Automated Verification with HIP and SLEEK Asankhaya Sharma.

Slides:



Advertisements
Similar presentations
1 Lecture 5 Towards a Verifying Compiler: Multithreading Wolfram Schulte Microsoft Research Formal Methods 2006 Race Conditions, Locks, Deadlocks, Invariants,
Advertisements

Dataflow Analysis for Datarace-Free Programs (ESOP 11) Arnab De Joint work with Deepak DSouza and Rupesh Nasre Indian Institute of Science, Bangalore.
A Framework for describing recursive data structures Kenneth Roe Scott Smith.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Automated Verification with HIP and SLEEK Asankhaya Sharma.
TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A AAA A A A AA A Proving that non-blocking algorithms don't block.
Automated Verification with HIP and SLEEK Asankhaya Sharma.
50.003: Elements of Software Construction Week 6 Thread Safety and Synchronization.
50.530: Software Engineering Sun Jun SUTD. Week 13: Rely-Guarantee Reasoning.
An Case for an Interleaving Constrained Shared-Memory Multi-Processor Jie Yu and Satish Narayanasamy University of Michigan.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Automated Software Verification with a Permission-Based Logic 20 th June 2014, Zürich Malte Schwerhoff, ETH Zürich.
HIP/SLEEK11 HIP/SLEEK :Automatic Verification and Specification Inference System Wei-Ngan Chin & Asankhaya Sharma Dept of Computer Science National University.
Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.
A simple sequential reasoning approach for sound modular verification of mainstream multithreaded programs Wolfram Schulte & Bart Jacobs Microsoft Research.
Mutability SWE 332 Fall 2011 Paul Ammann. SWE 3322 Data Abstraction Operation Categories Creators Create objects of a data abstraction Producers Create.
Static Data Race detection for Concurrent Programs with Asynchronous Calls Presenter: M. Amin Alipour Software Design Laboratory
Concurrency and Thread Yoshi. Two Ways to Create Thread Extending class Thread – Actually, we need to override the run method in class Thread Implementing.
Threading Part 2 CS221 – 4/22/09. Where We Left Off Simple Threads Program: – Start a worker thread from the Main thread – Worker thread prints messages.
Fractional Permissions without the Fractions Alex Summers ETH Zurich Joint work with: Stefan Heule, Rustan Leino, Peter Müller ETH Zurich MSR Redmond ETH.
Assignment – no class Wednesday All: watch the Google Techtalk “Getting C++ Threads Right” by Hans Boehm at the following link in place of Wednesday’s.
K. Rustan M. Leino RiSE, Microsoft Research, Redmond joint work with Peter Müller and Jan Smans Lecture 0 1 September 2009 FOSAD 2009, Bertinoro, Italy.
K. Rustan M. Leino RiSE, Joint work with: Peter Müller (ETH Zurich) Jan Smans (KU Leuven) Special thanks to Mike Barnett VMCAI, Madrid, Spain, 18 January.
CUTE: A Concolic Unit Testing Engine for C Technical Report Koushik SenDarko MarinovGul Agha University of Illinois Urbana-Champaign.
Dagstuhl Seminar "Applied Deductive Verification" November Symbolically Computing Most-Precise Abstract Operations for Shape.
Includes slides from course CS194 at UC Berkeley, by prof. Katherine Yelick Shared Memory Programming Pthreads: an overview Ing. Andrea Marongiu
Operating Systems ECE344 Ashvin Goel ECE University of Toronto Mutual Exclusion.
Internet Software Development Controlling Threads Paul J Krause.
Rustan Leino RiSE, Microsoft Research, Redmond MIT 5 June 2009 Joint work with: Peter Müller, ETH Zurich Jan Smans, KU Leuven.
Cristian Gherghina 1, Cristina David 1, Shengchao Qin 2, Wei-Ngan Chin 1 1 National University of Singapore 2 University of Teesside Structured Specifications.
Verifying Safety Policies with Size Properties and Alias Controls Wei Ngan Chin 1,2, Siau-Cheng Khoo 1, Shengchao Qin 3, Corneliu Popeea 1, Huu Hai Nguyen.
1 Automated Verification via Separation Logic Cristian Gherghina (NUS, Singapore) Cristina David(NUS, Singapore) Shengchao Qin(Durham, UK) Wei-Ngan Chin(NUS,
Starting Out with C++ Early Objects Seventh Edition by Tony Gaddis, Judy Walters, and Godfrey Muganda Modified for use at Midwestern State University Chapter.
CS252: Systems Programming Ninghui Li Based on Slides by Prof. Gustavo Rodriguez-Rivera Topic 11: Thread-safe Data Structures, Semaphores.
U NIVERSITY OF M ASSACHUSETTS A MHERST Department of Computer Science Software Systems Advanced Synchronization Emery Berger and Mark Corner University.
Automated Verification with HIP and SLEEK Asankhaya Sharma.
LINKED LISTS Midwestern State University CMPS 1053 Dr. Ranette Halverson 1.
An Introduction to Automated Program Verification with Permission Logics 15 th May 2015, Systems Group, ETH Zurich Uri Juhasz, Ioannis Kassios, Peter Müller,
CUTE: A Concolic Unit Testing Engine for C Koushik SenDarko MarinovGul Agha University of Illinois Urbana-Champaign.
Thread S04, Recitation, Section A Thread Memory Model Thread Interfaces (System Calls) Thread Safety (Pitfalls of Using Thread) Racing Semaphore.
VPERM: Variable Permissions for Concurrency Verification Duy-Khanh Le, Wei-Ngan Chin, Yong-Meng Teo ICFEM, Kyoto, Japan, Nov 2012.
Int fact (int n) { If (n == 0) return 1; else return n * fact (n – 1); } 5 void main () { Int Sum; : Sum = fact (5); : } Factorial Program Using Recursion.
NIRICT RECONNAISSANCE TOPIC PERFORMANCE AND CORRECTNESS OF GPGPU MARIEKE HUISMAN ALEXANDRU IOSUP ANA LUCIA VARBANESCU ANTON WIJS.
Java and C# - Some Commonalities Compile into machine-independent, language- independent code which runs in a managed execution environment Garbage Collection.
Auburn University COMP 3500 Introduction to Operating Systems Project 3 – Synchronization Cats and Mice: Implementation.
Using SMGCPA for the Detection of Memory Safety Bugs in the Linux Kernel Anton Vasilyev.
Linked List.
Concurrency.
classes and objects review
Linked lists Motivation: we can make arrays, but their functionality is slightly limited and can be difficult to work with Biggest issue: size management.
Amir Kamil and Katherine Yelick
Distributed Algorithms (22903)
Lecture 15: Concurring Concurrently CS201j: Engineering Software
Recitation 14: Proxy Lab Part 2
Tree A tree is a data structure in which each node is comprised of some data as well as node pointers to child nodes
Building Java Programs
Thread Programming.
Thread Synchronization
Building Java Programs
Building Java Programs
Assignment 6 Recitation
A Refinement Calculus for Promela
Amir Kamil and Katherine Yelick
Building Java Programs
CUTE: A Concolic Unit Testing Engine for C
Algorithms An algorithm is a set of instructions used to solve a specific problem In order to be useful, an algorithm must have the following properties:
CSE 451 Section 1/27/2000.
Pointer analysis John Rollinson & Kaiyuan Li
Threads CSE 2431: Introduction to Operating Systems
Distributed Dynamic Channel Allocation in Wireless Network
Presentation transcript:

Automated Verification with HIP and SLEEK Asankhaya Sharma

Recall the List length Example int length(struct node* p) requires p::list ensures p::list & res=n; */ { if(p == NULL) return 0; else return 1 + length(p->next); } Memory Safety Length of the List Bag of Values

With Immutability int length(struct node* p) requires ensures res=n; */ { if(p == NULL) return 0; else return 1 + length(p->next); } With Immutability Annotation More concise and precise specification

Recall the List Append Example void append(node* x, node* y) requires x::list & x != null & x = y ensures requires x::list & x != null ensures { if(x->next==NULL) x->next=y; else append(x->next,y); } x::clist x::lseg

With Immutability void append(node* x, node* y) requires * p::node ensures p::node { if(x->next==NULL) x->next=y; else append(x->next,y); } Immutable List Segment Cut point preservation

Aliasing Example int foo(cell x, cell y) requires x::cell * y::cell ensures x::cell * y::cell & res = a+b requires x::cell & x = y ensures x::cell & res = 2*a; { return x.val + y.val; }

Heap Sharing with Immutability int foo(cell x, cell y) requires & ensures res = a+b { return x.val + y.val; } Allows Aliasing

Immutable Specifications Many programs do not change their input Use immutable specifications, where possible – More information (about the code) – More concise (for multiple pre/post) – More accurate (as cut points are preserved) – More efficient (as less folding is needed) – More control (don’t modify data)

Verification of Concurrent Programs Fork/join concurrency + (mutex) locks + barriers Properties – Functional correctness – Data-race freedom – Deadlock freedom Permission-based heaps, e.g. x::cell(0.5) * y::cell(0.5)

Example : thread as resource data cell { int val;} void thread1 (cell x) requires x::cell * y::cell ensures x::cell * y::cell ; { x.val = x.val + 1; y.val = y.val + 2;} void thread2 (thrd t1, cell y) requires t1::thrd > ensures y::cell ; { join(t1); y.val = y.val + 2;} void main() requires true ensure true; { cell x = new cell(0); cell y = new cell(0); thrd t1 = fork(thread1,x,y); //{t1::thrd * y::cell >} //{t1::thrd > * t1::thread >} thrd t2 = fork(thread2,t1,y); //{t1::thrd > join(t1); x.val = x.val + 1; join(t2); assert( x::cell * y::cell ); }

Example main thrd t1 = fork(thread1,x,y); thread1 thrd t2 = fork(thread2,t1,y); thread2 join(t1); join(t2); x,y t1 t1,t2 t1 x y t2,x y x,y multi-join

Further Reading David, Cristina, and Wei-Ngan Chin. "Immutable specifications for more concise and precise verification." In ACM SIGPLAN Notices, vol. 46, no. 10, pp ACM, 2011.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.