Abstract
We consider the problem of provably verifying that an asynchronous message-passing system satisfies its local assertions. We present a novel reduction scheme for asynchronous event-driven programs that finds almost-synchronous invariants - invariants consisting of global states where message buffers are close to empty. The reduction finds almost-synchronous invariants and simultaneously argues that they cover all local states. We show that asynchronous programs often have almost-synchronous invariants and that we can exploit this to build natural proofs that they are correct. We implement our reduction strategy, which is sound and complete, and show that it is more effective in proving programs correct as well as more efficient in finding bugs in several programs, compared to current search strategies which almost always diverge. The high point of our experiments is that our technique can prove the Windows Phone USB Driver written in P [9]correct for the responsiveness property, which was hitherto not provable using state-of-the-art model-checkers.
- P. Abdulla, S. Aronis, B. Jonsson, and K. Sagonas. Optimal dynamic partial order reduction. POPL '14, pages 373--384, New York, NY, USA, 2014. ACM. Google Scholar
Digital Library
- P. A. Abdulla and B. Jonsson. Verifying programs with unreliable channels. In LICS, pages 160--170, 1993.Google Scholar
Cross Ref
- R. Alur and M. Yannakakis. Model checking of message sequence charts. CONCUR '99, pages 114--129, London, UK, UK, 1999. Springer-Verlag. Google Scholar
Digital Library
- T. Andrews, S. Qadeer, S. K. Rajamani, J. Rehof, and Y. Xie. Zing: A model checker for concurrent software. In CAV, pages 484--487, 2004.Google Scholar
- S. Basu and T. Bultan. Choreography conformance via synchronizability. WWW '11, pages 795--804, New York, NY, USA, 2011. ACM. Google Scholar
Digital Library
- S. Basu, T. Bultan, and M. Ouederni. Synchronizability for verification of asynchronously communicating systems. In VMCAI, pages 56--71, 2012. Google Scholar
Digital Library
- A. Bouajjani and M. Emmi. Bounded phase analysis of message-passing programs. TACAS'12, pages 451--465, Berlin, Heidelberg, 2012. Springer-Verlag. Google Scholar
Digital Library
- D. Brand and P. Zafiropulo. On communicating finite-state machines. J. ACM, 30(2):323--342, Apr. 1983. ISSN 0004-5411. Google Scholar
Digital Library
- A. Desai, V. Gupta, E. K. Jackson, S. Qadeer, S. K. Rajamani, and D. Zufferey. P: safe asynchronous event-driven programming. In PLDI, pages 321--332, 2013. Google Scholar
Digital Library
- M. Emmi, S. Qadeer, and Z. Rakamarić. Delay-bounded scheduling. POPL '11, pages 411--422, New York, NY, USA, 2011. ACM. Google Scholar
Digital Library
- J. Fisher, T. A. Henzinger, M. Mateescu, and N. Piterman. Bounded asynchrony: Concurrency for modeling cell-cell interactions. In FMSB, pages 17--32, 2008. Google Scholar
Digital Library
- C. Flanagan and P. Godefroid. Dynamic partial-order reduction for model checking software. POPL '05, pages 110--121, New York, NY, USA, 2005. ACM. Google Scholar
Digital Library
- P. Godefroid. Model checking for programming languages using verisoft. POPL '97, pages 174--186, New York, NY, USA, 1997. ACM. Google Scholar
Digital Library
- P. Godefroid. Partial-Order Methods for the Verification of Concurrent Systems - An Approach to the State-Explosion Problem. PhD thesis, University of Liege, 1995.Google Scholar
- P. Godefroid and D. Pirottin. Refining dependencies improves partial-order verification methods (extended abstract). CAV '93, pages 438--449, London, UK, UK, 1993. Springer-Verlag. Google Scholar
Digital Library
- P. Godefroid and P. Wolper. Using partial orders for the efficient verification of deadlock freedom and safety properties. Formal Methods in System Design, 2(2):149--164, 1993. Google Scholar
Digital Library
- M. G. Gouda, E. M. Gurari, T. H. Lai, and L. E. Rosier. On deadlock detection in systems of communicating finite state machines. Comput. Artif. Intell., 6(3):209--228, July 1987. ISSN 0232-0274. Google Scholar
Digital Library
- G. C. Hunt and J. R. Larus. Singularity: Rethinking the software stack. SIGOPS Oper. Syst. Rev., 41(2):37--49, Apr. 2007. ISSN 0163--5980. Google Scholar
Digital Library
- R. Jhala and R. Majumdar. Interprocedural analysis of asynchronous programs. POPL '07, pages 339--350, New York, NY, USA, 2007. ACM. Google Scholar
Digital Library
- C. B. Jones. Tentative steps toward a development method for interfering programs. ACM Trans. Program. Lang. Syst., 5(4): 596--619, 1983. Google Scholar
Digital Library
- S. La Torre, P. Madhusudan, and G. Parlato. A robust class of context-sensitive languages. In LICS, pages 161--170, 2007. Google Scholar
Digital Library
- S. La Torre, P. Madhusudan, and G. Parlato. Context-bounded analysis of concurrent queue systems. In TACAS, pages 299--314, 2008. Google Scholar
Digital Library
- S. Lauterburg, M. Dotta, D. Marinov, and G. Agha. A framework for state-space exploration of java-based actor programs. ASE '09, pages 468--479,Washington, DC, USA, 2009. IEEE Computer Society. ISBN 978-0-7695-3891-4. Google Scholar
Digital Library
- S. Lauterburg, R. K. Karmani, D. Marinov, and G. Agha. Evaluating ordering heuristics for dynamic partial-order reduction techniques. FASE'10, pages 308--322, Berlin, Heidelberg, 2010. Springer-Verlag. Google Scholar
Digital Library
- P. Madhusudan. Reasoning about sequential and branching behaviours of message sequence graphs. ICALP '01, pages 809--820, London, UK, UK, 2001. Springer-Verlag. Google Scholar
Digital Library
- P. Madhusudan and B. Meenakshi. Beyond message sequence graphs. In FSTTCS, pages 256--267, 2001. Google Scholar
Digital Library
- P. Madhusudan and G. Parlato. The tree width of auxiliary storage. In POPL, pages 283--294, 2011. Google Scholar
Digital Library
- P. Madhusudan, X. Qiu, and A. Stefanescu. Recursive proofs for inductive tree data-structures. In POPL, pages 123--136, 2012. Google Scholar
Digital Library
- A.W. Mazurkiewicz. Trace theory. In Advances in Petri Nets, pages 279--324, 1986. Google Scholar
Digital Library
- M. Musuvathi and S. Qadeer. Iterative context bounding for systematic testing of multithreaded programs. In Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '07, pages 446--455, New York, NY, USA, 2007. ACM. Google Scholar
Digital Library
- M. Musuvathi and S. Qadeer. Iterative context bounding for systematic testing of multithreaded programs. PLDI '07, pages 446--455, New York, NY, USA, 2007. ACM. Google Scholar
Digital Library
- R. Palmer, G. Gopalakrishnan, and R. M. Kirby. Semantics driven dynamic partial-order reduction of mpi-based parallel programs. PADTAD '07, pages 43--53, New York, NY, USA, 2007. ACM. Google Scholar
Digital Library
- E. Pek, X. Qiu, and P. Madhusudan. Natural proofs for data structure manipulation in c using separation logic. In PLDI, page 46, 2014. Google Scholar
Digital Library
- W. Peng and S. Puroshothaman. Data flow analysis of communicating finite state machines. ACM Trans. Program. Lang. Syst., 13(3):399--442, July 1991. ISSN 0164-0925. Google Scholar
Digital Library
- W. Peng and S. Purushothaman. Analysis of a class of communicating finite state machines. Acta Inf., 29(6/7):499--522, 1992. Google Scholar
Digital Library
- S. Qadeer and J. Rehof. Context-bounded model checking of concurrent software. TACAS'05, pages 93--107, Berlin, Heidelberg, 2005. Springer-Verlag. Google Scholar
Digital Library
- S. Qadeer and D. Wu. Kiss: keep it simple and sequential. In PLDI, pages 14--24, 2004. Google Scholar
Digital Library
- X. Qiu, P. Garg, A. Stefanescu, and P. Madhusudan. Natural proofs for structure, data, and separation. In PLDI, pages 231--242, 2013. Google Scholar
Digital Library
- K. Sen and M. Viswanathan. Model checking multithreaded programs with asynchronous atomic methods. CAV'06, pages 300--314, Berlin, Heidelberg, 2006. Springer-Verlag. Google Scholar
Digital Library
- S. F. Siegel. Efficient verification of halting properties for mpi programs with wildcard receives. VMCAI'05, pages 413--429, Berlin, Heidelberg, 2005. Springer-Verlag. Google Scholar
Digital Library
- S. F. Siegel and G. S. Avrunin. Modeling wildcard-free mpi programs for verification. In PPOPP, pages 95--106, 2005. Google Scholar
Digital Library
- S. Tasharofi, R. K. Karmani, S. Lauterburg, A. Legay, D. Marinov, and G. Agha. Transdpor: A novel dynamic partial-order reduction technique for testing actor programs. FMOODS'12/FORTE'12, pages 219--234, Berlin, Heidelberg, 2012. Springer-Verlag. Google Scholar
Digital Library
- P. Thomson, A. F. Donaldson, and A. Betts. Concurrency testing using schedule bounding: An empirical study. In Proceedings of the 19th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming, PPoPP '14, pages 15--28, New York, NY, USA, 2014. ACM. Google Scholar
Digital Library
- A. Udupa, A. Desai, and S. K. Rajamani. Depth bounded explicit-state model checking. In SPIN, pages 57--74, 2011. Google Scholar
Digital Library
- A. Valmari. Stubborn sets for reduced state space generation. In Proceedings of the 10th International Conference on Applications and Theory of Petri Nets: Advances in Petri Nets 1990, pages 491--515, London, UK, UK, 1991. Springer-Verlag. Google Scholar
Digital Library
Index Terms
Natural proofs for asynchronous programs using almost-synchronous reductions
Recommendations
Natural proofs for asynchronous programs using almost-synchronous reductions
OOPSLA '14: Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & ApplicationsWe consider the problem of provably verifying that an asynchronous message-passing system satisfies its local assertions. We present a novel reduction scheme for asynchronous event-driven programs that finds almost-synchronous invariants - invariants ...
Pretend synchrony: synchronous verification of asynchronous distributed programs
We present pretend synchrony, a new approach to verifying distributed systems, based on the observation that while distributed programs must execute asynchronously, we can often soundly treat them as if they were synchronous when verifying their ...
Static deadlock detection for asynchronous C# programs
PLDI '17Asynchronous programming is a standard approach for designing responsive applications. Modern languages such as C# provide async/await primitives for the disciplined use of asynchrony. In spite of this, programs can deadlock because of incorrect use of ...







Comments