On Verifying Causal Consistency

Causal consistency is one of the most adopted consistency criteria for distributed implementations of data structures. It ensures that operations are executed at all sites according to their causal precedence. We address the issue of verifying automatically whether the executions of an implementation of a data structure are causally consistent. We consider two problems: (1) checking whether one single execution is causally consistent, which is relevant for developing testing and bug finding algorithms, and (2) verifying whether all the executions of an implementation are causally consistent. We show that the first problem is NP-complete. This holds even for the read-write memory abstraction, which is a building block of many modern distributed systems. Indeed, such systems often store data in key-value stores, which are instances of the read-write memory abstraction. Moreover, we prove that, surprisingly, the second problem is undecidable, and again this holds even for the read-write memory abstraction. However, we show that for the read-write memory abstraction, these negative results can be circumvented if the implementations are data independent, i.e., their behaviors do not depend on the data values that are written or read at each moment, which is a realistic assumption.Comment: extended version of POPL 201

Conexión de sistemas distribuidos dinámicos

[ES] Ante la complejidad y diversidad de sistemas, resulta interesante que puedan colaborar entre sí para aumentar el rendimiento, de la forma más dinámica posible. Una de las soluciones para este desafío es la interconexión de sistemas. Con ella se evitarán costosos reinicios, y se podrá llegar a un nivel de consistencia aceptable.[EN] Given the complexity and diversity of systems, it is interesting that they can work together to increase the performance of the most dynamic way possible. One solution to this challenge is the interconnection of systems. With it you avoid costly restarts, and may reach a level of acceptable consistency.Sánchez Ríos, J. (2013). Conexión de sistemas distribuidos dinámicos. http://hdl.handle.net/10251/36491Archivo delegad

A verification framework suitable for proving large language translations

Previously, researchers established some frameworks, such as Morpheus, to specify a compiler translation in a small language and prove the semantic preservation property of the translation in the language under the assumption of sequential consistency. Based on the Morpheus specification language, we extend the verification framework to prove the compiler translation semantic preservation property in a large real-world programming language with a real-world weak concurrency model. The framework combines four different pieces. First, we specify a complete semantics of the K framework and a translation from K to Isabelle as our basis for defining language specifications and proving properties about the specifications. Second, we define a complete operational semantics of LLVM in K, named K-LLVM, including the specifications of all instructions and intrinsic functions in LLVM, as well as the concurrency model of LLVM. Third, to verify the correctness of the K-LLVM operational model, we create an axiomatic model, named Hybrid Axiomatic Timed Relaxed Concurrency Model (HATRMM). The creation of HATRMM is to bridge the traditional C++ candidate execution models and the K-LLVM operational concurrency model. Finally, to enhance our framework to prove the semantic preservation property in a relaxed memory model, we define a new simulation framework, named Per Location Simulation (PLS). PLS is suitable for proving semantic preservation property in a relaxed memory model

A parametrized algorithm that implements sequential, causal, and cache memory consistencies

In this paper, we present an algorithm that can be used to implement sequential, causal, or cache consistency in distributed shared memory (DSM) systems. For this purpose it includes a parameter that allows us to choose the consistency model to be implemented. If all processes run the algorithm with the same value in this parameter, the corresponding consistency is achieved. (Additionally, the algorithm tolerates that processes use certain combination of parameter values.) This characteristic allows a concrete consistency model to be chosen, but implements it with the more efficient algorithm in each case (depending of the requirements of the applications). Additionally, as far as we know, this is the first algorithm proposed that implements cache coherence. In our algorithm, all the read and write operations are executed locally when implementing causal and cache consistency (i.e., they are fast). It is known that no sequential algorithm has only fast memory operations. In our algorithm, however, all the write operations and some read operations are fast when implementing sequential consistency. The algorithm uses propagation and full replication, where the values written by a process are propagated to the rest of the processes. It works in a cyclic turn fashion, with each process of the DSM system, broadcasting one message in turn. The values written by the process are sent in the message (instead of sending one message for each write operation): However, unnecessary values are excluded. All this permits the amount of message traffic owing to the algorithm to be controlled. © 2007 Elsevier Inc. All rights reserved

TLB virtualization in the context of hypervisor verification

In this thesis we address the challenges of hypervisor verification for multicore processors. As a first contribution we unite different pieces of hypervisor verification theory into a single theory comprising the stack of highly nontrivial computational models used. We consider multicore hypervisors for x8664 architecture written in C. To make code verification in a C verifier possible, we define a reduced hardware model and show that under certain safety conditions it simulates the full model. We introduce an extension of the C semantics, which takes into consideration possible MMU and guest interaction with the memory of a program. We argue that the extended C semantics simulates the hardware machine, which executes compiled hypervisor code, given that the compiler is correct. The second contribution of the thesis is the formal verification of a software TLB and memory virtualization approach, called SPT algorithm. Efficient TLB virtualization is one of the trickiest parts of building correct hypervisors. An SPT algorithm maintains dedicated sets of ‘‘shadow’’ page tables, ensuring memory separation and correct TLB abstraction for every guest. We use our extended C semantics to specify correctness criteria for TLB virtualization and to verify a simple SPT algorithm written in C. The code of the algorithm is formally verified in Microsoft’s VCC automatic verifier, which is ideally suited for proofs performed on top of our semantic stack.Die vorliegende Arbeit beschäftigt sich eingehend mit der Verifikation von Hypervisorn und den Herausforderungen, die dabei auftreten. Als ein Hauptergebnis werden erstmalig die verschiedenen Teile der HypervisorVerifikationstheorie zu einer einheitlichen Theorie zusammengefasst, in der mehrere komplexen Rechenmodelle auf einander aufbauen. Als Zielplattform für die Virtualisierung wählten wir eine x86-64 Architektur und betrachten Hypervisoren für Multicore-Prozessoren, die in C implementiert sind. Um Code-Verifikation in einem C-Verifizierer zu ermöglichen, definieren wir ein reduziertes Hardware-Modell und zeigen, dass unter bestimmten Bedingungen das ursprüngliche Modell davon simuliert wird. Die C-Semantik wird so erweitert, dass mögliche MMU- und Gast-Interaktionen mit dem Speicher eines Programms berücksichtigt werden. Unter der Annahme, dass der HyperviserCode mit einem korrekten Compiler kompiliert wird, argumentieren wir, dass die erweiterte C-Semantik die Hardware-Maschine, welche den kompilierten Code ausführt, simuliert. Ein weiterer Beitrag dieser Arbeit ist die formale Verifikation eines Algorithmus zur Speicher und TLB-Virtualisierung, der mit Shadow Page Tables (SPTs) arbeitet. Ein SPT-Algorithmus verwaltet Seitentabellen und garantiert Speicherseparierung sowie eine korrekte TLB-Abstraktion für alle Gäste. Wir benutzen unsere erweiterte C-Semantik, um die Korrektheitskriterien für die TLB-Virtualisierung zu spezifizieren und um einen einfachen SPT-Algorithmus zu verifizieren. Die Korrektheit des in C implementierten Algorithmus wurde formal bewiesen mit Hilfe des automatischen Beweiser VCC, der von Microsoft entwickelt wurde

Computer Aided Verification

This open access two-volume set LNCS 10980 and 10981 constitutes the refereed proceedings of the 30th International Conference on Computer Aided Verification, CAV 2018, held in Oxford, UK, in July 2018. The 52 full and 13 tool papers presented together with 3 invited papers and 2 tutorials were carefully reviewed and selected from 215 submissions. The papers cover a wide range of topics and techniques, from algorithmic and logical foundations of verification to practical applications in distributed, networked, cyber-physical, and autonomous systems. They are organized in topical sections on model checking, program analysis using polyhedra, synthesis, learning, runtime verification, hybrid and timed systems, tools, probabilistic systems, static analysis, theory and security, SAT, SMT and decisions procedures, concurrency, and CPS, hardware, industrial applications

INTERCONEXIÓN DE SISTEMAS DISTRIBUIDOS

El objetivo de esta tesis de máster es realizar un estudio bibliográfico de las principales publicaciones que plantean arquitecturas, protocolos y soluciones de interconexión de sistemas en el estado del arte para resolver el problema de la escalabilidad en sistemas distribuidos de memoria compartida y en sistemas distribuidos de paso de mensajes.Pallardó Lozoya, MR. (2010). INTERCONEXIÓN DE SISTEMAS DISTRIBUIDOS. http://hdl.handle.net/10251/11308Archivo delegad

Software Engineering and Petri Nets

This booklet contains the proceedings of the Workshop on Software Engineering and Petri Nets (SEPN), held on June 26, 2000. The workshop was held in conjunction with the 21st International Conference on Application and Theory of Petri Nets (ICATPN-2000), organised by the CPN group of the Department of Computer Science, University of Aarhus, Denmark. The SEPN workshop papers are available in electronic form via the web page:http://www.daimi.au.dk/pn2000/proceeding

Computer Aided Verification

This open access two-volume set LNCS 10980 and 10981 constitutes the refereed proceedings of the 30th International Conference on Computer Aided Verification, CAV 2018, held in Oxford, UK, in July 2018. The 52 full and 13 tool papers presented together with 3 invited papers and 2 tutorials were carefully reviewed and selected from 215 submissions. The papers cover a wide range of topics and techniques, from algorithmic and logical foundations of verification to practical applications in distributed, networked, cyber-physical, and autonomous systems. They are organized in topical sections on model checking, program analysis using polyhedra, synthesis, learning, runtime verification, hybrid and timed systems, tools, probabilistic systems, static analysis, theory and security, SAT, SMT and decisions procedures, concurrency, and CPS, hardware, industrial applications