjani LIAFA, University of Paris 7, France LIAFA, University of Paris 7, France Michael Emmi LIAFA, University.
The Tree-Width of automata with auxiliary storage Gennaro Parlato (LIAFA, CNRS, Paris, France) joint work with P. Madhusudan (Univ of Illinois at Urbana-Champaign,

The Tree-Width of automata with auxiliary storage Gennaro Parlato (LIAFA, CNRS, Paris, France) joint work with P. Madhusudan (Univ of Illinois at Urbana-Champaign,
Lazy-CSeq A Lazy Sequentialization Tool for C Omar Inverso University of Southampton, UK Ermenegildo Tomasco University of Southampton, UK Bernd Fischer.

Lazy-CSeq A Lazy Sequentialization Tool for C Omar Inverso University of Southampton, UK Ermenegildo Tomasco University of Southampton, UK Bernd Fischer.
Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.

Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.

Similar presentations

Ads by Google