a static verification framework for message passing in go
play

A Static Verification Framework for Message Passing in Go using - PowerPoint PPT Presentation

Nov 20, 2022 •36 likes •506 views

A Static Verification Framework for Message Passing in Go using Behavioural Types Julien Lange 1 , Nicholas Ng 2 , Bernardo Toninho 3 , Nobuko Yoshida 2 1 University of Kent 2 Imperial College London 3 Universidade Nova de Lisboa 1 /26 Julien

  1. A Static Verification Framework for Message Passing in Go using Behavioural Types Julien Lange 1 , Nicholas Ng 2 , Bernardo Toninho 3 , Nobuko Yoshida 2 1 University of Kent 2 Imperial College London 3 Universidade Nova de Lisboa 1 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  2. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary The Go Programming Language Developed at Google for multicore programming Statically typed, natively compiled, concurrent Channel-based message passing for concurrency Used by major technology companies, e.g. 2 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  3. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Go and concurrency Approach and philosophy Do not communicate by sharing memory; Instead, share memory by communicating — Go language proverb Encourages message passing over locking Goroutines : lightweight threads Channels : typed FIFO queues Inspired by Hoare’s CSP/ process calculi 3 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  4. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Static verification framework for Go Overview 2 Model checking Behavioural mCRL2 model checker Types Transform Check safety and liveness and verify Type inference 1 3 Termination checking KITTeL termination prover SSA IR Go source code Address type ↔ program gap 4 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  5. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Goroutines 1 func main() { 2 ch := make(chan string) 3 go send(ch) go keyword + function call 4 print(<-ch) Spawns function as goroutine 5 close(ch) 6 } Runs in parallel to parent 7 8 func send(ch chan string) { 9 ch <- "Hej ICSE!" 10 } 5 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  6. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Channels Create new channel 1 func main() { Synchronous by default 2 ch := make(chan string) 3 go send(ch) Receive from channel 4 print(<-ch) Close a channel 5 close(ch) 6 } No more values sent to it 7 Can only close once 8 func send(ch chan string) { 9 ch <- "Hej ICSE!" Send to channel 10 } 6 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  7. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Channels 1 func main() { 2 ch := make(chan string) Also select-case : 3 go send(ch) Wait on multiple channel 4 print(<-ch) operations 5 close(ch) 6 } switch-case for 7 communication 8 func send(ch chan string) { 9 ch <- "Hej ICSE!" 10 } 6 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  8. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Deadlock detection 1 func main() { 2 Send message thru channel ch := make(chan string) 3 go send(ch) Print message on screen 4 print(<-ch) 5 close(ch) Output: 6 } $ go run hello.go 7 Hej ICSE! 8 func send(ch chan string) { $ 9 ch <- "Hej ICSE!" 10 } 7 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  9. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Deadlock detection Missing ’go’ keyword Only one (main) goroutine 1 // import _ "net" 2 func main() { Send without receive - blocks 3 ch := make(chan string) 4 send(ch) // Oops Output: 5 print(<-ch) $ go run deadlock.go 6 close(ch) fatal error: all goroutines 7 } are asleep - deadlock! 8 $ 9 func send(ch chan string) { 10 ch <- "Hej ICSE" 11 } 8 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  10. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Deadlock detection Missing ’go’ keyword 1 // import _ "net" Go’s runtime deadlock detector 2 func main() { Checks if all goroutines are 3 ch := make(chan string) 4 send(ch) // Oops blocked (‘global’ deadlock) 5 print(<-ch) Print message then crash 6 close(ch) 7 Some packages disable it } 8 (e.g. net ) 9 func send(ch chan string) { 10 ch <- "Hej ICSE" 11 } 8 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  11. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Deadlock detection Missing ’go’ keyword 1 import _ "net" // unused 2 func main() { 3 ch := make(chan string) 4 send(ch) // Oops Import unused, unrelated package 5 print(<-ch) 6 close(ch) 7 } 8 9 func send(ch chan string) { 10 ch <- "Hej ICSE" 11 } 8 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  12. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Concurrency in Go Deadlock detection Missing ’go’ keyword 1 import _ "net" // unused Only one (main) goroutine 2 func main() { Send without receive - blocks 3 ch := make(chan string) 4 send(ch) // Oops Output: 5 print(<-ch) 6 close(ch) $ go run deadlock2.go 7 } 8 Hangs: Deadlock NOT detected 9 func send(ch chan string) { 10 ch <- "Hej ICSE" 11 } 8 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  13. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Our goal Check liveness/safety properties in addition to global deadlocks Apply process calculi techniques to Go Use model checking to statically analyse Go programs 9 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  14. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Behavioural type inference Abstract Go communication as Behavioural Types 2 Model checking Behavioural mCRL2 model checker Types Transform Check safety and liveness and verify 1 Type inference 3 Termination checking KITTeL termination prover SSA IR Go source code Address type ↔ program gap 10 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  15. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Infer Behavioural Types from Go Program Behavioural Types Go source code Types of CCS-like [Milner ’80] 1 func main() { process calculus 2 ch := make(chan int) 3 go send(ch) Send/Receive 4 print(<-ch) new (channel) 5 close(ch) 6 } parallel composition (spawn) 7 Go-specific 8 func send(c chan int) { 9 Close channel c <- 1 10 } Select (guarded choice) 11 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

  16. Overview Concurrency in Go Behavioural type inference Model checking behavioural types Termination checking Summary Infer Behavioural Types from Go Program Go source code Inferred Behavioural Types 1 func main() { main() = ( new ch );   2 ch := make(chan int)   (send � ch � |   3 go send(ch)       4 ch; print(<-ch)     5 → close(ch) close ch) , 6 }       7       8 func send(c chan int) { send( ch ) = ch   9 c <- 1 10 } 11 /26 Julien Lange, Nicholas Ng, Bernardo Toninho, Nobuko Yoshida mrg.doc.ic.ac.uk A Static Verification Framework for Message Passing in Go using Behavioural Types

Recommend

MPI - Message Passing Interface MPI is the mostly used message passing-standard By

MPI - Message Passing Interface MPI is the mostly used message passing-standard By

MPI - Message Passing Interface MPI is the mostly used message passing-standard By using MPI you obtain portable programs MPI is based on earlier message passing libraries Lecture 7: NX, MPL, PVM, P4, TCGMSH, PARMACS, ...

360 views • 9 slides
Message Passing Concepts Message Passing Model The message passing model is based on the

Message Passing Concepts Message Passing Model The message passing model is based on the

Message Passing Concepts Message Passing Model The message passing model is based on the notion of processes can think of a process as an instance of a running program, together with the programs data In the message passing model,

601 views • 16 slides
Message Passing Programming with MPI Message Passing Programming with MPI 1 What is MPI?

Message Passing Programming with MPI Message Passing Programming with MPI 1 What is MPI?

Message Passing Programming with MPI Message Passing Programming with MPI 1 What is MPI? Message Passing Programming with MPI 2 MPI Forum First message-passing interface standard. Sixty people from forty different organisations.

1.61k views • 113 slides
Message-Passing Programming with MPI Message-Passing Concepts Overview This lecture will

Message-Passing Programming with MPI Message-Passing Concepts Overview This lecture will

Message-Passing Programming with MPI Message-Passing Concepts Overview This lecture will cover message passing model SPMD communication modes collective communications Programming Models Message-Passing Serial Programming

406 views • 28 slides
Message Passing Programming with MPI What is MPI? Message Passing Programming with MPI 1

Message Passing Programming with MPI What is MPI? Message Passing Programming with MPI 1

Message Passing Programming with MPI What is MPI? Message Passing Programming with MPI 1 Message Passing Programming with MPI 2 MPI Forum Goals and Scope of MPI First message-passing interface standard. MPIs prime goals are:

511 views • 29 slides
COMP31212: Concurrency Topics 4.3: Message Passing Topic 4.3: Message Passing Outline Topic

COMP31212: Concurrency Topics 4.3: Message Passing Topic 4.3: Message Passing Outline Topic

Topic 4.3: Message Passing COMP31212: Concurrency Topics 4.3: Message Passing Topic 4.3: Message Passing Outline Topic 4.3: Message Passing Background Synchronous Message Passing Asynchronous Message Passing Channel Selection Topic 4.3:

382 views • 36 slides
Static Resolution of Implicit Control Flow for Reflection and Message-Passing Paulo Barros , Ren

Static Resolution of Implicit Control Flow for Reflection and Message-Passing Paulo Barros , Ren

Static Resolution of Implicit Control Flow for Reflection and Message-Passing Paulo Barros , Ren Just, Suzanne Millstein, Paul Vines, Werner Dietl, Marcelo dAmorim and Michael D. Ernst Implicit control flow Indirect method call

1.05k views • 79 slides
Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in

Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in

Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in Action Jack Dongarra, Innovative Computing Laboratory University of Tennessee and Computer Science and Mathematics Division Oak Ridge National

422 views • 14 slides
Distributed Objects Message Passing vs. Distributed Objects Message Passing versus Distributed

Distributed Objects Message Passing vs. Distributed Objects Message Passing versus Distributed

Distributed Objects Message Passing vs. Distributed Objects Message Passing versus Distributed Objects The message-passing paradigm is a natural model for distributed computing, in the sense that it mimics interhuman communications. It is

901 views • 58 slides
+ Design of Parallel Algorithms Introduction to the Message Passing Interface MPI + Principles

+ Design of Parallel Algorithms Introduction to the Message Passing Interface MPI + Principles

+ Design of Parallel Algorithms Introduction to the Message Passing Interface MPI + Principles of Message-Passing Programming n The logical view of a machine supporting the message-passing paradigm consists of p processes, each with its own

683 views • 39 slides
Message Passing Programming Introduction to MPI What is MPI? MPI Forum First

Message Passing Programming Introduction to MPI What is MPI? MPI Forum First

Message Passing Programming Introduction to MPI What is MPI? MPI Forum First message-passing interface standard. Sixty people from forty different organisations. Users and vendors represented, from the US and Europe. Two-year

526 views • 18 slides
Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android

Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android

Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications Daniele Gallingani, Rigel Gjomemo , V.N. Venkatakrishnan, Stefano Zanero Android Message Passing Mechanism Android apps are composed of

566 views • 23 slides
Lecture 5: Message Passing &amp; Other Communication Mechanisms (SR &amp; Java) Intro:

Lecture 5: Message Passing &amp; Other Communication Mechanisms (SR &amp; Java) Intro:

Lecture 5: Message Passing &amp; Other Communication Mechanisms (SR &amp; Java) Intro: Synchronous &amp; Asynchronous Message Passing Types of Processes in Message Passing Examples Asynchronous Sorting Network Filter (SR)

914 views • 50 slides
Programming Introduction to MPI What is MPI? 2 MPI Forum First message-passing interface

Programming Introduction to MPI What is MPI? 2 MPI Forum First message-passing interface

Message Passing Programming Introduction to MPI What is MPI? 2 MPI Forum First message-passing interface standard. Sixty people from forty different organisations. Users and vendors represented, from the US and Europe. Two-year

302 views • 18 slides
Static and dynamic verification Static and dynamic V&amp;V Software inspections Concerned

Static and dynamic verification Static and dynamic V&amp;V Software inspections Concerned

1 2 Static and dynamic verification Static and dynamic V&amp;V Software inspections Concerned with analysis of the static system Static representation to discover problems (static verification verification) May be supplement by

107 views • 6 slides
CSL 860: Modern Parallel Computation Computation MPI: MESSAGE PASSING INTERFACE Message

CSL 860: Modern Parallel Computation Computation MPI: MESSAGE PASSING INTERFACE Message

CSL 860: Modern Parallel Computation Computation MPI: MESSAGE PASSING INTERFACE Message Passing Model Process (program counter, address space) Multiple threads (pc, stacks) MPI is for inter-process communication Process creation

546 views • 53 slides
Message Passing Programming Designing MPI Applications Overview Lecture will cover MPI

Message Passing Programming Designing MPI Applications Overview Lecture will cover MPI

Message Passing Programming Designing MPI Applications Overview Lecture will cover MPI portability maintenance of serial code general design debugging verification MPI Portability Potential deadlock you may be

531 views • 25 slides
Divergence measures and message passing Tom Minka Microsoft Research Cambridge, UK with thanks

Divergence measures and message passing Tom Minka Microsoft Research Cambridge, UK with thanks

Divergence measures and message passing Tom Minka Microsoft Research Cambridge, UK with thanks to the Machine Learning and Perception Group 1 Message-Passing Algorithms MF [Peterson,Anderson 87] Mean-field BP [Frey,MacKay 97] Loopy

458 views • 42 slides
Message passing and channels INF4140 - Models of concurrency Message passing and channels Fall

Message passing and channels INF4140 - Models of concurrency Message passing and channels Fall

Message passing and channels INF4140 - Models of concurrency Message passing and channels Fall 2016 17. Oct. 2016 Outline Course overview: Part I: concurrent programming; programming with shared variables Part II: distributed

847 views • 41 slides
Introduction to Parallel Computing Irene Moulitsas Programming using the Message-Passing

Introduction to Parallel Computing Irene Moulitsas Programming using the Message-Passing

Introduction to Parallel Computing Irene Moulitsas Programming using the Message-Passing Paradigm MPI Background MPI : Message Passing Interface Began in Supercomputing 92 Vendors IBM, Intel, Cray Library writers PVM

876 views • 38 slides
CSE-505: Programming Languages Lecture 21 Synchronous Message-Passing and Concurrent ML Zach

CSE-505: Programming Languages Lecture 21 Synchronous Message-Passing and Concurrent ML Zach

CSE-505: Programming Languages Lecture 21 Synchronous Message-Passing and Concurrent ML Zach Tatlock 2016 Message Passing Threads communicate via send and receive along channels instead of read and write of references Not so

626 views • 13 slides
Message Passing Programming Designing MPI Applications Overview Lecture will cover MPI

Message Passing Programming Designing MPI Applications Overview Lecture will cover MPI

Message Passing Programming Designing MPI Applications Overview Lecture will cover MPI portability maintenance of serial code general design debugging verification Designing MPI Programs 2 MPI Portability Potential

796 views • 25 slides
Interference Alignment via Message-Passing Message-Passing M. Guillaud Motivation Maxime

Interference Alignment via Message-Passing Message-Passing M. Guillaud Motivation Maxime

Interference Alignment via Interference Alignment via Message-Passing Message-Passing M. Guillaud Motivation Maxime GUILLAUD Communication Problem Interference Alignment Message-Passing GDL Min-Sum IA via Min-Sum Implementation

701 views • 46 slides
Verifying functional correctness of message-passing programs in Coq Robbert Krebbers, TU Delft

Verifying functional correctness of message-passing programs in Coq Robbert Krebbers, TU Delft

Verifying functional correctness of message-passing programs in Coq Robbert Krebbers, TU Delft Joint work with Jonas Kastberg Hinrichsen, ITU Jesper Bengtson, ITU 4 June 2020 @ VEST Workshop, Online 1 Type checking message-passing programs

601 views • 25 slides

More recommend