Verifying GME with JPF COSC6490A Zhenyu Pan York University 2007.

Slides:

Advertisements

Similar presentations

CS 603 Process Synchronization: The Colored Ticket Algorithm February 13, 2002.

Advertisements

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CSC321 Concurrent Programming: §3 The Mutual Exclusion Problem 1 Section 3 The Mutual Exclusion Problem.

Ch. 7 Process Synchronization (1/2) I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.

Process Synchronization Continued 7.2 The Critical-Section Problem.

Mutual Exclusion By Shiran Mizrahi. Critical Section class Counter { private int value = 1; //counter starts at one public Counter(int c) { //constructor.

Concurrent Programming Problems OS Spring Concurrency pros and cons Concurrency is good for users –One of the reasons for multiprogramming Working.

1 Chapter 2 Synchronization Algorithms and Concurrent Programming Gadi Taubenfeld © 2007 Synchronization Algorithms and Concurrent Programming Gadi Taubenfeld.

Previously… Processes –Process States –Context Switching –Process Queues Threads –Thread Mappings Scheduling –FCFS –SJF –Priority scheduling –Round Robin.

Chapter 6 Process Synchronization Bernard Chen Spring 2007.

Chapter 6: Process Synchronization

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.

5.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 5: CPU Scheduling.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 6: Process Synchronization.

Multiprocessor Synchronization Algorithms ( ) Lecturer: Danny Hendler The Mutual Exclusion problem.

Concurrent Programming James Adkison 02/28/2008. What is concurrency? “happens-before relation – A happens before B if A and B belong to the same process.

Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.

Chapter 3 The Critical Section Problem

CIS 720 Mutual Exclusion. Critical Section problem Process i do (true) entry protocol; critical section; exit protocol; non-critical section od.

Concurrent & Distributed Systems Lecture 4: ME solutions Lecture 3 considered possible algorithms for achieving Mutual Exclusion between the critical sections.

Synchronization in Java Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Instructor: Umar KalimNUST Institute of Information Technology Operating Systems Process Synchronization.

Operating Systems CSE 411 CPU Management Oct Lecture 13 Instructor: Bhuvan Urgaonkar.

1 Lecture 9: Synchronization  concurrency examples and the need for synchronization  definition of mutual exclusion (MX)  programming solutions for.

1 Thread Synchronization: Too Much Milk. 2 Implementing Critical Sections in Software Hard The following example will demonstrate the difficulty of providing.

The Critical Section Problem

Concurrency, Mutual Exclusion and Synchronization.

Presenter: Long Ma Advisor: Dr. Zhang 4.5 DISTRIBUTED MUTUAL EXCLUSION.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts Essentials – 9 th Edition Chapter 5: Process Synchronization.

1 Lock-Free concurrent algorithm for Linked lists: Verification CSE-COSC6490A : Concurrent Object-Oriented Languages York University - W09 Speaker: Alexandre.

Mutual Exclusion Using Atomic Registers Lecturer: Netanel Dahan Instructor: Prof. Yehuda Afek B.Sc. Seminar on Distributed Computation Tel-Aviv University.

Operating Systems CMPSC 473 Mutual Exclusion Lecture 11: October 5, 2010 Instructor: Bhuvan Urgaonkar.

Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.

1 Critical Section Problem CIS 450 Winter 2003 Professor Jinhua Guo.

Proving Correctness and Measuring Performance CET306 Harry R. Erwin University of Sunderland.

Verifying a Two-Lock Concurrent Queue Hussain Tinwala Fall 2007.

Synchronization Questions answered in this lecture: Why is synchronization necessary? What are race conditions, critical sections, and atomic operations?

Verification of Data-Dependent Properties of MPI-Based Parallel Scientific Software Anastasia Mironova.

Development of Formally Verified Erlang Programs a case study

Bakery Algorithm - Proof

Process Synchronization

Chapter 5: Process Synchronization

Process Synchronization: Semaphores

Scheduling and Resource Access Protocols: Basic Aspects

Background on the need for Synchronization

Concurrent Processes.

Chapter 5: Process Synchronization

G.Anuradha Reference: William Stallings

Chapter 5: Process Synchronization

Designing Parallel Algorithms (Synchronization)

Chapter 6: Synchronization Tools

Topic 6 (Textbook - Chapter 5) Process Synchronization

Midterm review: closed book multiple choice chapters 1 to 9

The Critical-Section Problem

Lecture 20 Syed Mansoor Sarwar

Mutual Exclusion Problem Specifications

Lecture 2 Part 2 Process Synchronization

Mutual Exclusion CS p0 CS p1 p2 CS CS p3.

Group Mutual Exclusion & Hadzilacos Algorithm

An explicit state model checker

Multiprocessor Synchronization Algorithms ( )

Course Syllabus 1. Introduction - History; Views; Concepts; Structure

ITEC452 Distributed Computing Lecture 7 Mutual Exclusion

Chapter 6: Synchronization Tools

CIS 720 Lecture 5.

CIS 720 Lecture 5.

Don Porter Portions courtesy Emmett Witchel

Operating Systems {week 10}

Distributed Dynamic Channel Allocation in Wireless Network

Presentation transcript:

Verifying GME with JPF COSC6490A Zhenyu Pan York University 2007

GME Algorithm & Properties P1: Mutual Exclusion (ME) P2: Deadlock-Freedom (DF) P3: Lockout-Freedom (LF) P4: First-Come-First-Served (FCFS) P5: Concurrent Entering (CE) Feb-19 Verifying GME with JPF

Verification First Try Applet navy 306 % jpf Balls [SEVERE] JPF exception, terminating: no main() method in Balls gov.nasa.jpf.JPFException: no main() method in Balls at gov.nasa.jpf.jvm.JVM.pushMain(JVM.java:366) at gov.nasa.jpf.jvm.JVM.initialize(JVM.java:226) at gov.nasa.jpf.JPF.run(JPF.java:365) at gov.nasa.jpf.JPF.main(JPF.java:297) Feb-19 Verifying GME with JPF

Verification Pre-process Objective Verify the 5 properties of the Hadzilacos algorithm Not verify the whole implementation (the applet) Pre-processing Remove irrelevant code java.awt.*; java.applet.*; balls’ speeds; balls’ colors; 3 Classes -> 2 Classes; applet -> console application Rewrite compact code java.util.*, Vector -> array Feb-19 Verifying GME with JPF

Verification Simplification Why Simplify JPF speed and PC memory limitation Original Version N processes, M groups; Main loop Trying Protocol Critical Section Exit Protocol Simplified Version 2 processes, 1 or 2 groups; Main loop is the same Feb-19 Verifying GME with JPF

Verifying Mutual Exclusion P1: Mutual Exclusion Definition If two processes are in the CS at the same time, then they request the same session. Case 1: 2 processes, 2 groups Code modification in red doorway(); cs = 1; // set cs = 1 to indicate that the process is in the CS for (int i = 0; i < BALL_NUM; i++) { // loop for all the processes if (b[i].id != id) // except the current process assert (b[i].cs==0); //assert if other processes in the CS } cs = 0; // reset cs = 0 to indicate that the process is out of the CS exit(); // Processes belong to different groups Feb-19 Verifying GME with JPF

Verifying Mutual Exclusion (cont.) Result No errors found; Running time: 1m30s Conclusion Verified Feb-19 Verifying GME with JPF

Verifying Deadlock Freedom P2: Deadlock Freedom Definition If a set of processes are in the trying protocol, then eventually at least one process enters the CS. Case 1: 2 processes, 2 groups No errors found; Running time: 1m Case 2: 2 processes, 1 group No result in 2h Conclusion Partly verified Feb-19 Verifying GME with JPF

Verifying Concurrent Entering P5: Concurrent Entering Definition If some processes request a same session and no process requests a different session, then they enter the CS concurrently. Case 1: 2 processes, 1 group Code modification is the same as the ME verification Processes belong to one group doorway(); cs = 1; // set cs = 1 to indicate that the process is in the CS for (int i = 0; i < BALL_NUM; i++) { // loop for all the processes if (b[i].id != id) // except the current process assert (b[i].cs==0); //assert if other processes in the CS } cs = 0; // reset cs = 0 to indicate that the process is out of the CS exit(); // Processes belong to one group Feb-19 Verifying GME with JPF

Verifying Concurrent Entering (cont.) Result Lots of CE cases Running time: No result in 2h Conclusion There are lots of CE, but can not verify it’s always true Partly verified Feb-19 Verifying GME with JPF

Lockout-Freedom & First-Come-First-Served P3: Lockout-Freedom (LF) Definition Every process in the trying protocol eventually enters the CS P4: First-Come-First-Served (FCFS) When a process wants to enter the CS, it first executes the doorway code of the trying protocol. If Pi exits the doorway before Pj enters the doorway, then Pi enters the CS before Pj enters the CS Verification It is hard to design plans to verify P3 and P4 Feb-19 Verifying GME with JPF

Verification Conclusion P1: ME verified P2: DF partly verified P3: LF not verified P4: FCFS not verified P5: CE partly verified Conclusion JPF is a useful tool for verification JPF is limited by speed and memory Feb-19 Verifying GME with JPF

Thank You! ??? Feb-19 Verifying GME with JPF