1 / 20

Scalable Multi-core Model Checking Fairness Enhanced Systems

Scalable Multi-core Model Checking Fairness Enhanced Systems. Yang Liu, Jun Sun and Jin Song Dong School of Computing National University of Singapore. Outline. General Introduction to PAT http://pat.comp.nus.edu.sg Motivation: Parallel Model Checking Model Checking with Fairness

leane
Télécharger la présentation

Scalable Multi-core Model Checking Fairness Enhanced Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Scalable Multi-core Model Checking Fairness Enhanced Systems Yang Liu, Jun Sun and Jin Song Dong School of Computing National University of Singapore

  2. Outline • General Introduction to PAT • http://pat.comp.nus.edu.sg • Motivation: Parallel Model Checking • Model Checking with Fairness • Experiment Results • Conclusion

  3. Model Checking • Determining whether a model satisfies a property by the means of exhaustive searching. Model Model Checker Counterexample! Property

  4. Model Checking Works! • Three researchers won Turing Award 2007 for their pioneer work on model checking! • Intel Core i7 processor is verified by symbolic model checking completely without executing a single test case! • The Slam project from Microsoft successfully detected many bugs in many driver software!

  5. PAT: Motivation • We aim to develop a self-contained framework for formal specification and verification of compositional systems which involves, • concurrency, • real-time, • complex data structures and operations, • complicated control flows, • and etc.

  6. PAT: Architecture

  7. Motivation • Model checking is limited by state space explosion. • We do have multiple cores nowadays!

  8. Safety • “Something bad never happens” • Reachability analysis • Depth-first search • Breadth-first search

  9. Liveness • “Something good eventually happens” • Liveness checking = bad loop searching • Nested depth-first-search • SCC-based algorithms

  10. Fairness • Liveness often requires fairness! • Process level weak/strong fairness • Event level weak/strong fairness • Strong global fairness

  11. Verification under Fairness • Automata-based LTL model checking • weak fairness: SCC search • strong fairness: strongly connected sub-graph search • strong global fairness = terminal SCC search

  12. Verification under Fairness • A lasso is counterexample if and only if the loop is fair and it fails the liveness property. • It is (process-level) weak fair iff there is NO process which is always enabled during the loop and never made any progress. • It is (process-level) strong fair iff there is NO process which is enabled during the loop and never made any progress. • It is strong global fairness iff …

  13. Sequential Algorithm A: Find SCC-0 True Is Not Fair B: Check if SCC-0 is fair Is Fair C: Generate Counterexample

  14. Parallel Algorithm A0 B0 A1 B1 A2 B2 Thread 1 Thread 2 Thread 3 Thread 4

  15. Parallel Algorithm A0 A1 A2 Thread 1 B0 B1 Thread 2 B2 Thread 3 Thread 4

  16. Effectiveness • Overhead – negligible • Based on shared-memory architecture. • Depends on how expensive checking whether a SCC satisfies the fairness constraint • Weak fairness: linear in the number of transitions • Strong fairness: bounded by #states * #transitions • Global fairness: linear in the number of transitions

  17. Experiment A

  18. Experiment B

  19. Experiment (cont’d)

  20. Conclusion • A simple way of making use of multi-cores for model checking with fairness. • The technique is available in PAT. • http://pat.comp.nus.edu.sg • Related work • Spin’s liveness checking algorithm for dual-core systems • Barnat et al. multi-core LTL model checking • MAP, OWCTY, NEGC, OBF

More Related