3,391 research outputs found
The Dafny Integrated Development Environment
In recent years, program verifiers and interactive theorem provers have
become more powerful and more suitable for verifying large programs or proofs.
This has demonstrated the need for improving the user experience of these tools
to increase productivity and to make them more accessible to non-experts. This
paper presents an integrated development environment for Dafny-a programming
language, verifier, and proof assistant-that addresses issues present in most
state-of-the-art verifiers: low responsiveness and lack of support for
understanding non-obvious verification failures. The paper demonstrates several
new features that move the state-of-the-art closer towards a verification
environment that can provide verification feedback as the user types and can
present more helpful information about the program or failed verifications in a
demand-driven and unobtrusive way.Comment: In Proceedings F-IDE 2014, arXiv:1404.578
Method-based caching in multi-tiered server applications
Abstract
In recent years, application server technology has become very
popular for building complex but mission-critical systems such
as Web-based E-Commerce applications. However, the resulting
solutions tend to suffer from serious performance and
scalability bottlenecks, because of their distributed nature and
their various software layers. This paper deals with the problem
by presenting an approach about transparently caching results of
a service interface\u27s read-only methods on the client side.
Cache consistency is provided by a descriptive cache
invalidation model which may be specified by an application
programmer. As the cache layer is transparent to the server as
well as to the client code, it can be integrated with relatively
low effort even in systems that have already been implemented.
Experimental results show that the approach is very effective in
improving a server\u27s response times and its transactional
throughput.
Roughly speaking, the overhead for cache maintenance is small
when compared to the cost for method invocations on the server
side. The cache\u27s performance improvements are dominated by the
fraction of read method invocations and the cache hit rate. Our
experiments are based on a realistic E-commerce Web site
scenario and site user behaviour is emulated in an authentic
way. By inserting our cache, the maximum user request throughput
of the web application could be more than doubled while its
response time (such as perceived by a web client) was kept at
a very low level.
Moreover, the cache can be smoothly integrated with traditional
caching strategies acting on other system tiers (e.g. caching of
dynamic Web pages on a Web server). The presented approach as
well as the related implementation are not restricted to
application server scenarios but may be applied to any kind of
interface-based software layers
ret2spec: Speculative Execution Using Return Stack Buffers
Speculative execution is an optimization technique that has been part of CPUs
for over a decade. It predicts the outcome and target of branch instructions to
avoid stalling the execution pipeline. However, until recently, the security
implications of speculative code execution have not been studied.
In this paper, we investigate a special type of branch predictor that is
responsible for predicting return addresses. To the best of our knowledge, we
are the first to study return address predictors and their consequences for the
security of modern software. In our work, we show how return stack buffers
(RSBs), the core unit of return address predictors, can be used to trigger
misspeculations. Based on this knowledge, we propose two new attack variants
using RSBs that give attackers similar capabilities as the documented Spectre
attacks. We show how local attackers can gain arbitrary speculative code
execution across processes, e.g., to leak passwords another user enters on a
shared system. Our evaluation showed that the recent Spectre countermeasures
deployed in operating systems can also cover such RSB-based cross-process
attacks. Yet we then demonstrate that attackers can trigger misspeculation in
JIT environments in order to leak arbitrary memory content of browser
processes. Reading outside the sandboxed memory region with JIT-compiled code
is still possible with 80\% accuracy on average.Comment: Updating to the cam-ready version and adding reference to the
original pape
A model and framework for reliable build systems
Reliable and fast builds are essential for rapid turnaround during
development and testing. Popular existing build systems rely on correct manual
specification of build dependencies, which can lead to invalid build outputs
and nondeterminism. We outline the challenges of developing reliable build
systems and explore the design space for their implementation, with a focus on
non-distributed, incremental, parallel build systems. We define a general model
for resources accessed by build tasks and show its correspondence to the
implementation technique of minimum information libraries, APIs that return no
information that the application doesn't plan to use. We also summarize
preliminary experimental results from several prototype build managers
Efficient Instantiation of Parameterised Boolean Equation Systems to Parity Games
Parameterised Boolean Equation Systems (PBESs) are sequences of Boolean fixed point equations with data variables, used for, e.g., verification of modal μ-calculus formulae for process algebraic specifications with data. Solving a PBES is usually done by instantiation to a Parity Game and then solving the game. Practical game solvers exist, but the instantiation step is the bottleneck. We enhance the instantiation in two steps. First, we transform the PBES to a Parameterised Parity Game (PPG), a PBES with each equation either conjunctive or disjunctive. Then we use LTSmin, that offers transition caching, efficient storage of states and both distributed and symbolic state space generation, for generating the game graph. To that end we define a language module for LTSmin, consisting of an encoding of variables with parameters into state vectors, a grouped transition relation and a dependency matrix to indicate the dependencies between parts of the state vector and transition groups. Benchmarks on some large case studies, show that the method speeds up the instantiation significantly and decreases memory usage drastically
Bridging the Gap between Enumerative and Symbolic Model Checkers
We present a method to perform symbolic state space generation for languages with existing enumerative state generators. The method is largely independent from the chosen modelling language. We validated this on three different types of languages and tools: state-based languages (PROMELA), action-based process algebras (muCRL, mCRL2), and discrete abstractions of ODEs (Maple).\ud
Only little information about the combinatorial structure of the\ud
underlying model checking problem need to be provided. The key enabling data structure is the "PINS" dependency matrix. Moreover, it can be provided gradually (more precise information yield better results).\ud
\ud
Second, in addition to symbolic reachability, the same PINS matrix contains enough information to enable new optimizations in state space generation (transition caching), again independent from the chosen modelling language. We have also based existing optimizations, like (recursive) state collapsing, on top of PINS and hint at how to support partial order reduction techniques.\ud
\ud
Third, PINS allows interfacing of existing state generators to, e.g., distributed reachability tools. Thus, besides the stated novelties, the method we propose also significantly reduces the complexity of building modular yet still efficient model checking tools.\ud
\ud
Our experiments show that we can match or even outperform existing tools by reusing their own state generators, which we have linked into an implementation of our ideas
- …