Presentation is loading. Please wait.

Presentation is loading. Please wait.

Verification of obstruction-free algorithm with contention management Niloufar Shafiei.

Published byRichard Roberts Modified over 9 years ago

Similar presentations

Presentation on theme: "Verification of obstruction-free algorithm with contention management Niloufar Shafiei."— Presentation transcript:

1 Verification of obstruction-free algorithm with contention management Niloufar Shafiei

2 2 Agenda  The algorithm  Correctness condition for shared objects  Java PathFinder  Verification challenges  Verification  Summary  The algorithm  Correctness condition for shared objects  Java PathFinder  Verification challenges  Verification  Summary

3 3 The algorithm  Obstruction-free deque algorithm with different contention management policies  AtomicLongArray  AtomicLong  How should the algorithm behave? (correctness)  Data structure represents the abstract deque at any time  All operations terminate  No livelock or deadlock  Obstruction-free deque algorithm with different contention management policies  AtomicLongArray  AtomicLong  How should the algorithm behave? (correctness)  Data structure represents the abstract deque at any time  All operations terminate  No livelock or deadlock

4 4 Correctness condition for shared objects implementations  Find the linearization point

5 5 Correctness condition for shared objects implementations  Find the linearization point push(v 1 ) push(v 2 ) pop time stack ?

6 6 Correctness condition for shared objects implementations  Find the linearization point push(v 1 ) push(v 2 ) pop time stack ? X X X empty v1v1 v2v2

7 7 Check the correctness of shared object implementation  Find the linearization point  Define abstract variables (abstract stack,…)  Change the abstract variables at linearization points  At all linearization points, check if the abstract variables are consistent with data structures  In java, insert assert(expression) atomically at linearization points  Synchronized block  Atomic block  Find the linearization point  Define abstract variables (abstract stack,…)  Change the abstract variables at linearization points  At all linearization points, check if the abstract variables are consistent with data structures  In java, insert assert(expression) atomically at linearization points  Synchronized block  Atomic block

8 8 Java PathFinder  JPF  Model checker  Deadlocks  Invariants  User-defined assertions  JPF versus Spin  JPF covers the java programming language (not more than 10000 lines)  JPF design goal is to make it as modular and understandable as possible  Spin is faster than JPF  JPF  Model checker  Deadlocks  Invariants  User-defined assertions  JPF versus Spin  JPF covers the java programming language (not more than 10000 lines)  JPF design goal is to make it as modular and understandable as possible  Spin is faster than JPF

9 9 Verification challenges  JPF does not support AtomicLongArray and AtomicLong  Volatile Long[] and Long  Synchronized methods to implement C&S  Warning “unprotected field access of deque”  JPF employ Partial Order Reduction to save space  For lock protection, determines if a field access is scheduling relevant (transaction boundary)  vm.por.sync_detection=false  JPF does not support AtomicLongArray and AtomicLong  Volatile Long[] and Long  Synchronized methods to implement C&S  Warning “unprotected field access of deque”  JPF employ Partial Order Reduction to save space  For lock protection, determines if a field access is scheduling relevant (transaction boundary)  vm.por.sync_detection=false

10 10 State search  JPF searches  DFS  With backtracking is most appropriate for checking liveness properties  BFS  Search.heuristic.class = gov.nasa.jpf.search.heuristic.BFSHeuristic  JPF searches  DFS  With backtracking is most appropriate for checking liveness properties  BFS  Search.heuristic.class = gov.nasa.jpf.search.heuristic.BFSHeuristic

11 11 Verification ResultNumber of paths 1 thread (DFS - BFS) No error4 2 threads (DFS - BFS) No error135 - 120 3 threads Out of memory >1200

12 12 Verification  How to save the memory?  More synchronized methods  Synchronized blocks and Atomic blocks (Verify class)  Local instructions  At most one shared memory instruction  No instruction prevent the program from accessing endAtomic()  Return - break - join - if statement  How to save the memory?  More synchronized methods  Synchronized blocks and Atomic blocks (Verify class)  Local instructions  At most one shared memory instruction  No instruction prevent the program from accessing endAtomic()  Return - break - join - if statement

13 13 Verification  Atomic blocks  Sometimes threads loop in Atomic block  Why processes killed?  Need memory more than available memory  Atomic blocks  Sometimes threads loop in Atomic block  Why processes killed?  Need memory more than available memory ResultNumber of paths 1 thread Processes killed 0 2 threads Processes killed 0 3 threads Processes killed 0

14 14 Verification  Synchronized blocks ResultNumber of paths 1 thread (DFS - BFS) No error4 2 threads (DFS - BFS) No error135 - 120 3 threads Out of memory >1200 Why results are not improved? Partial Order reduction

15 15 Summary  Correctness conditions of shared object  Java PathFinder  Verification of shared deque implementation with JPF  Correctness conditions of shared object  Java PathFinder  Verification of shared deque implementation with JPF

16 16 Questions?

Download ppt "Verification of obstruction-free algorithm with contention management Niloufar Shafiei."

Similar presentations

Chapter 22 Implementing lists: linked implementations.

Chapter 22 Implementing lists: linked implementations.
Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.

Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.
Uninformed search strategies

Uninformed search strategies
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Partial Order Reduction: Main Idea

Partial Order Reduction: Main Idea
A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.

A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Carnegie Mellon University Java PathFinder and Model Checking of Programs Guillaume Brat, Dimitra Giannakopoulou, Klaus Havelund, Mike Lowry, Phil Oh,

Carnegie Mellon University Java PathFinder and Model Checking of Programs Guillaume Brat, Dimitra Giannakopoulou, Klaus Havelund, Mike Lowry, Phil Oh,
CSC 580 - Multiprocessor Programming, Spring, 2011 Outline for Chapters 15, 16 & Appendix A, Week 3, Dr. Dale E. Parson.

CSC Multiprocessor Programming, Spring, 2011 Outline for Chapters 15, 16 & Appendix A, Week 3, Dr. Dale E. Parson.
Scalable Synchronous Queues By William N. Scherer III, Doug Lea, and Michael L. Scott Presented by Ran Isenberg.

Scalable Synchronous Queues By William N. Scherer III, Doug Lea, and Michael L. Scott Presented by Ran Isenberg.
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.

CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.
Chapter 6 Process Synchronization: Part 2. Problems with Semaphores Correct use of semaphore operations may not be easy: –Suppose semaphore variable called.

Chapter 6 Process Synchronization: Part 2. Problems with Semaphores Correct use of semaphore operations may not be easy: –Suppose semaphore variable called.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
CS533 Concepts of Operating Systems Class 5 Integrated Task and Stack Management.

CS533 Concepts of Operating Systems Class 5 Integrated Task and Stack Management.
Threading Part 2 CS221 – 4/22/09. Where We Left Off Simple Threads Program: – Start a worker thread from the Main thread – Worker thread prints messages.

Threading Part 2 CS221 – 4/22/09. Where We Left Off Simple Threads Program: – Start a worker thread from the Main thread – Worker thread prints messages.
© Andy Wellings, 2004 Roadmap  Introduction  Concurrent Programming  Communication and Synchronization  Completing the Java Model  Overview of the.

© Andy Wellings, 2004 Roadmap  Introduction  Concurrent Programming  Communication and Synchronization  Completing the Java Model  Overview of the.
C. FlanaganSAS’04: Type Inference Against Races1 Type Inference Against Races Cormac Flanagan UC Santa Cruz Stephen N. Freund Williams College.

C. FlanaganSAS’04: Type Inference Against Races1 Type Inference Against Races Cormac Flanagan UC Santa Cruz Stephen N. Freund Williams College.
© 2006 Pearson Addison-Wesley. All rights reserved7A-1 Chapter 7 Stacks.

© 2006 Pearson Addison-Wesley. All rights reserved7A-1 Chapter 7 Stacks.

Similar presentations

Ads by Google