Natural proofs for asynchronous programs using almost-synchronous reductions
Abstract
We consider the problem of provably verifying that an asynchronous message-passing system satisfies its local assertions. We present a novel reduction scheme for asynchronous event-driven programs that finds almost-synchronous invariants - invariants consisting of global states where message buffers are close to empty. The reduction finds almost-synchronous invariants and simultaneously argues that they cover all local states. We show that asynchronous programs often have almost-synchronous invariants and that we can exploit this to build natural proofs that they are correct. We implement our reduction strategy, which is sound and complete, and show that it is more effective in proving programs correct as well as more efficient in finding bugs in several programs, compared to current search strategies which almost always diverge. The high point of our experiments is that our technique can prove the Windows Phone USB Driver written in P [9]correct for the responsiveness property, which was hitherto not provable using state-of-the-art model-checkers.
Document Details
- Document Type
- Pub Defense Publication
- Publication Date
- Oct 15, 2014
- Source ID
- 10.1145/2714064.2660211
Entities
People
- Ankush Desai
- P. Madhusudan
- Pranav Garg
Organizations
- Defense Advanced Research Projects Agency
- National Science Foundation
- University of California, Berkeley
- University of Illinois Urbana–Champaign