Model checking for weakly consistent libraries

Kokologiannakis, Michalis; Raad, Azalea; Vafeiadis, Viktor

doi:10.1145/3314221.3314609

Cited by 65 publications

(93 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When this is the case, following Abdulla et al [2018] and Kokologiannakis et al [2019], we only keep the following events in this additional execution: (1) r itself (e.g., a := x), (2) the events that were added before r (e.g., lock(l) in the left thread), (3) w itself (e.g., x := 2), and (4) the events that led to w (e.g., lock(l) and b := x in the right thread). In other words, we remove all events that were added after r but did not lead to w (e.g., the x := 1 and unlock(l) in the left thread).…”

Section: Lapor: Excluding Inconsistent Executionsmentioning

confidence: 99%

“…However, several more recent DPOR algorithms [Abdulla et al 2018;Aronis et al 2018;Chalupa et al 2017;Kokologiannakis et al 2017Kokologiannakis et al , 2019 do not consider all orderings on the writes of the same location unless this order is observable. As such, since the value of x is not read in w+w, the order of the writes cannot possibly be observable, and thus these techniques explore only one execution for w+w, ignoring the order in which the writes are executed.…”

Section: Lock(l);mentioning

confidence: 99%

“…Our model checking algorithm for locks, LAPOR, can be built as an extension of any (D)POR algorithm, as long as it calculates its alternative exploration options at each step and not at the end of each execution. For concreteness, here we present a version of LAPOR built on top of the GenMC model checking algorithm by Kokologiannakis et al [2019]. Basing LAPOR over GenMC enables our algorithm to be parametric with respect to the memory model and allows us to prove its correctness and optimality (see ğ4.2).…”

Section: Lapor: Lock-aware Partial Order Reductionmentioning

confidence: 99%

“…Intuitively, CGL simplifies reasoning about concurrent programs because it reduces the number of interleavings that a programmer or an automated verifier has to consider. Somewhat surprisingly, however, CGL has the opposite effect on verification using the state-of-the-art stateless model checking (SMC) tools (e.g., [Abdulla et al 2014[Abdulla et al , 2018Aronis et al 2018;Kokologiannakis et al 2017Kokologiannakis et al , 2019). More specifically, CGL increases the verification cost significantly because it inhibits the most important optimization of SMC, which makes the approach scalable, namely (dynamic) partial order reduction (POR) [Abdulla et al 2014;Flanagan and Godefroid 2005].…”

Section: Introductionmentioning

confidence: 99%

“…(ğ4) We describe LAPOR in detail, and show that it is sound (produces no false positives), complete (explores all possible behaviours), and optimal (explores each behaviour exactly once), and that it can be applied to any memory model that satisfies a few basic assumptions. (ğ5) We implement LAPOR over the state-of-the-art GenMC model checker [Kokologiannakis et al 2019] and evaluate its performance. We show that LAPOR is significantly faster than the state of the art for programs with coarse-grained locks, while incurring only a small overhead for programs with fine-grained locks, and negligible overhead for programs without locks.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Effective lock handling in stateless model checking

Kokologiannakis

Raad

Vafeiadis

2019

Proc. ACM Program. Lang.

Self Cite

View full text Add to dashboard Cite

Stateless Model Checking (SMC) is a verification technique for concurrent programs that checks for safety violations by exploring all possible thread interleavings. SMC is usually coupled with Partial Order Reduction (POR), which exploits the independence of instructions to avoid redundant explorations when an equivalent one has already been considered. While effective POR techniques have been developed for many different memory models, they are only able to exploit independence at the instruction level, which makes them unsuitable for programs with coarse-grained synchronization mechanisms such as locks. We present a lock-aware POR algorithm, LAPOR, that exploits independence at both instruction and critical section levels. This enables LAPOR to explore exponentially fewer interleavings than the state-of-the-art techniques for programs that use locks conservatively. Our algorithm is sound, complete, and optimal, and can be used for verifying programs under several different memory models. We implement LAPOR in a tool and show that it can be exponentially faster than the state-of-the-art model checkers. CCS Concepts: • Theory of computation → Verification by model checking; • Software and its engineering → Software testing and debugging.

show abstract

Section: Lapor: Excluding Inconsistent Executionsmentioning

confidence: 99%

Section: Lock(l);mentioning

confidence: 99%

Section: Lapor: Lock-aware Partial Order Reductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Effective lock handling in stateless model checking

Kokologiannakis

Raad

Vafeiadis

2019

Proc. ACM Program. Lang.

Self Cite

View full text Add to dashboard Cite

show abstract

Modular Relaxed Dependencies in Weak Memory Concurrency

Paviotti

Cooksey

Paradis

et al. 2020

Programming Languages and Systems

View full text Add to dashboard Cite

We present a denotational semantics for weak memory concurrency that avoids thin-air reads, provides data-race free programs with sequentially consistent semantics (DRF-SC), and supports a compositional refinement relation for validating optimisations. Our semantics identifies false program dependencies that might be removed by compiler optimisation, and leaves in place just the dependencies necessary to rule out thin-air reads. We show that our dependency calculation can be used to rule out thin-air reads in any axiomatic concurrency model, in particular C++. We present a tool that automatically evaluates litmus tests, show that we can augment C++ to fix the thin-air problem, and we prove that our augmentation is compatible with the previously used compilation mappings over key processor architectures. We argue that our dependency calculation offers a practical route to fixing the longstanding problem of thin-air reads in the C++ specification.

show abstract

Parallel Graph-Based Stateless Model Checking

Lång

Sagonas

2020

Automated Technology for Verification and Analysis

View full text Add to dashboard Cite

Model checking for weakly consistent libraries

Cited by 65 publications

References 38 publications

Effective lock handling in stateless model checking

Effective lock handling in stateless model checking

Modular Relaxed Dependencies in Weak Memory Concurrency

Parallel Graph-Based Stateless Model Checking

Contact Info

Product

Resources

About