Advertisement

Verifying Atomicity Preservation and Deadlock Freedom of a Generic Shared Variable Mechanism Used in Model-To-Code Transformations

  • Dan Zhang
  • Dragan Bošnački
  • Mark van den Brand
  • Cornelis Huizing
  • Bart Jacobs
  • Ruurd Kuiper
  • Anton Wijs
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 692)

Abstract

A challenging aspect of model-to-code transformations is to ensure that the semantic behavior of the input model is preserved in the output code. When constructing concurrent systems, this is mainly difficult due to the non-deterministic potential interaction between threads. In this paper, we consider this issue for a framework that implements a transformation chain from models expressed in the state machine based domain specific language SLCO to Java. In particular, we provide a fine-grained generic mechanism to preserve atomicity of SLCO statements in the Java implementation. We give its generic specification based on separation logic and verify it using the verification tool VeriFast. The solution can be regarded as a reusable module to safely implement atomic operations in concurrent systems. Moreover, we also prove with VeriFast that our mechanism does not introduce deadlocks. The specification formally ensures that the locks are not reentrant which simplifies the formal treatment of the Java locks.

Keywords

Model transformation Code generation Concurrency Atomicity Formal verification Separation logic Deadlock freedom 

References

  1. 1.
    Abadi, M., Flanagan, C., Freund, S.N.: Types for safe locking: static race detection for java. ACM Trans. Program. Lang. Syst. 28(2), 207–255 (2006)CrossRefGoogle Scholar
  2. 2.
    Biswas, S., Huang, J., Sengupta, A., Bond, M.D.: DoubleChecker: efficient sound and precise atomicity checking. In: ACM SIGPLAN Notices, vol. 49, pp. 28–39. ACM (2014)Google Scholar
  3. 3.
    Blech, J., Glesner, S., Leitner, J.: Formal verification of java code generation from UML models. In: Fujaba Days, pp. 49–56 (2005)Google Scholar
  4. 4.
    Bošnački, D., Brand, M., Gabriels, J., Jacobs, B., Kuiper, R., Roede, S., Wijs, A., Zhang, D.: Towards modular verification of threaded concurrent executable code generated from DSL models. In: Braga, C., Ölveczky, P.C. (eds.) FACS 2015. LNCS, vol. 9539, pp. 141–160. Springer, Cham (2016). doi: 10.1007/978-3-319-28934-2_8 CrossRefGoogle Scholar
  5. 5.
    Chaki, S., Clarke, E., Groce, A., Jha, S., Veith, H.: Modular verification of software components in C. In: ICSE, pp. 385–395. IEEE (2003)Google Scholar
  6. 6.
    Choi, J.D., Lee, K., Loginov, A., O’Callahan, R., Sarkar, V., Sridharan, M.: Efficient and precise datarace detection for multithreaded object-oriented programs. In: ACM SIGPLAN Notices, vol. 37, pp. 258–269. ACM (2002)Google Scholar
  7. 7.
    Engelen, L.: From Napkin sketches to reliable software. Ph.D. thesis, Eindhoven University of Technology (2012)Google Scholar
  8. 8.
    Engler, D., Ashcraft, K.: RacerX: effective, static detection of race conditions and deadlocks. In: ACM SIGOPS Operating Systems Review, vol. 37, pp. 237–252. ACM (2003)Google Scholar
  9. 9.
    Farzan, A., Madhusudan, P.: Causal atomicity. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 315–328. Springer, Heidelberg (2006). doi: 10.1007/11817963_30 CrossRefGoogle Scholar
  10. 10.
    Flanagan, C., Qadeer, S.: A type and effect system for atomicity. In: ACM SIGPLAN Notices, vol. 38, pp. 338–349. ACM (2003)Google Scholar
  11. 11.
    Havender, J.W.: Avoiding deadlock in multitasking systems. IBM Syst. J. 7(2), 74–84 (1968)CrossRefGoogle Scholar
  12. 12.
    Jacobs, B., Smans, J., Philippaerts, P., Vogels, F., Penninckx, W., Piessens, F.: VeriFast: a powerful, sound, predictable, fast verifier for C and java. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 41–55. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-20398-5_4 CrossRefGoogle Scholar
  13. 13.
    Jacobs, B., Bosnacki, D., Kuiper, R.: Modular termination verification: extended version. Technical report, Department of Computer Science, KU Leuven (2015)Google Scholar
  14. 14.
    Jhala, R., Majumdar, R.: Software model checking. ACM Comput. Surv. 41(4), 1–54 (2009)CrossRefGoogle Scholar
  15. 15.
    Kleppe, A., Warmer, J., Bast, W.: MDA Explained: the Model Driven Architecture: Practice and Promise. Addison-Wesley Professional, Boston (2005)Google Scholar
  16. 16.
    Kolovos, D., Rose, L., Garca-Dominguez, A., Paige, R.: The Epsilon Book. Eclipse (2011)Google Scholar
  17. 17.
    Leino, K.R.M., Müller, P., Smans, J.: Deadlock-free channels and locks. In: Gordon, A.D. (ed.) ESOP 2010. LNCS, vol. 6012, pp. 407–426. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-11957-6_22 CrossRefGoogle Scholar
  18. 18.
    O’Hearn, P., Reynolds, J., Yang, H.: Local reasoning about programs that alter data structures. In: Fribourg, L. (ed.) CSL 2001. LNCS, vol. 2142, pp. 1–19. Springer, Heidelberg (2001). doi: 10.1007/3-540-44802-0_1 CrossRefGoogle Scholar
  19. 19.
    Owicki, S., Gries, D.: Verifying properties of parallel programs: an axiomatic approach. Commun. ACM 19(5), 279–285 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Putter, S., Wijs, A.: Verifying a verifier: on the formal correctness of an LTS transformation verification technique. In: Stevens, P., Wąsowski, A. (eds.) FASE 2016. LNCS, vol. 9633, pp. 383–400. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49665-7_23 CrossRefGoogle Scholar
  21. 21.
    Rahim, L., Whittle, J.: A survey of approaches for verifying model transformations. Softw. Syst. Model. 14(2), 1003–1028 (2015)CrossRefGoogle Scholar
  22. 22.
    Reynolds, J.C.: Separation logic: a logic for shared mutable data structures. In: 17th Annual IEEE Symposium on Logic in Computer Science, pp. 55–74. IEEE (2002)Google Scholar
  23. 23.
    Stenzel, K., Moebius, N., Reif, W.: Formal verification of QVT transformations for code generation. In: Whittle, J., Clark, T., Kühne, T. (eds.) MODELS 2011. LNCS, vol. 6981, pp. 533–547. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-24485-8_39 CrossRefGoogle Scholar
  24. 24.
    Tuerk, T.: A formalisation of smallfoot in HOL. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 469–484. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-03359-9_32 CrossRefGoogle Scholar
  25. 25.
    Visser, W., Havelund, K., Brat, G., Park, S., Lerda, F.: Model checking programs. Autom. Softw. Eng. 10(2), 203–232 (2003)CrossRefGoogle Scholar
  26. 26.
    Wijs, A.: Define, verify, refine: correct composition and transformation of concurrent system semantics. In: Fiadeiro, J.L., Liu, Z., Xue, J. (eds.) FACS 2013. LNCS, vol. 8348, pp. 348–368. Springer, Cham (2014). doi: 10.1007/978-3-319-07602-7_21 Google Scholar
  27. 27.
    Wijs, A., Engelen, L.: Efficient property preservation checking of model refinements. In: Piterman, N., Smolka, S.A. (eds.) TACAS 2013. LNCS, vol. 7795, pp. 565–579. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36742-7_41 CrossRefGoogle Scholar
  28. 28.
    Wijs, A., Engelen, L.: REFINER: towards formal verification of model transformations. In: Badger, J.M., Rozier, K.Y. (eds.) NFM 2014. LNCS, vol. 8430, pp. 258–263. Springer, Cham (2014). doi: 10.1007/978-3-319-06200-6_21 CrossRefGoogle Scholar
  29. 29.
    Zhang, D., Bošnački, D., van den Brand, M., Engelen, L., Huizing, C., Kuiper, R., Wijs, A.: Towards verified java code generation from concurrent state machines. In: AMT. CEUR Workshop Proceedings, vol. 1277, pp. 64–69. CEUR-WS.org (2014)Google Scholar
  30. 30.
    Zhang, D., Bošnački, D., van den Brand, M., Huizing, C., Jacobs, B., Kuiper, R., Wijs, A.: Verification of atomicity preservation in model-to-code transformations. In: Fourth International Conference on Model-Driven Engineering and Software Development (MODELSWARD 2016), pp. 578–588. SCITEPRESS (2016)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Dan Zhang
    • 1
  • Dragan Bošnački
    • 1
  • Mark van den Brand
    • 1
  • Cornelis Huizing
    • 1
  • Bart Jacobs
    • 2
  • Ruurd Kuiper
    • 1
  • Anton Wijs
    • 1
  1. 1.Eindhoven University of TechnologyEindhovenNetherlands
  2. 2.KU LeuvenLeuvenBelgium

Personalised recommendations