Synchronizing the Asynchronous

Synchronous programs are easy to specify because the side effects of an operation are finished by the time the invocation of the operation returns to the caller. Asynchronous programs, on the other hand, are difficult to specify because there are side effects due to pending computation scheduled as a result of the invocation of an operation. They are also difficult to verify because of the large number of possible interleavings of concurrent computation threads. We present synchronization, a new proof rule that simplifies the verification of asynchronous programs by introducing the fiction, for proof purposes, that asynchronous operations complete synchronously. Synchronization summarizes an asynchronous computation as immediate atomic effect. Modular verification is enabled via pending asynchronous calls in atomic summaries, and a complementary proof rule that eliminates pending asynchronous calls when components and their specifications are composed. We evaluate synchronization in the context of a multi-layer refinement verification methodology on a collection of benchmark programs.

[1]  Susan Owicki,et al.  An axiomatic proof technique for parallel programs I , 1976, Acta Informatica.

[2]  Serdar Tasiran,et al.  Verifying Robustness of Event-Driven Asynchronous Programs Against Concurrency , 2017, ESOP.

[3]  Thomas Ball,et al.  Finding and Reproducing Heisenbugs in Concurrent Programs , 2008, OSDI.

[4]  Richard J. Lipton,et al.  Reduction: a method of proving properties of parallel programs , 1975, CACM.

[5]  Rupak Majumdar,et al.  Rely/Guarantee Reasoning for Asynchronous Programs , 2015, CONCUR.

[6]  Robert Griesemer,et al.  Paxos made live: an engineering perspective , 2007, PODC '07.

[7]  Nicolas Halbwachs,et al.  Synchronous Programming of Reactive Systems , 1992, CAV.

[8]  Srinath T. V. Setty,et al.  IronFleet: proving practical distributed systems correct , 2015, SOSP.

[9]  Serdar Tasiran,et al.  Automated and Modular Refinement Reasoning for Concurrent Programs , 2015, CAV.

[10]  Peter Müller,et al.  Actor Services - Modular Verification of Message Passing Programs , 2016, ESOP.

[11]  Andreas Wilhelm,et al.  Reduction for compositional verification of multi-threaded programs , 2014, 2014 Formal Methods in Computer-Aided Design (FMCAD).

[12]  Peter W. O'Hearn,et al.  Resources, Concurrency and Local Reasoning , 2004, CONCUR.

[13]  Daniel Kroening,et al.  Context-aware counter abstraction , 2010, Formal Methods Syst. Des..

[14]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[15]  Nikolaj Bjørner,et al.  Cardinalities and universal quantifiers for verifying parameterized systems , 2016, PLDI.

[16]  Patrice Godefroid,et al.  Model checking for programming languages using VeriSoft , 1997, POPL '97.

[17]  Damien Zufferey,et al.  P: safe asynchronous event-driven programming , 2013, PLDI.

[18]  Ranjit Jhala,et al.  Verifying distributed programs via canonical sequentialization , 2017, Proc. ACM Program. Lang..

[19]  Marieke Huisman,et al.  History-Based Verification of Functional Behaviour of Concurrent Programs , 2015, SEFM.

[20]  Antoine Miné,et al.  Towards an industrial use of sound static analysis for the verification of concurrent embedded avionics software , 2015, 2015 International Conference on Embedded Software (EMSOFT).

[21]  Ilya Sergey,et al.  Communicating State Transition Systems for Fine-Grained Concurrent Resources , 2014, ESOP.

[22]  Thomas A. Henzinger,et al.  PSync: a partially synchronous language for fault-tolerant distributed algorithms , 2016, POPL.

[23]  Carl Hewitt,et al.  A Universal Modular ACTOR Formalism for Artificial Intelligence , 1973, IJCAI.

[24]  Cliff B. Jones,et al.  Specification and Design of (Parallel) Programs , 1983, IFIP Congress.

[25]  Daniel Kroening,et al.  Dynamic Cutoff Detection in Parameterized Concurrent Programs , 2010, CAV.

[26]  Joël Ouaknine,et al.  Verifying multi-threaded software with impact , 2013, 2013 Formal Methods in Computer-Aided Design.

[27]  Serdar Tasiran,et al.  Systematic Asynchrony Bug Exploration for Android Apps , 2015, CAV.

[28]  Kenneth L. McMillan,et al.  A methodology for hardware verification using compositional model checking , 2000, Sci. Comput. Program..

[29]  Doron A. Peled,et al.  All from One, One for All: on Model Checking Using Representatives , 1993, CAV.

[30]  Robert Hieb,et al.  The Revised Report on the Syntactic Theories of Sequential Control and State , 1992, Theor. Comput. Sci..

[31]  BirkedalLars,et al.  Unifying refinement and hoare-style reasoning in a logic for higher-order concurrency , 2013 .

[32]  Ilya Sergey,et al.  Mechanized verification of fine-grained concurrent programs , 2015, PLDI.

[33]  Lars Birkedal,et al.  Caper - Automatic Verification for Fine-Grained Concurrency , 2017, ESOP.

[34]  Thomas A. Henzinger,et al.  Race checking by context inference , 2004, PLDI '04.

[35]  Bor-Yuh Evan Chang,et al.  Boogie: A Modular Reusable Verifier for Object-Oriented Programs , 2005, FMCO.

[36]  John Tang Boyland,et al.  Checking Interference with Fractional Permissions , 2003, SAS.

[37]  Thomas A. Henzinger,et al.  Reactive Modules , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[38]  Xi Wang,et al.  Verdi: a framework for implementing and formally verifying distributed systems , 2015, PLDI.

[39]  Cormac Flanagan,et al.  A type and effect system for atomicity , 2003, PLDI.

[40]  Ilya Sergey,et al.  Programming and proving with distributed protocols , 2017, Proc. ACM Program. Lang..

[41]  K. Rustan M. Leino,et al.  Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.

[42]  Richard D. Schlichting,et al.  Using message passing for distributed programming: proof rules and disciplines , 1984, TOPL.

[43]  Marieke Huisman,et al.  Future-based Static Analysis of Message Passing Programs , 2016, PLACES.

[44]  Lars Birkedal,et al.  Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning , 2015, POPL.

[45]  Peter Müller,et al.  Viper: A Verification Infrastructure for Permission-Based Reasoning , 2016, VMCAI.

[46]  Peter W. O'Hearn,et al.  Permission accounting in separation logic , 2005, POPL '05.

[47]  Rupak Majumdar,et al.  Hitting Families of Schedules for Asynchronous Programs , 2016, CAV.

[48]  Serdar Tasiran,et al.  A calculus of atomic actions , 2009, POPL '09.

[49]  Kenneth L. McMillan,et al.  Ivy: safety verification by interactive generalization , 2016, PLDI.

[50]  Rupak Majumdar,et al.  Analysis of Asynchronous Programs with Event-Based Synchronization , 2015, ESOP.

[51]  RybalchenkoAndrey,et al.  Predicate abstraction and refinement for verifying multi-threaded programs , 2011 .

[52]  Daniel Kroening,et al.  A Widening Approach to Multithreaded Program Verification , 2014, ACM Trans. Program. Lang. Syst..

[53]  Viktor Vafeiadis,et al.  Concurrent Abstract Predicates , 2010, ECOOP.