Calvinism A static analysis for multithreaded program verification.

Slides:

Advertisements

Similar presentations

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 1 Summer school on Formal Models.

Advertisements

Technologies for finding errors in object-oriented software K. Rustan M. Leino Microsoft Research, Redmond, WA Lecture 0 Summer school on Formal Models.

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

In this episode of The Verification Corner, Rustan Leino talks about Loop Invariants. He gives a brief summary of the theoretical foundations and shows.

Introduction to Proofs

An Abstract Interpretation Framework for Refactoring P. Cousot, NYU, ENS, CNRS, INRIA R. Cousot, ENS, CNRS, INRIA F. Logozzo, M. Barnett, Microsoft Research.

PZ03D Programming Language design and Implementation -4th Edition Copyright©Prentice Hall, PZ03D - Program verification Programming Language Design.

Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

A simple sequential reasoning approach for sound modular verification of mainstream multithreaded programs Wolfram Schulte & Bart Jacobs Microsoft Research.

Non-monotonic Properties for Proving Correctness in a Framework of Compositional Logic Koji Hasebe Mitsuhiro Okada (Dept. of Philosophy, Keio University)

This Week Finish relational semantics Hoare logic Interlude on one-point rule Building formulas from programs.

CSE 425: Semantic Analysis Semantic Analysis Allows rigorous specification of a program’s meaning –Lets (parts of) programming languages be proven correct.

Axiomatic Verification I Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture 17.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

1 Thread Modular Model Checking Cormac Flanagan Systems Research Center HP Labs Joint work with Shaz Qadeer (Microsoft Research)

Some administrative stuff Class mailing list: –send to with the command “subscribe”

PSUCS322 HM 1 Languages and Compiler Design II Formal Semantics Material provided by Prof. Jingke Li Stolen with pride and modified by Herb Mayer PSU Spring.

1 A Modular Checker for Multithreaded Programs Cormac Flanagan HP Systems Research Center Joint work with Shaz Qadeer Sanjit A. Seshia.

Computability and Complexity 10-1 Computability and Complexity Andrei Bulatov Gödel’s Incompleteness Theorem.

11/8/20051 Ontology Translation on the Semantic Web D. Dou, D. McDermott, P. Qi Computer Science, Yale University Presented by Z. Chen CIS 607 SII, Week.

ECI 2007: Specification and Verification of Object- Oriented Programs Lecture 0.

CSC2108 Lazy Abstraction on Software Model Checking Wai Sum Mong.

Compositional Verification of Termination-Preserving Refinement of Concurrent Programs Hongjin Liang Univ. of Science and Technology of China (USTC) Joint.

CSE 755, part3 Axiomatic Semantics Will consider axiomatic semantics (A.S.) of IMP: ::=skip | | | | ; | | Only integer vars; no procedures/fns; vars declared.

Oct Multi-threaded Active Objects Ludovic Henrio, Fabrice Huet, Zsolt Istvàn June 2013 –

Exam 2 Help Session Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification.

1 Inference Rules and Proofs (Z); Program Specification and Verification Inference Rules and Proofs (Z); Program Specification and Verification.

Weak Arithmetic Completeness of Object-Oriented First-Order Assertion Networks Stijn de Gouw, Frank S. de Boer, Richard Bubel, Wolfgang Ahrendt.

CSCI-256 Data Structures & Algorithm Analysis Lecture Note: Some slides by Kevin Wayne. Copyright © 2005 Pearson-Addison Wesley. All rights reserved. 8.

1 Knowledge Representation. 2 Definitions Knowledge Base Knowledge Base A set of representations of facts about the world. A set of representations of.

Checking Reachability using Matching Logic Grigore Rosu and Andrei Stefanescu University of Illinois, USA.

4.8 Writing Equations from Patterns A very useful problem-solving strategy is look for a pattern. When you make a conclusion based on a pattern of examples,

A Certifying Compiler and Pointer Logic Zhaopeng Li Software Security Lab. Department of Computer Science and Technology, University of Science and Technology.

Devina DesaiF r a m e P r o b l e m What is a Frame Problem Environment for an agent is not static Identifying which things remain static in changing word.

Postulates and Paragraph Proofs Section 2-5.  postulate or axiom – a statement that describes a fundamental relationship between the basic terms of geometry.

Prolog Kyle Marcotte. Outline What is Prolog? Origins of Prolog (History) Basic Tutorial TEST!!! (sort of…actually not really at all) My example Why Prolog?

Logical Reasoning:Proof Prove the theorem using the basic axioms of algebra.

Introduction to Derivations in Sentential Logic PHIL 121: Methods of Reasoning April 8, 2013 Instructor:Karin Howe Binghamton University.

3.2 Semantics. 2 Semantics Attribute Grammars The Meanings of Programs: Semantics Sebesta Chapter 3.

1 / 48 Formal a Language Theory and Describing Semantics Principles of Programming Languages 4.

From Hoare Logic to Matching Logic Reachability Grigore Rosu and Andrei Stefanescu University of Illinois, USA.

13 Aug 2013 Program Verification. Proofs about Programs Why make you study logic? Why make you do proofs? Because we want to prove properties of programs.

A Calculus of Atomic Actions Tayfun Elmas, Shaz Qadeer and Serdar Tasiran POPL ‘ – Seminar in Distributed Algorithms Cynthia Disenfeld 27/05/2013.

Flashback : A Lightweight Extension for Rollback and Deterministic Replay for Software Debugging Sudarshan M. Srinivasan, Srikanth Kandula, Christopher.

CSC3315 (Spring 2009)1 CSC 3315 Languages & Compilers Hamid Harroud School of Science and Engineering, Akhawayn University

Program Analysis and Verification

Certifying and Synthesizing Membership Equational Proofs Patrick Lincoln (SRI) joint work with Steven Eker (SRI), Jose Meseguer (Urbana) and Grigore Rosu.

Proof And Strategies Chapter 2. Lecturer: Amani Mahajoub Omer Department of Computer Science and Software Engineering Discrete Structures Definition Discrete.

Further with Hoare Logic Sections 6.12, 6.10, 6.13

The Relationship Between Separation Logic and Implicit Dynamic Frames

Matching Logic An Alternative to Hoare/Floyd Logic

Automating Induction for Solving Horn Clauses

Verification of Concurrent Programs

Symbolic Implementation of the Best Transformer

Predicate Transforms II

Atomicity in Multithreaded Software

Programming Languages and Compilers (CS 421)

專題討論 Debris Flow Run Off Simulation and Verification – Case Study of Chen-You-Lan Watershed, Taiwan 蔡怡臻 MAR

Axiomatic Verification I

Towards a Unified Theory of Operational and Axiomatic Semantics

Axiomatic Verification I

Prepared by Stephen M. Thebaut, Ph.D. University of Florida

Predicate Transforms II

Bellwork From the exercise on the left identify all the postulates and properties that you can. Also note which step you see them in. By the way, what.

A Distributed Tabling Algorithm for Rule Based Policy Systems

Chapter 2, lesson 5: A Simple proof

The so-called “classical probability concept” is nothing more than what you’ve heard before called “equally likely outcomes”... In many experiments, the.

A Considerate Specification of the Composite Pattern

Program Analysis and Verification

Presentation transcript:

Calvinism A static analysis for multithreaded program verification

Motive - Reformation Verification is important –Recall therac; recall mars rover Calvin was a really, really good idea but sort of complicated –Therefore difficult to reason about –Therefore difficult to see flaws in –Therefore difficult to build on Recall that most good ideas were simple to understand. (i.e. wp- djik; hoare logic; Entity model relationship (chen)

Recall ideas of Calvin Atomicity –Via reduction Via guard predicates Declare m; //m==0 * m==tid Declare count; //m==0 * m==tid acquire(m); j=count; j++; count = j; release(m);

Concrete difference Whereas Calvin goes in and sticks in asserts, and thread changes to simulate the changes of other threads and then sends the work off to a theorem prover Calvinism has a set of axioms which do the same thing.

Conclusion Limitations –Have to add function calls –Have to finish proof of Soundness Potential work –Static solution to the problem of non-atomic methods. (Show rule?)