287 research outputs found
Verification of Shared-Reading Synchronisers
Synchronisation classes are an important building block for shared memory
concurrent programs. Thus to reason about such programs, it is important to be
able to verify the implementation of these synchronisation classes, considering
atomic operations as the synchronisation primitives on which the
implementations are built. For synchronisation classes controlling exclusive
access to a shared resource, such as locks, a technique has been proposed to
reason about their behaviour. This paper proposes a technique to verify
implementations of both exclusive access and shared-reading synchronisers. We
use permission-based Separation Logic to describe the behaviour of the main
atomic operations, and the basis for our technique is formed by a specification
for class AtomicInteger, which is commonly used to implement synchronisation
classes in java.util.concurrent. To demonstrate the applicability of our
approach, we mechanically verify the implementation of various synchronisation
classes like Semaphore, CountDownLatch and Lock.Comment: In Proceedings MeTRiD 2018, arXiv:1806.0933
Verifying Parallel Loops with Separation Logic
This paper proposes a technique to specify and verify whether a loop can be
parallelised. Our approach can be used as an additional step in a parallelising
compiler to verify user annotations about loop dependences. Essentially, our
technique requires each loop iteration to be specified with the locations it
will read and write. From the loop iteration specifications, the loop
(in)dependences can be derived. Moreover, the loop iteration specifications
also reveal where synchronisation is needed in the parallelised program. The
loop iteration specifications can be verified using permission-based separation
logic.Comment: In Proceedings PLACES 2014, arXiv:1406.331
Future-based Static Analysis of Message Passing Programs
Message passing is widely used in industry to develop programs consisting of
several distributed communicating components. Developing functionally correct
message passing software is very challenging due to the concurrent nature of
message exchanges. Nonetheless, many safety-critical applications rely on the
message passing paradigm, including air traffic control systems and emergency
services, which makes proving their correctness crucial. We focus on the
modular verification of MPI programs by statically verifying concrete Java
code. We use separation logic to reason about local correctness and define
abstractions of the communication protocol in the process algebra used by
mCRL2. We call these abstractions futures as they predict how components will
interact during program execution. We establish a provable link between futures
and program code and analyse the abstract futures via model checking to prove
global correctness. Finally, we verify a leader election protocol to
demonstrate our approach.Comment: In Proceedings PLACES 2016, arXiv:1606.0540
Exploring Mothers' Experiences Participating in Parent-Infant Singing Classes
Music interventions have been shown to improve parent-child interactions (e.g., Lyons, 2000; Mackenzie & Hamlett, 2005; Nicholson et al., 2008; Oldfield et al., 2003) and maternal sensitivity (Nicholson et al., 2008). However, there are currently no studies of Canadian parents’ perceived motivations for, and their experiences participating in, singing classes with their infants. Therefore, more information is needed on Canadian parents’ experiences, and motivations for, participating in singing classes with their infants in order to better understand and support healthy parenting behaviours and infant development.. Specifically, the research questions guiding this preliminary inquiry, were:
(1) What do parents identify as factors motivating them to participate in parent-infant singing classes? and
(2) What do parents identify as the benefits of participating in parent-infant singing classes?
Interviews were conducted with four mothers who were attending parent-infant singing classes. Two music instructors involved in the parent-infant singing classes were also interviewed to learn more about the content and functioning of the classes. Additionally, the Parenting Sense of Competency Scale (PSOCS) and the Key to Interactive Parenting Scale (KIPS) were administered to gain additional information related to parent participation in parent-child singing groups (i.e., parenting behaviours and parental sensitivity), and to triangulate data from parent interviews. Four themes emerged from the parents’ interview data: (1) mothers’ motivations, (2) enhanced parenting, (3) parents’ enhanced view of self, and (4) predictors of change. Parents described their development of music-based parenting tools they perceived to have helped them better regulate their infants’ emotions and behaviours, strengthen their parent-child relationship, and support their child’s language and musical development. In addition, parents described the positive development of their view of self as demonstrated by decreases in reported parenting guilt, normalization of parenting struggles, and an increased focus on success. Moreover, preliminary findings raised questions about additional variables that may enhance growth of parenting skills to foster language and musical development and parental self-efficacy, such as using repetition, routines and structure, and developing supportive relationships with classmates and instructors. Implications for practice and future research are discussed
Witnessing the elimination of magic wands
This paper discusses the use and verification of magic wands. Magic wands are used to specify incomplete resources in separation logic, i.e., if missing resources are provided, a magic wand allows one to exchange these for the completed resources. We show how the magic wand operator is suitable to describe loop invariants for algorithms that traverse a data structure, such as the imperative version of the tree delete problem (Challenge 3 from the VerifyThis@FM2012 Program Verification Competition). Most separation-logic-based verification tools do not provide support for magic wands, possibly because validity of formulas containing the magic wand is, by itself, undecidable. To avoid this problem, in our approach the program annotator has to provide a witness for the magic wand, thus circumventing undecidability due to the use of magic wands. We show how this witness information is used to encode a specification with magic wands as a specification without magic wands. Concretely this approach is used in the VerCors tool set: annotated Java programs are encoded as Chalice programs. Chalice then further translates the program to BoogiePL, where appropriate proof obligations are generated. Besides our encoding of magic wands, we also discuss the encoding of other aspects of annotated Java programs into Chalice, and in particular, the encoding of abstract predicates with permission parameters. We illustrate our approach on the tree delete algorithm, and on the verification of an iterator of a linked list
Witnessing the elimination of magic wands
This paper discusses static verification of programs that have been specified using separation logic with magic wands. Magic wands are used to specify incomplete resources in separation logic, i.e., if missing resources are provided, a magic wand allows one to exchange these for the completed resources. One of the applications of the magic wand operator is to describe loop invariants for algorithms that traverse a data structure, such as the imperative version of the tree delete problem (Challenge 3 from the VerifyThis@FM2012 Program Verification Competition), which is the motivating example for our work.\ud
\ud
Most separation logic based static verification tools do not provide support for magic wands, possibly because validity of formulas containing the magic wand is, by itself, undecidable. To avoid this problem, in our approach the program annotator has to provide a witness for the magic wand, thus circumventing undecidability due to the use of magic wands. A witness is an object that encodes both instructions for the permission exchange that is specified by the magic wand and the extra resources needed during that exchange. We show how this witness information is used to encode a specification with magic wands as a specification without magic wands. Concretely, this approach is used in the VerCors tool set: annotated Java programs are encoded as Chalice programs. Chalice then further translates the program to BoogiePL, where appropriate proof obligations are generated. Besides our encoding of magic wands, we also discuss the encoding of other aspects of annotated Java programs into Chalice, and in particular, the encoding of abstract predicates with permission parameters. We illustrate our approach on the tree delete algorithm, and on the verification of an iterator of a linked list
A Verification Technique for Deterministic Parallel Programs (extended version)
A commonly used approach to develop parallel programs is to augment a sequential program with compiler directives that indicate which program blocks may potentially be executed in parallel. This paper develops a verification technique to prove correctness of compiler directives combined with functional correctness of the program. We propose syntax and semantics for a simple core language, capturing the main forms of deterministic parallel programs. This language distinguishes three kinds of basic blocks: parallel, vectorized and sequential blocks, which can be composed using three different composition operators: sequential, parallel and fusion composition. We show that it is sufficient to have contracts for the basic blocks to prove correctness of the compiler directives, and moreover that functional correctness of the sequential program implies correctness of the parallelized program. We formally prove correctness of our approach. In addition, we define a widely-used subset of OpenMP that can be encoded into our core language, thus effectively enabling the verification of OpenMP compiler directives, and we discuss automated tool support for this verification process
- …