Sequentializationtargetedto BoundedModel-Checkers
|
|
- Dominick Shelton
- 8 years ago
- Views:
Transcription
1 Sequentializationtargetedto BoundedModel-Checkers Salvatore La Torre Dipartimento di Informatica Università degli Studi di Salerno
2 Sequentialization Code-to-code translation from a multithreaded program to an equivalent sequential one shared vars Conc. program loc loc loc T 1 T 2 T m Seq. progam Seq. Verifier Re-use of existing tools (delegate the analysis to the backend tool) Fast prototyping (designers can concentrate only concurrency features) Can work with different backends
3 Sequentialization alters the original program structure by injecting control code (which is an overhead for the backend) requires careful attention to the details of the translation for well-performing tools replaces concurrency with nondeterminism
4 Backend: Bounded Model Checkers Reduce program verification to SAT/SMT solvers Very effective technique to discover bugs in seq. programs Performance relies on the performance of underlying solvers Impressive improvement of SAT solvers in last years Vars Year
5 Implementations with BMC backend LR seq. [Lal-Reps, CAV 08]: eager, bounded round-robin LMP seq. [La Torre-Madhusudan-Parlato]: lazy, any scheduling With BMC, LR works better than LMP [Ghafari-Hu-Rakamaric, SPIN 10] Implementations of LR: CSeq: Pthreads C programs [Fischer-Inverso-Parlato, ASE 13] STORM: also dynamic memory allocation [Lahiri-Qadeer-Rakamaric, CAV 09] Corral [Lal-Qadeer-Lahiri, CAV 12] Delay bounded-scheduling [Emmi-Qadeer-Rakamaric, POPL 11] Real-time systems [Chaki, Gurfinkel, Strichman FMCAD 11]
6 Lal/Reps Sequentialization considers only round-robin schedules with k rounds thread function, run to completion global memory copy for each round scalar array context switch round counter++ first thread starts with nondeterministic memory contents other threads continue with content left by predecessor T0 S0,0 S1,0 S2,0 Sk,0 T1 S0,1 S1,1 S2,1 Sk,1 S0,n S1,n S2,n Sk,n Tn
7 Lal/Reps Sequentialization considers only round-robin schedules with k rounds thread function, run to completion global memory copy for each round scalar array context switch round counter++ first thread starts with nondeterministic memory contents other threads continue with content left by predecessor checker prunes away inconsistent simulations assume(si+1,0 == S i,n); requires second set of memory copies errors can only be checked at end of simulation requires explicit error checks T0 S0,0 S1,0 S2,0 Sk,0 T1 S0,1 S1,1 S2,1 Sk,1 S0,n S1,n S2,n Sk,n Tn
8 CSeq Tool Architecture [Fischer-Inverso-Parlato, ASE 13] pycparser, AST traversal with unparsing insert new type declarations, modify memory accesses insert context switch simulation code at each sequence point insert explicit error checks insert checker and code for pthread functions k, N concurrent C program CSeq sequential non-deterministic C program P P' sequential tool SAFE UNSAFE
9 Can we improve this? Eager sequentializations cannot rely on error checks built into the backend also requires specific techniques to handle programs with heap-allocated memory LR (but also LMP) uses additional copies of shared variables BMC will make more copies with loop/recursion unwinding can seriously affect the formula size
10 Two new sequentializations [Inverso-Tomasco-Fischer-LaTorre-Parlato] Lazy-CSeq [CAV 14-TACAS/SVCOMP 14] lazy light-weight: few additional variables and code MU-CSeq [TACAS/SVCOMP 14] Bound on memory unwindings Extension message-passing programs
11 Outline Bounded Model-checking for programs Lazy sequentialization: Lazy-CSeq Memory unwindings: MU-CSeq Experiments Conclusions
12 How does it work Transform a programs into a set of equations Simplify control flow Unwind all of the loops Convert into Static Single Assignment (SSA) Convert into equations Bit-blast Solve with a SAT Solver Convert SAT assignment into a counterexample
13 Control Flow Simplifications All side effect are removed e.g., j=i++ becomes j=i; i=i+1 Control Flow is made explicit continue, break replaced by goto All loops are simplified into one form for, do, while replaced by while
14 Loop Unwinding void f() { } while(cond) { Body; } Remainder; while() loops are unwound iteratively Break / continue replaced by goto
15 Loop Unwinding void f() { } if(cond) { Body; } while(cond) { Body; } Remainder; while() loops are unwound iteratively Break / continue replaced by goto
16 Loop Unwinding void f() { } if(cond) { Body; } if(cond) { Body; } while(cond) { Body; } Remainder; while() loops are unwound iteratively Break / continue replaced by goto
17 Unwinding assertion void f() { } if(cond) { Body; } if(cond) { Body; } if(cond) { Body; } Remainder; while(cond) { Body; } while() loops are unwound iteratively Break / continue replaced by goto Assume statements inserted after last iteration: block execution if program runs longer than bound permits
18 Unwinding assertion void f() { if(cond) { Body; } if(cond) { Body; } if(cond) { Body; } assume(!cond); } Remainder; } Unwinding assume while() loops are unwound iteratively Break / continue replaced by goto Assume statements inserted after last iteration: block execution if program runs longer than bound permits
19 Transforming Loop-Free Programs Into Equations (1) Easy to transform when every variable is only assigned once! Program x = a; y = x + 1; z = y 1; Constraints x = a && y = x + 1 && z = y 1 &&
20 Transforming Loop-Free Programs Into Equations (2) When a variable is assigned multiple times, use a new variable for the RHS of each assignment Program SSA Program
21 What about conditionals? Program SSA Program if (v) x = y; else x = z; w = x; if (v 0 ) x 0 = y 0 ; else x 1 = z 0 ; w 1 = x??; What should x be?
22 What about conditionals? Program SSA Program if (v) x = y; else x = z; w = x; if (v 0 ) x 0 = y 0; else x 1 = z 0; x 2 = v 0? x 0 : x 1 ; w 1 = x 2 For each join point, add new variables with selectors
23 Example
24 CBMC: Bounded Model Checker for C A tool by D. Kroening/Oxford and Ed Clarke/CMU C Program Parser gotoprogram Static Analysis equations SAFE UNSAT SAT solver CNF CNF-gen SAT UNSAFE + CEX CEX-gen CBMC
25 BMC: from sequential to concurrent BMC for sequential programs has been used to discover subtle errors in applications robust BMC tools exist for C programs (e.g. CBMC, LLBMC, ESBMC) attempts to apply BMC to multi-threaded programs face problems number of interleavings grows exponentially with #threads and #statements Recent solutions for multi-threaded programs partial orders sequentializations
26 Outline Bounded Model-checking for programs Lazy sequentialization: Lazy-CSeq Memory unwindings: MU-CSeq Experiments Conclusions
27 Lazy-CSeq schema P' simulates all computations (up to K rounds) of P lazy: avoid exploring unfeasible runs T₁ T₂ T n (T' 1 ; T' 2 ; ; T' n ) K
28 Lazy-CSeq Sequentialization Translation P P': unwinding, inlining (bounded program) thread T function T' main driver: For each round in [1..K] for each thread in [1..N] T' thread ();
29 Main driver void main(void) { }} for(r=1; r<=k; r++) { ct=1; // thread 1 if(active[ct]) { //only active theads cs=pc[ct]+nondet uint(); // guess cs assume(cs<=size[ct]); // legal? fseq_1(arg[ct]); // simulate thread pc[ct]=cs; // store cs } : : : : : : : : : ct=n; // thread n if(active[ct]) { : : : : : : : : : } K: rounds ct: thread count active[j]: true iff thread j is active cs: guessed context-switch position for coming simulation pc[j]: position when contextswitched out of thread j size[j]: last position for context-switches
30 Thread T function T' Translation P P': unwinding, inlining thread T function T' main driver: for round in [1..K] for thread in [1..N] T' thread (); T' guard; stmt; Thread T function T' var x; static var x; stmt; guard; stmt;
31 Thread T function T' Thread T function T' var x; static var x; stmt; guard; stmt; exec T' context-switch cs 1 Thread simulation: round 1 guess context-switch point cs 1 (in main) skip execute stmts before cs 1 jump in multiple hops to the end and return simulation round 1
32 Thread T function T' Thread T function T' var x; static var x; stmt; guard; stmt; Thread simulation: round i guess context-switch point cs i (in main) jump in multiple hops to pc i-1 skip exec skip T' resume from pc i-1 context-switch cs i execute stmts from pc i-1 to cs i jump in multiple hops to the end and return simulation round i >1
33 Instrumenting jumping in and out of thread executions (stmt; guard; stmt;) Multiple hops: #define J(A,B) if ( pc[ct] > A A >= cs ) goto B; Ex. At position 5, J(5,6) jumps to 6 (next position) when not in [ pc[ct], cs [
34 Branching stmts Thread T function T' Use macro: #define var x; static var x; stmt; guard; stmt; G(L) assume(cs >= L); if cond { body1 }else{ body2 } if cond { body1 }else{ G(A) body2 } G(B) Rules out spurious thread executions when context-switch position is inside the not picked branch
35 Example 2:J(2,3) if(c>0) 3:J(3,4) c++; else { G(4) 4:J(4,5) c=0; 5:J(5,6) 6:J(6,7) } G(7) if(!(tmp>0)) goto l1; c++; tmp--; if(!(tmp>0)) goto l1; c++; tmp--; assume(!(tmp>0)); l1: G(7); 7:J(7,8) pthread mutex unlock(&m); Assume pc=2 and cs=3 (only 2: must be executed) Additionally suppose c<=0 holds Note this is not ruling out any good exectutions Execution jumps to the else stmt and exits In main pc is then set to 3 (cs) The sketched one is captured by guessing cs=4 instead of cs=3 When resumed, the tread will start from 3: executing c++!!!!! Adding guard G(4) right after the else stmt rules out this unfeasible computation
36 Outline Bounded Model-checking for programs Lazy sequentialization: Lazy-CSeq Memory unwindings: MU-CSeq Experiments Conclusions
37 Main idea Guess a memory unwinding of the shared memory sequence of writes into the shared memory of an execution Execute each thread s.t. its local computation is consistent with the memory unwinding any scheduling that fits it is considered Crucial notion: all the shared memory operations are done through a memory object
38 Memory object Stores a sequence of writes Each write is a triple (thread, variable, value) Is used through an interface Several implementations are possible
39 Memory object interface int mem_init(uint V, uint W, uint T); instantiate a memory object V = number of variables W = number of writes T = max number of threads
40 Memory object interface int read(uint th_id, uint var); void write(uint th_id, uint var, int value); int mem_thread_create(uint parent_id); returns id for created thread void terminate(uint th_id); checks that all writes of th_id have been executed
41 MU-Cseq sequentialization A funciton for each thread thread T function T' main driver: void proc main(void) call memory_init(v, W, T); ct := mem_thread_create(0); call main W;T(x1,, xk); // instantiate memory // register main thread call terminate(ct); // all writes are executed assert(_error!= 1) // error check
42 Simulation Basic Idea: simulate all executions compatible with guessed memory unwinding uses auxiliary variables pos (current index into memory object) ct (id of currently simulated thread) every thread is translated into a function simulation starts from main thread each thread creation interrupts simulation of current thread new thread is called with current value of pos terminated threads must have completed their memory writes terminate(ct) must hold old thread resumed with old memory position (in the activation record)
43 Simulation Basic Idea: simulate all executions compatible with guessed memory unwinding every read / write is translated into a function simulates valid access into unwound memory (similarly for pthread functions)
44 Implementation I: Explicit Read pos x memory y z W writes x 1 y 2 y 1 z 2 x Guess and store sequence of individual write operations: add N copies of shared variables ( memory ) _memory[i,j] is value of j-th variable after i-th write add array to record writes ( writes ) i-th write is by _thr[i], which has written to _var[i] add array to record validity of writes ( barrier ) next write (after i) by thread t is at _next[i,t] thr var next[1] N+1 N+1 N+1 N+1 N+1 N+1 barrier N N N N+1 N+1 next[t] N+1
45 Simulating reads and writes pos memory x y z writes thr var x y y z W x next[1] N+1 N+1 N+1 N+1 N+1 N+1 barrier N N N N+1 N+1 next[t] N+1 int read(uint th, uint var) { uint th_pos; if is_terminated(th) then return; th_pos = Jump(th_id); return (mem[th_pos][var]); }
46 Simulating reads and writes int write(uint th, uint var, int val) { } uint jump; if is_terminated(th) then return; jump=next[pos][th_id]; assume ( (jump<=last_write_pos) && (var[jump]==var) && (value[jump]==val) ); pos=jump;
47 Otherimplementations Implementation II: (Implicit Read) mem WxV-array is replaced with W-array var_next_write[ i ] is smallest j>i s.t. var[ i ]=var[ j ] saves memory but causes more complex Read implementation (larger formula) Implementation III: mixed I and II
48 Outline Bounded Model-checking for programs Lazy sequentialization: Lazy-CSeq Memory unwindings: MU-CSeq Experiments Conclusions
49 Evaluation: SV-COMP2014 Lazy-CSeq won the Gold Medal and MU-CSeq I won the Silver Medal in the Concurrency category 76 concurrent C programs UNSAFE instances: 20 programs containing a bug SAFE instances: all the others 4,500 l.o.c. 1) CSeq-Lazy: 1,000s, 136pts 2) CSeq-MU I: 1,200s, 136pts 3) CBMC: 29,000s, 128pts Results: small verification times small memory footprint no missed bugs!
50 Evaluation: bug-hunting Lazy-Cseq vs Native Concurrency Handling (UNSAFE instances) _1: timeout (750s) _2: internal error _3: manual translation not done _4: test case rejected _5: unknown failure
51 Evaluation: state space coverage Lazy-CSeq + CBMC vs CBMC (SAFE instances) How far is it possible to push the unwind bound with the two different methods and still finish the analysis within the given time and space requirements (10GB, 750s)? bounding the rounds allows deeper exploration of loops alternative coverage of the state space
52 Evaluation: formula size Lazy-CSeq + CBMC vs CBMC (v4.7) (on SV-COMP14 SAFE instances)
53 MU-CSeq
54 Outline Bounded Model-checking for programs Lazy sequentialization: Lazy-CSeq Memory unwindings: MU-CSeq Experiments Conclusions
55 Conclusions LR and LMP sequentializations complete analysis of concurrent programs up to a given number of context-switches (contextbounded analysis [Qadeer-Rehof, CAV 05] unbounded analysis within each context Lazy-CSeq and MU-CSeq use additional bounding criteria backend tool will bound the computations anyway this can be exploited to induce simplifications of the generated formula Effective for bug-hunting many concurrency errors show up within few context-switches
56 Lazy-CSeq Lightweight sequentialization designed to take advantage of modern sequ. BMC tools small BMC formulae for small number of rounds reduced memory footprint and verification times Laziness: avoid handling spurious errors typical of eager exploration inherit from the backend tool all checks for sequential C: array-bounds-check, division-by-zero, pointer- checks, overflow-checks, reachability of error labels and assertion failures, etc. no need to handle dynamic memory allocation
57 MU-CSeq Ongoing research Preliminary experiments show it is competitive with stateof-the-art model-checkers II improves on I on some benchmarks III performs better than both I and II in general and when it is outperfomed it stays close to the best of the two NEXT: memory unwinding can be used to sequentialize message-passing programs send/receive instead of read/write
58 Lazy-CSeq and MU-CSeq joint work with Ermenegildo Tomasco Omar Inverso Gennaro Parlato Bernd Fischer UK South Africa
Context-Bounded Model Checking of LTL Properties for ANSI-C Software. Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole
Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole Model Checking C Model checking: normally applied to formal state transition
More informationRegression Verification: Status Report
Regression Verification: Status Report Presentation by Dennis Felsing within the Projektgruppe Formale Methoden der Softwareentwicklung 2013-12-11 1/22 Introduction How to prevent regressions in software
More informationOverview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification
Introduction Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification Advanced Topics in Software Engineering 1 Concurrent Programs Characterized by
More informationIntroduction to SPIN. Acknowledgments. Parts of the slides are based on an earlier lecture by Radu Iosif, Verimag. Ralf Huuck. Features PROMELA/SPIN
Acknowledgments Introduction to SPIN Parts of the slides are based on an earlier lecture by Radu Iosif, Verimag. Ralf Huuck Ralf Huuck COMP 4152 1 Ralf Huuck COMP 4152 2 PROMELA/SPIN PROMELA (PROcess MEta
More informationModel Checking LTL Properties over C Programs with Bounded Traces
Noname manuscript No. (will be inserted by the editor) Model Checking LTL Properties over C Programs with Bounded Traces Jeremy Morse 1, Lucas Cordeiro 2, Denis Nicole 1, Bernd Fischer 1,3 1 Electronics
More informationInvGen: An Efficient Invariant Generator
InvGen: An Efficient Invariant Generator Ashutosh Gupta and Andrey Rybalchenko Max Planck Institute for Software Systems (MPI-SWS) Abstract. In this paper we present InvGen, an automatic linear arithmetic
More informationGENERIC and GIMPLE: A New Tree Representation for Entire Functions
GENERIC and GIMPLE: A New Tree Representation for Entire Functions Jason Merrill Red Hat, Inc. jason@redhat.com 1 Abstract The tree SSA project requires a tree representation of functions for the optimizers
More informationInterpreters and virtual machines. Interpreters. Interpreters. Why interpreters? Tree-based interpreters. Text-based interpreters
Interpreters and virtual machines Michel Schinz 2007 03 23 Interpreters Interpreters Why interpreters? An interpreter is a program that executes another program, represented as some kind of data-structure.
More informationThe Model Checker SPIN
The Model Checker SPIN Author: Gerard J. Holzmann Presented By: Maulik Patel Outline Introduction Structure Foundation Algorithms Memory management Example/Demo SPIN-Introduction Introduction SPIN (Simple(
More informationFormal Verification and Linear-time Model Checking
Formal Verification and Linear-time Model Checking Paul Jackson University of Edinburgh Automated Reasoning 21st and 24th October 2013 Why Automated Reasoning? Intellectually stimulating and challenging
More informationIntroduction to Promela and SPIN. LACL, Université Paris 12
Introduction to Promela and SPIN LACL, Université Paris 12 Promela = Process Meta Language A specification language! No programming language! Used for system description : Specify an abstraction of the
More informationModel Checking: An Introduction
Announcements Model Checking: An Introduction Meeting 2 Office hours M 1:30pm-2:30pm W 5:30pm-6:30pm (after class) and by appointment ECOT 621 Moodle problems? Fundamentals of Programming Languages CSCI
More informationCoverability for Parallel Programs
2015 http://excel.fit.vutbr.cz Coverability for Parallel Programs Lenka Turoňová* Abstract We improve existing method for the automatic verification of systems with parallel running processes. The technique
More informationAutomated Domain-Specific C Verification with mbeddr
Automated Domain-Specific C Verification with mbeddr Zaur Molotnikov Fortiss Institute Guerickestraße 25 Munich, Germany molotnikov@fortiss.org Markus Völter independent/itemis Oetztaler Straße 38 Stuttgart,
More informationModel Checking of Software
Model Checking of Software Patrice Godefroid Bell Laboratories, Lucent Technologies SpecNCheck Page 1 August 2001 A Brief History of Model Checking Prehistory: transformational programs and theorem proving
More informationFormal Verification by Model Checking
Formal Verification by Model Checking Natasha Sharygina Carnegie Mellon University Guest Lectures at the Analysis of Software Artifacts Class, Spring 2005 1 Outline Lecture 1: Overview of Model Checking
More informationINF5140: Specification and Verification of Parallel Systems
INF5140: Specification and Verification of Parallel Systems Lecture 7 LTL into Automata and Introduction to Promela Gerardo Schneider Department of Informatics University of Oslo INF5140, Spring 2007 Gerardo
More informationAUTOMATED TEST GENERATION FOR SOFTWARE COMPONENTS
TKK Reports in Information and Computer Science Espoo 2009 TKK-ICS-R26 AUTOMATED TEST GENERATION FOR SOFTWARE COMPONENTS Kari Kähkönen ABTEKNILLINEN KORKEAKOULU TEKNISKA HÖGSKOLAN HELSINKI UNIVERSITY OF
More informationMultiprocessor Scheduling and Scheduling in Linux Kernel 2.6
Multiprocessor Scheduling and Scheduling in Linux Kernel 2.6 Winter Term 2008 / 2009 Jun.-Prof. Dr. André Brinkmann Andre.Brinkmann@uni-paderborn.de Universität Paderborn PC² Agenda Multiprocessor and
More informationThe Course. http://www.cse.unsw.edu.au/~cs3153/
The Course http://www.cse.unsw.edu.au/~cs3153/ Lecturers Dr Peter Höfner NICTA L5 building Prof Rob van Glabbeek NICTA L5 building Dr Ralf Huuck NICTA ATP building 2 Plan/Schedule (1) Where and When Tuesday,
More informationIntroduction. What is an Operating System?
Introduction What is an Operating System? 1 What is an Operating System? 2 Why is an Operating System Needed? 3 How Did They Develop? Historical Approach Affect of Architecture 4 Efficient Utilization
More informationStatic Analysis of Virtualization- Obfuscated Binaries
Static Analysis of Virtualization- Obfuscated Binaries Johannes Kinder School of Computer and Communication Sciences École Polytechnique Fédérale de Lausanne (EPFL), Switzerland Virtualization Obfuscation
More informationGlobal Constraints in Software Testing Applications
Global Constraints in Software Testing Applications Arnaud Gotlieb Simula Research Laboratory Norway 1/34 The Certus Centre Software Validation and Verification Cisco Systems Norway Hosted by SIMULA Established
More informationSMock A Test Platform for the Evaluation of Monitoring Tools
SMock A Test Platform for the Evaluation of Monitoring Tools User Manual Ruth Mizzi Faculty of ICT University of Malta June 20, 2013 Contents 1 Introduction 3 1.1 The Architecture and Design of SMock................
More informationSoftware safety - DEF-STAN 00-55
Software safety - DEF-STAN 00-55 Where safety is dependent on the safety related software (SRS) fully meeting its requirements, demonstrating safety is equivalent to demonstrating correctness with respect
More informationCS414 SP 2007 Assignment 1
CS414 SP 2007 Assignment 1 Due Feb. 07 at 11:59pm Submit your assignment using CMS 1. Which of the following should NOT be allowed in user mode? Briefly explain. a) Disable all interrupts. b) Read the
More informationOperating System: Scheduling
Process Management Operating System: Scheduling OS maintains a data structure for each process called Process Control Block (PCB) Information associated with each PCB: Process state: e.g. ready, or waiting
More informationTransparent Monitoring of a Process Self in a Virtual Environment
Transparent Monitoring of a Process Self in a Virtual Environment PhD Lunchtime Seminar Università di Pisa 24 Giugno 2008 Outline Background Process Self Attacks Against the Self Dynamic and Static Analysis
More informationDepartment of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY. 6.828 Operating System Engineering: Fall 2005
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.828 Operating System Engineering: Fall 2005 Quiz II Solutions Average 84, median 83, standard deviation
More informationPerformance Analysis and Visualization of SystemC Models. Adam Donlin and Thomas Lenart Xilinx Research
Performance Analysis and Visualization of SystemC Models Adam Donlin and Thomas Lenart Xilinx Research Overview Performance Analysis!= Functional Verification Analysis and Visualization Overview Simulation
More informationToday s Agenda. Automata and Logic. Quiz 4 Temporal Logic. Introduction Buchi Automata Linear Time Logic Summary
Today s Agenda Quiz 4 Temporal Logic Formal Methods in Software Engineering 1 Automata and Logic Introduction Buchi Automata Linear Time Logic Summary Formal Methods in Software Engineering 2 1 Buchi Automata
More informationCPU Scheduling Outline
CPU Scheduling Outline What is scheduling in the OS? What are common scheduling criteria? How to evaluate scheduling algorithms? What are common scheduling algorithms? How is thread scheduling different
More informationTemporal Logics. Computation Tree Logic
Temporal Logics CTL: definition, relationship between operators, adequate sets, specifying properties, safety/liveness/fairness Modeling: sequential, concurrent systems; maximum parallelism/interleaving
More informationFormal verification of contracts for synchronous software components using NuSMV
Formal verification of contracts for synchronous software components using NuSMV Tobias Polzer Lehrstuhl für Informatik 8 Bachelorarbeit 13.05.2014 1 / 19 Problem description and goals Problem description
More informationCapacity Planning Process Estimating the load Initial configuration
Capacity Planning Any data warehouse solution will grow over time, sometimes quite dramatically. It is essential that the components of the solution (hardware, software, and database) are capable of supporting
More informationWrite Barrier Removal by Static Analysis
Write Barrier Removal by Static Analysis Karen Zee and Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology Cambridge, MA 02139 {kkz, rinard@lcs.mit.edu ABSTRACT We present
More informationParallel Programming Map-Reduce. Needless to Say, We Need Machine Learning for Big Data
Case Study 2: Document Retrieval Parallel Programming Map-Reduce Machine Learning/Statistics for Big Data CSE599C1/STAT592, University of Washington Carlos Guestrin January 31 st, 2013 Carlos Guestrin
More informationThe Best of Both Worlds: Trading Efficiency and Optimality in Fence Insertion for TSO
The Best of Both Worlds: Trading Efficiency and Optimality in Fence Insertion for TSO Parosh Aziz Abdulla, Mohamed Faouzi Atig, and Tuan-Phong Ngo Department of Information and Technology, Uppsala University,
More informationFormal Verification of Software
Formal Verification of Software Sabine Broda Department of Computer Science/FCUP 12 de Novembro de 2014 Sabine Broda (DCC-FCUP) Formal Verification of Software 12 de Novembro de 2014 1 / 26 Formal Verification
More informationStatic Analysis. Find the Bug! 15-654: Analysis of Software Artifacts. Jonathan Aldrich. disable interrupts. ERROR: returning with interrupts disabled
Static Analysis 15-654: Analysis of Software Artifacts Jonathan Aldrich 1 Find the Bug! Source: Engler et al., Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions, OSDI
More informationLecture 2: Universality
CS 710: Complexity Theory 1/21/2010 Lecture 2: Universality Instructor: Dieter van Melkebeek Scribe: Tyson Williams In this lecture, we introduce the notion of a universal machine, develop efficient universal
More informationJ-Sim: An Integrated Environment for Simulation and Model Checking of Network Protocols
J-Sim: An Integrated Environment for Simulation and Model Checking of Network Protocols Ahmed Sobeih, Mahesh Viswanathan, Darko Marinov and Jennifer C. Hou Department of Computer Science University of
More informationReplication on Virtual Machines
Replication on Virtual Machines Siggi Cherem CS 717 November 23rd, 2004 Outline 1 Introduction The Java Virtual Machine 2 Napper, Alvisi, Vin - DSN 2003 Introduction JVM as state machine Addressing non-determinism
More informationCurriculum Map. Discipline: Computer Science Course: C++
Curriculum Map Discipline: Computer Science Course: C++ August/September: How can computer programs make problem solving easier and more efficient? In what order does a computer execute the lines of code
More informationHOTPATH VM. An Effective JIT Compiler for Resource-constrained Devices
HOTPATH VM An Effective JIT Compiler for Resource-constrained Devices based on the paper by Andreas Gal, Christian W. Probst and Michael Franz, VEE 06 INTRODUCTION INTRODUCTION Most important factor: speed
More informationParallel Computing. Shared memory parallel programming with OpenMP
Parallel Computing Shared memory parallel programming with OpenMP Thorsten Grahs, 27.04.2015 Table of contents Introduction Directives Scope of data Synchronization 27.04.2015 Thorsten Grahs Parallel Computing
More informationOperatin g Systems: Internals and Design Principle s. Chapter 10 Multiprocessor and Real-Time Scheduling Seventh Edition By William Stallings
Operatin g Systems: Internals and Design Principle s Chapter 10 Multiprocessor and Real-Time Scheduling Seventh Edition By William Stallings Operating Systems: Internals and Design Principles Bear in mind,
More informationTowards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder
Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder Matt Department of Computer Science and Engineering University of Minnesota staats@cs.umn.edu Abstract We present
More informationFundamentals of Software Engineering
Fundamentals of Software Engineering Model Checking with Temporal Logic Ina Schaefer Institute for Software Systems Engineering TU Braunschweig, Germany Slides by Wolfgang Ahrendt, Richard Bubel, Reiner
More informationGameTime: A Toolkit for Timing Analysis of Software
GameTime: A Toolkit for Timing Analysis of Software Sanjit A. Seshia and Jonathan Kotker EECS Department, UC Berkeley {sseshia,jamhoot}@eecs.berkeley.edu Abstract. Timing analysis is a key step in the
More informationlanguage 1 (source) compiler language 2 (target) Figure 1: Compiling a program
CS 2112 Lecture 27 Interpreters, compilers, and the Java Virtual Machine 1 May 2012 Lecturer: Andrew Myers 1 Interpreters vs. compilers There are two strategies for obtaining runnable code from a program
More informationDebugging Multi-threaded Applications in Windows
Debugging Multi-threaded Applications in Windows Abstract One of the most complex aspects of software development is the process of debugging. This process becomes especially challenging with the increased
More informationIntroduction to Static Analysis for Assurance
Introduction to Static Analysis for Assurance John Rushby Computer Science Laboratory SRI International Menlo Park CA USA John Rushby Static Analysis for Assurance: 1 Overview What is static analysis?
More informationMEMORY MODEL SENSITIVE ANALYSIS OF CONCURRENT DATA TYPES. Sebastian Burckhardt. Computer and Information Science
MEMORY MODEL SENSITIVE ANALYSIS OF CONCURRENT DATA TYPES Sebastian Burckhardt A DISSERTATION in Computer and Information Science Presented to the Faculties of the University of Pennsylvania in Partial
More informationIntroduction to Data-flow analysis
Introduction to Data-flow analysis Last Time LULESH intro Typed, 3-address code Basic blocks and control flow graphs LLVM Pass architecture Data dependencies, DU chains, and SSA Today CFG and SSA example
More informationSoftware Engineering. Objectives. Designing, building and maintaining large software systems
Software Engineering Objectives Designing, building and maintaining large software systems To define software engineering and explain its importance To discuss the concepts of software products and software
More informationJonathan Worthington Scarborough Linux User Group
Jonathan Worthington Scarborough Linux User Group Introduction What does a Virtual Machine do? Hides away the details of the hardware platform and operating system. Defines a common set of instructions.
More informationGlossary of Object Oriented Terms
Appendix E Glossary of Object Oriented Terms abstract class: A class primarily intended to define an instance, but can not be instantiated without additional methods. abstract data type: An abstraction
More informationLecture 25 Symbian OS
CS 423 Operating Systems Design Lecture 25 Symbian OS Klara Nahrstedt Fall 2011 Based on slides from Andrew S. Tanenbaum textbook and other web-material (see acknowledgements) cs423 Fall 2011 1 Overview
More informationCommunication Protocol
Analysis of the NXT Bluetooth Communication Protocol By Sivan Toledo September 2006 The NXT supports Bluetooth communication between a program running on the NXT and a program running on some other Bluetooth
More informationEMSCRIPTEN - COMPILING LLVM BITCODE TO JAVASCRIPT (?!)
EMSCRIPTEN - COMPILING LLVM BITCODE TO JAVASCRIPT (?!) ALON ZAKAI (MOZILLA) @kripken JavaScript..? At the LLVM developer's conference..? Everything compiles into LLVM bitcode The web is everywhere, and
More informationStatic Program Transformations for Efficient Software Model Checking
Static Program Transformations for Efficient Software Model Checking Shobha Vasudevan Jacob Abraham The University of Texas at Austin Dependable Systems Large and complex systems Software faults are major
More informationLoad Balancing. Load Balancing 1 / 24
Load Balancing Backtracking, branch & bound and alpha-beta pruning: how to assign work to idle processes without much communication? Additionally for alpha-beta pruning: implementing the young-brothers-wait
More informationKnow or Go Practical Quest for Reliable Software
Know or Go Practical Quest for Reliable Software Dr.-Ing. Jörg Barrho Dr.-Ing. Ulrich Wünsche AVACS Project meeting 25.09.2014 2014 Rolls-Royce Power Systems AG The information in this document is the
More informationPulse: Plural To EVMDD-SMC
Pulse: Plural To EVMDD-SMC Automated Verification of Specifications with Typestates and Access Permissions Ijaz Ahmed 1 Néstor Cataño 1 Radu I. Siminiceanu 2 1 Carnegie Mellon University - Portugal, The
More informationSoftware Model Checking SystemC
1 Software Model Checking SystemC Alessandro Cimatti, Iman Narasamdya, and Marco Roveri Fondazione Bruno Kessler, Italy. Via Sommarive 18, I-38050, Trento, Italy {cimatti,narasamdya,roveri}@fbk.eu Abstract
More informationHow To Write A Multi Threaded Software On A Single Core (Or Multi Threaded) System
Multicore Systems Challenges for the Real-Time Software Developer Dr. Fridtjof Siebert aicas GmbH Haid-und-Neu-Str. 18 76131 Karlsruhe, Germany siebert@aicas.com Abstract Multicore systems have become
More informationSimple Cooperative Scheduler for Arduino ARM & AVR. Aka «SCoop»
Simple Cooperative Scheduler for Arduino ARM & AVR Aka «SCoop» Introduction Yet another library This library aims to provide a light and simple environment for creating powerful multi-threaded programs
More informationApplication of Design for Verification with Concurrency Controllers to Air Traffic Control Software
Application of Design for Verification with Concurrency Controllers to Air Traffic Control Software Aysu Betin-Can Tevfik Bultan Computer Science Department University of California Santa Barbara, CA 93106,
More informationData races in Java and static analysis
Data races in Java and static analysis Frédéric Dabrowski 1 INRIA, LANDE Frédéric Dabrowski (INRIA, LANDE) Static race detection 1 / 33 Outline 1 Concurrency in Java 2 Static Detection of dataraces { Flanagan,
More informationSoftware Engineering using Formal Methods
Software Engineering using Formal Methods Model Checking with Temporal Logic Wolfgang Ahrendt 24th September 2013 SEFM: Model Checking with Temporal Logic /GU 130924 1 / 33 Model Checking with Spin model
More informationMonitorExplorer: A State Exploration-Based Approach to Testing Java Monitors
Department of Computer Science and Engineering University of Texas at Arlington Arlington, TX 76019 MonitorExplorer: A State Exploration-Based Approach to Testing Java Monitors Y. Lei, R. Carver, D. Kung,
More informationAn Implementation Of Multiprocessor Linux
An Implementation Of Multiprocessor Linux This document describes the implementation of a simple SMP Linux kernel extension and how to use this to develop SMP Linux kernels for architectures other than
More information6. Control Structures
- 35 - Control Structures: 6. Control Structures A program is usually not limited to a linear sequence of instructions. During its process it may bifurcate, repeat code or take decisions. For that purpose,
More informationWiggins/Redstone: An On-line Program Specializer
Wiggins/Redstone: An On-line Program Specializer Dean Deaver Rick Gorton Norm Rubin {dean.deaver,rick.gorton,norm.rubin}@compaq.com Hot Chips 11 Wiggins/Redstone 1 W/R is a Software System That: u Makes
More informationlogic language, static/dynamic models SAT solvers Verified Software Systems 1 How can we model check of a program or system?
5. LTL, CTL Last part: Alloy logic language, static/dynamic models SAT solvers Today: Temporal Logic (LTL, CTL) Verified Software Systems 1 Overview How can we model check of a program or system? Modeling
More informationFacing the Challenges for Real-Time Software Development on Multi-Cores
Facing the Challenges for Real-Time Software Development on Multi-Cores Dr. Fridtjof Siebert aicas GmbH Haid-und-Neu-Str. 18 76131 Karlsruhe, Germany siebert@aicas.com Abstract Multicore systems introduce
More informationChapter 6, The Operating System Machine Level
Chapter 6, The Operating System Machine Level 6.1 Virtual Memory 6.2 Virtual I/O Instructions 6.3 Virtual Instructions For Parallel Processing 6.4 Example Operating Systems 6.5 Summary Virtual Memory General
More informationRepair of Boolean Programs with an Application to C
Repair of Boolean Programs with an Application to C Andreas Griesmayer 1, Roderick Bloem 1, and Byron Cook 2 1 Graz University of Technology 2 Microsoft Research Abstract. We show how to find and fix faults
More informationApplications to Computational Financial and GPU Computing. May 16th. Dr. Daniel Egloff +41 44 520 01 17 +41 79 430 03 61
F# Applications to Computational Financial and GPU Computing May 16th Dr. Daniel Egloff +41 44 520 01 17 +41 79 430 03 61 Today! Why care about F#? Just another fashion?! Three success stories! How Alea.cuBase
More informationCompiling Object Oriented Languages. What is an Object-Oriented Programming Language? Implementation: Dynamic Binding
Compiling Object Oriented Languages What is an Object-Oriented Programming Language? Last time Dynamic compilation Today Introduction to compiling object oriented languages What are the issues? Objects
More informationCarlos Villavieja, Nacho Navarro {cvillavi,nacho}@ac.upc.edu. Arati Baliga, Liviu Iftode {aratib,liviu}@cs.rutgers.edu
Continuous Monitoring using MultiCores Carlos Villavieja, Nacho Navarro {cvillavi,nacho}@ac.upc.edu Arati Baliga, Liviu Iftode {aratib,liviu}@cs.rutgers.edu Motivation Intrusion detection Intruder gets
More informationConcepts of Concurrent Computation
Chair of Software Engineering Concepts of Concurrent Computation Bertrand Meyer Sebastian Nanz Lecture 3: Synchronization Algorithms Today's lecture In this lecture you will learn about: the mutual exclusion
More informationBenchmarking Cassandra on Violin
Technical White Paper Report Technical Report Benchmarking Cassandra on Violin Accelerating Cassandra Performance and Reducing Read Latency With Violin Memory Flash-based Storage Arrays Version 1.0 Abstract
More informationGeneral Introduction
Managed Runtime Technology: General Introduction Xiao-Feng Li (xiaofeng.li@gmail.com) 2012-10-10 Agenda Virtual machines Managed runtime systems EE and MM (JIT and GC) Summary 10/10/2012 Managed Runtime
More informationReal Time Scheduling Basic Concepts. Radek Pelánek
Real Time Scheduling Basic Concepts Radek Pelánek Basic Elements Model of RT System abstraction focus only on timing constraints idealization (e.g., zero switching time) Basic Elements Basic Notions task
More informationMutual Exclusion using Monitors
Mutual Exclusion using Monitors Some programming languages, such as Concurrent Pascal, Modula-2 and Java provide mutual exclusion facilities called monitors. They are similar to modules in languages that
More informationPROPERTECHNIQUEOFSOFTWARE INSPECTIONUSING GUARDED COMMANDLANGUAGE
International Journal of Computer ScienceandCommunication Vol. 2, No. 1, January-June2011, pp. 153-157 PROPERTECHNIQUEOFSOFTWARE INSPECTIONUSING GUARDED COMMANDLANGUAGE Neeraj Kumar Singhania University,
More informationHow to Sandbox IIS Automatically without 0 False Positive and Negative
How to Sandbox IIS Automatically without 0 False Positive and Negative Professor Tzi-cker Chiueh Computer Science Department Stony Brook University chiueh@cs.sunysb.edu 2/8/06 Blackhat Federal 2006 1 Big
More informationOverview of Presentation. (Greek to English dictionary) Different systems have different goals. What should CPU scheduling optimize?
Overview of Presentation (Greek to English dictionary) introduction to : elements, purpose, goals, metrics lambda request arrival rate (e.g. 200/second) non-preemptive first-come-first-served, shortest-job-next
More informationThreads 1. When writing games you need to do more than one thing at once.
Threads 1 Threads Slide 1 When writing games you need to do more than one thing at once. Threads offer a way of automatically allowing more than one thing to happen at the same time. Java has threads as
More informationVisualizing Information Flow through C Programs
Visualizing Information Flow through C Programs Joe Hurd, Aaron Tomb and David Burke Galois, Inc. {joe,atomb,davidb}@galois.com Systems Software Verification Workshop 7 October 2010 Joe Hurd, Aaron Tomb
More informationSemantic Analysis: Types and Type Checking
Semantic Analysis Semantic Analysis: Types and Type Checking CS 471 October 10, 2007 Source code Lexical Analysis tokens Syntactic Analysis AST Semantic Analysis AST Intermediate Code Gen lexical errors
More informationAutomated Program Behavior Analysis
Automated Program Behavior Analysis Stacy Prowell sprowell@cs.utk.edu March 2005 SQRL / SEI Motivation: Semantics Development: Most engineering designs are subjected to extensive analysis; software is
More informationLEVERAGING DEDUCTIVE VERIFICATION IN INDUSTRIAL CONTEXTS
LEVERAGING DEDUCTIVE VERIFICATION IN INDUSTRIAL CONTEXTS CEA S SOFTWARE SAFETY LABORATORY 1995: LEAP FROM DYNAMIC TO STATIC CODE ANALYSIS! CAVEAT: ARCHITECTURE C source code VC Generator Formal specifications
More informationHow To Test Automatically
Automated Model-Based Testing of Embedded Real-Time Systems Jan Peleska jp@tzi.de University of Bremen Bieleschweig Workshop 7 2006-05-05 Outline Technologie-Zentrum Informatik Objectives Basic concepts
More informationTasks Schedule Analysis in RTAI/Linux-GPL
Tasks Schedule Analysis in RTAI/Linux-GPL Claudio Aciti and Nelson Acosta INTIA - Depto de Computación y Sistemas - Facultad de Ciencias Exactas Universidad Nacional del Centro de la Provincia de Buenos
More informationMiddleware. Peter Marwedel TU Dortmund, Informatik 12 Germany. technische universität dortmund. fakultät für informatik informatik 12
Universität Dortmund 12 Middleware Peter Marwedel TU Dortmund, Informatik 12 Germany Graphics: Alexandra Nolte, Gesine Marwedel, 2003 2010 年 11 月 26 日 These slides use Microsoft clip arts. Microsoft copyright
More informationAutomating Mimicry Attacks Using Static Binary Analysis
Automating Mimicry Attacks Using Static Binary Analysis Christopher Kruegel and Engin Kirda Technical University Vienna chris@auto.tuwien.ac.at, engin@infosys.tuwien.ac.at Darren Mutz, William Robertson,
More informationDatabase Application Developer Tools Using Static Analysis and Dynamic Profiling
Database Application Developer Tools Using Static Analysis and Dynamic Profiling Surajit Chaudhuri, Vivek Narasayya, Manoj Syamala Microsoft Research {surajitc,viveknar,manojsy}@microsoft.com Abstract
More information