Model Checking of Concurrent Software: Current Projects - PowerPoint PPT Presentation

About This Presentation
Title:

Model Checking of Concurrent Software: Current Projects

Description:

Model Checking of. Concurrent Software: Current Projects. Thomas Reps. University of Wisconsin ... University of Wisconsin. Anne Mulhern. Alexey Loginov. Tel ... – PowerPoint PPT presentation

Number of Views:48
Avg rating:3.0/5.0
Slides: 24
Provided by: thoma424
Learn more at: http://www.cs.cmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Model Checking of Concurrent Software: Current Projects


1
Model Checking ofConcurrent SoftwareCurrent
Projects
  • Thomas Reps
  • University of Wisconsin

2
Projects and Personnel
  • University of Wisconsin
  • Anne Mulhern
  • Alexey Loginov
  • Tel-Aviv University
  • Prof. Mooly Sagiv
  • Eran Yahav
  • Noam Rinetzky
  • Greta Yorsh
  • University of Saarbrücken
  • Prof. Reinhard Wilhelm

3
Verifying Behavioral SubtypingAnne Mulhern
  • Inheritance of code vs. inheritance of behavior
  • Liskov Substitution Principle
  • For every object x of type t there is an
    object x of type t, such that for all programs P
    defined in terms of t, the behavior of P is
    unchanged when x is substituted for x.
    Liskov 1988
  • Not enforced by compilers
  • Goal Build a tool that provides some amount of
    checking

4
Why?
class FooNode FooNode next . . . ?many
data members? . . . class Foo FooNode
first FooNode last AppendElmt(Datum) .
. . ?many members? . . .
class ListNode ListNode next class List
ListNode first ListNode last
AddToEnd()
? ?
5
Abstraction Refinementfor TVLA/TVMCAlexey
Loginov
  • Identify additional abstraction predicates
  • Nullary? Unary?
  • Both can be used to refine an abstraction
  • Need to be able to automatically create update
    formulas
  • Finite differencing of formulas Reps, Sagiv
  • Semantic minimization of formulas ?

6
Semantic Minimization
  • ???(A) Value of formula ? in assignment A
  • In 3-valued logic, ???(A) may equal ½
  • ?p p?(p ? 0) 1
  • ?p p?(p ? ½) ½
  • ?p p?(p ? 1) 1

7
Two- vs. Three-Valued Logic
0 ? 0,1
1 ? 0,1
8
Two- vs. Three-Valued Logic
9
Two- vs. Three-Valued Logic
Three-valued logic
10
Two- vs. Three-Valued Logic
11
Two- vs. Three-Valued Logic
0 ? ½
1 ? ½
12
Three-Valued Logic
  • 1 True
  • 0 False
  • 1/2 Unknown
  • A join semi-lattice 0 ? 1 1/2

13
Boolean Connectives Kleene
14
Semantic Minimization
  • ???(A) Value of formula ? in assignment A
  • In 3-valued logic, ???(A) may equal ½
  • ?p p?(p ? 0) 1
  • ?p p?(p ? ½) ½
  • ?p p?(p ? 1) 1

15
Semantic Minimization
  • ???(A) Value of formula ? in assignment A
  • In 3-valued logic, ???(A) may equal ½
  • ?p p?(p ? 0) 1
  • ?p p?(p ? ½) ½
  • ?p p?(p ? 1) 1
  • However,
  • ?1?(p ? 0) 1
  • ?1?(p ? ½) 1
  • ?1?(p ? 1) 1

16
Semantic Minimization
  • ?1?(p ? 0) 1 ?p p?(p ? 0)
    ?1?(p ? ½) 1 ? ½ ?p p?(p ? ½) ?1?(p
    ? 1) 1 ?p p?(p ? 1)

2-valued logic 1 is equivalent to p p
3-valued logic 1 is better than p p
For a given ?, is there a best formula?
Yes!
17
Semantic Minimization
Input Propositional formula ? Output
Propositional formula ? such that For all
3-valued assignments A, ???(A) ?
???(a) a?A,
a definite By the
monotonicity of ???(), ???(A) ????(a) ?
???(A) a?A,
a definite
18
Example
Original formula (?) xy xz yz
(Note ? is an irredundant sum of
products) Minimal formula (?) yz yz
xz xy xz xy ? ?(xyz xyz) For which
As do we have ???(A) ? ???(A)?
19
TVMC A 3-Valued Model CheckerEran Yahav
  • Programming-language features
  • concurrency
  • unbounded s of threads
  • pointers/aliasing
  • unbounded s of heap-allocated cells
  • Properties to be checked
  • FOLTL (LTL quantification)
  • Safety properties
  • Liveness properties (at least some forms . . .)

20
Java Threads Are Heap-Allocated Objects? Thread
Analysis ? Shape Analysis
21
Java Threads Are Heap-Allocated Objects? Thread
Analysis ? Shape Analysis
An abstract memory configuration
heldBy
thread inCritical
lock1 isAcquired
thread atStart
csLock
csLock
22
Java Threads Are Heap-Allocated Objects? Thread
Analysis ? Shape Analysis
Here, model checking means Explore the space of
possible transitions among abstract memory
configurations
23
Analysis of ADTs Noam Rinetzky
  • Analysis of ADTs (classes) and their clients
  • Objects summarized by finite-state machines
    obtained via shape-analysis
  • Example
  • Class Queue
  • Four states of a Queue object
  • Not allocated
  • Empty
  • Non-empty
  • Error

24
Analysis of Trees Greta Yorsh
  • Shape analysis of tree-manipulation programs
  • Binary-search-tree operations
  • Deutsch-Schorr-Waite tree traversal without a
    stack
  • Challenges
  • Garbage-collection marking algorithm that uses
    Deutsch-Schorr-Waite graph traversal (DSW tree
    traversal of depth-first-search tree)
  • Barnes-Hut uses an oct-tree with chained leaves
  • Improved materialization algorithm for TVLA
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Model Checking of Concurrent Software: Current Projects" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!