Skip to main content
Log in

Automated verification of concurrent go programs via bounded model checking

  • Published:
Automated Software Engineering Aims and scope Submit manuscript

Abstract

The Go programming language offers a wide range of primitives to coordinate lightweight threads, e.g., channels, waitgroups, and mutexes—all of which may cause concurrency bugs. Static checkers that guarantee the absence of bugs are essential to help programmers avoid these costly errors before their code is executed. However existing tools either miss too many bugs or cannot handle large programs, and do not support programs that rely on statically unknown parameters that affect their concurrent structure (e.g., number of threads). To address these limitations, we propose a static checker for Go programs which relies on performing bounded model checking of their concurrent behaviours. In contrast to previous works, our approach deals with large codebases, supports programs that have statically unknown parameters, and is extensible to additional concurrency primitives. Our work includes a detailed presentation of the extraction algorithm from Go programs to models, an algorithm to automatically check programs with statically unknown parameters, and a large scale evaluation of our approach. The latter shows that our approach outperforms the state-of-the-art on 220 synthetic programs and 78 buggy programs adapted from existing codebases.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Notes

  1. Following our report, the bug was fixed in https://github.com/google/trillian/pull/2272.

  2. We have reported this bug in https://github.com/kubernetes/kubernetes/issues/97461. At the time of writing, it has not been fixed.

  3. See https://spinroot.com/spin/Man/if.html and https://spinroot.com/spin/Man/do.html for the full description of the semantics of these constructs.

  4. Here we target only blocking and safety bugs, but our approach is not tied to these types of bugs, e.g., one could also consider data-races.

  5. All experiments reported in this paper were performed on an Intel Xeon E5 6-Core @ 3.5 GHz machine with 32GB RAM, using Go version go1.15.2 (darwin/amd64).

References

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Julien Lange.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dilley, N., Lange, J. Automated verification of concurrent go programs via bounded model checking. Autom Softw Eng 30, 29 (2023). https://doi.org/10.1007/s10515-023-00391-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10515-023-00391-z

Keywords

Navigation