Skip to main content
SpringerLink
Log in

Exploiting Object Escape and Locking Information in Partial-Order Reductions for Concurrent Object-Oriented Programs

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

Explicit-state model checking tools often incorporate partial-order reductions to reduce the number of system states explored (and thus the time and memory required) for verification. As model checking techniques are scaled up to software systems, it is important to develop and assess partial-order reduction strategies that are effective for addressing the complex structures found in software and for reducing the tremendous cost of model checking software systems.

In this paper, we consider a number of reduction strategies for model checking concurrent object-oriented software. We investigate a range of techniques that have been proposed in the literature, improve on those in several ways, and develop five novel reduction techniques that advance the state of the art in partial-order reduction for concurrent object-oriented systems. These reduction strategies are based on (a) detecting heap objects that are thread-local (i.e., can be accessed by a single thread) and (b) exploiting information about patterns of lock-acquisition and release in a program (building on previous work). We present empirical results that demonstrate upwards of a hundred fold reduction in both space and time over existing approaches to model checking concurrent Java programs. In addition to validating their effectiveness, we prove that the reductions preserve LTL−X properties and describe an implementation architecture that allows them to be easily incorporated into existing explicit-state software model checkers.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. G.R. Andrews, Concurrent Programming: Principles and Practice. Addison–Wesley, 1991.

  2. G. Behrmann, K.G. Larsen, and R. Pelánek, “To store or not to store,” in W.A.H. Jr. and F. Somenzi (Eds.), Proceedings of the 15th International Conference on Computer Aided Verification, Vol. 2725 of Lecture Notes in Computer Science, Springer, July 2003, pp. 433–445.

  3. D. Bosnacki, D. Dams, and L. Holenderski, “Symmetric SPIN,” International Journal on Software Tools for Technology Transfer, 2002.

  4. G. Brat and W. Visser, “Combining static analysis and model checking for software analysis,” in Proceedings of the 16th IEEE Conference on Automated Software Engineering, Nov. 2001.

  5. J.–D. Choi, M. Gupta, M.J. Serrano, V.C. Sreedhar, and S.P. Midkiff, “Escape analysis for object oriented languages application to Java,” in OOPSLA'99 ACM Conference on Object–Oriented Systems, Languages and Applications, Vol. 34(10) of ACM SIGPLAN Notices, Denver, CO, ACM Press, Oct. 1999, pp. 1–19.

    Google Scholar 

  6. E. Clarke, O. Grumberg, and D. Peled, Model Checking. MIT Press, 2000.

  7. J.C. Corbett, M.B. Dwyer, J. Hatcliff, S. Laubach, C.S. P?as?areanu, Robby, and H. Zheng, “Bandera: Extracting finite–state models from Java source code,” in Proceedings of the 22nd International Conference on Software Engineering, June 2000.

  8. J.C. Corbett, M.B. Dwyer, J. Hatcliff, and Robby, “Expressing checkable properties of dynamic systems: The Bandera specification language,” International Journal on Software Tools for Technology Transfer, 2002.

  9. C. Demartini, R. Iosif, and R. Sisto, “dSPIN: A dynamic extension of SPIN,” in Theoretical and Applied Aspects of SPIN Model Checking, LNCS 1680, Sept. 1999.

  10. J. Dolby and A.A. Chien, “An automatic object inlining optimization and its evaluation,” In Proceedings of the ACM SIGPLAN '00 Conference on Programming Language Design and Implementation (PLDI–00), June 2000, pp. 345–357.

  11. M.B. Dwyer, Robby, X. Deng, and J. Hatcliff, “Space reductions for model checking quasi–cyclic systems,” in Proceedings of the Third International Conference on Embedded Software, 2003.

  12. M.B. Dwyer and V. Wallentine, “A framework for parallel adaptive grid simulations,” Concurrency: Practice and Experience. Vol. 9, No. 11, pp. 1293–1310, 1997.

    Google Scholar 

  13. C. Flanagan and S. Qadeer, “Transactions: A new approach to the state–explosion problem in software model checking,” in Proceedings of the 2nd Workshop on Software Model Chekcing, 2003.

  14. C. Flanagan and S. Qadeer, “A type and effect system for atomicity,” in Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation, 2003.

  15. P. Godefroid, Partial Order Methods for the Verification of Concurrent Systems, Vol. 1032 of Lecture Notes in Computer Science, Springer Verlag, 1996.

  16. P. Godefroid, “Model–checking for programming languages using VeriSoft,” in Proceedings of the 24th ACM Symposium on Principles of Programming Languages (POPL'97), Jan. 1997, pp. 174–186.

  17. B. Grant, M. Philipose, M. Mock, C. Chambers, and S.J. Eggers, “An evaluation of staged run–time optimizations in DyC,” in Proceedings of the ACM SIGPLAN '99 Conference on Programming Language Design and Implementation (PLDI–99), May 1999, pp. 293–304.

  18. J. Hatcliff, M.B. Dwyer, and H. Zheng, “Slicing software for model construction,” Higher–order and Symbolic Computation, Vol. 13, No. 4, 2000.

  19. J. Hatcliff, Robby, and M.B. Dwyer, “Verifying atomicity specifications for concurrent object–oriented software using model checking,” in M. Young (Ed.), Proceedings of the Fifth International Conference on Verifi–cation, Model Checking, and Abstract Interpretation (VMCAI 2004), No. 2937 in Lecture Notes in Computer Science, Jan. 2004.

  20. G.J. Holzmann, “The model checker SPIN,” IEEE Transactions on Software Engineering, Vol. 23, No. 5, pp. 279–294, 1997.

    Google Scholar 

  21. G.J. Holzmann, “State compression in SPIN: Recursive indexing and compression training runs,” in Proceedings of Third International SPIN Workshop, Apr. 1997.

  22. R. Iosif, “Symmetry reduction criteria for software model checking,” in Proceedings of Ninth International SPIN Workshop, Vol. 2318 of Lecture Notes in Computer Science, Springer–Verlag, Apr. 2002, pp. 22–41.

    Google Scholar 

  23. S. Katz and D. Peled, “Defining conditional independence using collapses,” Theoretical Computer Science, Vol. 101, pp. 337–359, 1992.

    Google Scholar 

  24. D. Lea, Concurrent Programming in Java, 2nd edn., Addison–Wesley, 2000.

  25. T. Lindholm and F. Yellin, The Java Virtual Machine Specification. Addison–Wesley, 1999.

  26. R.J. Lipton, “Reduction: A method of proving properties of parallel programs,” Communications of the ACM, Vol. 18, No. 12, 1975.

  27. Robby, M.B. Dwyer, and J. Hatcliff, “Bogor: An extensible and highly–modular model checking framework,” in Proceedings of the 9th European Software Engineering Conference held jointly with the 11thACMSIGSOFT Symposium on the Foundations of Software Engineering, 2003.

  28. Robby, M.B. Dwyer, J. Hatcliff, and R. Iosif, “Space–reduction strategies for model checking dynamic software,” in Proceedings of the 2nd Workshop on Software Model Chekcing, 2003.

  29. E. Ruf, “Effective synchronization removal for java,” in Proceedings of the ACM SIGPLAN '00 Conference on Programming Language Design and Implementation (PLDI–00), June 2000, pp. 203–213.

  30. S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson, “Eraser: A dynamic data race detector for multithreaded programs,” ACM Transactions on Computer Systems, Vol. 15, No. 4, pp. 391–411, 1997.

  31. S. Stoller, “Model–checking multi–threaded distributed Java programs,” in International Journal on Software Tools for Technology Transfer. Springer–Verlag, 2002.

  32. S. Stoller and E. Cohen, “Optimistic synchronization–based state–space reduction,” in Proceedings of the 9th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, LNCS 2619, 2003.

  33. W. Visser, K. Havelund, G. Brat, and S. Park, “Model checking programs,” in Proceedings of the 15th IEEE Conference on Automated Software Engineering, Sept. 2000.

Download references

Author information

Authors and Affiliations

  1. Department of Computing and Information Sciences, Kansas State University, 234 Nichols Hall, Manhattan, KS, 66506, USA

    Matthew B. Dwyer, John Hatcliff,  Robby & Venkatesh Prasad Ranganath

Authors
  1. Matthew B. Dwyer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. John Hatcliff
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Robby
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Venkatesh Prasad Ranganath
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Dwyer, M.B., Hatcliff, J., Robby et al. Exploiting Object Escape and Locking Information in Partial-Order Reductions for Concurrent Object-Oriented Programs. Formal Methods in System Design 25, 199–240 (2004). https://doi.org/10.1023/B:FORM.0000040028.49845.67

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/B:FORM.0000040028.49845.67

Search

Navigation