Skip to main content
SpringerLink
Log in

Bounded Model Checking for Concurrent Systems: Synchronous Vs. Asynchronous

  • Chapter
  • First Online:
High-Level Verification

  • 749 Accesses

Abstract

Concurrent systems are hard to verify due to complex and unintended asynchronous interactions. Exploring the state space of such a system is a daunting task. Model checking techniques that use symbolic search and partial-order reduction are gaining popularity. In this chapter, we focus primarily on bounded model checking (BMC) approaches that use decision procedures to search for bounded length counter-examples to safety properties such as data races and assertion violations in multi-threaded concurrent systems. In particular, we contrast several state-of-the-art approaches based on the synchronous and asynchronous modeling styles used in formulating the decision problems, and the sizes of the corresponding formulas.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Step semantics [102], in contrast to interleaving semantics, allows more than one local transitions of different thread models to be scheduled as long as no reachable state is lost. It is an optimization step to reduce the set of interleavings to explore.

  2. 2.

    Firing of generator transitions may correspond to instances of the same thread transition when it is fired in a thread loop. Note that during BMC unrolling, each thread transition in a loop is instantiated uniquely. In the sequel, we use a thread transition to refer to such an instance.

  3. 3.

    We compare the notion of atomicity used here, vis-a-vis previous works [56, 182, 206]. Here the atomicity of transactions corresponds to the observation of the system, which may not correspond to the user intended atomicity of the transactions. Previous work assume that the atomic transactions are system specification that should always be enforced, whereas here atomic (or rather independent) transactions is inferred from the given system under test, and are used to reduce the search space of symbolic analysis.

  4. 4.

    In the token-passing model, as we see later, TP is exactly the set such that the token passes from a to b iff (a, b) ∈ TP.

References

  1. EP2: Electronic Payment 2. www.eftpos2000.ch

  2. Adve, S.V., Hill, M.D., Miller, B.P., Netzer, R.H.B.: Detecting data races on weak memory systems. SIGARCH Computer Architecture News 19(3), 234–243 (1991). DOI http://doi.acm.org/10.1145/115953.115976

  3. Alur, R., Brayton, R.K., Henzinger, T.A., Qadeer, S., Rajamani, S.K.: Partial-order reduction in symbolic state-space exploration. Formal Methods System Design 18(2), 97–116 (2001). DOI http://dx.doi.org/10.1023/A:1008767206905

  4. Andrews, T., Qadeer, S., Rajamani, S.K., Rehof, J., Xie, Y.: Zing: Exploiting program structure for model checking concurrent software. In: CONCUR 04: 15th International Conference on Concurrency Theory, LNCS, vol. 3170, pp. 1–15. Springer Verlag (2004)

    Google Scholar 

  5. Armando, A., Mantovani, J., Platania, L.: Bounded model checking of software using smt solvers instead of sat solvers. Int. J. Softw. Tools Technol. Transf. 11(1), 69–83 (2009). DOI http://dx.doi.org/10.1007/s10009-008-0091-0

    Google Scholar 

  6. Biere, A., Cimatti, A., Clarke, E.M., Zhu, Y.: Symbolic model checking without bdds. In: TACAS ’99: Proceedings of the 5th International Conference on Tools and Algorithms for Construction and Analysis of Systems, pp. 193–207. Springer-Verlag, London, UK (1999)

    Google Scholar 

  7. Bozzano, M., Bruttomesso, R., Cimatti, R., Junttila, T., Rossum, P.V., Schulz, S., Sebastiani, R.: The mathsat 3 system. In: Automated Deduction: Proceedings of the 20th International Conference, volume 3632 of Lecture Notes in Computer Science, pp. 315–321. Springer (2005)

    Google Scholar 

  8. Burckhardt, S., Alur, R., Martin, M.M.K.: Checkfence: checking consistency of concurrent data types on relaxed memory models. In: PLDI ’07: Proceedings of the 2007 ACM SIGPLAN conference on Programming Language Design and Implementation, pp. 12–21. ACM, New York, NY, USA (2007). DOI http://doi.acm.org/10.1145/1273442.1250737

  9. Cook, B., Kroening, D., Sharygina, N.: Symbolic model checking for asynchronous boolean programs. In: SPIN ’05: Proceedings of the 12th international workshop on Model Checking Software, pp. 75–90 (2005)

    Google Scholar 

  10. Dutertre, B., de Moura, L.: A Fast Linear-Arithmetic Solver for DPLL(T). In: Proceedings of the 18th Computer-Aided Verification conference, LNCS, vol. 4144, pp. 81–94. Springer-Verlag (2006)

    Google Scholar 

  11. Flanagan, C., Freund, S.N.: Atomizer: A dynamic atomicity checker for multithreaded programs. Sci. Comput. Program. 71(2), 89–109 (2008). DOI http://dx.doi.org/10.1016/j.scico.2007.12.001

    Google Scholar 

  12. Flanagan, C., Godefroid, P.: Dynamic partial-order reduction for model checking software. In: Proceedings of the 32nd ACM Symposium on Principles of Programming Languages (2005)

    Google Scholar 

  13. Flanagan, C., Qadeer, S.: Transactions for software model checking. Electronic Notes in Theoretical Computer Science 89 (2003). URL citeseer.ist.psu.edu/flanagan03transactions.html

  14. Ganai, M., Gupta, A.: SAT-Based Scalable Formal Verification Solutions (Series on Integrated Circuits and Systems). Springer-Verlag New York, Inc., Secaucus, NJ, USA (2007)

    Google Scholar 

  15. Ganai, M., Kundu, S.: Reduction of Verification Conditions for Concurrent System using Mutually Atomic Transactions. In: SPIN ’09: Proceedings of the 16th International SPIN Workshop on Model Checking of Software (2009)

    Google Scholar 

  16. Ganai, M., Wang, C.: Interval Analysis for Concurrent Trace Programs using Transaction Sequence Graphs. In: Proceedings of Runtime Verification (2010)

    Google Scholar 

  17. Ganai, M.K., Gupta, A.: Accelerating high-level bounded model checking. In: ICCAD ’06: Proceedings of the 2006 IEEE/ACM International Conference on Computer-Aided Design, pp. 794–801. ACM, New York, NY, USA (2006). DOI http://doi.acm.org/10.1145/1233501.1233664

  18. Ganai, M.K., Gupta, A.: Efficient modeling of concurrent systems in bmc. In: SPIN ’08: Proceedings of the 15th international workshop on Model Checking Software, pp. 114–133. Springer-Verlag, Berlin, Heidelberg (2008). DOI http://dx.doi.org/10.1007/978-3-540-85114-1_10

  19. Godefroid, P.: Partial-order methods for the verification of concurrent systems: an approach to the state-explosion problem. Ph.D. thesis, Univerite De Liege (1995). URL citeseer.ist.psu.edu/godefroid95partialorder.html

  20. Godefroid, P.: Model checking for programming languages using VeriSoft. In: Proceedings of the 24th ACM Symposium on Principles of Programming Languages (1997)

    Google Scholar 

  21. Godefroid, P., Pirottin, D.: Refining dependencies improves partial-order verification methods (extended abstract). In: CAV ’93: Proceedings of the 5th International Conference on Computer Aided Verification, pp. 438–449. Springer-Verlag, London, UK (1993)

    Google Scholar 

  22. Grumberg, O., Lerda, F., Strichman, O., Theobald, M.: Proof-guided underapproximation-widening for multi-process systems. In: POPL ’05: Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 122–131. ACM, New York, NY, USA (2005). DOI http://doi.acm.org/10.1145/1040305.1040316

  23. Gueta, G., Flanagan, C., Yahav, E., Sagiv, M.: Cartesian partial-order reduction. In: SPIN ’07: Proceedings of the 14th International SPIN Workshop on Model Checking of Software, pp. 95–112 (2007)

    Google Scholar 

  24. Holzmann, G.J.: The model checker SPIN. Software Engineering 23(5), 279–295 (1997). URL citeseer.ist.psu.edu/holzmann97model.html

    Google Scholar 

  25. Jr., E.M.C., Grumberg, O., Peled, D.A.: Model Checking. The MIT Press (1999)

    Google Scholar 

  26. Jussila, T., Niemel, I.: Parallel program verification using bmc. In: In: ECAI 2002 Workshop on Model Checking and Artificial Intelligence, pp. 59–66 (2002)

    Google Scholar 

  27. Kahlon, V., Gupta, A., Sinha, N.: Symbolic Model Checking of Concurrent Programs Using Partial Orders and On-the-Fly Transactions. In: CAV ’06: Proceedings of the 18th international conference on Computer Aided Verification, pp. 286–299 (2006)

    Google Scholar 

  28. Kahlon, V., Wang, C., Gupta, A.: Monotonic partial order reduction: An optimal symbolic partial order reduction technique. In: CAV ’09: Proceedings of the 21st International Conference on Computer Aided Verification, pp. 398–413. Springer-Verlag, Berlin, Heidelberg (2009). DOI http://dx.doi.org/10.1007/978-3-642-02658-4_31

  29. Katz, S., Peled, D.: Defining conditional independence using collapses. Theor. Comput. Sci. 101(2), 337–359 (1992). DOI http://dx.doi.org/10.1016/0304-3975(92)90054-J

    Google Scholar 

  30. Lamport, L.: Time, clocks, and the ordering of events in a distributed system. Commun. ACM 21(7), 558–565 (1978). DOI http://doi.acm.org/10.1145/359545.359563

    Google Scholar 

  31. Lamport, L.: How to make a multiprocessor computer that correctly executes multiprocess program. IEEE Transactions on Computers 28(9), 690–691 (1979). DOI http://dx.doi.org/10.1109/TC.1979.1675439

  32. Lee, J., Padua, D.A., Midkiff, S.P.: Basic compiler algorithms for parallel programs. SIGPLAN Not. 34(8), 1–12 (1999). DOI http://doi.acm.org/10.1145/329366.301105

    Google Scholar 

  33. Lerda, F., Sinha, N., Theobald, M.: Symbolic model checking of software. Electronic Notes in Theoretical Computer Science 89(3), 480–498 (2003). DOI:10.1016/S1571-0661(05)80008-8. URL http://www.sciencedirect.com/science/article/B75H1- 4G6H70X-8/2/789a8a6cd28544600d61a7540d5a51b8. SoftMC 2003, Workshop on Software Model Checking (Satellite Workshop of CAV ’03)

  34. Levin, V., Palmer, R., Qadeer, S., Rajamani, S.K.: Sound transaction-based reduction without cycle detection. In: SPIN ’05: Proceedings of the 12th international workshop on Model Checking Software, pp. 106–122 (2005)

    Google Scholar 

  35. Mazurkiewicz, A.: Trace theory. In: Advances in Petri nets 1986, part II on Petri nets: applications and relationships to other models of concurrency, pp. 279–324. Springer-Verlag New York, Inc., New York, NY, USA (1987)

    Google Scholar 

  36. McMillan, K.L.: Symbolic Model Checking. Kluwer Academic Publishers, Norwell, MA, USA (1993)

    Google Scholar 

  37. Nieuwenhuis, R., Oliveras, A.: Dpll(t) with exhaustive theory propagation and its application to difference logic. In: In CAV05 LNCS 3576, pp. 321–334. Springer (2005)

    Google Scholar 

  38. Peled, D.: All from one, one for all: on model checking using representatives. In: CAV ’93: Proceedings of the 5th International Conference on Computer Aided Verification, pp. 409–423. Springer-Verlag, London, UK (1993)

    Google Scholar 

  39. Qadeer, S., Rehof, J.: Context-bounded model checking of concurrent software. In: TACAS’05: Proceedings of the 11th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, pp. 93–107. Springer (2005)

    Google Scholar 

  40. Rabinovitz, I., Grumberg, O.: Bounded model checking of concurrent programs. In: CAV ’05: Proceedings of the 17th international conference on Computer Aided Verification, pp. 82–97 (2005)

    Google Scholar 

  41. Ramalingam, G.: Context-sensitive synchronization-sensitive analysis is undecidable. ACM Transactions on Programing Language Systems 22(2), 416–430 (2000). DOI http://doi.acm.org/10.1145/349214.349241

    Google Scholar 

  42. Sadowski, C., Freund, S.N., Flanagan, C.: Singletrack: A dynamic determinism checker for multithreaded programs. In: ESOP ’09: Proceedings of the 18th European Symposium on Programming Languages and Systems, pp. 394–409. Springer-Verlag, Berlin, Heidelberg (2009). DOI http://dx.doi.org/10.1007/978-3-642-00590-9_28

  43. Stoller, S.D.: Model-checking multi-threaded distributed java programs. In: International Journal on Software Tools for Technology Transfer, pp. 224–244. Springer (2000)

    Google Scholar 

  44. Stoller, S.D., Cohen, E.: Optimistic synchronization-based state-space reduction. Formal Methods in System Design 28(3), 263–289 (2006). DOI http://dx.doi.org/10.1007/s10703-006-0003-4

  45. Valmari, A.: Stubborn sets for reduced state space generation. In: Proceedings of the 10th International Conference on Applications and Theory of Petri Nets, pp. 491–515. Springer-Verlag, London, UK (1991)

    Google Scholar 

  46. Wang, C., Kundu, S., Ganai, M., Gupta, A.: Symbolic predictive analysis for concurrent programs. In: FM ’09: Proceedings of the 2nd World Congress on Formal Methods, pp. 256–272. Springer-Verlag, Berlin, Heidelberg (2009). DOI http://dx.doi.org/10.1007/978-3-642-05089-3_17

  47. Wang, C., Yang, Z., Kahlon, V., Gupta, A.: Peephole partial order reduction. In: TACAS ’08: Proceedings of the 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, pp. 382–396 (2008)

    Google Scholar 

  48. Wang, L., Stoller, S.D.: Accurate and efficient runtime detection of atomicity errors in concurrent programs. In: PPoPP ’06: Proceedings of the eleventh ACM SIGPLAN symposium on Principles and practice of parallel programming, pp. 137–146. ACM, New York, NY, USA (2006). DOI http://doi.acm.org/10.1145/1122971.1122993

  49. Yang, Y., Gopalakrishnan, G., Lindstrom, G.: Memory-model-sensitive data race analysis. In: ICFEM ’04: Proceedings of 6th International Conference on Formal Engineering Methods, pp. 30–45 (2004)

    Google Scholar 

  50. Yang, Y., Gopalakrishnan, G., Lindstrom, G., Slind, K.: Nemos: A framework for axiomatic and executable specifications of memory consistency models. In: International Parallel and Distributed Processing Symposium (IPDPS) (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NEC Labs America, 4 Independence Way, Princeton, NJ, 08540, USA

    Malay K. Ganai

Authors
  1. Malay K. Ganai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Malay K. Ganai .

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Ganai, M.K. (2011). Bounded Model Checking for Concurrent Systems: Synchronous Vs. Asynchronous. In: High-Level Verification. Springer, New York, NY. https://doi.org/10.1007/978-1-4419-9359-5_6

Download citation

  • DOI: https://doi.org/10.1007/978-1-4419-9359-5_6

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4419-9358-8

  • Online ISBN: 978-1-4419-9359-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation