170 likes | 182 Views
Explore the latest projects and collaborations of the UV group at the University of Utah, including Gauss framework for software verification. Discover tools and trends in scientific computing verification.
E N D
1) Overview of the UV Group2) Gauss: A Framework for Verifying Scientific Computing Software3) Random things (perhaps more useful than 1 or 2)presented by Ganesh Gopalakrishnanat the 2nd annual Utah Regional Verification WorkshopSchool of Computing, University of Utah, Salt Lake City, UT * Past work supported in part by SRC Contract 1031.001, NSF Award 0219805 and an equipment grant from Intel Corporation
People affiliated with the UV group: • Recent alumni : Yue Yang (PhD, Microsoft), Ali Sezgin • (PhD, Atilim, Turkey), Hemanthkumar Sivaraj (MS, Intel, Bangalore), • Sudhindra Pandav (MS, Intel, Hillsboro) • Updates on alumni: Ravi Hosabettu now at Juniper Networks, • Robert Palmer going to Intel Hillsboro for a 6-month internship, • Ritwik Bhattacharya (finishing up fast), • (Ratan, Prosenjit, Mike, Annette still where they were.) • New members: • Yu Yang (Jason took the “e”), PhD • Xiaofang Chen, PhD • Steve Barrus (BS/MS) • Geof Sawaya (BS) • Eun Yong Kang (BS/MS) • Igor Melatti (potential 6-month postdoc) • Collaborations with faculty: Konrad Slind,Gary Lindstrom, Mike Kirby, • John Regehr, Priyank Kalla, Chris Myers (during SRC meetings ) • Industrial collaborators: Ching Tsun Chou and SeungJoon Park (Intel), • Steven German (IBM)
Things we’ve dabbled in of late… Distributed model-checking Verifying shared thread programs (e.g. Posix) Verifying hierarchical cache coherence protocols (abstraction methods) SAT methods for shared memory consistency model conformance testing Verifying distributed memory programs (such as MPI) … dir dir mem mem
2) Gauss: A Framework for Verifying Scientific Computing Software
#include <mpi.h> #include <stdio.h> #include <stdlib.h> int main(int argc, char** argv){ int myid; int numprocs; MPI_Init(&argc, &argv); MPI_Comm_size(MPI_COMM_WORLD, &numprocs); MPI_Comm_rank(MPI_COMM_WORLD, &myid); if(myid == 0){ int i; for(i = 1; i < numprocs; ++i){ MPI_Send(&i, 1, MPI_INT, i, 0, MPI_COMM_WORLD); } printf("%d Value: %d\n", myid, myid); } else { int val; MPI_Status s; MPI_Recv(&val, 1, MPI_INT, 0, 0, MPI_COMM_WORLD, &s); printf("%d Value: %d\n", myid, val); } MPI_Finalize(); return 0; } 10010101000101010001010100101010010111 00100100111010101101101001001001001100 10011100100100001111001011001111000111 10010101000101010001010100101010010111 00100100111010101101101001001001001100 10011100100100001111001011001111000111 10010101000101010001010100101010010111 00100100111010101101101001001001001100 10011100100100001111001011001111000111 10010101000101010001010100101010010111 00100100111010101101101001001001001100 10011100100100001111001011001111000111 10010101000101010001010100101010010111 00100100111010101101101001001001001100 10011100100100001111001011001111000111 10010101000101010001010100101010010111 00100100111010101101101001001001001100 10011100100100001111001011001111000111 00100100111010101101101001001001001100 MPI Program MPI Binary Gauss: A framework for verifying scientific computing software proctype MPI_Send(chan out, int c){ out!c; } proctype MPI_Bsend(chan out, int c){ out!c; } proctype MPI_Isend(chan out, int c){ out!c; } typedef MPI_Status{ int MPI_SOURCE; int MPI_TAG; int MPI_ERROR; } … MPI LibraryModel int y; active proctype T1(){ int x; x = 1; if :: x = 0; :: x = 2; fi; y = x; } active proctype T2(){ int x; x = 2; if :: y = x + 1; :: y = 0; fi; assert( y == 0 ); } CIL / MPICC ProgramModel Model Extractor + Environment Model Error Visualization & Simulation Abstraction Refinement Zing Result Analyzer MC Server MC Client MC Client MC Client MC Client MC Client MC Client … OK MC Client MC Client MC Client
Tools you can download from the UV page: • Distributed BFS Murphi and Parallel Random-walk Murphi • MPEC (MP Execution Checker – currently for Itanium) • POeM (Partial Order enabled Murphi)
Recent “trends” seen / heard : • Considerable emphasis on Requirements Engineering for • embedded systems • Avrunin’s PROPEL Language (also “Lil-Jill”) for • modeling and verifying workflow during blood transfusions • Modeling requirements for cardiac pacemakers and defibrillators • (work sponsored by Guidant Inc. – Jeff Thompson - Minnesota) • Garlan’s model-driven architectures work (CMU) – connectors… • . Nebraska / Kansas powerhouse on many things (Java slicer, • Bogor, …) • Hybrid / dynamical system verification • - Bruce Kroge, Goran Frehse - precision “on demand” • Testing! • Rance Cleveland and Scott Smolka’s “Reactis” company (test • automation that saves 10x effort for auto companies…) • Positions for PhDs still available (e.g. Intel)
“Cool papers” read recently • A Survey of Recent Advances in SAT-based Formal Verification • Prasad, Biere, Gupta • Concrete Model Checking with Abstract Matching and Refinement • Pasareanu, Pelanek, Visser
Education Resources • Patrick Cousot’s notes on abstract interpretation (with code) • from MIT • Daniel Jackson’s “Alloy” • Bogor • Esterel / SCADE
Conclusion: Doing just one or two things would have been smarter (but *very* risky in today’s funding climate – hence forced to dip many fingers in many pies … not very conducive to obtaining really deep results…
Projects in “back-burner” : Conformance Testing based on Limited Observations Specification Validation Design Verification Testing for Fabrication Faults Post-Silicon Verification Spec product Pre-manufacture Post-manufacture Does functionality match designed behavior ? (conformance testing)
Post-Si Verification for Cache Protocol Execution • Future • CANNOTAssume there is a “front-side bus” • CANNOT Record all link traffic • CAN ONLY Generate sets of possible cache states • HOW BEST can one match against designed behavior? cpu cpu cpu cpu Invisible “miss” traffic Visible “miss” traffic
x a c b y d Back to our specific problem domain... Verify the operation of systems at runtime when we can’t see all transactions Could also be offline analysis of a partial log of activities a x c d y b …
Required Constraint-Solving Approaches Constraint Solving in the context of Coupled Reactive Processes d a e b c d Observed event a Likely cause d e a e b b d c a e c b c