Abstract. We present an automatic verification procedure based on RGSep that is suitable for reasoning about fine-grained concurrent heapmanipulating programs. The procedure computes a set of RGSep actions overapproximating the interference that each thread causes to its concurrent environment. These inferred actions allow us to verify safety, liveness, and functional correctness properties of a collection of practical concurrent algorithms from the literature. 1

Recently developed tools now allow us to automatically synthesize hardware from programs that use the heap [5]. Unfortunately, because current tools are unable to accurately track the heap-carried data dependencies between program commands, the synthesis tools miss many opportunities for optimization, such as pipelining, parallelization, or memory localization. Thus, the resulting circuits have poor performance. In this paper we describe a separation logic based program analysis for identifying heap-carried data dependencies between program statements, and demonstrate the performance gains that it enables when performing hardware synthesis. 1.

Abstract—Dynamically allocated and manipulated data structures cannot be translated into hardware unless there is an upper bound on the amount of memory the program uses during all executions. This bound can depend on the generic parameters to the program, i.e., program inputs that are instantiated at synthesis time. We propose a constraint based method for the discovery of memory usage bounds, which leads to the firstknown C-to-gates hardware synthesis supporting programs with non-trivial use of dynamically allocated memory, e.g., linked lists maintained with malloc and free. We illustrate the practicality of our tool on a range of examples. I.

Abstract. This paper introduces a general purpose method, write invariant properties, for improving the precision of heap analysis techniques at a minimal computational cost. This method is specifically focused on eliminating the imprecision introduced when program states from multiple call paths are merged at call sites when using partially call-context sensitive interprocedural analysis techniques. The concept of write invariant properties allows the recovery of many important classes of information such as collection sizes, null pointer properties and object allocation sites. The concept of write invariant properties is based on the identification of heap object properties that are invariant during a method call provided certain parts of various objects are unmodified. By using a heap domain that can track this write information during the analysis we can extract the information for a given write invariant property at call entry and then, at the return of the call, we can assert that these properties must still hold (provided the required parts of the object are not modified). This paper presents a definition for write invariant properties in the concrete heap, translates this definition in a form usable in the abstract heap domain and integrates this into a basic partially call-sensitive analysis framework. 1

Abstract not found

We present a novel technique for verifying properties of data parallel GPU programs via test amplification. The key insight behind our work is that we can use the technique of static information flow to amplify the result of a single test execution over the set of all inputs and interleavings that affect the property being verified. We empirically demonstrate the effectiveness of test amplification for verifying race-freedom and determinism over a large number of standard GPU kernels, by showing that the result of verifying a single dynamic execution can be amplified over the massive space of possible data inputs and thread interleavings.

of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM,

We present an analysis which takes as its input a sequential program, augmented with annotations indicating potential parallelization opportunities, and a sequential proof, written in separation logic, and produces a correctly-synchronized parallelized program and proof of that program. Unlike previous work, ours is not an independence analysis; we insert synchronization constructs to preserve relevant dependencies found in the sequential program that may otherwise be violated by a naïve translation. Separation logic allows us to parallelize fine-grained patterns of resource-usage, moving beyond straightforward points-to analysis. Our analysis works by using the sequential proof to discover dependencies between different parts of the program. It leverages these discovered dependencies to guide the insertion of synchronization primitives into the parallelized program, and to ensure that the resulting parallelized program satisfies the same specification as the original sequential program, and exhibits the same sequential behaviour. Our analysis is built using frame inference and abduction, two techniques supported by an increasing number of separation logic tools.

Abstract. While there are well-understood methods for detecting loops whose iterations are independent and parallelizing them, there are comparatively fewer proposals that support parallel execution of a sequence of loops or nested loops in the case where such loops have dependencies among them. This paper introduces a refined notion of independence, called eventual independence, that in its simplest form considers two loops, say loop 1 and loop 2, and captures the idea that for every i there exists k such that the i + 1-th iteration of loop 2 is independent from the j-th iteration of loop 1, for all j ≥ k. Eventual independence provides the foundation of a semantics-preserving program transformation, called synchronized pipelining, that makes execution of consecutive or nested loops parallel, relying on a minimal number of synchronization events to ensure semantics preservation. The practical benefits of synchronized pipelining are demonstrated through experimental results on common algorithms such as sorting and Fourier transforms. 1

Abstract. These are the notes to accompany a course at the Marktoberdorf PhD summer school in 2011. The course consists of an introduction to separation logic, with a slant towards its use in automatic program verification and analysis.