research-article

Verifying liveness for asynchronous programs

Authors:
Pierre Ganty

University of California, Los Angeles, CA, USA

University of California, Los Angeles, CA, USA
View Profile

,
Rupak Majumdar

University of California, Los Angeles, CA, USA

University of California, Los Angeles, CA, USA
View Profile

,
Andrey Rybalchenko

Max Planck Institute for Software System, Germany

Max Planck Institute for Software System, Germany
View Profile

POPL '09: Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languagesJanuary 2009Pages 102–113https://doi.org/10.1145/1480881.1480895

Published:21 January 2009Publication History

POPL '09: Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Pages 102–113

ABSTRACT

Asynchronous or 'event-driven' programming is a popular technique to efficiently and flexibly manage concurrent interactions. In these programs, the programmer can post tasks that get stored in a task buffer and get executed atomically by a non-preemptive scheduler at a future point. We give a decision procedure for the fair termination property of asynchronous programs. The fair termination problem asks, given an asynchronous program and a fairness condition on its executions, does the program always terminate on fair executions? The fairness assumptions rule out certain undesired bad behaviors, such as where the scheduler ignores a set of posted tasks forever, or where a non-deterministic branch is always chosen in one direction. Since every liveness property reduces to a fair termination property, our decision procedure extends to liveness properties of asynchronous programs. Our decision procedure for the fair termination of asynchronous programs assumes all variables are finite-state. Even though variables are finite-state, asynchronous programs can have an unbounded stack from recursive calls made by tasks, as well as an unbounded task buffer of pending tasks. We show a reduction from the fair termination problem for asynchronous programs to fair termination problems on Petri Nets, and our main technical result is a reduction of the latter problem to Presburger satisfiability. Our decidability result is in contrast to multithreaded recursive programs, for which liveness properties are undecidable. While we focus on fair termination, we show our reduction to Petri Nets can be used to prove related properties such as fair nonstarvation (every posted task is eventually executed) and safety properties such as boundedness (find a bound on the maximum number of posted tasks that can be in the task buffer at any point).

References

O. Burkart and B. Steffen. Pushdown processes: Parallel composition and model checking. In CONCUR '94, volume 836 of LNCS, pages 98--113. Springer, 1994. Google ScholarDigital Library
R. Chadha and M. Viswanathan. Decidability results for well-structured transition systems with auxiliary storage. In CONCUR '07, volume 4703 of LNCS, pages 136--150. Springer, 2007. Google ScholarDigital Library
P. Chandrasekaran, C.L. Conway, J.M. Joy, and S.K. Rajamani. Programming asynchronous layers with CLARITY. In ESEC/SIGSOFT FSE, pages 65--74. ACM, 2007. Google ScholarDigital Library
R. Cunningham and E. Kohler. Making events less slippery with Eel. In HotOS-X, 2005. Google ScholarDigital Library
J. Esparza and M. Nielsen. Decidability issues for Petri nets -- a survey. Journal of Informatik Processing and Cybernetics, 30(3):143--160, 1994.Google Scholar
J. Fischer, R. Majumdar, and T. Millstein. Tasks: Language support for event-driven programming. In PEPM '07. ACM, 2007. Google ScholarDigital Library
D. Gay, P. Levis, R. von Behren, M. Welsh, E. Brewer, and D. Culler. The nesC language: A holistic approach to networked embedded systems. In PLDI '03, pages 1--11. ACM, 2003. Google ScholarDigital Library
J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister. System architecture directions for networked sensors. In ASPLOS '00, pages 93--104. ACM, 2000. Google ScholarDigital Library
John E. Hopcroft, Rajeev Motwani, and Jeffrey D. Ullman. Introduction to Automata Theory, Languages, and Computation (2nd Edition). Addison Wesley, 2000. Google ScholarDigital Library
P. Jancar. Decidability of a temporal logic problem for petri nets. Theoretical Computer Science, 74(1):71--93, 1990. Google ScholarDigital Library
R. Jhala and R. Majumdar. Interprocedural analysis of asynchronous programs. In POPL '07, pages 339--350. ACM, 2007. Google ScholarDigital Library
R.M. Karp and R.E. Miller. Parallel program schemata. Journal of Comput. Syst. Sci., 3(2):147--195, 1969.Google ScholarDigital Library
E. Kohler, R. Morris, B. Chen, J. Jannotti, and M.F. Kaashoek. The Click modular router. ACM TOCS, 18(3):263--297, 2000. Google ScholarDigital Library
M. Krohn, E. Kohler, and M.F. Kaashoek. Events can make sense. In USENIX Annual Technical Conference, 2007. Google ScholarDigital Library
D.J. Lehmann, A. Pnueli, and J. Stavi. Impartiality, justice and fairness: The ethics of concurrent termination. In ICALP '81, volume 115 of LNCS, pages 264--277. Springer, 1981. Google ScholarDigital Library
P. Li and S. Zdancewic. Combining events and threads for scalable network services. In PLDI '07: Programming Languages Design and Implementation, pages 189--199. ACM, 2007. Google ScholarDigital Library
Libasync. http://pdos.csail.mit.edu/6.824--2004/async/.Google Scholar
Libevent. http://www.monkey.org/provos/libevent/.Google Scholar
R. Lipton. The reachability problem is exponential-space hard. Technical Report 62, Department of Computer Science, Yale University, 1976.Google Scholar
Z. Manna and A. Pnueli. Temporal verification of reactive systems: Progress. Draft, 1996. Google ScholarDigital Library
P. Manolios and D. Vroon. Termination analysis with calling context graphs. In CAV '06, volume 4144 of LNCS, pages 401--414. Springer, 2006. Google ScholarDigital Library
M. Minsky. Finite and Infinite Machines. Prentice-Hall, 1967. Google ScholarDigital Library
V.S. Pai, P. Druschel, and W. Zwaenepoel. Flash: An efficient and portable web server. In Proc. USENIX Tech. Conf., pages 199--212. Usenix, 1999. Google ScholarDigital Library
R.J. Parikh. On context-free languages. Journal of the ACM, 13(4):570--581, 1966. Google ScholarDigital Library
M. Presburger. Über die vollständigkeit einer gewissen systems der arithmetik ganzer zahlen, in welchem die addition als einzige operation hervortritt. In Comptes Rendus du I congrès de Mathématiciens des Pays Slaves, pages 92--101. 1929.Google Scholar
C. Rackoff. The covering and boundedness problems for vector addition systems. Theoretical Computer Science, 6(2):223--231, 1978.Google ScholarCross Ref
G. Ramalingam. Context-sensitive synchronization-sensitive analysis is undecidable. ACM TOPLAS, 22(2):416--430, 2000. Google ScholarDigital Library
W. Reisig. Petri nets: An introduction. Springer, 1986. Google ScholarDigital Library
T. Reps, S. Horwitz, and M. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In POPL '95, pages 49--61. ACM, 1995. Google ScholarDigital Library
A. Rybalchenko. Temporal Verification with Transition Invariants. PhD thesis, Universität des Saarlandes, 2004.Google Scholar
H. Seidl, A. Muscholl, T. Schwentick, and P. Habermehl. Counting in trees for free. In ICALP'04, volume 3142 of LNCS, pages 1136--1149. Springer, 2004.Google Scholar
K. Sen and M. Viswanathan. Model checking multithreaded programs with asynchronous atomic methods. In CAV '06, volume 4144 of LNCS, pages 300--314. Springer, 2006. Google ScholarDigital Library
R. Valk and M. Jantzen. The residue of vector sets with applications to decidability problems in Petri nets. Acta Informatica, 21:643--674, 1985.Google ScholarCross Ref
R. Valk and G. Vidal-Naquet. Petri nets and regular languages. Journal of Computer and System Sciences, 23(3):299--325, 1981.Google ScholarCross Ref
M.Y. Vardi. Verification of concurrent programs -- the automata-theoretic approach. Annals of Pure and Applied Logic, 51:79--98, 1991.Google ScholarCross Ref
I. Walukiewicz. Pushdown Processes: Games and Model-Checking. Information and Computation, 164(2):234--263, 2001. Google ScholarDigital Library
H.-C. Yen. A unified approach for deciding the existence of certain Petri net paths. Information and Computation, 96(1):119--137, 1992. Google ScholarDigital Library

Index Terms

Verifying liveness for asynchronous programs

Recommendations

Verifying liveness for asynchronous programs
POPL '09

Asynchronous or 'event-driven' programming is a popular technique to efficiently and flexibly manage concurrent interactions. In these programs, the programmer can post tasks that get stored in a task buffer and get executed atomically by a non-...
Read More
Algorithmic verification of asynchronous programs

Asynchronous programming is a ubiquitous systems programming idiom for managing concurrent interactions with the environment. In this style, instead of waiting for time-consuming operations to complete, the programmer makes a non-blocking call to the ...
Read More
Transition predicate abstraction and fair termination
POPL '05: Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Predicate abstraction is the basis of many program verification tools. Until now, the only known way to overcome the inherent limitation of predicate abstraction to safety properties was to manually annotate the finite-state abstraction of a program. We ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
POPL '09: Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
January 2009
464 pages
ISBN:9781605583792
DOI:10.1145/1480881
General Chair:
Zhong Shao
Yale University, USA
,
Program Chair:
Benjamin C. Pierce
University of Pennsylvania, USA
ACM SIGPLAN Notices Volume 44, Issue 1
POPL '09
January 2009
453 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1594834
Issue’s Table of Contents
Copyright © 2009 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 21 January 2009
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
asynchronous (event-driven) programming
fair termination
liveness
petri nets
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate824of4,130submissions,20%
Upcoming Conference
POPL '25

Sponsor:

sigplan

The 52nd Annual ACM SIGPLAN Symposium on Principles of Programming Languages

January 19 - 25, 2025

Denver , CO , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 25
  Total Citations
  View Citations
- 580
  Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Verifying liveness for asynchronous programs

POPL '09: Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

ABSTRACT

References

Cited By

Index Terms

Recommendations

Verifying liveness for asynchronous programs

Algorithmic verification of asynchronous programs

Transition predicate abstraction and fair termination