Model Checking of Parameterized Systems on Weak Memory David - - PowerPoint PPT Presentation

model checking of parameterized systems on weak memory
SMART_READER_LITE
LIVE PREVIEW

Model Checking of Parameterized Systems on Weak Memory David - - PowerPoint PPT Presentation

Dec 13, 2022 225 likes •328 views

Model Checking of Parameterized Systems on Weak Memory David Declerck Laboratoire de Recherche en Informatique Universit e Paris-Sud October 3rd, 2017 Work supported by French ANR project PARDI (DS0703) David Declerck A Backward

slide-1
SLIDE 1

Model Checking of Parameterized Systems on Weak Memory

David Declerck

Laboratoire de Recherche en Informatique Universit´ e Paris-Sud

October 3rd, 2017

Work supported by French ANR project PARDI (DS0703) David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory

slide-2
SLIDE 2

Weak Memory

◮ order of memory access

= interleaving of memory instructions

◮ we choose a TSO-like model ◮ reorderings can be prevented using fences ◮ harder to reason about concurrent programs

Shared Memory P1 Write buffer P2 ... ... Pn−1 Pn

David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 1 / 4

slide-3
SLIDE 3

Parameterized Systems

◮ concurrent systems ◮ unbounded number of processes ◮ unbounded process-indexed arrays

Example : naive mutual exclusion

type loc = Idle | Want | Crit array PC[proc] : loc weak array X[proc] : bool init (p) { PC[p] = Idle && X[p] = False } unsafe (p1 p2) { PC[p1] = Crit && PC[p2] = Crit } transition t req ([p]) requires { PC[p] = Idle } { PC[p] := Want; X[p] := True } transition t enter ([p]) requires { PC[p] = Want && fence(p) && forall other p. X[p] = False } { PC[p] := Crit }

David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 2 / 4

slide-4
SLIDE 4

Our approach

Base framework :

◮ Model Checking Modulo Theories ◮ check safety properties of parameterized systems ◮ assumes a sequentially consistent memory ◮ relies on a backward reachability algorithm

Our extension :

◮ add TSO reasoning using an axiomatic model ◮ maps memory instructions to read/write events ◮ builds a global happens-before relation over events

David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 3 / 4

slide-5
SLIDE 5

Backward Reachability Example

PC[#1] = Crit ∧ PC[#2] = Crit David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

slide-6
SLIDE 6

Backward Reachability Example

PC[#1] = Crit ∧ PC[#2] = Crit PC[#1] = Crit ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ fence(#2, e1) t enter(#2) David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

slide-7
SLIDE 7

Backward Reachability Example

PC[#1] = Crit ∧ PC[#2] = Crit PC[#1] = Crit ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ fence(#2, e1) t enter(#2) PC[#1] = Want ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ fence(#2, e1) ∧ fence(#1, e2) t enter(#1) David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

slide-8
SLIDE 8

Backward Reachability Example

PC[#1] = Crit ∧ PC[#2] = Crit PC[#1] = Crit ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ fence(#2, e1) t enter(#2) PC[#1] = Want ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ fence(#2, e1) ∧ fence(#1, e2) t enter(#1) PC[#1] = Want ∧ PC[#2] = Idle RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ WrX(e3, #2, #2) ∧ Val(e3) = ⊤ fence(#2, e1) ∧ fence(#1, e2) ghb(e3, e1) Val(e2) = Val(e3) t req(#2) David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

slide-9
SLIDE 9

Backward Reachability Example

PC[#1] = Crit ∧ PC[#2] = Crit PC[#1] = Crit ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ fence(#2, e1) t enter(#2) PC[#1] = Want ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ fence(#2, e1) ∧ fence(#1, e2) t enter(#1) PC[#1] = Want ∧ PC[#2] = Idle RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ WrX(e3, #2, #2) ∧ Val(e3) = ⊤ fence(#2, e1) ∧ fence(#1, e2) ghb(e3, e1) Val(e2) = Val(e3) t req(#2) David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4

slide-10
SLIDE 10

Backward Reachability Example

PC[#1] = Crit ∧ PC[#2] = Crit PC[#1] = Crit ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ fence(#2, e1) t enter(#2) PC[#1] = Want ∧ PC[#2] = Want RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ fence(#2, e1) ∧ fence(#1, e2) t enter(#1) PC[#1] = Want ∧ PC[#2] = Idle RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ WrX(e3, #2, #2) ∧ Val(e3) = ⊤ fence(#2, e1) ∧ fence(#1, e2) ghb(e3, e1) Val(e2) = Val(e3) t req(#2) PC[#1] = Want ∧ PC[#2] = Idle RdX(e1, #2, #1) ∧ Val(e1) = ⊥ RdX(e2, #1, #2) ∧ Val(e2) = ⊥ WrX(e3, #2, #2) fence(#2, e1) ∧ fence(#1, e2) ghb(e3, e1) David Declerck A Backward Reachability Algorithm for Parameterized Systems on Weak Memory 4 / 4