Cited By
View all- Kosche MKoß TManea FPak V(2022)Subsequences in Bounded Ranges: Matching and Analysis ProblemsReachability Problems10.1007/978-3-031-19135-0_10(140-159)Online publication date: 17-Oct-2022
Context-bounded verification of thread pools
Authors: 
Pascal Baumann, Rupak Majumdar, Ramanathan S. Thinniyam, Georg ZetzscheAuthors Info & Claims
Pascal Baumann, Rupak Majumdar, Ramanathan S. Thinniyam, Georg ZetzscheAuthors Info & ClaimsArticle No.: 17, Pages 1 - 28
Abstract
Thread pooling is a common programming idiom in which a fixed set of worker threads are maintained to execute tasks concurrently. The workers repeatedly pick tasks and execute them to completion. Each task is sequential, with possibly recursive code, and tasks communicate over shared memory. Executing a task can lead to more new tasks being spawned. We consider the safety verification problem for thread-pooled programs. We parameterize the problem with two parameters: the size of the thread pool as well as the number of context switches for each task. The size of the thread pool determines the number of workers running concurrently. The number of context switches determines how many times a worker can be swapped out while executing a single task---like many verification problems for multithreaded recursive programs, the context bounding is important for decidability.
We show that the safety verification problem for thread-pooled, context-bounded, Boolean programs is EXPSPACE-complete, even if the size of the thread pool and the context bound are given in binary. Our main result, the EXPSPACE upper bound, is derived using a sequence of new succinct encoding techniques of independent language-theoretic interest. In particular, we show a polynomial-time construction of downward closures of languages accepted by succinct pushdown automata as doubly succinct nondeterministic finite automata. While there are explicit doubly exponential lower bounds on the size of nondeterministic finite automata accepting the downward closure, our result shows these automata can be compressed. We show that thread pooling significantly reduces computational power: in contrast, if only the context bound is provided in binary, but there is no thread pooling, the safety verification problem becomes 3EXPSPACE-complete. Given the high complexity lower bounds of related problems involving binary parameters, the relatively low complexity of safety verification with thread-pooling comes as a surprise.
Supplementary Material
We show that the safety verification problem for thread-pooled, context-bounded, Boolean programs is EXPSPACE-complete, even if the size of the thread pool and the context bound are given in binary. Our main result, the EXPSPACE upper bound, is derived using a sequence of new succinct encoding techniques of independent language-theoretic interest. In particular, we show a polynomial-time construction of downward closures of languages accepted by succinct pushdown automata as doubly succinct nondeterministic finite automata. While there are explicit doubly exponential lower bounds on the size of nondeterministic finite automata accepting the downward closure, our result shows these automata can be compressed. We show that thread pooling significantly reduces computational power: in contrast, if only the context bound is provided in binary, but there is no thread pooling, the safety verification problem becomes 3EXPSPACE-complete.
- Download
- 7.20 MB
References
[1]
Mohamed Faouzi Atig, Ahmed Bouajjani, and Shaz Qadeer. 2009. Context-Bounded Analysis for Concurrent Programs with Dynamic Creation of Threads. In Proceedings of TACAS 2009. 107–123. https://doi.org/10.1007/978-3-642-00768-2_11
[2]
Georg Bachmeier, Michael Luttenberger, and Maximilian Schlund. 2015. Finite Automata for the Sub- and Superword Closure of CFLs: Descriptional and Computational Complexity. In 9th International Conference on Language and Automata Theory and Applications, LATA 2015, Nice, France, March 2-6, 2015, Proceedings. Springer, 473–485. https://doi.org/10.1007/978-3-319-15579-1_37
[3]
Thomas Ball and Sriram K. Rajamani. 2000. Bebop: A Symbolic Model Checker for Boolean Programs. In SPIN Model Checking and Software Verification, 7th International SPIN Workshop, Stanford, CA, USA, August 30 - September 1, 2000, Proceedings, Klaus Havelund, John Penix, and Willem Visser (Eds.) (Lecture Notes in Computer Science, Vol. 1885). Springer, 113–130. https://doi.org/10.1007/10722468_7
[4]
Thomas Ball and Sriram K. Rajamani. 2001. The SLAM Toolkit. In Computer Aided Verification, 13th International Conference, CAV 2001, Paris, France, July 18-22, 2001, Proceedings, Gérard Berry, Hubert Comon, and Alain Finkel (Eds.) (Lecture Notes in Computer Science, Vol. 2102). Springer, 260–264. https://doi.org/10.1007/3-540-44585-4_25
[5]
Pascal Baumann, Rupak Majumdar, Ramanathan S. Thinniyam, and Georg Zetzsche. 2020. The Complexity of Bounded Context Switching with Dynamic Thread Creation. In 47th International Colloquium on Automata, Languages, and Programming, ICALP 2020, July 8-11, 2020, Saarbrücken, Germany (Virtual Conference) (LIPIcs, Vol. 168). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 111:1–111:16. https://doi.org/10.4230/LIPIcs.ICALP.2020.111
[6]
Pascal Baumann, Rupak Majumdar, Ramanathan S. Thinniyam, and Georg Zetzsche. 2021. Context-Bounded Verification of Liveness Properties for Multithreaded Shared-Memory Programs. Proceedings of the ACM on Programming Languages (PACMPL), 5, POPL (2021), Article 44, Jan., 31 pages. https://doi.org/10.1145/3434325
[7]
Peter Chini, Jonathan Kolberg, Andreas Krebs, Roland Meyer, and Prakash Saivasan. 2017. On the Complexity of Bounded Context Switching. In 25th Annual European Symposium on Algorithms, ESA 2017, September 4-6, 2017, Vienna, Austria, Kirk Pruhs and Christian Sohler (Eds.) (LIPIcs, Vol. 87). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 27:1–27:15. https://doi.org/10.4230/LIPIcs.ESA.2017.27
[8]
Bruno Courcelle. 1991. On constructing obstruction sets of words. Bulletin of the EATCS, 44 (1991), 178–186.
[9]
Wojciech Czerwiński and Ł ukasz Orlikowski. 2022. Reachability in Vector Addition Systems is Ackermann-complete. In Proceedings of the 62nd Annual IEEE Symposium on Foundations of Computer Science, FOCS 2021, Denver, CO, USA, February 7-10, 2022. to appear.
[10]
Javier Esparza. 1998. Decidability and Complexity of Petri Net Problems – an Introduction. In Lectures on Petri Nets I: Basic Models. Advances in Petri Nets, G. Rozenberg and W. Reisig (Eds.) (Lecture Notes in Computer Science, 1491). 374–428. https://doi.org/10.1007/3-540-65306-6_20
[11]
Pierre Ganty and Rupak Majumdar. 2012. Algorithmic verification of asynchronous programs. ACM Transactions on Programming Languages and Systems (TOPLAS), 34, 1 (2012), 6. https://doi.org/10.1145/2160910.2160915
[12]
Seymour Ginsburg. 1966. The mathematical theory of context free languages. McGraw Hill.
[13]
Patrice Godefroid and Mihalis Yannakakis. 2013. Analysis of Boolean Programs. In Tools and Algorithms for the Construction and Analysis of Systems - 19th International Conference, TACAS 2013, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2013, Rome, Italy, March 16-24, 2013. Proceedings, Nir Piterman and Scott A. Smolka (Eds.) (Lecture Notes in Computer Science, Vol. 7795). Springer, 214–229. https://doi.org/10.1007/978-3-642-36742-7_16
[14]
H. Gruber, M. Holzer, and M. Kutrib. 2009. More on the Size of Higman-Haines Sets: Effective Constructions. Fundam. Inf., 91(1) (2009), 105–121.
[15]
Leonard H Haines. 1969. On free monoids partially ordered by embedding. Journal of Combinatorial Theory, 6, 1 (1969), 94–98.
[16]
Graham Higman. 1952. Ordering by divisibility in abstract algebras. Proc. London Math. Soc. (3), 2 (1952), 326–336.
[17]
Ranjit Jhala and Rupak Majumdar. 2007. Interprocedural Analysis of Asynchronous Programs. In Proceedings of the 34th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2007, Nice, France, January 17-19, 2007. ACM, 339–350. https://doi.org/10.1145/1190216.1190266
[18]
Salvatore La Torre, P. Madhusudan, and Gennaro Parlato. 2009. Reducing Context-Bounded Concurrent Reachability to Sequential Reachability. In Computer Aided Verification, 21st International Conference, CAV 2009, Grenoble, France, June 26 - July 2, 2009. Proceedings, Ahmed Bouajjani and Oded Maler (Eds.) (Lecture Notes in Computer Science, Vol. 5643). Springer, 477–492. https://doi.org/10.1007/978-3-642-02658-4_36
[19]
Salvatore La Torre, Parthasarathy Madhusudan, and Gennaro Parlato. 2010. The Language Theory of Bounded Context-Switching. In LATIN 2010: Theoretical Informatics, 9th Latin American Symposium, Oaxaca, Mexico, April 19-23, 2010, Proceedings (Lecture Notes in Computer Science, Vol. 6034). Springer, 96–107. https://doi.org/10.1007/978-3-642-12200-2_10
[20]
Akash Lal and Thomas W. Reps. 2009. Reducing concurrent analysis under a context bound to sequential analysis. Formal Methods in System Design, 35, 1 (2009), 73–97. https://doi.org/10.1007/s10703-009-0078-9
[21]
Jérôme Leroux. 2022. The Reachability Problem for Petri Nets is Not Primitive Recursive. In Proceedings of the 62nd Annual IEEE Symposium on Foundations of Computer Science, FOCS 2021, Denver, CO, USA, February 7-10, 2022. to appear.
[22]
Jérôme Leroux and Sylvain Schmitz. 2019. Reachability in Vector Addition Systems is Primitive-Recursive in Fixed Dimension. In Proceedings of the 34th Annual ACM/IEEE Symposium on Logic in Computer Science, LICS 2019, Vancouver, Canada, June 24-27, 2019. 1–13. https://doi.org/10.1109/LICS.2019.8785796
[23]
Jiaxin Li, Yuxi Chen, Haopeng Liu, Shan Lu, Yiming Zhang, Haryadi S. Gunawi, Xiaohui Gu, Xicheng Lu, and Dongsheng Li. 2018. Pcatch: automatically detecting performance cascading bugs in cloud systems. In Proceedings of the Thirteenth EuroSys Conference, EuroSys 2018, Porto, Portugal, April 23-26, 2018, Rui Oliveira, Pascal Felber, and Y. Charlie Hu (Eds.). ACM, 7:1–7:14. https://doi.org/10.1145/3190508.3190552
[24]
Richard Lipton. 1976. The reachability problem is exponential-space hard. Yale University, Department of Computer Science, Report, 62 (1976).
[25]
Rupak Majumdar, Ramanathan S. Thinniyam, and Georg Zetzsche. 2021. General Decidability Results for Asynchronous Shared-Memory Programs: Higher-Order and Beyond. In Tools and Algorithms for the Construction and Analysis of Systems - 27th International Conference, TACAS 2021, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Luxembourg City, Luxembourg, March 27 - April 1, 2021, Proceedings, Part I, Jan Friso Groote and Kim Guldstrand Larsen (Eds.) (Lecture Notes in Computer Science, Vol. 12651). Springer, 449–467. https://doi.org/10.1007/978-3-030-72016-2_24
[26]
Roland Meyer, Sebastian Muskalla, and Georg Zetzsche. 2018. Bounded Context Switching for Valence Systems. In 29th International Conference on Concurrency Theory, CONCUR 2018, September 4-7, 2018, Beijing, China, Sven Schewe and Lijun Zhang (Eds.) (LIPIcs, Vol. 118). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 12:1–12:18. https://doi.org/10.4230/LIPIcs.CONCUR.2018.12
[27]
Madanlal Musuvathi and Shaz Qadeer. 2007. Iterative context bounding for systematic testing of multithreaded programs. In Proceedings of the ACM SIGPLAN 2007 Conference on Programming Language Design and Implementation, PLDI 2007, San Diego, CA, USA, June 10-13, 2007. ACM, 446–455. https://doi.org/10.1145/1250734.1250785
[28]
Christos H. Papadimitriou and Mihalis Yannakakis. 1986. A note on succinct representations of graphs. Information and Control, 71, 3 (1986), 181–185. https://doi.org/10.1016/S0019-9958(86)80009-2
[29]
Shaz Qadeer and Jakob Rehof. 2005. Context-Bounded Model Checking of Concurrent Software. In Tools and Algorithms for the Construction and Analysis of Systems, 11th International Conference, TACAS 2005, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2005, Edinburgh, UK, April 4-8, 2005, Proceedings (Lecture Notes in Computer Science, Vol. 3440). Springer, 93–107. https://doi.org/10.1007/978-3-540-31980-1_7
[30]
Charles Rackoff. 1978. The covering and boundedness problems for vector addition systems. Theoretical Computer Science, 6, 2 (1978), 223–231.
[31]
Ganesan Ramalingam. 2000. Context-sensitive synchronization-sensitive analysis is undecidable. ACM TOPLAS, 22(2) (2000), 416–430. https://doi.org/10.1145/349214.349241
[32]
Louis E. Rosier and Hsu-Chun Yen. 1986. A Multiparameter Analysis of the Boundedness Problem for Vector Addition Systems. J. Comput. System Sci., 32, 1 (1986), 105–135. issn:0022-0000 https://doi.org/10.1016/0022-0000(86)90006-1
[33]
Koushik Sen and Mahesh Viswanathan. 2006. Model Checking Multithreaded Programs with Asynchronous Atomic Methods. In 28th International Conference on Computer Aided Verification, CAV 2016, Toronto, ON, Canada, July 17-23, 2016, Proceedings (LNCS, Vol. 4144). Springer, 300–314. https://doi.org/10.1007/11817963_29
[34]
Jan van Leeuwen. 1978. Effective constructions in well-partially-ordered free monoids. Discrete Mathematics, 21, 3 (1978), 237–252. https://doi.org/10.1016/0012-365X(78)90156-5
Index Terms
- Context-bounded verification of thread pools
Recommendations
Context-Bounded Verification of Context-Free Specifications
A fundamental problem in refinement verification is to check that the language of behaviors of an implementation is included in the language of the specification. We consider the refinement verification problem where the implementation is a multithreaded ...
Context-bounded verification of liveness properties for multithreaded shared-memory programs
We study context-bounded verification of liveness properties of multi-threaded, shared-memory programs, where each thread can spawn additional threads. Our main result shows that context-bounded fair termination is decidable for the model; context-...
A Perfect Model for Bounded Verification
LICS '12: Proceedings of the 2012 27th Annual IEEE/ACM Symposium on Logic in Computer ScienceA class of languages C is perfect if it is closed under Boolean operations and the emptiness problem is decidable. Perfect language classes are the basis for the automata-theoretic approach to model checking: a system is correct if the language ...
Comments
Information & Contributors
Information
Published In
Copyright © 2022 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 January 2022
Published in PACMPL Volume 6, Issue POPL
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- Deutsche Forschungsgemeinschaft
- European Research Council
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 350Total Downloads
- Downloads (Last 12 months)122
- Downloads (Last 6 weeks)16
Reflects downloads up to 21 Jan 2025
Other Metrics
Citations
Cited By
View all- Kosche MKoß TManea FPak V(2022)Subsequences in Bounded Ranges: Matching and Analysis ProblemsReachability Problems10.1007/978-3-031-19135-0_10(140-159)Online publication date: 17-Oct-2022
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in