A classical result by Ramalingam about synchronization-sensitive interprocedural program analysis implies that reachability for concurrent threads running recursive procedures is undecidable. A technique proposed by Qadeer and Rehof, to bound the number of context switches allowed between the threads, leads to an incomplete solution that is, however, believed to catch “most bugs” in practice, as errors tend to occur within few contexts. The question of whether the technique can also prove the absence of bugs at least in some cases has remained largely open. Toward closing this gap, we introduce in this article the generic verification paradigm of observation sequences for resource-parameterized programs. Such a sequence observes how increasing the resource parameter affects the reachability of states satisfying a given property. The goal is to show that increases beyond some “cutoff” parameter value have no impact on the reachability—the sequence has converged . This allows us to conclude that the property holds for all parameter values. We applied this paradigm to the context- unbounded program analysis problem, choosing the resource to be the number of permitted thread context switches. The result is a partially correct interprocedural reachability analysis technique for concurrent shared-memory programs. Our technique may not terminate but is able to both refute and prove context-unbounded safety for such programs. We demonstrate the effectiveness and efficiency of the technique using a variety of benchmark programs. The safe instances cannot be proved safe by earlier, context-bounded methods.

中文翻译：

---

使用观察序列的过程间上下文无界程序分析

Ramalingam 关于同步敏感的过程间程序分析的经典结果意味着运行递归过程的并发线程的可达性是不确定的。Qadeer 和 Rehof 提出的一种技术，用于限制线程之间允许的上下文切换的数量，导致了一个不完整的解决方案，然而，该技术被认为可以在实践中捕获“大多数错误”，因为错误往往发生在少数上下文中。至少在某些情况下，该技术是否还可以证明不存在错误的问题在很大程度上仍然悬而未决。为了缩小这一差距，我们在本文中介绍了通用验证范式观察序列用于资源参数化程序。这样的序列观察增加资源参数如何影响满足给定属性的状态的可达性。目标是表明超过某个“截止”参数值的增加对可达性没有影响——序列有收敛的. 这使我们可以得出结论，该属性适用于所有参数值。我们将这种范式应用到上下文中——无界程序分析问题，选择资源为允许线程上下文切换的数量。结果是用于并发共享内存程序的部分正确的过程间可达性分析技术。我们的技术可能不会终止，但能够反驳和证明此类程序的上下文无界安全性。我们使用各种基准程序证明了该技术的有效性和效率。早期的上下文绑定方法无法证明安全实例是安全的。