4,086 research outputs found
Regression-free Synthesis for Concurrency
While fixing concurrency bugs, program repair algorithms may introduce new
concurrency bugs. We present an algorithm that avoids such regressions. The
solution space is given by a set of program transformations we consider in for
repair process. These include reordering of instructions within a thread and
inserting atomic sections. The new algorithm learns a constraint on the space
of candidate solutions, from both positive examples (error-free traces) and
counterexamples (error traces). From each counterexample, the algorithm learns
a constraint necessary to remove the errors. From each positive examples, it
learns a constraint that is necessary in order to prevent the repair from
turning the trace into an error trace. We implemented the algorithm and
evaluated it on simplified Linux device drivers with known bugs.Comment: for source code see https://github.com/thorstent/ConRepai
State-based encoding of large asynchronous controllers
State encoding is one of the fundamental problems in the synthesis of asynchronous controllers. The requirement for a correct hazard-free implementation imposes severe constraints on the way encoding signals can be inserted in the specification of a controller. Even though some specification formalisms, such as Burst-mode machines or Signal Transition Graphs, enable to specify behaviors at the event level, the state encoding methods that provide the best good-quality solutions work at the state level. This imposes a severe limitation on the size of the controllers that can be handled by these methods. This paper proposes a method to solve the encoding problem for large asynchronous controllers using statebased methods. It is based on an iterative process of projection and re-composition that reduces the size specification by hiding signals, partially solves the encoding problem at the state level and re-composes the original specification using a synchronous product. The process iterates until all encoding conflicts have been solved. The method is proved to preserve the behavior of the specification (branching bisimilarity) and shown to be capable of providing good-quality solutions for controllers of more than 100 signals and 106 states.Peer ReviewedPostprint (published version
IST Austria Thesis
In this thesis we present a computer-aided programming approach to concurrency. Our approach helps the programmer by automatically fixing concurrency-related bugs, i.e. bugs that occur when the program is executed using an aggressive preemptive scheduler, but not when using a non-preemptive (cooperative) scheduler. Bugs are program behaviours that are incorrect w.r.t. a specification. We consider both user-provided explicit specifications in the form of assertion
statements in the code as well as an implicit specification. The implicit specification is inferred from the non-preemptive behaviour. Let us consider sequences of calls that the program makes to an external interface. The implicit specification requires that any such sequence produced under a preemptive scheduler should be included in the set of sequences produced under a non-preemptive scheduler. We consider several semantics-preserving fixes that go beyond atomic sections typically explored in the synchronisation synthesis literature. Our synthesis is able to place locks, barriers and wait-signal statements and last, but not least reorder independent statements. The latter may be useful if a thread is released to early, e.g., before some initialisation is completed. We guarantee that our synthesis does not introduce deadlocks and that the synchronisation inserted is optimal w.r.t. a given objective function. We dub our solution trace-based synchronisation synthesis and it is loosely based on counterexample-guided inductive synthesis (CEGIS). The synthesis works by discovering a trace that is incorrect w.r.t. the specification and identifying ordering constraints crucial to trigger the specification violation. Synchronisation may be placed immediately (greedy approach) or delayed until all incorrect traces are found (non-greedy approach). For the non-greedy approach we construct a set of global constraints over synchronisation placements. Each model of the global constraints set corresponds to a correctness-ensuring synchronisation placement. The placement that is optimal w.r.t. the given objective function is chosen as the synchronisation solution. We evaluate our approach on a number of realistic (albeit simplified) Linux device-driver
benchmarks. The benchmarks are versions of the drivers with known concurrency-related bugs. For the experiments with an explicit specification we added assertions that would detect the bugs in the experiments. Device drivers lend themselves to implicit specification, where the device and the operating system are the external interfaces. Our experiments demonstrate that our synthesis method is precise and efficient. We implemented objective functions for coarse-grained and fine-grained locking and observed that different synchronisation placements are produced for our experiments, favouring e.g. a minimal number of synchronisation operations or maximum concurrency
Unfolding-Based Process Discovery
This paper presents a novel technique for process discovery. In contrast to
the current trend, which only considers an event log for discovering a process
model, we assume two additional inputs: an independence relation on the set of
logged activities, and a collection of negative traces. After deriving an
intermediate net unfolding from them, we perform a controlled folding giving
rise to a Petri net which contains both the input log and all
independence-equivalent traces arising from it. Remarkably, the derived Petri
net cannot execute any trace from the negative collection. The entire chain of
transformations is fully automated. A tool has been developed and experimental
results are provided that witness the significance of the contribution of this
paper.Comment: This is the unabridged version of a paper with the same title
appearead at the proceedings of ATVA 201
Orthogonal-Array based Design Methodology for Complex, Coupled Space Systems
The process of designing a complex system, formed by many elements and sub-elements interacting between each other, is usually completed at a system level and in the preliminary phases in two major steps: design-space exploration and optimization. In a classical approach, especially in a company environment, the two steps are usually performed together, by experts of the field inferring on major phenomena, making assumptions and doing some trial-and-error runs on the available mathematical models. To support designers and decision makers during the design phases of this kind of complex systems, and to enable early discovery of emergent behaviours arising from interactions between the various elements being designed, the authors implemented a parametric methodology for the design-space exploration and optimization. The parametric technique is based on the utilization of a particular type of matrix design of experiments, the orthogonal arrays. Through successive design iterations with orthogonal arrays, the optimal solution is reached with a reduced effort if compared to more computationally-intense techniques, providing sensitivity and robustness information. The paper describes the design methodology in detail providing an application example that is the design of a human mission to support a lunar base
Formal Verification of a MESI-based Cache Implementation
Cache coherency is crucial to multi-core systems with a shared memory programming model. Coherency protocols have been formally verified at the architectural level with relative ease. However, several subtle issues creep into the hardware realization of cache in a multi-processor environment. The assumption, made in the abstract model, that state transitions are atomic, is invalid for the HDL implementation. Each transition is composed of many concurrent multi-core operations. As a result, even with a blocking bus, several transient states come into existence. Most modern processors optimize communication with a split-transaction bus, this results in further transient states and race conditions. Therefore, the design and verification of cache coherency is increasingly complex and challenging.
Simulation techniques are insufficient to ensure memory consistency and the absence of deadlock, livelock, and starvation. At best, it is tediously complex and time consuming to reach confidence in functionality with simulation. Formal methods are ideally suited to identify the numerous race conditions and subtle failures. In this study, we perform formal property verification on the RTL of a multi-core level-1 cache design based on snooping MESI protocol. We demonstrate full-proof verification of the coherence module in JasperGold using complexity reduction techniques through parameterization. We verify that the assumptions needed to constrain inputs of the stand-alone cache coherence module are satisfied as valid assertions in the instantiation environment. We compare results obtained from formal property verification against a state-of-the-art UVM environment. We highlight the benefits of a synergistic collaboration between simulation and formal techniques. We present formal analysis as a generic toolkit with numerous usage models in the digital design process
- …