skip to main content
research-article
Free Access

Interprocedural Context-Unbounded Program Analysis Using Observation Sequences

Published:07 December 2020Publication History
Skip Abstract Section

Abstract

A classical result by Ramalingam about synchronization-sensitive interprocedural program analysis implies that reachability for concurrent threads running recursive procedures is undecidable. A technique proposed by Qadeer and Rehof, to bound the number of context switches allowed between the threads, leads to an incomplete solution that is, however, believed to catch “most bugs” in practice, as errors tend to occur within few contexts. The question of whether the technique can also prove the absence of bugs at least in some cases has remained largely open.

Toward closing this gap, we introduce in this article the generic verification paradigm of observation sequences for resource-parameterized programs. Such a sequence observes how increasing the resource parameter affects the reachability of states satisfying a given property. The goal is to show that increases beyond some “cutoff” parameter value have no impact on the reachability—the sequence has converged. This allows us to conclude that the property holds for all parameter values.

We applied this paradigm to the context-unbounded program analysis problem, choosing the resource to be the number of permitted thread context switches. The result is a partially correct interprocedural reachability analysis technique for concurrent shared-memory programs. Our technique may not terminate but is able to both refute and prove context-unbounded safety for such programs. We demonstrate the effectiveness and efficiency of the technique using a variety of benchmark programs. The safe instances cannot be proved safe by earlier, context-bounded methods.

References

  1. Parosh Abdulla, Frédéric Haziza, and Lukáš Holík. 2016. Parameterized verification through view abstraction. Int. J. Softw. Tools Technol. Transf. 18, 5 (Oct. 2016), 495--516. DOI:https://doi.org/10.1007/s10009-015-0406-xGoogle ScholarGoogle Scholar
  2. Rajeev Alur and P. Madhusudan. 2004. Visibly pushdown languages. In Proceedings of the 36th Annual ACM Symposium on Theory of Computing (STOC’04). ACM, New York, NY, 202--211. http://doi.acm.org/10.1145/1007352.1007390Google ScholarGoogle Scholar
  3. Rajeev Alur and P. Madhusudan. 2009. Adding nesting structure to words. J. ACM 56, 3 (May 2009), Article 16, 43 pages. http://doi.acm.org/10.1145/1516512.1516518Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Mohamed Faouzi Atig, Benedikt Bollig, and Peter Habermehl. 2008. Emptiness of multi-pushdown automata is 2ETIME-complete. In Proceedings of the 12th International Conference on Developments in Language Theory (DLT’08). 121--133.Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Mohamed Faouzi Atig, Ahmed Bouajjani, and Shaz Qadeer. 2009. Context-bounded analysis for concurrent programs with dynamic creation of threads. In Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’09). 107--123. DOI:https://doi.org/10.1007/978-3-642-00768-2_11Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Thomas Ball and Sriram K. Rajamani. 2000. Bebop: A symbolic model checker for Boolean programs. In Proceedings of the International SPIN Workshop on Model Checking of Software (SPIN’00). 113--130.Google ScholarGoogle ScholarCross RefCross Ref
  7. Dirk Beyer. 2019. Sv-benchmarks. Retrieved October 16, 2020 from https://github.com/sosy-lab/sv-benchmarks/tree/master/clauses/BOOL.Google ScholarGoogle Scholar
  8. Jesse D. Bingham. 2005. A new approach to upward-closed set backward reachability analysis. Electr. Notes Theor. Comput. Sci. 138, 3 (2005), 37--48. DOI:https://doi.org/10.1016/j.entcs.2005.01.045Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Benedikt Bollig, Dietrich Kuske, and Roy Mennicke. 2017. The complexity of model checking multi-stack systems. Theor. Comp. Sys. 60, 4 (May 2017), 695--736. DOI:https://doi.org/10.1007/s00224-016-9700-6Google ScholarGoogle Scholar
  10. Ahmed Bouajjani, Michael Emmi, and Gennaro Parlato. 2011. On sequentializing concurrent programs. In Proceedings of the 18th International Conference on Static Analysis (SAS’11). 129--145. http://dl.acm.org/citation.cfm?id=2041552.2041565.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Ahmed Bouajjani, Javier Esparza, and Oded Maler. 1997. Reachability analysis of pushdown automata: Application to model-checking. In Proceedings of the 8th International Conference on Concurrency Theory (CONCUR’97). 135--150. http://dl.acm.org/citation.cfm?id=646732.701281.Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Ahmed Bouajjani, Javier Esparza, Stefan Schwoon, and Jan Strejček. 2005. Reachability analysis of multithreaded software with asynchronous communication. In Proceedings of the 25th International Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS’05). 348--359. DOI:https://doi.org/10.1007/11590156_28Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Ahmed Bouajjani, Séverine Fratani, and Shaz Qadeer. 2007. Context-bounded analysis of multithreaded programs with dynamic linked structures. In Proceedings of the 19th International Conference on Computer-Aided Verification (CAV’07). 207--220. http://dl.acm.org/citation.cfm?id=1770351.1770383.Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Ahmed Bouajjani, Markus Müller-Olm, and Tayssir Touili. 2005. Regular symbolic analysis of dynamic networks of pushdown systems. In Proceedings of the 16th International Conference on Concurrency Theory (CONCUR’05). 473--487. DOI:https://doi.org/10.1007/11539452_36Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Luca Breveglieri, Alessandra Cherubini, Claudio Citrini, and Stefano Crespi Reghizzi. 1996. Multi-pushdown languages and grammars. Int. J. Found. Comput. Sci. 07, 03 (1996), 253--291. https://doi.org/10.1142/S0129054196000191Google ScholarGoogle ScholarCross RefCross Ref
  16. S. Chaki, E. Clarke, N. Kidd, T. Reps, and T. Touili. 2006. Verifying concurrent message-passing C programs with recursive calls. In Proceedings of the 12th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’06). 334--349. DOI:https://doi.org/10.1007/11691372_22Google ScholarGoogle Scholar
  17. Patrick Cousot and Radhia Cousot. 1977. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages (POPL’77). 238--252.Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. E. Allen Emerson and Vineet Kahlon. 2000. Reducing model checking of the many to the few. In Proceedings of the 17th International Conference on Automated Deduction (CADE-17). 236--254. http://dl.acm.org/citation.cfm?id=648236.753642.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Michael Emmi, Shaz Qadeer, and Zvonimir Rakamarić. 2011. Delay-bounded scheduling. In Proceedings of the 38th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL’11). ACM, New York, NY, 411--422. DOI:https://doi.org/10.1145/1926385.1926432Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Alain Finkel, Bernard Willems, and Pierre Wolper. 1997. A direct symbolic approach to model checking pushdown systems. Elec. Not. Theor. Comput. Sci. 9 (1997), 27--37. DOI:https://doi.org/10.1016/S1571-0661(05)80426-8Google ScholarGoogle ScholarCross RefCross Ref
  21. Naghmeh Ghafari, Alan J. Hu, and Zvonimir Rakamarić. 2010. Context-bounded translations for concurrent software: An empirical evaluation. In Proceedings of the 17th International SPIN Conference on Model Checking Software (SPIN’10). 227--244. http://dl.acm.org/citation.cfm?id=1928137.1928160.Google ScholarGoogle ScholarCross RefCross Ref
  22. John Hopcroft and Jeffrey Ullman. 1979. Introduction to Automata Theory, Languages and Computation. Addison-Wesley.Google ScholarGoogle Scholar
  23. Vineet Kahlon and Aarti Gupta. 2007. On the analysis of interacting pushdown systems. In Proceedings of the 34th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL’07). ACM, New York, NY, 303--314. DOI:https://doi.org/10.1145/1190216.1190262Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Vineet Kahlon, Franjo Ivančić, and Aarti Gupta. 2005. Reasoning about threads communicating via locks. In Proceedings of the 17th International Conference on Computer-Aided Verification (CAV’05). 505--518. DOI:https://doi.org/10.1007/11513988_49Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Alexander Kaiser, Daniel Kroening, and Thomas Wahl. 2010. Dynamic cutoff detection in parameterized concurrent programs. In Proceedings of the 22nd International Conference on Computer-Aided Verification (CAV’10). 645--659. DOI:https://doi.org/10.1007/978-3-642-14295-6_55Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Anvesh Komuravelli, Arie Gurfinkel, and Sagar Chaki. 2014. SMT-based model checking for recursive programs. In Proceedings of the 16th International Conference on Computer-Aided Verification (CAV’14). 17--34.Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Dénes König. 1927. Über eine Schlussweise aus dem Endlichen ins Unendliche (in German). Acta Sci. Math. (Szeged) 3, 2–3, 121--130.Google ScholarGoogle Scholar
  28. H. T. Kung and Philip L. Lehman. 1980. Concurrent manipulation of binary search trees. ACM Trans. Database Syst. 5, 3 (Sept. 1980), 354--382. DOI:https://doi.org/10.1145/320613.320619Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Salvatore La Torre, Parthasarathy Madhusudan, and Gennaro Parlato. 2007. A robust class of context-sensitive languages. In Proceedings of the 22nd Annual IEEE Symposium on Logic in Computer Science (LICS’07). IEEE, Los Alamitos, CA, 161--170. DOI:https://doi.org/10.1109/LICS.2007.9Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Salvatore La Torre, P. Madhusudan, and Gennaro Parlato. 2008. Context-bounded analysis of concurrent queue systems. In Proceedings of the 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’08). 299--314. http://dl.acm.org/citation.cfm?id=1792734.1792762.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Salvatore La Torre, P. Madhusudan, and Gennaro Parlato. 2009. Reducing context-bounded concurrent reachability to sequential reachability. In Proceedings of the 21st International Conference on Computer-Aided Verification (CAV’09). 477--492. DOI:https://doi.org/10.1007/978-3-642-02658-4_36Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Salvatore La Torre, P. Madhusudan, and Gennaro Parlato. 2010. Model-checking parameterized concurrent programs using linear interfaces. In Proceedings of the 22nd International Conference on Computer-Aided Verification (CAV’10). 629--644. DOI:https://doi.org/10.1007/978-3-642-14295-6_54Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Salvatore La Torre and Margherita Napoli. 2011. Reachability of multistack pushdown systems with scope-bounded matching relations. In Proceedings of the 22nd International Conference on Concurrency Theory (CONCUR’11). 203--218. http://dl.acm.org/citation.cfm?id=2040235.2040253.Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Salvatore La Torre, Margherita Napoli, and Gennaro Parlato. 2016. Scope-bounded pushdown languages. Int. J. Found. Comput. Sci. 27, 02 (2016), 215--233. DOI:https://doi.org/10.1142/S0129054116400074Google ScholarGoogle ScholarCross RefCross Ref
  35. Salvatore La Torre, Madhusudan Parthasarathy, and Gennaro Parlato. 2009. Analyzing recursive programs using a fixed-point calculus. In Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’09). ACM, New York, NY, 211--222. DOI:https://doi.org/10.1145/1542476.1542500Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Akash Lal and Thomas Reps. 2009. Reducing concurrent analysis under a context bound to sequential analysis. Form. Methods Syst. Des. 35, 1 (Aug. 2009), 73--97. DOI:https://doi.org/10.1007/s10703-009-0078-9Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Peizun Liu and Thomas Wahl. 2018. CUBA: Interprocedural context-unbounded analysis of concurrent programs. In Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’18). 105--119.Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Peizun Liu and Thomas Wahl. 2018. Resource-Aware Program Analysis Using Observation Sequences: CUBA. Received December 1, 2019 from https://lpzun.github.io/rapa/apps/cuba/.Google ScholarGoogle ScholarCross RefCross Ref
  39. Peizun Liu, Thomas Wahl, and Akash Lal. 2019. Verifying asynchronous event-driven programs using partial abstract transformers. In Proceedings of the 31st International Conference on Computer-Aided Verification (CAV’19). 386--404.Google ScholarGoogle ScholarCross RefCross Ref
  40. Shan Lu, Soyeon Park, Eunsoo Seo, and Yuanyuan Zhou. 2008. Learning from mistakes: A comprehensive study on real world concurrency bug characteristics. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS XIII). ACM, New York, NY, 329--339. DOI:https://doi.org/10.1145/1346281.1346323Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Truc L. Nguyen, Bernd Fischer, Salvatore La Torre, and Gennaro Parlato. 2015. Unbounded lazy-CSeq: A lazy sequentialization tool for C programs with unbounded context switches. In Proceedings of the 21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’15), Vol. 9035. 461--463. DOI:https://doi.org/10.1007/978-3-662-46681-0_45Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Truc L. Nguyen, Bernd Fischer, Salvatore La Torre, and Gennaro Parlato. 2016. Lazy sequentialization for the safety verification of unbounded concurrent programs. In Proceedings of the 14th International Symposium on Automated Technology for Verification and Analysis (ATVA’16). 174--191. DOI:https://doi.org/10.1007/978-3-319-46520-3_12Google ScholarGoogle ScholarCross RefCross Ref
  43. Prathmesh Prabhu, Thomas Reps, Akash Lal, and Nicholas Kidd. 2011. Verifying Concurrent Programs via Bounded Context-Switching and Induction. Technical Report TR-1701. Computer Sciences Department, University of Wisconsin, Madison, WI.Google ScholarGoogle Scholar
  44. Shaz Qadeer, Sriram K. Rajamani, and Jakob Rehof. 2004. Summarizing procedures in concurrent programs. In Proceedings of the 31st ACM SIGPLAN Symposium on Principles of Programming Languages (POPL’04). ACM, New York, NY, 245--255. DOI:https://doi.org/10.1145/964001.964022Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Shaz Qadeer and Jakob Rehof. 2005. Context-bounded model checking of concurrent software. In Proceedings of the 11th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’05). 93--107. DOI:https://doi.org/10.1007/978-3-540-31980-1_7Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Shaz Qadeer and Dinghao Wu. 2004. KISS: Keep it simple and sequential. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’04). ACM, New York, NY, 14--24. DOI:https://doi.org/10.1145/996841.996845Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. G. Ramalingam. 2000. Context-sensitive synchronization-sensitive analysis is undecidable. ACM Trans. Program. Lang. Syst. 22, 2 (March 2000), 416--430. DOI:https://doi.org/10.1145/349214.349241Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Stefan Schwoon. 2000. Model-Checking Pushdown Systems. Ph.D. Dissertation. Lehrstuhl für Informatik VII der Technischen Universität München.Google ScholarGoogle Scholar
  49. Dejvuth Suwimonteerabuth, Javier Esparza, and Stefan Schwoon. 2008. Symbolic context-bounded analysis of multithreaded Java programs. In Proceedings of the 15th International SPIN Workshop on Model Checking Software (SPIN’08). 270--287. DOI:https://doi.org/10.1007/978-3-540-85114-1_19Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Interprocedural Context-Unbounded Program Analysis Using Observation Sequences

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Programming Languages and Systems
          ACM Transactions on Programming Languages and Systems  Volume 42, Issue 4
          December 2020
          265 pages
          ISSN:0164-0925
          EISSN:1558-4593
          DOI:10.1145/3441648
          Issue’s Table of Contents

          Copyright © 2020 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 7 December 2020
          • Accepted: 1 August 2020
          • Revised: 1 April 2020
          • Received: 1 July 2019
          Published in toplas Volume 42, Issue 4

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed
        • Article Metrics

          • Downloads (Last 12 months)65
          • Downloads (Last 6 weeks)5

          Other Metrics

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format .

        View HTML Format
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!