1 / 20

Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK

MU- CSeq : Sequentialization of C Programs by Shared Memory Unwindings. Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK Bernd Fischer Stellenbosch University, South Africa Salvatore La Torre Università di Salerno, Italy

korene
Download Presentation

Ermenegildo Tomasco University of Southampton, UK Omar Inverso University of Southampton, UK

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MU-CSeq: Sequentializationof C Programs by Shared Memory Unwindings • ErmenegildoTomascoUniversity of Southampton, UK • Omar InversoUniversity of Southampton, UK • Bernd FischerStellenbosch University, South Africa • Salvatore La Torre Universitàdi Salerno, Italy • GennaroParlatoUniversity of Southampton, UK

  2. Sequentialization of Concurrent Programs Basic Idea: convert concurrent programs intoequivalentsequential programs

  3. Sequentialization of Concurrent Programs Basic Idea: Mu-CSeq Approach: T₁ ∥ T₂ ↝ M; T̕₁; C₁; T̕₂; C₂ • M makes consistent shared memory guess • checkers Cᵢ ensure that threads T’ᵢused memory consistently convert concurrent programs intoequivalentsequential programs

  4. Memory Unwinding “memory” x y z ... 0 0 ... 0

  5. Memory Unwinding “memory” Guess and store sequence of individual write operations: x y z ... 0 0 ... 0

  6. Memory Unwinding “memory” Guess and store sequence of individual write operations: pos x y z ... 0 0 0 ... 0 1 2 3 4 ... N

  7. Memory Unwinding “memory” Guess and store sequence of individual write operations: • add N copies of shared variables (“memory”) _memory[i,v] is value of v-th variable after i-th write pos x y z ... 0 0 0 ... 0 1 4 0 ... 0 2 4 2 ... 0 3 4 3 ... 0 4 4 3 ... 42 ... ... ... ... ... N 0 3 ... 42

  8. Memory Unwinding “memory” “writes” Guess and store sequence of individual write operations: • add N copies of shared variables (“memory”) _memory[i,v] is value of v-th variable after i-th write • add array to record writes (“wirtes”) i-th write is by _thr[i], which has written to _var[i] pos x y z thr var ... 0 0 0 ... 0 0 0 1 4 0 ... 0 1 x 2 4 2 ... 0 1 y 3 4 3 ... 0 2 y 4 4 3 ... 42 1 z ... ... ... ... ... ... ... N 0 3 ... 42 2 x

  9. Memory Unwinding “barrier” “memory” “writes” Guess and store sequence of individual write operations: • add N copies of shared variables (“memory”) _memory[i,v] is value of v-th variable after i-th write • add array to record writes (“writes”) i-th write is by _thr[i], which has written to _var[i] • add array to record validity of writes (“barrier”) next write (after i) by thread t is at_next[i,t] pos x y z thr var next[0] next[K] ... ... 0 0 0 ... 0 0 0 N+1 1 3 ... 1 4 0 ... 0 1 x N+1 2 3 ... 2 4 2 ... 0 1 y N+1 4 3 ... 3 4 3 ... 0 2 y N+1 4 N ... 4 4 3 ... 42 1 z N+1 N+1 N ... ... ... ... ... ... ... ... ... ... ... ... N 0 3 ... 42 2 x N+1 N+1 N+1 N+1

  10. Simulation Basic Idea: simulate all executions compatible with guessed memory unwinding

  11. Simulation Basic Idea: • uses auxiliary variables • pos(current index into unwound memory) • thread (id of currently simulated thread) • end (guessed index of last write into unwound memory) simulate all executions compatible with guessed memory unwinding

  12. Simulation Basic Idea: • uses auxiliary variables • pos(current index into unwound memory) • thread (id of currently simulated thread) • end (guessed index of last write into unwound memory) • every thread is translated into a function • simulation starts from main thread simulate all executions compatible with guessed memory unwinding

  13. Simulation Basic Idea: • uses auxiliary variables • pos(current index into unwound memory) • thread (id of currently simulated thread) • end (guessed index of last write into unwound memory) • every thread is translated into a function • simulation starts from main thread • each thread creation interrupts simulation of current thread • new thread is called with current value of pos simulate all executions compatible with guessed memory unwinding

  14. Simulation Basic Idea: • uses auxiliary variables • pos(current index into unwound memory) • thread (id of currently simulated thread) • end (guessed index of last write into unwound memory) • every thread is translated into a function • simulation starts from main thread • each thread creation interrupts simulation of current thread • new thread is called with current value of pos • terminated threads must have completed their memory writes • pos > end simulate all executions compatible with guessed memory unwinding

  15. Simulation Basic Idea: • uses auxiliary variables • pos(current index into unwound memory) • thread (id of currently simulated thread) • end (guessed index of last write into unwound memory) • every thread is translated into a function • simulation starts from main thread • each thread creation interrupts simulation of current thread • new thread is called with current value of pos • terminated threads must have completed their memory writes • pos > end • old thread resumed with old memory position simulate all executions compatible with guessed memory unwinding

  16. Simulation Basic Idea: • every read / write is translated into a function • simulates valid access into unwound memory • similar simulations for pthread functions simulate all executions compatible with guessed memory unwinding

  17. Simulating reads and writes “barrier” “memory” “writes” pos x y z thr var next[0] next[K] ... ... 0 0 0 ... 0 0 0 N+1 1 3 ... 1 4 0 ... 0 1 x N+1 2 3 ... 2 4 2 ... 0 1 y N+1 4 3 ... 3 4 3 ... 0 2 y N+1 4 N ... 4 4 3 ... 42 1 z N+1 N+1 N ... ... ... ... ... ... ... ... ... ... ... ... N 0 3 ... 42 2 x N+1 N+1 N+1 N+1 int read(uint x) { uintjmp=*; assume(jmp>=pos && jmp<next[pos,thread]); pos=jmp; if (pos>end) return; return(_memory[pos, x]); }

  18. Simulating reads and writes “barrier” “memory” “writes” pos x y z thr var next[0] next[K] ... ... 0 0 0 ... 0 0 0 N+1 1 3 ... 1 4 0 ... 0 1 x N+1 2 3 ... 2 4 2 ... 0 1 y N+1 4 3 ... 3 4 3 ... 0 2 y N+1 4 N ... 4 4 3 ... 42 1 z N+1 N+1 N ... ... ... ... ... ... ... ... ... ... ... ... N 0 3 ... 42 2 x N+1 N+1 N+1 N+1 int write(uint x, intval) { pos=next[pos,thread]; if(pos>end) return; assume( _var[pos]==x && _memory[pos,x]==val); }

  19. CSeq framework Translation from P to P': • constraint for the shared memory • boilerplate code to simulate Read, Write and Pthread API • backend-specific instrumentation #write #unwind backend sequential non-deterministic C program concurrent C program true/false sequential BMC CBMC, ESBMC, LLBMC Mu-CSeq P P'

  20. Thank You users.ecs.soton.ac.uk/gp4/cseq/cseq.html

More Related