Abstract
Bounded model checking (BMC) has successfully been used for many practical program verification problems, but concurrency still poses a challenge. Here we describe a new approach to BMC of sequentially consistent C programs using POSIX threads. Our approach first translates a multi-threaded C program into a nondeterministic sequential C program that preserves reachability for all round-robin schedules with a given bound on the number of rounds. It then re-uses existing high-performance BMC tools as backends for the sequential verification problem. Our translation is carefully designed to introduce very small memory overheads and very few sources of nondeterminism, so that it produces tight SAT/SMT formulae, and is thus very effective in practice: our prototype won the concurrency category of SV-COMP14. It solved all verification tasks successfully and was 30x faster than the best tool with native concurrency handling.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
2013 28th IEEE/ACM International Conference on Automated Software Engineering, ASE 2013, Silicon Valley, CA, USA, November 11-15. IEEE (2013)
Ábrahám, E., Havelund, K. (eds.): TACAS 2014 (ETAPS). LNCS, vol. 8413. Springer, Heidelberg (2014)
Alglave, J., Kroening, D., Nimal, V., Tautschnig, M.: Software Verification for Weak Memory via Program Transformation. In: Felleisen, M., Gardner, P. (eds.) ESOP 2013. LNCS, vol. 7792, pp. 512–532. Springer, Heidelberg (2013)
Alglave, J., Kroening, D., Tautschnig, M.: Partial Orders for Efficient Bounded Model Checking of Concurrent Software. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 141–157. Springer, Heidelberg (2013)
Atig, M.F., Bouajjani, A., Parlato, G.: Getting Rid of Store-Buffers in TSO Analysis. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 99–115. Springer, Heidelberg (2011)
Ball, T., Sagiv, M. (eds.): Proceedings of the 38th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2011, Austin, TX, USA, January 26-28. ACM (2011)
Bendersky, E.: http://code.google.com/p/pycparser/
Beyer, D.: Second Competition on Software Verification - (Summary of SV-COMP 2013). In: Piterman, Smolka (eds.) [45], pp. 594–609
Beyer, D.: Status report on software verification - (competition summary sv-comp 2014). In: Ábrahám, Havelund (eds.) [2], pp. 373–388
Biere, A.: Bounded Model Checking. In: Biere, A., Heule, M., van Maaren, H., Walsh, T. (eds.) Handbook of Satisfiability. Frontiers in Artificial Intelligence and Applications, vol. 185, pp. 457–481. IOS Press (2009)
Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic model checking without bDDs. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 193–207. Springer, Heidelberg (1999)
Bouajjani, A., Emmi, M., Parlato, G.: On Sequentializing Concurrent Programs. In: Yahav, E. (ed.) Static Analysis. LNCS, vol. 6887, pp. 129–145. Springer, Heidelberg (2011)
Bouajjani, A., Maler, O. (eds.): CAV 2009. LNCS, vol. 5643. Springer, Heidelberg (2009)
Cadar, C., Ganesh, V., Pawlowski, P.M., Dill, D.L., Engler, D.R.: EXE: Automatically Generating Inputs of Death. In: Juels, A., Wright, R.N., di Vimercati, S.D.C. (eds.) ACM Conference on Computer and Communications Security, pp. 322–335. ACM (2006)
Chaki, S., Gurfinkel, A., Strichman, O.: Time-bounded Analysis of Real-time Systems. In: Bjesse, P., Slobodová, A. (eds.) FMCAD, pp. 72–80. FMCAD Inc. (2011)
Cho, C.Y., D’Silva, V., Song, D.: BLITZ: Compositional Bounded Model Checking for Real-world Programs. In: ASE [1], pp. 136–146
Clarke, E., Kroning, D., Lerda, F.: A Tool for Checking ANSI-C Programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004)
Cordeiro, L., Fischer, B.: Verifying Multi-threaded Software using SMT-based Context-bounded Model Checking. In: Taylor, R.N., Gall, H., Medvidovic, N. (eds.) ICSE, pp. 331–340. ACM (2011)
Cordeiro, L., Fischer, B., Marques-Silva, J.: SMT-Based Bounded Model Checking for Embedded ANSI-C Software. IEEE Trans. Software Eng. 38(4), 957–974 (2012)
Currie, D.W., Hu, A.J., Rajan, S.P.: Automatic Formal Verification of DSP software. In: DAC, pp. 130–135 (2000)
D’Silva, V., Kroening, D., Weissenbacher, G.: A Survey of Automated Techniques for Formal Software Verification. IEEE Trans. on CAD of Integrated Circuits and Systems 27(7), 1165–1178 (2008)
Emmi, M., Qadeer, S., Rakamaric, Z.: Delay-bounded Scheduling. In: Ball, Sagiv (eds.) [6], pp. 411–422
Etessami, K., Rajamani, S.K. (eds.): CAV 2005. LNCS, vol. 3576. Springer, Heidelberg (2005)
Falke, S., Merz, F., Sinz, C.: The Bounded Model Checker LLBMC. In: ASE [1], pp. 706–709
Fischer, B., Inverso, O., Parlato, G.: CSeq: A Concurrency Pre-processor for Sequential C Verification Tools. In: ASE [1], pp. 710–713
Fischer, B., Inverso, O., Parlato, G.: CSeq: A Sequentialization Tool for C - (Competition Contribution). In: Piterman, Smolka (eds.) [45], pp. 616–618
Forum, M.P.I.: MPI: A Message-Passing Interface Standard Version 3.0, 09, Chapter author for Collective Communication, Process Topologies, and One Sided Communications (2012)
Ganai, M.K., Gupta, A.: Efficient Modeling of Concurrent Systems in BMC. In: Havelund, K., Majumdar, R. (eds.) SPIN 2008. LNCS, vol. 5156, pp. 114–133. Springer, Heidelberg (2008)
Ghafari, N., Hu, A.J., Rakamarić, Z.: Context-Bounded Translations for Concurrent Software: An Empirical Evaluation. In: van de Pol, J., Weber, M. (eds.) SPIN 2010. LNCS, vol. 6349, pp. 227–244. Springer, Heidelberg (2010)
Inverso, O., Tomasco, E., Fischer, B., La Torre, S., Parlato, G.: Lazy-CSeq: A Lazy Sequentialization Tool for C - (Competition Contribution). In: Ábrahám, Havelund (eds.) [2], pp. 398–401
ISO/IEC. Information technology—Portable Operating System Interface (POSIX) Base Specifications, Issue 7, ISO/IEC/IEEE 9945:2009 (2009)
Ivancic, F., Yang, Z., Ganai, M.K., Gupta, A., Shlyakhter, I., Ashar, P.: F-Soft: Software Verification Platform. In: Etessami, Rajamani (eds.) [23], pp. 301–306
Kahlon, V., Gupta, A., Sinha, N.: Symbolic Model Checking of Concurrent Programs Using Partial Orders and On-the-Fly Transactions. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 286–299. Springer, Heidelberg (2006)
La Torre, S., Madhusudan, P., Parlato, G.: Analyzing Recursive Programs Using a Fixed-point Calculus. In: Hind, M., Diwan, A. (eds.) PLDI, pp. 211–222. ACM (2009)
La Torre, S., Madhusudan, P., Parlato, G.: Reducing Context-Bounded Concurrent Reachability to Sequential Reachability. In: Bouajjani, Maler (eds.) [13], pp. 477–492
La Torre, S., Madhusudan, P., Parlato, G.: Model-Checking Parameterized Concurrent Programs Using Linear Interfaces. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 629–644. Springer, Heidelberg (2010)
La Torre, S., Madhusudan, P., Parlato, G.: Sequentializing Parameterized Programs. In: Bauer, S.S., Raclet, J.-B. (eds.) FIT. EPTCS, vol. 87, pp. 34–47 (2012)
La Torre, S., Napoli, M., Parlato, G.: Scope-Bounded Pushdown Languages. In: Shur, A., Volkov, M. (eds.) DLT. LNCS. Springer (2014)
La Torre, S., Parlato, G.: Scope-bounded Multistack Pushdown Systems: Fixed-Point, Sequentialization, and Tree-Width. In: D’Souza, D., Kavitha, T., Radhakrishnan, J. (eds.) FSTTCS. LIPIcs, vol. 18, pp. 173–184. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2012)
Lahiri, S.K., Qadeer, S., Rakamaric, Z.: Static and Precise Detection of Concurrency Errors in Systems Code Using SMT Solvers. In: Bouajjani, Maler (eds.) [13], pp. 509–524
Lal, A., Qadeer, S., Lahiri, S.K.: A Solver for Reachability Modulo Theories. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 427–443. Springer, Heidelberg (2012)
Lal, A., Reps, T.W.: Reducing Concurrent Analysis Under a Context Bound to Sequential Analysis. Formal Methods in System Design 35(1), 73–97 (2009)
Lamport, L.: A New Approach to Proving the Correctness of Multiprocess Programs. ACM Trans. Program. Lang. Syst. 1(1), 84–97 (1979)
Musuvathi, M., Qadeer, S.: Iterative Context Bounding for Systematic Testing of Multithreaded Programs. In: Ferrante, J., McKinley, K.S. (eds.) PLDI, pp. 446–455. ACM (2007)
Piterman, N., Smolka, S.A. (eds.): TACAS 2013 (ETAPS 2013). LNCS, vol. 7795. Springer, Heidelberg (2013)
Popeea, C., Rybalchenko, A.: Threader: A Verifier for Multi-threaded Programs - (Competition Contribution). In: Piterman, Smolka (eds.) [45], pp. 633–636
Qadeer, S.: Poirot - A Concurrency Sleuth. In: Qin, S., Qiu, Z. (eds.) ICFEM 2011. LNCS, vol. 6991, pp. 15–15. Springer, Heidelberg (2011)
Qadeer, S., Rehof, J.: Context-Bounded Model Checking of Concurrent Software. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 93–107. Springer, Heidelberg (2005)
Qadeer, S., Wu, D.: KISS: Keep It Simple and Sequential. In: Pugh, W., Chambers, C. (eds.) PLDI, pp. 14–24. ACM (2004)
Rabinovitz, I., Grumberg, O.: Bounded Model Checking of Concurrent Programs. In: Etessami, Rajamani (eds.) [23], pp. 82–97
Sinha, N., Wang, C.: Staged Concurrent Program Analysis. In: Roman, G.-C., Sullivan, K.J. (eds.) SIGSOFT FSE, pp. 47–56. ACM (2010)
Sinha, N., Wang, C.: On Interference Abstractions. In: Ball, Sagiv (eds.) [6], pp. 423–434
Tomasco, E., Inverso, O., Fischer, B., La Torre, S., Parlato, G.: MU-CSeq: Sequentialization of C Programs by Shared Memory Unwindings - (Competition Contribution). In: Ábrahám, Havelund (eds.) [2], pp. 402–404
Wang, C., Chaudhuri, S., Gupta, A., Yang, Y.: Symbolic Pruning of Concurrent Program Executions. In: van Vliet, H., Issarny, V. (eds.) ESEC/SIGSOFT FSE, pp. 23–32. ACM (2009)
Xie, Y., Aiken, A.: Saturn: A SAT-Based Tool for Bug Detection. In: Etessami, Rajamani (eds.) [23], pp. 139–143
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Inverso, O., Tomasco, E., Fischer, B., La Torre, S., Parlato, G. (2014). Bounded Model Checking of Multi-threaded C Programs via Lazy Sequentialization. In: Biere, A., Bloem, R. (eds) Computer Aided Verification. CAV 2014. Lecture Notes in Computer Science, vol 8559. Springer, Cham. https://doi.org/10.1007/978-3-319-08867-9_39
Download citation
DOI: https://doi.org/10.1007/978-3-319-08867-9_39
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08866-2
Online ISBN: 978-3-319-08867-9
eBook Packages: Computer ScienceComputer Science (R0)