race analysis for systemc using model checking
play

Race Analysis for SystemC using Model Checking Nicolas Blanc, - PowerPoint PPT Presentation

Mar 12, 2024 •324 likes •1.22k views

Race Analysis for SystemC using Model Checking Nicolas Blanc, Daniel Kroening Outline Motivation Partial-Order Reduction Scoot Experimental Results D. Kroening: Race Analysis for SystemCusing Model Checking 2 Introduction Oxford is a

  1. Race Analysis for SystemC using Model Checking Nicolas Blanc, Daniel Kroening

  2. Outline Motivation Partial-Order Reduction Scoot Experimental Results D. Kroening: Race Analysis for SystemCusing Model Checking 2

  3. Introduction ◮ Oxford is a major verification center: 9 full-time academics, 30+ post-docs ◮ My group ◮ 10 PhD students, 8 post-docs (hiring 2 more) ◮ GBP 3m funding for verification (industry, Artemis, FP7) D. Kroening: Race Analysis for SystemCusing Model Checking 3

  4. High-Level Models ◮ Emergence of system design languages ◮ HardwareC, SpecC, Handel-C, and SystemC ◮ Based on C / C++ ◮ Allow joint modeling of both hardware and software components of a system ◮ Support for bit vectors, concurrency, synchronization, exception handling D. Kroening: Race Analysis for SystemCusing Model Checking 4

  5. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler D. Kroening: Race Analysis for SystemCusing Model Checking 5

  6. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler SystemC Model SystemC Model SystemC Library SystemC Library D. Kroening: Race Analysis for SystemCusing Model Checking 5

  7. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler SystemC Model SystemC Model g++ Executable Executable SystemC Library SystemC Library D. Kroening: Race Analysis for SystemCusing Model Checking 5

  8. SystemC ◮ Based on C++ ◮ No language extensions, but macros + library ◮ Simulation using regular C++ compiler SystemC Model SystemC Model g++ Executable Executable SystemC Library SystemC Library + Stimulus = Traces D. Kroening: Race Analysis for SystemCusing Model Checking 5

  9. SystemC ◮ Originally for fast, low-level circuit simulations ◮ Verilog-like multi-valued logic (0, 1, X, Z) ◮ Multiple drivers for a single signal ◮ Also offers ◮ Bit-vector types ◮ Fixed-point arithmetic ◮ Concurrency ◮ Parts of SystemC are synthesizable D. Kroening: Race Analysis for SystemCusing Model Checking 6

  10. SystemC C/C++ Verilog/VHDL D. Kroening: Race Analysis for SystemCusing Model Checking 7

  11. SystemC C/C++ Verilog/VHDL D. Kroening: Race Analysis for SystemCusing Model Checking 7

  12. SystemC C/C++ Verilog/VHDL Convenient modeling of both hardware and software D. Kroening: Race Analysis for SystemCusing Model Checking 7

  13. Applications of SystemC Possible applications: ◮ Hardware model for co-simulation of embedded software ◮ Synthesis of algorithms ◮ Can serve as high-level model for hardware, in particular at the transaction level D. Kroening: Race Analysis for SystemCusing Model Checking 8

  14. Concurrency in SystemC ◮ Asynchronous interleaving semantics → Thread schedule is non-deterministic D. Kroening: Race Analysis for SystemCusing Model Checking 9

  15. Concurrency in SystemC ◮ Asynchronous interleaving semantics → Thread schedule is non-deterministic ◮ But: Interleaving only at specific locations ◮ wait() ◮ End of thread → No issues with atomicity → Does not really map onto usual pthread model ◮ Makes synthesis and model checking much easier! D. Kroening: Race Analysis for SystemCusing Model Checking 9

  16. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =0, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  17. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  18. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  19. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =20 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  20. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =20 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  21. Concurrency in SystemC: Example (1) XX Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =21 D. Kroening: Race Analysis for SystemCusing Model Checking 10

  22. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =0, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  23. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =10, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  24. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =0 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  25. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =1 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  26. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =1 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  27. Concurrency in SystemC: Example (2) Alternative Schedule Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) Current state: x =11, y =20 D. Kroening: Race Analysis for SystemCusing Model Checking 11

  28. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule D. Kroening: Race Analysis for SystemCusing Model Checking 12

  29. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule ◮ Standard: thread schedule non-deterministic, but must be consistent between simulation runs → many programmers don’t care about those races D. Kroening: Race Analysis for SystemCusing Model Checking 12

  30. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule ◮ Standard: thread schedule non-deterministic, but must be consistent between simulation runs → many programmers don’t care about those races ◮ But: source of error, and simulation/synthesis differences D. Kroening: Race Analysis for SystemCusing Model Checking 12

  31. Concurrency in SystemC ◮ The example program has a race, i.e., the result depends on the schedule ◮ Standard: thread schedule non-deterministic, but must be consistent between simulation runs → many programmers don’t care about those races ◮ But: source of error, and simulation/synthesis differences ◮ SystemC offers synchronization constructs to make the schedule deterministic ◮ Explicit events ◮ FIFOs ◮ ... D. Kroening: Race Analysis for SystemCusing Model Checking 12

  32. Concurrency in High-Level Modeling How about concurrency in high-level models? D. Kroening: Race Analysis for SystemCusing Model Checking 13

  33. Concurrency in High-Level Modeling How about concurrency in high-level models? FIFO ✲ ✲ ✲ D. Kroening: Race Analysis for SystemCusing Model Checking 13

  34. Concurrency in High-Level Modeling How about concurrency in high-level models? CLK 1 CLK 2 FIFO ✲ ✲ ✲ D. Kroening: Race Analysis for SystemCusing Model Checking 13

  35. Concurrency in High-Level Modeling How about concurrency in high-level models? CLK 1 CLK 2 FIFO ✲ ✲ ✲ ◮ The ordering of events is crucial ◮ We want the schedule to be non-deterministic! ◮ Similar: bus systems, arbiters, ... D. Kroening: Race Analysis for SystemCusing Model Checking 13

  36. Hunting Schedule-Related Bugs Goal: explore multiple schedules to find schedule-related bugs ◮ Often done by means of “random” waits ◮ Not promising due to exponential number of schedules D. Kroening: Race Analysis for SystemCusing Model Checking 14

  37. Hunting Schedule-Related Bugs Goal: explore multiple schedules to find schedule-related bugs ◮ Often done by means of “random” waits ◮ Not promising due to exponential number of schedules ◮ Alternative: try to explore relevant schedules exhaustively D. Kroening: Race Analysis for SystemCusing Model Checking 14

  38. Hunting Schedule-Related Bugs “Relevant” schedules? D. Kroening: Race Analysis for SystemCusing Model Checking 15

  39. Hunting Schedule-Related Bugs “Relevant” schedules? Observation: Thread 1 Thread 2 Thread 3 x=10; wait (); x++; y++; y=20; (end) (end) (end) The relative ordering of thread 2 and thread 3 is irrelevant for the state that is finally reached! D. Kroening: Race Analysis for SystemCusing Model Checking 15

  40. Commutativity of Transitions Key observation: x++ and y++ are commutative ⑦ ♥ s 1 D. Kroening: Race Analysis for SystemCusing Model Checking 16

Recommend

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius

725 views • 59 slides
Race Details Checking In Transition Area and Race Hub will be located at Salina Bay, opposite

Race Details Checking In Transition Area and Race Hub will be located at Salina Bay, opposite

In Collaboration With Race Details Checking In Transition Area and Race Hub will be located at Salina Bay, opposite Salini Hotel Transition Area will be open to athletes from 5am onwards on Race Day Body Marking will also start at that time

440 views • 22 slides
Model Checking & Program Analysis Markus Mller-Olm Dortmund University Overview

Model Checking & Program Analysis Markus Mller-Olm Dortmund University Overview

Model Checking & Program Analysis Markus Mller-Olm Dortmund University Overview Introduction Model Checking Flow Analysis Some Links between MC and FA Conclusion Apology for not giving proper credit to other

535 views • 41 slides
Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree Logic Dominic Mulligan Based on previous slides by Alan Mycroft and Mike Gordon Programming, Logic, and Semantics Group University of Cambridge

402 views • 25 slides
Praktikum: SystemC SystemC-TLM Tutorial Joachim Falk ( falk@cs.fau.de )

Praktikum: SystemC SystemC-TLM Tutorial Joachim Falk ( falk@cs.fau.de )

Praktikum: SystemC SystemC-TLM Tutorial Joachim Falk ( falk@cs.fau.de ) Friedrich-Alexander-Universitt Erlangen-Nrnberg Joachim Falk 1 Agenda SystemC and TLM Transaction TLM 2.0 Overview Interfaces

963 views • 26 slides
Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model

Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model

Bounded Model Checking bmc Revision: 1.11 1 [BiereCimattiClarkeZhu99] uses SAT for model checking historically not the first symbolic model checking approach scales better than original BDD based techniques mostly incomplete in

521 views • 28 slides
CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms

CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms

CTL Chapter 6 Part 2 Overview Review CTL Model Checking CTL model Checking algorithms for ( U ) Counter Examples and witnesses Symbolic Model Checking (Thursday) Binary Decision Trees

740 views • 40 slides
Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of

Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of

Hoare Logic and Model Checking Model Checking But perhaps theres a clever way of compiling one into the other? Both have very different models of time How do they compare? We have seen two widely used temporal logics Relative

510 views • 10 slides
Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL

Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL

Hoare Logic and Model Checking 1. You should be able to model simple systems in NuSMV, an LTL Other interesting books: Model Checking by Clarke, Grumberg, and Peled Principles of Model Checking by Baier and Katoen 3 Course

636 views • 11 slides
Lecture 5. Symbolic model checking. NuSMV and SPIN model checkers. User-friendly model checking

Lecture 5. Symbolic model checking. NuSMV and SPIN model checkers. User-friendly model checking

Lecture 5. Symbolic model checking. NuSMV and SPIN model checkers. User-friendly model checking ELEC-E8110 Automation Systems Synthesis and Analysis Igor Buzhinsky igor.buzhinskii@aalto.fi 2018 Igor Buzhinsky Lecture 5 2018 1 / 28 Symbolic

833 views • 61 slides
Introduction to SystemC Damien Hubaux - CETIC Supported by the European Union (ERDF) and the

Introduction to SystemC Damien Hubaux - CETIC Supported by the European Union (ERDF) and the

www.cetic.be Introduction to SystemC Damien Hubaux - CETIC Supported by the European Union (ERDF) and the Walloon Region (DGTRE) Outline Why SystemC? www.cetic.be What is SystemC? A language A C++ library Why SystemC

431 views • 16 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

628 views • 34 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

777 views • 31 slides
Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and

Software Model Checking Using Bogor Software Model Checking Using Bogor a Modular and Extensible Model Checking Framework a Modular and Extensible Model Checking Framework 3rd Estonian Summer School in Computer and System Science

301 views • 8 slides
Tutorial Intro. to Modern Formal Methods: Mechanized Formal Analysis Using Model Checking,

Tutorial Intro. to Modern Formal Methods: Mechanized Formal Analysis Using Model Checking,

Tutorial Intro. to Modern Formal Methods: Mechanized Formal Analysis Using Model Checking, Theorem Proving SMT Solving, Abstraction, and Static Analysis With SAL, PVS, and Yices, and more John Rushby Computer Science Laboratory SRI

1.89k views • 161 slides
Formal Verification by Model Checking Jonathan Aldrich Carnegie Mellon University Based on

Formal Verification by Model Checking Jonathan Aldrich Carnegie Mellon University Based on

Formal Verification by Model Checking Jonathan Aldrich Carnegie Mellon University Based on slides developed by Natasha Sharygina 17-654/17-754: Analysis of Software Artifacts Spring 2006 1 CTL Model Checking AG (Start AF Heat)

307 views • 20 slides
Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is

Modeling and Analyzing Concurrent Systems using Model Checking Robert B. France 1 What is Model Checking? Model checking is an automated technique that, given a finite-state model of a system and a logical property , systematically

484 views • 36 slides
Automated Reasoning LTL Model Checking Alan Bundy Automated Reasoning LTL Model Checking

Automated Reasoning LTL Model Checking Alan Bundy Automated Reasoning LTL Model Checking

Automated Reasoning LTL Model Checking Alan Bundy Automated Reasoning LTL Model Checking Lecture 9, page 1 Introduction So far we have looked at theorem proving Powerful, especially where good sets of rewrite rules or decision procedures

639 views • 26 slides
Model Checking: the Interval Way Alberto Molinari ( j.w. with L. Bozzelli, A. Montanari, A. Peron,

Model Checking: the Interval Way Alberto Molinari ( j.w. with L. Bozzelli, A. Montanari, A. Peron,

Model Checking: the Interval Way Alberto Molinari ( j.w. with L. Bozzelli, A. Montanari, A. Peron, P. Sala ) University of Udine Department of Mathematics, Computer Science, and Physics (DMIF) July 27, 2018 MODEL CHECKING Model checking : the

701 views • 38 slides
Hoare Logic and Model Checking Model Checking Lecture 7: Introduction and background Dominic

Hoare Logic and Model Checking Model Checking Lecture 7: Introduction and background Dominic

Hoare Logic and Model Checking Model Checking Lecture 7: Introduction and background Dominic Mulligan Based on previous slides by Alan Mycroft and Mike Gordon Programming, Logic, and Semantics Group, University of Cambridge Academic year

972 views • 41 slides
Hoare Logic and Model Checking Model Checking See NuSMV homepage to download: http://nusmv.fbk.eu/

Hoare Logic and Model Checking Model Checking See NuSMV homepage to download: http://nusmv.fbk.eu/

Hoare Logic and Model Checking Model Checking See NuSMV homepage to download: http://nusmv.fbk.eu/ Was popular in semiconductor industry via Cadence SMV Could handle large models A re-implementation of the SMV model checker: Good

110 views • 10 slides
METAMOC: Modular Execution Time Analysis Using Model Checking Mads Chr. Olesen <

METAMOC: Modular Execution Time Analysis Using Model Checking Mads Chr. Olesen <

METAMOC: Modular Execution Time Analysis Using Model Checking Mads Chr. Olesen < mchro@cs.aau.dk > joint work with Andreas Engelbredt Dalsgaard, Martin Toft, Ren e Rydhof Hansen, Kim Guldstrand Larsen Aalborg University July 6th 2010

512 views • 29 slides
Probabilistic Model Checking Michaelmas Term 2011 Dr. Dave Parker Department of

Probabilistic Model Checking Michaelmas Term 2011 Dr. Dave Parker Department of

Probabilistic Model Checking Michaelmas Term 2011 Dr. Dave Parker Department of Computer Science University of Oxford Probabilistic Model Checking Formal verification and analysis of systems that exhibit probabilistic

821 views • 40 slides
Probabilisti tic Model Checking in Practi tice Dave Parker Oxford University

Probabilisti tic Model Checking in Practi tice Dave Parker Oxford University

Probabilisti tic Model Checking in Practi tice Dave Parker Oxford University Computing Laboratory Quantitative Model Checking PhD School, Copenhagen, March 2010 Overview Tool support for probabilistic model checking The PRISM

317 views • 14 slides

More recommend