#### DMCA

## Bounded partial-order reduction (2013)

Venue: | In Proceedings of the 2013 Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications |

Citations: | 5 - 0 self |

### Citations

581 | Model checking programs, in
- Visser, Havelund, et al.
- 2008
(Show Context)
Citation Context ...ation to reduce the search space. 2.4.3 Dynamic partial-order reduction Dynamic Partial-Order Reduction (DPOR) computes persistent sets on-the-fly [6]. Unlike static conservative dependence detection =-=[4, 8, 18]-=-, DPOR detects dependences accurately at runtime. DPOR performs a depth-first search of the state space and keeps track of the most recent access to each variable. When a conflicting access occurs, DP... |

439 | Model Checking for Programming Languages using VeriSoft
- Godefroid
(Show Context)
Citation Context ...ation to reduce the search space. 2.4.3 Dynamic partial-order reduction Dynamic Partial-Order Reduction (DPOR) computes persistent sets on-the-fly [6]. Unlike static conservative dependence detection =-=[4, 8, 18]-=-, DPOR detects dependences accurately at runtime. DPOR performs a depth-first search of the state space and keeps track of the most recent access to each variable. When a conflicting access occurs, DP... |

361 | Partial-order methods for the verification of concurrent systems: an approach to the state-explosion problem
- Godefroid
- 1996
(Show Context)
Citation Context ...bounded search. Partial order methods provide full coverage by exploring all unique reachable states, and they alleviate state space explosion by exploring only one interleaving of independent events =-=[6, 7]-=-. Independent events commute – their interleavings do not change program behavior. Dynamic partialorder reduction (DPOR) observes the program’s actual dependences at runtime, rather than a static cons... |

288 |
A stubborn attack on state explosion
- Valmari
- 1991
(Show Context)
Citation Context ...o the sleep set in s′′ because t1 = t3. New states may be reachable via t1 from s′′, so the search must explore t1 from s′′. Many algorithms reduce the state space with persistent sets and sleep sets =-=[7, 16, 17]-=-. Most of these algorithms use static analysis to determine which transitions may be dependent with one another. As a result, these algorithms must be conservative. Unless two transitions must always ... |

194 | Dynamic partial-order reduction for model checking software
- Flanagan, Godefroid
- 2005
(Show Context)
Citation Context ...Algorithm 2 computes a preemption-bound persistent set in each state, we create postconditions for preemption-bounded search, which we derive from the postconditions that DPOR satisfies in each state =-=[6]-=-. Definition 5.1. PC for Explore(S) – Preemption bound. ∀u∀ω : if Pb(S.ω) ≤ c then Post(S.ω, len(S), u) Algorithm 4 BPOR procedures for fair-bounded search 1: procedure Initialize(S) begin 2: if (len(... |

175 | Iterative context bounding for systematic testing of multithreaded programs
- Musuvathi, Qadeer
- 2007
(Show Context)
Citation Context ...vertheless, for larger programs DPOR often runs for longer than developers are willing to wait. Bounded search, in contrast, alleviates state-space explosion by pruning executions that exceed a bound =-=[5, 12, 14]-=-. For example, Musuvathi and Qadeer use preemptionbounded search [12] to explore executions involving a small number of preemptions. Their insight is that many concurrency bugs require a small number ... |

149 |
Trace theory
- Mazurkiewicz
- 1986
(Show Context)
Citation Context ...ch explore only a subset of AG [5, 6, 12]. A Mazurkiewicz trace is an equivalence class of sequences of transitions that can be obtained from one another by permuting adjacent independent transitions =-=[11]-=-. A Mazurkiewicz trace, or trace for concision, is uniquely defined by one of its members. We use [ω] to denote the trace that contains ω. Formally, using Godefroid’s definition of traces [7], the con... |

145 | Finding and reproducing heisenbugs in concurrent programs
- Musuvathi, Qadeer, et al.
- 2008
(Show Context)
Citation Context ...SS, a publicly available, stateless, dynamic model checker for concurrent software. CHESS places a thin wrapper between the program under test and the Win32 and .NET APIs using binary instrumentation =-=[15]-=-. This wrapper intercepts calls into the Win32 and .NET APIs and provides hooks into CHESS that control thread scheduling completely without modifying the semantics of the API or the behavior of the p... |

65 |
Refining dependencies improves partialorder verification methods (extended abstract
- Godefroid, Pirottin
(Show Context)
Citation Context ... write operations because multiple read operations to the same variable commute. We consider only constant dependence relations in this work and assume that the dependence relation is not conditional =-=[9]-=-. Next, we use these definitions to provide background for partial-order reduction and bounded search. 2.4 Partial-order reduction A search using partial-order reduction provides full coverage: it exp... |

49 | Exploiting object escape and locking information in partial order reduction for concurrent object-oriented programs
- Dwyer, Hatcliff, et al.
(Show Context)
Citation Context ...ation to reduce the search space. 2.4.3 Dynamic partial-order reduction Dynamic Partial-Order Reduction (DPOR) computes persistent sets on-the-fly [6]. Unlike static conservative dependence detection =-=[4, 8, 18]-=-, DPOR detects dependences accurately at runtime. DPOR performs a depth-first search of the state space and keeps track of the most recent access to each variable. When a conflicting access occurs, DP... |

48 |
Appraising fairness in languages for distributed programming
- Apt, Francez, et al.
- 1988
(Show Context)
Citation Context ...ates. We selected this fairness criterion primarily for its simplicity, but other fairness criteria can be expressed as bounds, as well. Unlike prior work, this bound does not provide strong fairness =-=[1, 14]-=-. Both the preemption and the fairness bound prune portions of the state space and may fail to detect bugs in programs. DPOR, in contrast, explores all relevant states and detects all bugs that violat... |

44 | Fair stateless model checking
- Musuvathi, Qadeer
- 2008
(Show Context)
Citation Context ...vertheless, for larger programs DPOR often runs for longer than developers are willing to wait. Bounded search, in contrast, alleviates state-space explosion by pruning executions that exceed a bound =-=[5, 12, 14]-=-. For example, Musuvathi and Qadeer use preemptionbounded search [12] to explore executions involving a small number of preemptions. Their insight is that many concurrency bugs require a small number ... |

37 | Z.: Delay-bounded scheduling
- Emmi, Qadeer, et al.
(Show Context)
Citation Context ...vertheless, for larger programs DPOR often runs for longer than developers are willing to wait. Bounded search, in contrast, alleviates state-space explosion by pruning executions that exceed a bound =-=[5, 12, 14]-=-. For example, Musuvathi and Qadeer use preemptionbounded search [12] to explore executions involving a small number of preemptions. Their insight is that many concurrency bugs require a small number ... |

29 |
Verification of concurrent systems: Function and timing
- Overman, Crocker
- 1982
(Show Context)
Citation Context ...o the sleep set in s′′ because t1 = t3. New states may be reachable via t1 from s′′, so the search must explore t1 from s′′. Many algorithms reduce the state space with persistent sets and sleep sets =-=[7, 16, 17]-=-. Most of these algorithms use static analysis to determine which transitions may be dependent with one another. As a result, these algorithms must be conservative. Unless two transitions must always ... |

25 |
Defining conditional independence using collapses
- Katz, Peled
- 1992
(Show Context)
Citation Context ...determines which interleavings may be pruned. The following definition characterizes “valid” dependence relations for the transitions of a concurrent system. Definition 2.2. Valid dependence relation =-=[6, 10]-=-. Let T be the set of transitions in a concurrent system and let D ⊆ T × T be a binary, reflexive, and symmetric relation. The relation D is a valid dependence relation for the system iff for all t, t... |

11 | Partial-order reduction for context-bounded state exploration
- Musuvathi, Qadeer
- 2007
(Show Context)
Citation Context ...ch Preemption-bounded search limits the number of preemptive context switches that occur in an execution [12]. The preemption bound is defined recursively as follows. Definition 2.5. Preemption bound =-=[13]-=-. Pb(t) = 0 Pb(S.t) = Pb(S) + 1 if t.tid 6= last(S).tid and last(S).tid ∈ enabled(final(S)) Pb(S) otherwise Figure 4 illustrates preemption-bounded search, in which the executing thread – the th... |

1 |
Fast Error Detection with Coverage Guarantees for Concurrent Software
- COONS
- 2013
(Show Context)
Citation Context ...s sufficient sets. For brevity here within, we state the theorems and put the proofs in companion materials available from the ACM Digital Library [3]. Coons’ dissertation contains a fuller treatment =-=[2]-=-. Section 6 evaluates BPOR performance on concurrent unit tests and Section 7 concludes. 2. Background and related work This section provides necessary background and describes our formalism for concu... |

1 |
Bounded partial order reduction (Proof source material
- COONS, MUSUVATHI, et al.
- 2013
(Show Context)
Citation Context ...lse 14: backtrack(pre(S, i)) = enabled(pre(S, i)) DPOR to bounded search. In Section 6, however, we separate these optimizations out because we do not include these optimizations in our formal proofs =-=[2, 3]-=-. 5.1 Computing preemption-bound persistent sets Algorithm 3 contains the Initialize and Backtrack procedures for preemption-bounded search. Initialize adds the executing thread to the backtrack set i... |