Dynamic Cutoff Detection in Parameterized Concurrent Programs

  • Alexander Kaiser
  • Daniel Kroening
  • Thomas Wahl
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6174)

Abstract

We consider the class of finite-state programs executed by an unbounded number of replicated threads communicating via shared variables. The thread-state reachability problem for this class is essential in software verification using predicate abstraction. While this problem is decidable via Petri net coverability analysis, techniques solely based on coverability suffer from the problem’s exponential-space complexity. In this paper, we present an alternative method based on a thread-state cutoff: a number n of threads that suffice to generate all reachable thread states. We give a condition, verifiable dynamically during reachability analysis for increasing n, that is sufficient to conclude that n is a cutoff. We then make the method complete, via a coverability query that is of low cost in practice. We demonstrate the efficiency of the approach on Petri net encodings of communication protocols, as well as on non-recursive Boolean programs run by arbitrarily many parallel threads.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ball, T., Bounimova, E., Cook, B., Levin, V., Lichtenberg, J., McGarvey, C., Ondrusek, B., Rajamani, S.K., Ustuner, A.: Thorough static analysis of device drivers. In: EuroSys, pp. 73–85 (2006)Google Scholar
  2. 2.
    Ball, T., Chaki, S., Rajamani, S.K.: Parameterized verification of multithreaded software libraries. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 158–173. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Basler, G., Mazzucchi, M., Wahl, T., Kroening, D.: Symbolic counter abstraction for concurrent software. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 64–78. Springer, Heidelberg (2009)Google Scholar
  4. 4.
    Bingham, J.D.: A new approach to upward-closed set backward reachability analysis. Electr. Notes Theor. Comput. Sci. 138(3), 37–48 (2005)CrossRefMathSciNetGoogle Scholar
  5. 5.
    Bingham, J.D., Hu, A.J.: Empirically efficient verification for a class of infinite-state systems. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 77–92. Springer, Heidelberg (2005)Google Scholar
  6. 6.
    Bouajjani, A., Müller-Olm, M., Touili, T.: Regular symbolic analysis of dynamic networks of pushdown systems. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 473–487. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Cardoza, E., Lipton, R.J., Meyer, A.R.: Exponential space complete problems for Petri nets and commutative semigroups: Preliminary report. In: STOC, pp. 50–54 (1976)Google Scholar
  8. 8.
    Cook, B., Kroening, D., Sharygina, N.: Verification of Boolean programs with unbounded thread creation. Theor. Comput. Sci. 388(1-3), 227–242 (2007)MATHMathSciNetGoogle Scholar
  9. 9.
    Delzanno, G., Raskin, J.-F., Begin, L.V.: Towards the automated verification of multithreaded Java programs. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, pp. 173–187. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Delzanno, G., Raskin, J.-F., Begin, L.V.: Covering sharing trees: a compact data structure for parameterized verification. STTT 5(2-3), 268–297 (2004)Google Scholar
  11. 11.
    Emerson, E.A., Kahlon, V.: Reducing model checking of the many to the few. In: McAllester, D. (ed.) CADE 2000. LNCS, vol. 1831, pp. 236–254. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Emerson, E.A., Namjoshi, K.S.: Reasoning about rings. In: POPL, pp. 85–94 (1995)Google Scholar
  13. 13.
    Ganty, P., Begin, L.V., Delzanno, G., Raskin, J.-F.: The MIST2 tool, release 1.0, Université Libre de Bruxelles (June 2009), http://www.ulb.ac.be/di/ssd/pganty/software/software.html
  14. 14.
    Ganty, P., Raskin, J.-F., Begin, L.V.: From many places to few: Automatic abstraction refinement for Petri nets. Fundam. Inform. 88(3), 275–305 (2008)MATHGoogle Scholar
  15. 15.
    Geeraerts, G., Raskin, J.-F., Begin, L.V.: Expand, enlarge and check... made efficient. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 394–407. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Heitmann, F., Moldt, D.: Petri net tool database, http://www.informatik.uni-hamburg.de/TGI/PetriNets/tools/db.html
  17. 17.
    Kahlon, V., Ivancic, F., Gupta, A.: Reasoning about threads communicating via locks. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 505–518. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Karp, R.M., Miller, R.E.: Parallel program schemata. J. Comput. Syst. Sci. 3(2), 147–195 (1969)MATHMathSciNetGoogle Scholar
  19. 19.
    Witkowski, T., Blanc, N., Kroening, D., Weissenbacher, G.: Model checking concurrent linux device drivers. In: ASE, pp. 501–504 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Alexander Kaiser
    • 1
  • Daniel Kroening
    • 1
  • Thomas Wahl
    • 1
  1. 1.Computing LaboratoryOxford UniversityUnited Kingdom

Personalised recommendations