Avoiding State-Space Explosion in Multithreaded Programs with Input-Covering Schedules and Symbolic Execution
MetadataShow full item record
This dissertation makes two high-level contributions: First, we propose an algorithm to perform symbolic execution of multithreaded programs from arbitrary program contexts. We argue that this can enable more efficient symbolic exploration of deep code paths in multithreaded programs by allowing the symbolic engine to jump directly to program contexts of interest. We are the first to attack this problem. Second, we propose constraining multithreaded executions to small sets of input-covering schedules, which are defined as follows: given a program P, we say that a set of schedules S covers all inputs of program P if, when given any input, P's execution can be constrained to some schedule in S and still produce a semantically valid result. Our approach is to first compute a small S for a given program P, and then, at runtime, constrain P's execution to always follow some schedule in S, and never deviate. This approach has the following advantage: because all possible runtime schedules are known a priori, we can seek to validate the program by thoroughly verifying each schedule in S, in isolation, without needing to reason about the huge space of thread interleavings that arises due to conventional nondeterministic execution. To tie both contributions together, we show how our symbolic execution techniques can be used to speed the search for input-covering schedules.