Abstract
Dynamic partial order reduction (DPOR) verifies concurrent programs by exploring all their interleavings up to some equivalence relation, such as the Mazurkiewicz trace equivalence. Doing so involves a complex trade-off between space and time. Existing DPOR algorithms are either exploration-optimal (i.e., explore exactly only interleaving per equivalence class) but may use exponential memory in the size of the program, or maintain polynomial memory consumption but potentially explore exponentially many redundant interleavings. In this paper, we show that it is possible to have the best of both worlds: exploring exactly one interleaving per equivalence class with linear memory consumption. Our algorithm, TruSt, formalized in Coq, is applicable not only to sequential consistency, but also to any weak memory model that satisfies a few basic assumptions, including TSO, PSO, and RC11. In addition, TruSt is embarrassingly parallelizable: its different exploration options have no shared state, and can therefore be explored completely in parallel. Consequently, TruSt outperforms the state-of-the-art in terms of memory and/or time.
Highlights
Stateless model checking (SMC) [Godefroid 1997; Musuvathi et al 2008] is an effective verification technique for verifying concurrent programs of bounded size
As Nidhugg does not support a memory model similar to GenMC’s RC114, and memory consumption directly depends on the number of executions allowed by the model, we had to exclude it from this comparison
As we show in ğ6.1, TruSt is always exponentially faster than nonoptimal dynamic partial order reduction (DPOR) implementations, and exponentially łlighterž than optimal DPOR implementations
Summary
Stateless model checking (SMC) [Godefroid 1997; Musuvathi et al 2008] is an effective verification technique for verifying concurrent programs of bounded size. SMC works by systematically exploring all executions of a given concurrent program without ever storing the set of program states it has already visited. While SMC allows for a program to be verified with polynomial memory requirements, it has the obvious downside that the number of executions to be explored is typically exponential in the size of the program. SMC is almost always employed together with clever dynamic partial order reduction (DPOR) algorithms [Abdulla et al 2014; Flanagan et al 2005; Kokologiannakis et al 2019] that reduce the number of executions that need to be explored in order to cover all possible program behaviors. DPOR partitions the execution traces of a program into equivalence classes according to some relation, such as Mazurkiewicz trace equivalence [Mazurkiewicz 1987], with the
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
