Bringing Iris into the Verified Software Toolchain

The Verified Software Toolchain (VST) is a system for proving correctness of C programs using separation logic. By connecting to the verified compiler CompCert, it produces the strongest possible guarantees of correctness for real C code that we can compile and run. VST included concurrency from its inception, in the form of reasoning about lock invariants, but concurrent separation logic (CSL) has advanced by leaps and bounds since then. In this paper, we describe efforts to integrate advancements from Iris, a state-of-the-art mechanized CSL, into VST. Some features of Iris (ghost state and invariants) are re-implemented in VST from the ground up; others (Iris Proof Mode) are imported from the Iris development; still others (proof rules for atomic operations) are axiomatized, with the hope that they will be made foundational in future versions. The result is a system that can prove correctness of sophisticated concurrent programs implemented in C, with fine-grained locking and non-blocking atomic operations, that yields varying soundness guarantees depending on the features used.Comment: 21 pages, 4 figure

Specifying and Executing Optimizations for Parallel Programs

Compiler optimizations, usually expressed as rewrites on program graphs, are a core part of all modern compilers. However, even production compilers have bugs, and these bugs are difficult to detect and resolve. The problem only becomes more complex when compiling parallel programs; from the choice of graph representation to the possibility of race conditions, optimization designers have a range of factors to consider that do not appear when dealing with single-threaded programs. In this paper we present PTRANS, a domain-specific language for formal specification of compiler transformations, and describe its executable semantics. The fundamental approach of PTRANS is to describe program transformations as rewrites on control flow graphs with temporal logic side conditions. The syntax of PTRANS allows cleaner, more comprehensible specification of program optimizations; its executable semantics allows these specifications to act as prototypes for the optimizations themselves, so that candidate optimizations can be tested and refined before going on to include them in a compiler. We demonstrate the use of PTRANS to state, test, and refine the specification of a redundant store elimination optimization on parallel programs.Comment: In Proceedings GRAPHITE 2014, arXiv:1407.767

Verifying Optimizations for Concurrent Programs

While program correctness for compiled languages depends fundamentally on compiler correctness, compiler optimizations are not usually formally verified due to the effort involved, particularly in the presence of concurrency. In this paper, we present a framework for stating and reasoning about compiler optimizations and transformations on programs in the presence of relaxed memory models. The core of the framework is the PTRANS specification language, in which program transformations are expressed as rewrites on control flow graphs with temporal logic side conditions. We demonstrate our technique by verifying the correctness of a redundant store elimination optimization in a simple LLVM-like intermediate language, relying on a theorem that allows us to lift single-thread simulation relations to simulations on multithreaded programs

Symbolic Semantics for CSP

Communicating Sequential Processes (CSP) is a well-known formal language for describing concur- rent systems. Brookes, Hoare and Roscoe [2] have given a transition semantics for CSP that underlies common approaches to model checking properties of CSP programs. In this paper, we present a gen- eralized transition semantics of CSP, which we call HCSP, that merges the original transition system with ideas from Floyd-Hoare Logic and symbolic computation. This generalized semantics is shown to be sound and complete with respect to the original trace semantics. Traces in our system are sym- bolic representations of families of traces as given by the original semantics. This more compact representation allows us to expand the original CSP systems to effectively model check some CSP programs which are difficult for other CSP systems to analyze. In particular, our system can han- dle certain classes of non-deterministic choices as a single transition, while the original semantics would treat each choice separately, possibly leading to large or unbounded case analyses. All work described in this paper has been carried out in the theorem prover Isabelle. This then provides us with a framework for automated and interactive analysis of CSP processes. It also give us the ability to extract Ocaml code for an HCSP-based simulator directly from Isabelle.NSF 0917218NASA Contract NNA10DE79Cunpublishednot peer reviewe

Biochemical Characterization of a Structure-Specific Resolving Enzyme from Sulfolobus islandicus Rod-Shaped Virus 2

Sulfolobus islandicus rod shaped virus 2 (SIRV2) infects the archaeon Sulfolobus islandicus at extreme temperature (70°C–80°C) and acidity (pH 3). SIRV2 encodes a Holliday junction resolving enzyme (SIRV2 Hjr) that has been proposed as a key enzyme in SIRV2 genome replication. The molecular mechanism for SIRV2 Hjr four-way junction cleavage bias, minimal requirements for four-way junction cleavage, and substrate specificity were determined. SIRV2 Hjr cleaves four-way DNA junctions with a preference for cleavage of exchange strand pairs, in contrast to host-derived resolving enzymes, suggesting fundamental differences in substrate recognition and cleavage among closely related Sulfolobus resolving enzymes. Unlike other viral resolving enzymes, such as T4 endonuclease VII or T7 endonuclease I, that cleave branched DNA replication intermediates, SIRV2 Hjr cleavage is specific to four-way DNA junctions and inactive on other branched DNA molecules. In addition, a specific interaction was detected between SIRV2 Hjr and the SIRV2 virion body coat protein (SIRV2gp26). Based on this observation, a model is proposed linking SIRV2 Hjr genome resolution to viral particle assembly

Host sequence motifs shared by HIV predict response to antiretroviral therapy

<p>Abstract</p> <p>Background</p> <p>The HIV viral genome mutates at a high rate and poses a significant long term health risk even in the presence of combination antiretroviral therapy. Current methods for predicting a patient's response to therapy rely on site-directed mutagenesis experiments and <it>in vitro </it>resistance assays. In this bioinformatics study we treat response to antiretroviral therapy as a two-body problem: response to therapy is considered to be a function of both the host and pathogen proteomes. We set out to identify potential responders based on the presence or absence of host protein and DNA motifs on the HIV proteome.</p> <p>Results</p> <p>An alignment of thousands of HIV-1 sequences attested to extensive variation in nucleotide sequence but also showed conservation of eukaryotic short linear motifs on the protein coding regions. The reduction in viral load of patients in the Stanford HIV Drug Resistance Database exhibited a bimodal distribution after 24 weeks of antiretroviral therapy, with 2,000 copies/ml cutoff. Similarly, patients allocated into responder/non-responder categories based on consistent viral load reduction during a 24 week period showed clear separation. In both cases of phenotype identification, a set of features composed of short linear motifs in the reverse transcriptase region of HIV sequence accurately predicted a patient's response to therapy. Motifs that overlap resistance sites were highly predictive of responder identification in single drug regimens but these features lost importance in defining responders in multi-drug therapies.</p> <p>Conclusion</p> <p>HIV sequence mutates in a way that preferentially preserves peptide sequence motifs that are also found in the human proteome. The presence and absence of such motifs at specific regions of the HIV sequence is highly predictive of response to therapy. Some of these predictive motifs overlap with known HIV-1 resistance sites. These motifs are well established in bioinformatics databases and hence do not require identification via <it>in vitro </it>mutation experiments.</p

JAK1/2 inhibition with baricitinib in the treatment of autoinflammatory interferonopathies

BACKGROUND. Monogenic IFN-mediated autoinflammatory diseases present in infancy with systemic inflammation, an IFN response gene signature, inflammatory organ damage, and high mortality. We used the JAK inhibitor baricitinib, with IFN-blocking activity in vitro, to ameliorate disease. METHODS. Between October 2011 and February 2017, 10 patients with CANDLE (chronic atypical neutrophilic dermatosis with lipodystrophy and elevated temperatures), 4 patients with SAVI (stimulator of IFN genes-associated [STING-associated] vasculopathy with onset in infancy), and 4 patients with other interferonopathies were enrolled in an expanded access program. The patients underwent dose escalation, and the benefit was assessed by reductions in daily disease symptoms and corticosteroid requirement. Quality of life, organ inflammation, changes in IFN-induced biomarkers, and safety were longitudinally assessed. RESULTS. Eighteen patients were treated for a mean duration of 3.0 years (1.5-4.9 years). The median daily symptom score decreased from 1.3 (interquartile range [IQR], 0.93-1.78) to 0.25 (IQR, 0.1-0.63) (P < 0.0001). In 14 patients receiving corticosteroids at baseline, daily prednisone doses decreased from 0.44 mg/kg/day (IQR, 0.31-1.09) to 0.11 mg/kg/day (IQR, 0.02-0.24) (P < 0.01), and 5 of 10 patients with CANDLE achieved lasting clinical remission. The patients' quality of life and height and bone mineral density Z-scores significantly improved, and their IFN biomarkers decreased. Three patients, two of whom had genetically undefined conditions, discontinued treatment because of lack of efficacy, and one CANDLE patient discontinued treatment because of BK viremia and azotemia. The most common adverse events were upper respiratory infections, gastroenteritis, and BK viruria and viremia. CONCLUSION. Upon baricitinib treatment, clinical manifestations and inflammatory and IFN biomarkers improved in patients with the monogenic interferonopathies CANDLE, SAVI, and other interferonopathies. Monitoring safety and efficacy is important in benefit-risk assessment

Neonatal-Onset Multisystem Inflammatory Disease Responsive to Interleukin-1β Inhibition

Neonatal-onset multisystem inflammatory disease is characterized by fever, urticarial rash, aseptic meningitis, deforming arthropathy, hearing loss, and mental retardation. Many patients have mutations in the cold-induced autoinflammatory syndrome 1 (CIAS1) gene, encoding cryopyrin, a protein that regulates inflammation

Abstracts from the 8th International Conference on cGMP Generators, Effectors and Therapeutic Implications

This work was supported by a restricted research grant of Bayer AG