ABSTRACT
In run-time safety analysis the executions of a concurrent program are monitored and analyzed with respect to safety properties. Similar to testing, run-time analysis is quite efficient, but it also tends to be incomplete. The results pertain only to the observed executions which may constitute just a small subset of all possible executions.
In this paper, we describe a tool called ViP which uses the software model checker VeriSoft to perform comprehensive run-time safety analyses of concurrent C/C++ programs. A ViP analysis proceeds in three fully automated steps: First, the input program is prepared for a VeriSoft analysis through instrumentation. Next, VeriSoft is invoked to generate the traces corresponding to all possible executions of the program. Then, the traces are checked efficiently for specification violations. The instrumentation is based on the source code transformation language TXL. TXL allows for the instrumentation to be described in terms of rewrite rules and gives ViP a remarkable amount of flexibility.
The paper describes ViP together with its use of VeriSoft and TXL. Several sample analyses are discussed to illustrate the use of ViP.
- B. Abeysundara and A. Kamal. High-speed local area networks and their performance: A survey. ACM Computing Surveys, 23(2), June 1991.]] Google ScholarDigital Library
- T. Andrews, S. Qadeer, S. Rajamani, J. Rehof, and Y. Xie. Zing: A model checker for concurrent software. Technical Report MSR-TR-2004-10, MSR, 2004.]]Google ScholarCross Ref
- K. Bhargavan, C. Gunter, M. Kim, I. Lee, D. Obradovic, O. Sokolsky, and M. Viswanathan. Verisim: Formal analysis of network simulations. IEEE Transactions on Software Engineering, 28(2):129--145, Feb. 2002.]] Google ScholarDigital Library
- M. Clavel, F. Dur&3225;n, S. Eker, P. Lincoln, N. Martí-Oliet, J. Meseguer, and J. Quesada. The maude system. In 10th Intl. Conference on Rewriting Techniques and Applications (RTA '99), pages 240--243, 1999.]] Google ScholarDigital Library
- J. Corbett, M. Dwyer, J. Hatcliff, C. Pasareanu, Robby, S. Laubach, and H. Zheng. Bandera: Extracting finite-state models from Java source code. In 22nd International Conference on Software Engineering (ICSE '00), June 2000.]] Google ScholarDigital Library
- J. Cordy, T. Dean, A. Malton, and K. Schneider. Source transformation in software engineering using the TXL transformation system. Journal of Information and Software Technology, 44(13):827--837, Oct. 2002.]]Google ScholarCross Ref
- J. Dingel. Computer-assisted assume/guarantee reasoning with VeriSoft. In 25th International Conference on Software Engineering (ICSE'03), pages 138--148, Portland, Oregon, USA, May 2003.]] Google ScholarDigital Library
- S. Ezust and G. von Bochmann. An automatic trace analysis tool generator for Estelle specifications. Computer Communication Review, 25(4):175--184, 1995.]] Google ScholarDigital Library
- P. Godefroid. Partial-Order Methods for the Verification of Concurrent Systems --- An Approach to the State-Explosion Problem. Springer-Verlag, Jan. 1996.]] Google ScholarDigital Library
- P. Godefroid. Model checking for programming languages using VeriSoft. In 24th ACM Symposium on Principles of Programming Languages, pages 174--186, Paris, Jan. 1997.]] Google ScholarDigital Library
- P. Godefroid. Software model checking in practice: An industrial case study. In International Conference on Software Engineering (ICSE'02), Orlando, May 2002.]] Google ScholarDigital Library
- X. Guo, J. Cordy, and T. Dean. Unique renaming of Java using source transformation. In 3rd International IEEE Workshop on Source Code Analysis and Manipulation, pages 151--160, Amsterdam, Holland, Sept. 2003.]]Google ScholarCross Ref
- K. Havelund and G. Roşu. An overview of the runtime verification tool Java PathExplorer. To appear in Journal of Formal Methods in System Design.]] Google ScholarDigital Library
- K. Havelund and G. Roşu. Synthesizing monitors for safety properties. In International Conference on Tools and Algorithms for Construction and Analysis of Systems (TACAS '02), pages 342--356, 2002.]] Google ScholarDigital Library
- G. Holzmann and M. Smith. Automating software feature verification. Bell Labs Technical Journal, 5(2):72--87, 1999.]]Google ScholarCross Ref
- M. Kim, S. Kannan, I. Lee, and O. Sokolsky. Java-MaC: a run-time assurance tool for Java. In 1st International Workshop on Run-time Verification, volume 55 of Electronic Notes in Theoretical Computer Science 55 No. 2 (2001), Paris, France, July 2001.]]Google Scholar
- E. Lee and P. Boulton. The principles and performance of HUBNET: A 50 mb/s fiber optics local area network. IEEE Journal on Selected Areas in Communications, SAC-1:711--720, Nov. 1983.]]Google ScholarDigital Library
- Z. Manna and A. Pnueli. Temporal verification of reactive systems: Safety. Springer-Verlag, 1995.]] Google ScholarDigital Library
- G. Peterson. Myths about the mutual exclusion problem. Information Processing Letters, 12:115--116, June 1981.]]Google ScholarCross Ref
- Robby, M. Dwyer, and J. Hatcliff. Bogor: An extensible and highly-modular model checking framework. In European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2003), Sept. 2003.]] Google ScholarDigital Library
- K. Sen, G. Roşu, and G. Agha. Runtime safety analysis of multithreaded programs. In European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2003), Helsinki, Finland, Sept. 2003.]] Google ScholarDigital Library
- K. Sen, A. Vardhan, G. Agha, and G. Roşu. Efficient decentralized monitoring of safety in distributed systems. In International Conference on Software Engineering (ICSE 2004), Edinburgh, Scotland, May 2004.]] Google ScholarDigital Library
- W. Visser, K. Havelund, G. Brat, S. Park, and F. Lerda. Model checking programs. Automated Software Engineering Journal, 10(2), April 2003.]] Google ScholarDigital Library
Index Terms
- Automating comprehensive safety analysis of concurrent programs using verisoft and TXL
Recommendations
Automating comprehensive safety analysis of concurrent programs using verisoft and TXL
In run-time safety analysis the executions of a concurrent program are monitored and analyzed with respect to safety properties. Similar to testing, run-time analysis is quite efficient, but it also tends to be incomplete. The results pertain only to ...
Transition predicate abstraction and fair termination
POPL '05: Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languagesPredicate abstraction is the basis of many program verification tools. Until now, the only known way to overcome the inherent limitation of predicate abstraction to safety properties was to manually annotate the finite-state abstraction of a program. We ...
Runtime safety analysis of multithreaded programs
Foundational and scalable techniques for runtime safety analysis of multithreaded programs are explored in this paper. A technique based on vector clocks to extract the causal dependency order on state updates from a running multithreaded program is ...
Comments