The supercompiler SCP 4 verification. Alexei P. Lisitsa The University of Liverpool. Andrei P. Nemytykh Program System Institute, Russian Academy of Sciences.

Презентация:

Advertisements

Похожие презентации

Conditional Statements. Program control statements modify the order of statement execution. Statements in a C program normally executes from top to bottom,

Advertisements

Combination. In mathematics a combination is a way of selecting several things out of a larger group, where (unlike permutations) order does not matter.

HPC Pipelining Parallelism is achieved by starting to execute one instruction before the previous one is finished. The simplest kind overlaps the execution.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v Route Selection Using Policy Controls Using Multihomed BGP Networks.

While its always a good idea to think outside the box when approaching a creative task, this is not always the case. For example, when working with teams,

Statistics Probability. Statistics is the study of the collection, organization, analysis, and interpretation of data.[1][2] It deals with all aspects.

© 2002 IBM Corporation Confidential | Date | Other Information, if necessary © Wind River Systems, released under EPL 1.0. All logos are TM of their respective.

Institute for Information Problems of the Russian academy of Sciences and its linguistic research Olga Kozhunova CML-2008, Becici, 6-13 September.

© 2006 Cisco Systems, Inc. All rights reserved.ISCW v Implementation of Frame Mode MPLS Implementing Frame Mode MPLS.

© 2009 Avaya Inc. All rights reserved.1 Chapter Two, Voic Pro Components Module Two – Actions, Variables & Conditions.

Верификация как параметризованное тестирование Алексей П. Лисица The University of Liverpool. Андрей П. Немытых Институт Программных Систем РАН.

Time-Series Analysis and Forecasting – Part IV To read at home.

Inner Classes. 2 Simple Uses of Inner Classes Inner classes are classes defined within other classes The class that includes the inner class is called.

© 2006 Cisco Systems, Inc. All rights reserved.BCMSN v Defining VLANs Correcting Common VLAN Configuration Errors.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v Customer-to-Provider Connectivity with BGP Connecting a Multihomed Customer to Multiple Service.

© 2005 Cisco Systems, Inc. All rights reserved. INTRO v Module Summary TCP/IP is the most widely used networking protocol, with functions that can.

Date: File:GRAPH_02e.1 SIMATIC S7 Siemens AG All rights reserved. SITRAIN Training for Automation and Drives Project Planning and Configuration.

© 2006 Cisco Systems, Inc. All rights reserved.ISCW v IPsec VPNs Implementing the Cisco VPN Client.

SIR model The SIR model Standard convention labels these three compartments S (for susceptible), I (for infectious) and R (for recovered). Therefore, this.

The Web The Internet. Level A2 Waystage Level A2 Waystage Listening (p.17) I can understand simple messages delivered at a relatively high speed (on every.

Транксрипт:

The supercompiler SCP 4 verification. Alexei P. Lisitsa The University of Liverpool. Andrei P. Nemytykh Program System Institute, Russian Academy of Sciences.

Verification of parameterized systems by the supercompiler SCP4. ( ) Successful experiments on verification of global cache coherence protocols: –IEEE Futurebus+, MOESI, MESI, MSI, The University of Illinois, DEC Firefly, Berkeley, Xerox PARC Dragon. More global parameterized protocols: –Java Meta-Locking Algorithm, Reader-Writer protocol.

A class of parameterized cache coherence protocols. Cache coherence protocols are used to maintain data consistency in multiprocessors systems equipped with local fast caches (elements of memory). A class of such protocols can be described as the following games: Let n baskets be given. The i-th basket contains x i stones. A step of a game is a permutation of y ik stones from the i-th basket to the k-th basket (for all 0 < i,k < n+1), if the y ik satisfy some conditions. If two or more steps can be done in the same time, then a random choice from the steps takes place. Let a start configuration of such a game be given, then the data consistency problem is a non-reachability problem of some configurations in the game.

Testing. Given a total recursive function f: D M, let Im(f) be a subset of the truths set of a total recursive recursive predicate. Let P be a program implementing ; P f be a program, such that d 0 D the call P f (d 0 ) terminates. Let P f be assumed to implement f. Testing of P f with respect to a post-condition is a program T: D {True, False} implementing the following composition P P f. d 0 D the result of evaluation of T(d 0 ) = True confirms correctness of P f on d 0, while T(d 0 ) = False gives a test d 0 where P f is invalid.

Verification. Running over the whole D with the valid result of the testing verifies P f with respect to the post-condition. Let be an optimizer such that the result of ( P P f,d) is a program with a simple syntactical property guarantying that Im( ) = {True}. Let the result of optimization, by definition of, implements an extension of the partial function implemented by the program to be transformed (in our case P P f ). In such a case we have verification of P f with respect to the post- condition.

Encoding of a class of cache coherence protocols. Evolution of the set of states of a multiprocessor system is a non-deterministic dynamic system with discrete time. Let Int(time,InitConfig) be an interpreter of the system, such that given a start configuration InitConfig of the system Int returns the configuration Config the system reaches in time. To simulate the non-deterministic choice we mark the times tacts with the random actions taking place in the system. The correctness of the protocols is expressed by unreachability of a special kind of the configurations and it is tested by a predicate-program (Config). The task for a supercompiler is: specialize the following composition Int(time,InitConfig 0 )

The MOESI protocol. (The proof by SCP4: induction on time) Theorem 1 Theorem 2 True2 Lemma $# # # $ $ $$$ True

Verification of the Xerox PARC Dragon cache coherence protocol. An error in a description of the protocol has been found as a result of analyzing of the residual program: –G. Delzanno, Automatic Verification of Parameterized Cache Coherence Protocols. and a test indicating the error was constructed. Successful verification of a corrected version of the description of the protocol was done: –

Languages dependence. (The MOESI protocol) RandomAction { … … = (invalid e.x1) (modified ) (shared I e.x3 e.x4) (exclusive )(owned e.x2 e.x5); … } Append { () (e.y) = e.y; (s.z e.x) (e.y) = s.z ; } RandomAction { … … = (invalid e.x1) (modified ) (shared I ) (exclusive )(owned ); … }

References [1] Lisitsa A. P., and Nemytykh A.P., Verification of parameterized systems using supercompilation. In Proc. of the APPSEM05, Fraunchiemsee, Germany, September [2] Lisitsa A. P., and Nemytykh A.P., Towards verification via supercompilation. In Proc. of the COMPSAC2005, [3] Lisitsa A.P., and Nemytykh A.P., Verification as parameterized testing (Experiments with the supercompiler SCP4). (In Russian), Submitted to the journal Programming, [4] Lisitsa A. P., and Nemytykh A.P., Work on errors. (In Russian), Submitted to the conference Program Systems: Theory and Applications, 2006.

Thank you!