stateless model checking for tso and psouser.it.uu.se › ~mohat117 › upmarcworkshop › slides...
TRANSCRIPT
![Page 1: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/1.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Stateless Model Checking for TSO and PSO
Parosh Aziz Abdulla Stavros Aronis Mohamed Faouzi AtigBengt Jonsson Carl Leonardsson Konstantinos Sagonas
Uppsala University, Sweden
MM’15 2015-02-24
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 2: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/2.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Test Cases
Goals
Stateless Model Checking
Find safety errors...
in given test case (fixed input program)for all interleavingsfor all reorderings (TSO/PSO)
Works on real code in C/pthreads
Valid Test Case (in this presentation)
1 Terminates in bounded time
2 Nondeterminism: Interleavings, Reordering
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 3: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/3.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Test Cases
Goals
Stateless Model Checking
Find safety errors...
in given test case (fixed input program)for all interleavingsfor all reorderings (TSO/PSO)
Works on real code in C/pthreads
Valid Test Case (in this presentation)
1 Terminates in bounded time
2 Nondeterminism: Interleavings, Reordering
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 4: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/4.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
Partial Order Reduction (SC)
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
Executions
p:wx1
p:ry0
q:wy1
q:rx1
q:wy1
q:rx0
p:wx1
p:ry1
p:wx1
q:wy1
p:ry1
q:rx1
q:wy1
p:wx1
q:rx1
p:ry1
p:wx1
q:wy1
q:rx1
p:ry1
q:wy1
p:wx1
p:ry1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 5: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/5.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
Partial Order Reduction (SC)
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
Executions
p:wx1
p:ry0
q:wy1
q:rx1
q:wy1
q:rx0
p:wx1
p:ry1
p:wx1
q:wy1
p:ry1
q:rx1
q:wy1
p:wx1
q:rx1
p:ry1
p:wx1
q:wy1
q:rx1
p:ry1
q:wy1
p:wx1
p:ry1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 6: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/6.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
Partial Order Reduction (SC)
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
Executions (Happens-Before)
p:wx1
p:ry0
q:wy1
q:rx1
q:wy1
q:rx0
p:wx1
p:ry1
p:wx1
q:wy1
p:ry1
q:rx1
q:wy1
p:wx1
q:rx1
p:ry1
p:wx1
q:wy1
q:rx1
p:ry1
q:wy1
p:wx1
p:ry1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 7: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/7.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
Partial Order Reduction (SC)
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
Mazurkiewicz Traces ∼ Equivalence Classes over Executions
p:wx1
p:ry0
q:wy1
q:rx1
q:wy1
q:rx0
p:wx1
p:ry1
p:wx1
q:wy1
p:ry1
q:rx1
q:wy1
p:wx1
q:rx1
p:ry1
p:wx1
q:wy1
q:rx1
p:ry1
q:wy1
p:wx1
p:ry1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 8: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/8.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
Stateless Model Checking with DPOR[Flanagan, Godefroid 2005]
Idea
Explore one execution per Mazurkiewicz trace.
→ Cover all observable behaviours.
Keep only one execution in memory.
Examine happens-before relation to find the next trace.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 9: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/9.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 10: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/10.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
p:ry0
q:wy1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 11: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/11.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
p:ry0
q:wy1
q:rx1
HB: Necessary Edges
Program order (under SC)
Thread spawning to child’sfirst event
...
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 12: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/12.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
p:ry0
q:wy1
q:rx1
HB: Races
Conflicting stores and loads.
...
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 13: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/13.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
p:ry0
q:wy1
q:rx1
Reverse Races
Start from the end of theexecution.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 14: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/14.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
q:wy1
p:ry1
Previous Tracep:wx1
p:ry0
q:wy1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 15: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/15.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
q:wy1
p:ry1
q:rx1
Previous Tracep:wx1
p:ry0
q:wy1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 16: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/16.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
q:wy1
p:ry1
q:rx1
Previous Tracep:wx1
p:ry0
q:wy1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 17: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/17.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
p:wx1
q:wy1
p:ry1
q:rx1
Previous Tracep:wx1
p:ry0
q:wy1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 18: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/18.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
q:wy1
q:rx0
p:wx1
Previous Tracesp:wx1
p:ry0
q:wy1
q:rx1
p:wx1
q:wy1
p:ry1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 19: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/19.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
q:wy1
q:rx0
p:wx1
p:ry1
Previous Tracesp:wx1
p:ry0
q:wy1
q:rx1
p:wx1
q:wy1
p:ry1
q:rx1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 20: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/20.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
SMC & DPOR
volatile int x = 0, y = 0;
p qx = 1;
int a = y;
y = 1;
int b = x;
All Tracesp:wx1
p:ry0
q:wy1
q:rx1
p:wx1
q:wy1
p:ry1
q:rx1
q:wy1
q:rx0
p:wx1
p:ry1
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 21: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/21.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Summary
TSO
Relaxes W → R
Store forwarding to own reads (ROWE)
Operational semantics: store buffer per thread
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 22: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/22.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
Defining Traces for TSO
Extend Mazurkiewicz Traces to TSO
Suitable equivalence classes
Compatible with DPOR
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 23: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/23.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
Defining Traces for TSO
Extend Mazurkiewicz Traces to TSO
Suitable equivalence classes
Compatible with DPOR
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 24: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/24.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
Defining Traces for TSO
Extend Mazurkiewicz Traces to TSO
Suitable equivalence classes
Compatible with DPOR
Shasha-Snir Traces
Capture observableorder.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 25: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/25.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
Defining Traces for TSO
Extend Mazurkiewicz Traces to TSO
Suitable equivalence classes
Compatible with DPOR
p:wx1
p:ry0
q:wy1
q:rx1
p:wx1
q:wy1
p:ry1
q:rx1
q:wy1
q:rx0
p:wx1
p:ry1
Shasha-Snir Traces
Same asMazurkiewicz tracesunder SC!
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 26: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/26.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
Defining Traces for TSO
Extend Mazurkiewicz Traces to TSO
Suitable equivalence classes
Compatible with DPOR
p:wx1 q:wy1
q:rx0p:ry0
Shasha-Snir Traces
Not partial order.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 27: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/27.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
p:wx1 q:wy1
q:rx0p:ry0
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 28: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/28.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
p:wx1
p:upd
q:wy1
q:upd
q:rx0p:ry0
Getting Rid of Cycles
Operational semantics
Ignores which events are reordered
Canonical?
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 29: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/29.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
p:wx1
p:upd
q:wy1
q:upd
q:rx0p:ry0
Getting Rid of Cycles
Operational semantics
Ignores which events are reordered
Canonical?
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 30: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/30.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
volatile int x = 0;
p qx = 1;
int a = x;
x = 2;
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 31: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/31.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 32: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/32.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Problem
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 33: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/33.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 34: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/34.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 35: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/35.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 36: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/36.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 37: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/37.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 38: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/38.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 39: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/39.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 40: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/40.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 41: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/41.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 42: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/42.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Two Rules
No order between load and update...
1 of the same thread.
2 when the update is “hidden”from the load.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 43: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/43.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 44: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/44.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 45: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/45.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx2
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
p:wx1
p:upd
p:rx1
q:wx2
q:upd
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 46: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/46.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Solution: Chronological Traces
Our Contribution: Chronological Traces
1-to-1 with Shasha-Snir traces
Compatible with DPOR
Executions under operational TSO/PSO semanticsEfficiently computable happens-before relation
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 47: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/47.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Implementation: Nidhugg
Nidhugg
Source-DPOR [Abdulla et al. 2014]
Near optimal.Straight-forward.
Works on C/Pthreads via LLVM IR.
Runs on one compilation of test case.
Open source: https://github.com/nidhugg/nidhugg
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO
![Page 48: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/48.jpg)
Results: Time Consumption
CBMC goto-instrument Nidhugg
fence LB SC TSO PSO SC TSO PSO SC TSO PSO
apr 1.c - 5 t/o t/o t/o t/o ! ! 5.88 6.06 16.98apr 2.c - 5 t/o t/o t/o ! ! ! 2.60 2.20 5.39dcl singleton.c - 7 5.95 31.47 *18.01 5.33 5.36 *0.18 0.08 0.08 *0.08dcl singleton.c pso 7 5.88 30.98 29.45 5.20 5.18 5.17 0.08 0.08 0.08dekker.c - 10 2.42 *3.17 *2.84 1.68 *4.00 *220.11 0.10 *0.11 *0.09dekker.c tso 10 2.39 5.65 *3.51 1.62 297.62 t/o 0.11 0.12 *0.08dekker.c pso 10 2.55 5.31 4.83 1.72 428.86 t/o 0.11 0.12 0.12fib false.c - - *1.63 *3.38 *3.00 *1.60 *1.58 *1.56 *2.39 *5.57 *6.20fib false join.c - - *0.98 *1.10 *1.91 *1.31 *0.88 *0.80 *0.32 *0.62 *0.71fib true.c - - 6.28 9.39 7.72 6.32 7.63 7.62 25.83 75.06 86.32fib true join.c - - 6.61 8.37 10.81 7.09 5.94 5.92 1.20 2.88 3.19indexer.c - 5 193.01 210.42 214.03 191.88 70.42 69.38 0.10 0.09 0.09lamport.c - 8 7.78 *11.63 *10.53 6.89 t/o t/o 0.08 *0.08 *0.08lamport.c tso 8 7.60 26.31 *15.85 6.80 513.67 t/o 0.09 0.08 *0.07lamport.c pso 8 7.72 30.92 27.51 7.43 t/o t/o 0.08 0.08 0.08parker.c - 10 12.34 *91.99 *86.10 11.63 9.70 9.65 1.50 *0.09 *0.08parker.c pso 10 12.72 141.24 166.75 11.76 10.66 10.64 1.50 1.92 2.94peterson.c - - 0.35 *0.38 *0.35 0.18 *0.20 *0.21 0.07 *0.07 *0.07peterson.c tso - 0.35 0.39 *0.35 0.19 0.18 0.56 0.07 0.07 *0.07peterson.c pso - 0.35 0.41 0.40 0.18 0.18 0.19 0.07 0.07 0.08pgsql.c - 8 19.80 60.66 *4.63 21.03 46.57 *296.77 0.08 0.07 *0.08pgsql.c pso 8 23.93 71.15 121.51 19.04 t/o t/o 0.07 0.07 0.08pgsql bnd.c pso (4) 3.57 9.55 12.68 3.59 t/o t/o 89.44 106.04 112.60stack safe.c - - 44.53 516.01 496.36 45.11 42.39 42.50 0.34 0.36 0.43stack unsafe.c - - *1.40 *1.87 *2.08 *1.00 *0.81 *0.79 *0.08 *0.08 *0.09szymanski.c - - 0.40 *0.44 *0.43 0.23 *0.89 *1.16 0.07 *0.13 *0.07szymanski.c tso - 0.40 0.50 *0.43 0.23 0.23 2.48 0.08 0.08 *0.07szymanski.c pso - 0.39 0.50 0.49 0.23 0.24 0.24 0.08 0.08 0.08
![Page 49: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/49.jpg)
Results: Time Consumption
CBMC goto-instrument Nidhugg
fence LB SC TSO PSO SC TSO PSO SC TSO PSO
apr 1.c - 5 t/o t/o t/o t/o ! ! 5.88 6.06 16.98apr 2.c - 5 t/o t/o t/o ! ! ! 2.60 2.20 5.39dcl singleton.c - 7 5.95 31.47 *18.01 5.33 5.36 *0.18 0.08 0.08 *0.08dcl singleton.c pso 7 5.88 30.98 29.45 5.20 5.18 5.17 0.08 0.08 0.08dekker.c - 10 2.42 *3.17 *2.84 1.68 *4.00 *220.11 0.10 *0.11 *0.09dekker.c tso 10 2.39 5.65 *3.51 1.62 297.62 t/o 0.11 0.12 *0.08dekker.c pso 10 2.55 5.31 4.83 1.72 428.86 t/o 0.11 0.12 0.12fib false.c - - *1.63 *3.38 *3.00 *1.60 *1.58 *1.56 *2.39 *5.57 *6.20fib false join.c - - *0.98 *1.10 *1.91 *1.31 *0.88 *0.80 *0.32 *0.62 *0.71fib true.c - - 6.28 9.39 7.72 6.32 7.63 7.62 25.83 75.06 86.32fib true join.c - - 6.61 8.37 10.81 7.09 5.94 5.92 1.20 2.88 3.19indexer.c - 5 193.01 210.42 214.03 191.88 70.42 69.38 0.10 0.09 0.09lamport.c - 8 7.78 *11.63 *10.53 6.89 t/o t/o 0.08 *0.08 *0.08lamport.c tso 8 7.60 26.31 *15.85 6.80 513.67 t/o 0.09 0.08 *0.07lamport.c pso 8 7.72 30.92 27.51 7.43 t/o t/o 0.08 0.08 0.08parker.c - 10 12.34 *91.99 *86.10 11.63 9.70 9.65 1.50 *0.09 *0.08parker.c pso 10 12.72 141.24 166.75 11.76 10.66 10.64 1.50 1.92 2.94peterson.c - - 0.35 *0.38 *0.35 0.18 *0.20 *0.21 0.07 *0.07 *0.07peterson.c tso - 0.35 0.39 *0.35 0.19 0.18 0.56 0.07 0.07 *0.07peterson.c pso - 0.35 0.41 0.40 0.18 0.18 0.19 0.07 0.07 0.08pgsql.c - 8 19.80 60.66 *4.63 21.03 46.57 *296.77 0.08 0.07 *0.08pgsql.c pso 8 23.93 71.15 121.51 19.04 t/o t/o 0.07 0.07 0.08pgsql bnd.c pso (4) 3.57 9.55 12.68 3.59 t/o t/o 89.44 106.04 112.60stack safe.c - - 44.53 516.01 496.36 45.11 42.39 42.50 0.34 0.36 0.43stack unsafe.c - - *1.40 *1.87 *2.08 *1.00 *0.81 *0.79 *0.08 *0.08 *0.09szymanski.c - - 0.40 *0.44 *0.43 0.23 *0.89 *1.16 0.07 *0.13 *0.07szymanski.c tso - 0.40 0.50 *0.43 0.23 0.23 2.48 0.08 0.08 *0.07szymanski.c pso - 0.39 0.50 0.49 0.23 0.24 0.24 0.08 0.08 0.08
Nidhugg
SC TSO PSO
stack safe.c 0.34 0.36 0.43
Robust
![Page 50: Stateless Model Checking for TSO and PSOuser.it.uu.se › ~mohat117 › UpmarcWorkshop › slides › carl.pdf · Introduction TSO Traces and Happens-Before Experiments Future Work](https://reader033.vdocuments.us/reader033/viewer/2022060319/5f0caed27e708231d4369df7/html5/thumbnails/50.jpg)
Introduction TSO Traces and Happens-Before Experiments Future Work
Future Work
Ongoing Work: POWER
More relaxed model
Order enforced by complex event interaction
#traces probably similar to under SC
Techniques carry over to ARM, Alpha, etc.
Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, Konstantinos Sagonas
Stateless Model Checking for TSO and PSO