Results 1 - 8 of 8

A.: Inductive data flow graphs

by Azadeh Farzan, Zachary Kincaid, Andreas Podelski - In: POPL , 2013
"... The correctness of a sequential program can be shown by the anno-tation of its control flow graph with inductive assertions. We pro-pose inductive data flow graphs, data flow graphs with incorpo-rated inductive assertions, as the basis of an approach to verifying concurrent programs. An inductive da ..."
Abstract - Cited by 12 (3 self) - Add to MetaCart
The correctness of a sequential program can be shown by the anno-tation of its control flow graph with inductive assertions. We pro-pose inductive data flow graphs, data flow graphs with incorpo-rated inductive assertions, as the basis of an approach to verifying concurrent programs. An inductive data flow graph accounts for a set of dependencies between program actions in interleaved thread executions, and therefore stands as a representation for the set of concurrent program traces which give rise to these dependencies. The approach first constructs an inductive data flow graph and then checks whether all program traces are represented. The size of the inductive data flow graph is polynomial in the number of data de-pendencies (in a sense that can be made formal); it does not grow exponentially in the number of threads unless the data dependen-cies do. The approach shifts the burden of the exponential explosion towards the check whether all program traces are represented, i.e., to a combinatorial problem (over finite graphs).
(Show Context)

Invariant Generation for Parametrized Systems using Self-Reflection

by Alejandro Sanchez, Sriram Sankaranarayanan, César Sánchez, Bor-yuh Evan Chang - SAS 2012 , 2012
"... We examine the problem of inferring invariants for parametrized systems. Parametrized systems are concurrent systems consisting of an a priori unbounded number of process instances running the same program. Such systems are commonly encountered in many situations including device drivers, distribu ..."
Abstract - Cited by 3 (0 self) - Add to MetaCart
We examine the problem of inferring invariants for parametrized systems. Parametrized systems are concurrent systems consisting of an a priori unbounded number of process instances running the same program. Such systems are commonly encountered in many situations including device drivers, distributed systems, and robotic swarms. In this paper we describe a technique that enables leveraging off-the-shelf invariant generators designed for sequential programs to infer invariants of parametrized systems. The central challenge in invariant inference for parametrized systems is that naïvely exploding the transition system with all interleavings is not just impractical but impossible. In our approach, the key enabler is the notion of a reflective abstraction that we prove has an important correspondence with inductive invariants. This correspondence naturally gives rise to an iterative invariant generation procedure that alternates between computing candidate invariants and creating reflective abstractions.
(Show Context)

Proofs That Count

by Azadeh Farzan, Zachary Kincaid, Andreas Podelski
"... Counting arguments are among the most basic proof methods in mathematics. Within the field of formal verification, they are use-ful for reasoning about programs with infinite control, such as pro-grams with an unbounded number of threads, or (concurrent) pro-grams with recursive procedures. While co ..."
Abstract - Cited by 2 (2 self) - Add to MetaCart
Counting arguments are among the most basic proof methods in mathematics. Within the field of formal verification, they are use-ful for reasoning about programs with infinite control, such as pro-grams with an unbounded number of threads, or (concurrent) pro-grams with recursive procedures. While counting arguments are common in informal, hand-written proofs of such programs, there are no fully automated techniques to construct counting arguments. The key questions involved in automating counting arguments are: how to decide what should be counted?, and how to decide when a counting argument is valid? In this paper, we present a technique for automatically constructing and checking counting arguments, which includes novel solutions to these questions.
(Show Context)

Duet: Static Analysis for Unbounded Parallelism

by Azadeh Farzan, Zachary Kincaid
"... Abstract. Duet is a static analysis tool for concurrent programs in which the number of executing threads is not statically bounded. Duet has a modular architecture, which is based on separating the invari-ant synthesis problem in two subtasks: (1) data dependence analysis, which is used to construc ..."
Abstract - Cited by 2 (0 self) - Add to MetaCart
Abstract. Duet is a static analysis tool for concurrent programs in which the number of executing threads is not statically bounded. Duet has a modular architecture, which is based on separating the invari-ant synthesis problem in two subtasks: (1) data dependence analysis, which is used to construct a data flow model of the program, and (2) domain, which generates invariants. This separation of concerns allows researchers working on data dependence analysis and abstract domains to combine their efforts toward solving the challenging problem of static analysis for unbounded concurrency. In this paper, we discuss the archi-tecture of Duet as well as two data dependence analyses that have been implemented in the tool. 1
(Show Context)

Selective Context-Sensitivity Guided by Impact Pre-Analysis

by Hakjoo Oh, Wonchan Lee, Kihong Heo, Hongseok Yang, Kwangkeun Yi
"... We present a method for selectively applying context-sensitivity during interprocedural program analysis. Our method applies context-sensitivity only when and where doing so is likely to im-prove the precision that matters for resolving given queries. The idea is to use a pre-analysis to estimate th ..."
Abstract - Cited by 1 (0 self) - Add to MetaCart
We present a method for selectively applying context-sensitivity during interprocedural program analysis. Our method applies context-sensitivity only when and where doing so is likely to im-prove the precision that matters for resolving given queries. The idea is to use a pre-analysis to estimate the impact of context-sensitivity on the main analysis’s precision, and to use this infor-mation to find out when and where the main analysis should turn on or off its context-sensitivity. We formalize this approach and prove that the analysis always benefits from the pre-analysis-guided context-sensitivity. We im-plemented this selective method for an existing industrial-strength interval analyzer for full C. The method reduced the number of (false) alarms by 24.4%, while increasing the analysis cost by 27.8 % on average. The use of the selective method is not limited to context-sensitivity. We demonstrate this generality by following the same principle and developing a selective relational analysis. Our experi-ments show that the method cost-effectively improves the precision in the relational analysis as well. 1.
(Show Context)

Proof Spaces for Unbounded Parallelism

by Azadeh Farzan, Zachary Kincaid, Andreas Podelski
"... In this paper, we present a new approach to automatically ver-ify multi-threaded programs which are executed by an unbounded number of threads running in parallel. The starting point for our work is the problem of how we can leverage existing automated verification technology for sequential programs ..."
Abstract - Cited by 1 (1 self) - Add to MetaCart
In this paper, we present a new approach to automatically ver-ify multi-threaded programs which are executed by an unbounded number of threads running in parallel. The starting point for our work is the problem of how we can leverage existing automated verification technology for sequential programs (abstract interpretation, Craig interpolation, constraint solving, etc.) for multi-threaded programs. Suppose that we are given a correctness proof for a trace of a program (or for some other program fragment). We observe that the proof can always be decomposed into a finite set of Hoare triples, and we ask what can be proved from the finite set of Hoare triples using only simple combinatorial inference rules (without access to a theorem prover and without the possibility to infer genuinely new Hoare triples)? We introduce a proof system where one proves the correctness of a multi-threaded program by showing that for each trace of the program, there exists a correctness proof in the space of proofs that are derivable from a finite set of axioms using simple combinatorial inference rules. This proof system is complete with respect to the classical proof method of establishing an inductive invariant (which uses thread quantification and control predicates). Moreover, it is possible to algorithmically check whether a given set of axioms is sufficient to prove the correctness of a multi-threaded program, using ideas from well-structured transition systems. 1.
(Show Context)

Lost in abstraction: Monotonicity in multi-threaded programs (extended technical report

by Er Kaiser, Daniel Kroening, Thomas Wahl , 2014
"... Abstract. Monotonicity in concurrent systems stipulates that, in any global state, extant system actions remain executable when new processes are added to the state. This concept is not only natural and common in multi-threaded software, but also useful: if every thread’s memory is finite, monotonic ..."
Abstract - Cited by 1 (0 self) - Add to MetaCart
Abstract. Monotonicity in concurrent systems stipulates that, in any global state, extant system actions remain executable when new processes are added to the state. This concept is not only natural and common in multi-threaded software, but also useful: if every thread’s memory is finite, monotonicity often guaran-tees the decidability of safety property verification even when the number of running threads is unknown. In this paper, we show that the act of obtaining finite-data thread abstractions for model checking can be at odds with mono-tonicity: Predicate-abstracting certain widely used monotone software results in non-monotone multi-threaded Boolean programs — the monotonicity is lost in the abstraction. As a result, well-established sound and complete safety checking algorithms become inapplicable; in fact, safety checking turns out to be undecid-able for the obtained class of unbounded-thread Boolean programs. We demon-strate how the abstract programs can be modified into monotone ones, without affecting safety properties of the non-monotone abstraction. This significantly improves earlier approaches of enforcing monotonicity via overapproximations. 1
(Show Context)

4 Lost in Abstraction: Monotonicity in Multi-Threaded Programs

by Er Kaiser, Daniel Kroening, Thomas Wahl
"... ar ..."
Abstract - Add to MetaCart
Abstract not found