model checking of parameterized systems on weak memory
play

Model Checking of Parameterized Systems on Weak Memory David - PowerPoint PPT Presentation

Dec 13, 2022 •225 likes •327 views

Model Checking of Parameterized Systems on Weak Memory David Declerck Laboratoire de Recherche en Informatique Universit e Paris-Sud October 3rd, 2017 Work supported by French ANR project PARDI (DS0703) David Declerck A Backward

  1. Model Checking of Parameterized Systems on Weak Memory David Declerck Laboratoire de Recherche en Informatique Universit´ e Paris-Sud October 3rd, 2017 Work supported by French ANR project PARDI (DS0703) David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory

  2. Weak Memory ◮ order of memory access � = interleaving of memory instructions ◮ we choose a TSO-like model ◮ reorderings can be prevented using fences ◮ harder to reason about concurrent programs Shared Memory Write buffer ... ... P 1 P 2 P n − 1 P n David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 1 / 4

  3. Parameterized Systems ◮ concurrent systems ◮ unbounded number of processes ◮ unbounded process-indexed arrays Example : naive mutual exclusion type loc = Idle | Want | Crit transition t req ([ p ]) array PC[ proc ] : loc requires { PC[ p ] = Idle } weak array X[ proc ] : bool { PC[ p ] := Want; X[ p ] := True } init ( p ) { PC[ p ] = Idle transition t enter ([ p ]) && X[ p ] = False } requires { PC[ p ] = Want && fence ( p ) && forall other p . X[ p ] = False } unsafe ( p1 p2 ) { PC[ p1 ] = Crit { PC[ p ] := Crit } && PC[ p2 ] = Crit } David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 2 / 4

  4. Our approach Base framework : ◮ Model Checking Modulo Theories ◮ check safety properties of parameterized systems ◮ assumes a sequentially consistent memory ◮ relies on a backward reachability algorithm Our extension : ◮ add TSO reasoning using an axiomatic model ◮ maps memory instructions to read/write events ◮ builds a global happens-before relation over events David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 3 / 4

  5. Backward Reachability Example PC [# 1 ] = Crit ∧ PC [# 2 ] = Crit David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

  6. Backward Reachability Example PC [# 1 ] = Crit ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ fence (# 2 , e 1 ) t enter (# 2 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Crit David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

  7. Backward Reachability Example PC [# 1 ] = Want ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) t enter (# 1 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ fence (# 2 , e 1 ) t enter (# 2 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Crit David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

  8. Backward Reachability Example PC [# 1 ] = Want ∧ PC [# 2 ] = Idle Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ Wr X ( e 3 , # 2 , # 2 ) ∧ Val ( e 3 ) = ⊤ fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) t req (# 2 ) ghb ( e 3 , e 1 ) Val ( e 2 ) = Val ( e 3 ) PC [# 1 ] = Want ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) t enter (# 1 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ fence (# 2 , e 1 ) t enter (# 2 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Crit David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

  9. Backward Reachability Example PC [# 1 ] = Want ∧ PC [# 2 ] = Idle Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ Wr X ( e 3 , # 2 , # 2 ) ∧ Val ( e 3 ) = ⊤ fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) t req (# 2 ) ghb ( e 3 , e 1 ) Val ( e 2 ) = Val ( e 3 ) PC [# 1 ] = Want ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) t enter (# 1 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ fence (# 2 , e 1 ) t enter (# 2 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Crit David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

  10. Backward Reachability Example PC [# 1 ] = Want ∧ PC [# 2 ] = Idle PC [# 1 ] = Want ∧ PC [# 2 ] = Idle Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ Wr X ( e 3 , # 2 , # 2 ) ∧ Val ( e 3 ) = ⊤ Wr X ( e 3 , # 2 , # 2 ) fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) t req (# 2 ) ghb ( e 3 , e 1 ) ghb ( e 3 , e 1 ) Val ( e 2 ) = Val ( e 3 ) PC [# 1 ] = Want ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ Rd X ( e 2 , # 1 , # 2 ) ∧ Val ( e 2 ) = ⊥ fence (# 2 , e 1 ) ∧ fence (# 1 , e 2 ) t enter (# 1 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Want Rd X ( e 1 , # 2 , # 1 ) ∧ Val ( e 1 ) = ⊥ fence (# 2 , e 1 ) t enter (# 2 ) PC [# 1 ] = Crit ∧ PC [# 2 ] = Crit David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

Recommend

An Abstraction Technique for Parameterized Model Checking of Leader Election Protocols:

An Abstraction Technique for Parameterized Model Checking of Leader Election Protocols:

An Abstraction Technique for Parameterized Model Checking of Leader Election Protocols: Application to FTSP Ocan Sankur , Jean-Pierre Talpin Irisa, CNRS, Rennes Ocan Sankur Abstractions For Parameterized Model Checking of FTSP 1 / 7

534 views • 25 slides
Reasoning about the C/C++ weak memory model Viktor Vafeiadis Max Planck Institute for Software

Reasoning about the C/C++ weak memory model Viktor Vafeiadis Max Planck Institute for Software

Reasoning about the C/C++ weak memory model Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) 17 July 2014 Understanding weak memory consistency Read the architecture/language specs? Too informal, often wrong. Read the

430 views • 40 slides
Reasoning about the C/C++ weak memory model Viktor Vafeiadis Max Planck Institute for Software

Reasoning about the C/C++ weak memory model Viktor Vafeiadis Max Planck Institute for Software

Reasoning about the C/C++ weak memory model Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) 23 September 2014 Understanding weak memory consistency Read the architecture/language specs? Too informal, often wrong. Read

378 views • 35 slides
Parameterized Model Checking of Fault-tolerant Distributed Algorithms by Abstraction Annu John

Parameterized Model Checking of Fault-tolerant Distributed Algorithms by Abstraction Annu John

Parameterized Model Checking of Fault-tolerant Distributed Algorithms by Abstraction Annu John Igor Konnov Ulrich Schmid Helmut Veith Josef Widder FMCAD13 Portland, OR, USA, Oct 20-23, 2013 Igor Konnov (www.forsyte.at) Parameterized

939 views • 70 slides
Persistence Semantics for Weak Memory Integrating Epoch Persistency with the TSO Memory Model

Persistence Semantics for Weak Memory Integrating Epoch Persistency with the TSO Memory Model

Persistence Semantics for Weak Memory Integrating Epoch Persistency with the TSO Memory Model Azalea Raad Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) Thursday 8 November OOPSLA 2018 Boston, USA azalea@mpi-sws.org

1.21k views • 88 slides
Formal reasoning about the C11 weak memory model Invited talk @ CPP15 Viktor Vafeiadis Max

Formal reasoning about the C11 weak memory model Invited talk @ CPP15 Viktor Vafeiadis Max

Formal reasoning about the C11 weak memory model Invited talk @ CPP15 Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) 13 January 2015 What is a weak memory model? Viktor Vafeiadis Formal reasoning about the C11 weak

389 views • 38 slides
SMT and POR beat Counter Abstraction Parameterized Model Checking of Threshold-Based Distributed

SMT and POR beat Counter Abstraction Parameterized Model Checking of Threshold-Based Distributed

SMT and POR beat Counter Abstraction Parameterized Model Checking of Threshold-Based Distributed Algorithms Igor Konnov Helmut Veith Josef Widder Alpine Verification Meeting May 4-6, 2015 Why fault-tolerant (FT) distributed algorithms

859 views • 64 slides
Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL

Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL

Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL Other interesting books: Model Checking by Clarke, Grumberg, and Peled Principles of Model Checking by Baier and Katoen 3 Course

636 views • 11 slides
Statistical model checking for parameterized model t Delahaye 1 Paulin Fournier 1 Didier Lime 2

Statistical model checking for parameterized model t Delahaye 1 Paulin Fournier 1 Didier Lime 2

Statistical model checking for parameterized model t Delahaye 1 Paulin Fournier 1 Didier Lime 2 Beno Universit e de Nantes - LS2N, UMR 6004 - Nantes, France Ecole Centrale de Nantes - LS2N, UMR 6004 - Nantes, France SynCoP 2018

685 views • 42 slides
EJCP 2016 Model Checking Modulo Theories with Cubicle Sylvain Conchon LRI (UMR 8623),

EJCP 2016 Model Checking Modulo Theories with Cubicle Sylvain Conchon LRI (UMR 8623),

EJCP 2016 Model Checking Modulo Theories with Cubicle Sylvain Conchon LRI (UMR 8623), Universit e Paris-Sud Equipe Toccata, INRIA Saclay Ile-de-France 1 Cubicle An SMT based model checker for parameterized systems 2 Contents

1.74k views • 140 slides
Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is Model Checking? Model checking is an automated technique that, given a finite-state model of a system and a logical property , systematically

484 views • 36 slides
Model Checking in Systems Biology s Brim and Milan ska and David Lubo Ce Safr

Model Checking in Systems Biology s Brim and Milan ska and David Lubo Ce Safr

Model Checking in Systems Biology s Brim and Milan ska and David Lubo Ce Safr anek Masaryk University Czech Republic SFM 2013 1/150 Outline Introduction 1 LTL Model Checking 2 Parallel LTL Model Checking 3 Discrete

2.18k views • 199 slides
Model Checking Finite State Finite State Model Checking Finite State Systems

Model Checking Finite State Finite State Model Checking Finite State Systems

Model Checking Finite State Finite State Model Checking Finite State Systems Informationsteknologi System Description A No! Debugging Information TOOL TOOL Yes, Requirement F Prototypes C T L Executable Code Test sequences Tools:

637 views • 34 slides
From weak to weedy Effective use of memory barriers in the ARM Linux Kernel Will Deacon

From weak to weedy Effective use of memory barriers in the ARM Linux Kernel Will Deacon

Introduction ARMs memory model Linuxs memory model Finer-grained control Questions Future work From weak to weedy Effective use of memory barriers in the ARM Linux Kernel Will Deacon will.deacon@arm.com Embedded Linux Conference

540 views • 52 slides
Weak memory models INF4140 - Models of concurrency Weak memory models Fall 2016 30. 10. 2016

Weak memory models INF4140 - Models of concurrency Weak memory models Fall 2016 30. 10. 2016

Weak memory models INF4140 - Models of concurrency Weak memory models Fall 2016 30. 10. 2016 Overview Weak memory models 1 Introduction 2 Hardware architectures Compiler optimizations Sequential consistency Weak memory models 3 TSO

1.3k views • 87 slides
Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius

725 views • 59 slides
Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree Logic Dominic Mulligan Based on previous slides by Alan Mycroft and Mike Gordon Programming, Logic, and Semantics Group University of Cambridge

402 views • 25 slides
Checking & Spot-Checking the Correctness of Priority Queues Matthew Chu & Sampath Kannan

Checking & Spot-Checking the Correctness of Priority Queues Matthew Chu & Sampath Kannan

Checking & Spot-Checking the Correctness of Priority Queues Matthew Chu & Sampath Kannan (UPenn) Andrew McGregor (UCSD) Memory Checking Memory Checking Your resources: A lot of cheap unreliable memory and a little expensive reliable

1.11k views • 70 slides
Weak memory models Mai Thuong Tran PMA Group, University of Oslo, Norway 31 Oct. 2014 Overview

Weak memory models Mai Thuong Tran PMA Group, University of Oslo, Norway 31 Oct. 2014 Overview

Weak memory models Mai Thuong Tran PMA Group, University of Oslo, Norway 31 Oct. 2014 Overview 1 Introduction Hardware architectures Compiler optimizations Sequential consistency Weak memory models 2 TSO memory model (Sparc, x86-TSO)

1.04k views • 64 slides
Directed Model Checking (not only) for Timed Automata Sebastian Kupferschmid March, 2010 Model

Directed Model Checking (not only) for Timed Automata Sebastian Kupferschmid March, 2010 Model

Directed Model Checking (not only) for Timed Automata Sebastian Kupferschmid March, 2010 Model Checking Motivation Embedded Systems Omnipresent Safety relevant systems Pentium bug Ariane 5 Errors can be extremely harmful Correct

837 views • 67 slides
Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas

Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas

Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole Model Checking C Model checking: normally applied to formal state transition systems checks safety and

439 views • 17 slides
The Java Memory Model Jaroslav Sev c k University of Edinburgh Supported by ITI

The Java Memory Model Jaroslav Sev c k University of Edinburgh Supported by ITI

The Java Memory Model Jaroslav Sev c k University of Edinburgh Supported by ITI Techmedia The Java Memory Model p. 1/30 Overview Part I : Motivation for weak memory models: Compromise between standard optimisations and

813 views • 46 slides
Parametric Verification of Concurrent Programs under the TSO Weak Memory Model Ahmed Bouajjani

Parametric Verification of Concurrent Programs under the TSO Weak Memory Model Ahmed Bouajjani

Parametric Verification of Concurrent Programs under the TSO Weak Memory Model Ahmed Bouajjani Paris Diderot University Based on joint work with Parosh A. Abdulla Mohamed Faouzi Atig T. Phong Ngo Uppsala University Sebastian

897 views • 77 slides
Owicki-Gries for Weak Memory Models Ori Lahav Viktor Vafeiadis Max Planck Institute for Software

Owicki-Gries for Weak Memory Models Ori Lahav Viktor Vafeiadis Max Planck Institute for Software

Owicki-Gries for Weak Memory Models Ori Lahav Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) Uppsala, 23 February 2015 Weak memory models Sequential consistency (a.k.a. interleaving semantics") is the standard

602 views • 36 slides

More recommend