37,563 research outputs found
PLACES'10: The 3rd Workshop on Programmng Language Approaches to concurrency and Communication-Centric Software
Paphos, Cyprus. March 201
GPUVerify: A Verifier for GPU Kernels
We present a technique for verifying race- and divergence-freedom of GPU kernels that are written in mainstream ker-nel programming languages such as OpenCL and CUDA. Our approach is founded on a novel formal operational se-mantics for GPU programming termed synchronous, delayed visibility (SDV) semantics. The SDV semantics provides a precise definition of barrier divergence in GPU kernels and allows kernel verification to be reduced to analysis of a sequential program, thereby completely avoiding the need to reason about thread interleavings, and allowing existing modular techniques for program verification to be leveraged. We describe an efficient encoding for data race detection and propose a method for automatically inferring loop invari-ants required for verification. We have implemented these techniques as a practical verification tool, GPUVerify, which can be applied directly to OpenCL and CUDA source code. We evaluate GPUVerify with respect to a set of 163 kernels drawn from public and commercial sources. Our evaluation demonstrates that GPUVerify is capable of efficient, auto-matic verification of a large number of real-world kernels
Static Application-Level Race Detection in STM Haskell using Contracts
Writing concurrent programs is a hard task, even when using high-level
synchronization primitives such as transactional memories together with a
functional language with well-controlled side-effects such as Haskell, because
the interferences generated by the processes to each other can occur at
different levels and in a very subtle way. The problem occurs when a thread
leaves or exposes the shared data in an inconsistent state with respect to the
application logic or the real meaning of the data. In this paper, we propose to
associate contracts to transactions and we define a program transformation that
makes it possible to extend static contract checking in the context of STM
Haskell. As a result, we are able to check statically that each transaction of
a STM Haskell program handles the shared data in a such way that a given
consistency property, expressed in the form of a user-defined boolean function,
is preserved. This ensures that bad interference will not occur during the
execution of the concurrent program.Comment: In Proceedings PLACES 2013, arXiv:1312.2218. [email protected];
[email protected]
Abstraction and Learning for Infinite-State Compositional Verification
Despite many advances that enable the application of model checking
techniques to the verification of large systems, the state-explosion problem
remains the main challenge for scalability. Compositional verification
addresses this challenge by decomposing the verification of a large system into
the verification of its components. Recent techniques use learning-based
approaches to automate compositional verification based on the assume-guarantee
style reasoning. However, these techniques are only applicable to finite-state
systems. In this work, we propose a new framework that interleaves abstraction
and learning to perform automated compositional verification of infinite-state
systems. We also discuss the role of learning and abstraction in the related
context of interface generation for infinite-state components.Comment: In Proceedings Festschrift for Dave Schmidt, arXiv:1309.455
Thread-Modular Static Analysis for Relaxed Memory Models
We propose a memory-model-aware static program analysis method for accurately
analyzing the behavior of concurrent software running on processors with weak
consistency models such as x86-TSO, SPARC-PSO, and SPARC-RMO. At the center of
our method is a unified framework for deciding the feasibility of inter-thread
interferences to avoid propagating spurious data flows during static analysis
and thus boost the performance of the static analyzer. We formulate the
checking of interference feasibility as a set of Datalog rules which are both
efficiently solvable and general enough to capture a range of hardware-level
memory models. Compared to existing techniques, our method can significantly
reduce the number of bogus alarms as well as unsound proofs. We implemented the
method and evaluated it on a large set of multithreaded C programs. Our
experiments showthe method significantly outperforms state-of-the-art
techniques in terms of accuracy with only moderate run-time overhead.Comment: revised version of the ESEC/FSE 2017 pape
Confidence sets for network structure
Latent variable models are frequently used to identify structure in
dichotomous network data, in part because they give rise to a Bernoulli product
likelihood that is both well understood and consistent with the notion of
exchangeable random graphs. In this article we propose conservative confidence
sets that hold with respect to these underlying Bernoulli parameters as a
function of any given partition of network nodes, enabling us to assess
estimates of 'residual' network structure, that is, structure that cannot be
explained by known covariates and thus cannot be easily verified by manual
inspection. We demonstrate the proposed methodology by analyzing student
friendship networks from the National Longitudinal Survey of Adolescent Health
that include race, gender, and school year as covariates. We employ a
stochastic expectation-maximization algorithm to fit a logistic regression
model that includes these explanatory variables as well as a latent stochastic
blockmodel component and additional node-specific effects. Although
maximum-likelihood estimates do not appear consistent in this context, we are
able to evaluate confidence sets as a function of different blockmodel
partitions, which enables us to qualitatively assess the significance of
estimated residual network structure relative to a baseline, which models
covariates but lacks block structure.Comment: 17 pages, 3 figures, 3 table
Modular Verification of Interrupt-Driven Software
Interrupts have been widely used in safety-critical computer systems to
handle outside stimuli and interact with the hardware, but reasoning about
interrupt-driven software remains a difficult task. Although a number of static
verification techniques have been proposed for interrupt-driven software, they
often rely on constructing a monolithic verification model. Furthermore, they
do not precisely capture the complete execution semantics of interrupts such as
nested invocations of interrupt handlers. To overcome these limitations, we
propose an abstract interpretation framework for static verification of
interrupt-driven software that first analyzes each interrupt handler in
isolation as if it were a sequential program, and then propagates the result to
other interrupt handlers. This iterative process continues until results from
all interrupt handlers reach a fixed point. Since our method never constructs
the global model, it avoids the up-front blowup in model construction that
hampers existing, non-modular, verification techniques. We have evaluated our
method on 35 interrupt-driven applications with a total of 22,541 lines of
code. Our results show the method is able to quickly and more accurately
analyze the behavior of interrupts.Comment: preprint of the ASE 2017 pape
Session Communication and Integration
The scenario-based specification of a large distributed system is usually
naturally decomposed into various modules. The integration of specification
modules contrasts to the parallel composition of program components, and
includes various ways such as scenario concatenation, choice, and nesting. The
recent development of multiparty session types for process calculi provides
useful techniques to accommodate the protocol modularisation, by encoding
fragments of communication protocols in the usage of private channels for a
class of agents. In this paper, we extend forgoing session type theories by
enhancing the session integration mechanism. More specifically, we propose a
novel synchronous multiparty session type theory, in which sessions are
separated into the communicating and integrating levels. Communicating sessions
record the message-based communications between multiple agents, whilst
integrating sessions describe the integration of communicating ones. A
two-level session type system is developed for pi-calculus with syntactic
primitives for session establishment, and several key properties of the type
system are studied. Applying the theory to system description, we show that a
channel safety property and a session conformance property can be analysed.
Also, to improve the utility of the theory, a process slicing method is used to
help identify the violated sessions in the type checking.Comment: A short version of this paper is submitted for revie
- …