spark verification features continued
play

Spark verification features Continued Paul Jackson School of - PowerPoint PPT Presentation

Sep 19, 2022 •415 likes •512 views

Spark verification features Continued Paul Jackson School of Informatics University of Edinburgh Formal Verification Spring 2018 Executability of assertions Virtually all Spark assertions are executable. Are issues with quantifiers: Each

  1. Spark verification features Continued Paul Jackson School of Informatics University of Edinburgh Formal Verification Spring 2018

  2. Executability of assertions Virtually all Spark assertions are executable. Are issues with quantifiers: ◮ Each for all or for some quantifier is translated into a loop over the values in the range quantified over ◮ When ranges are finite, loops terminate ◮ Ranges finite nearly always ◮ An issue with Universal_Integer type, implemented with a BigNum package. Executability makes run-time assertion checking feasible ◮ Compilers have flags to optionally add checking to object code ◮ Care needed because of possible performance issues 2 / 9

  3. Ghost code Ghost code is extra code added to Spark programs that is only used for specification purposes. Never affects normal function of programs ◮ Spark language provides syntax identifying ghost code. Spark tools check that normal code never uses ghost code Does impact performance when run-time assertion checking enabled 3 / 9

  4. Ghost variables Using a ghost variable to capture the initial value of a parameter. procedure Do_Something (X : in out T) is X_Init : constant T := X with Ghost; begin Do_Some_Complex_Stuff (X); pragma Assert (Is_Correct (X_Init, X)); -- It is OK to use X_Init inside an assertion. X := X_Init; -- Compilation error: -- Ghost entity cannot appear in this context 4 / 9

  5. Ghost functions and procedures Uses include ◮ Factoring out common expressions in contracts ◮ Abstracting state type Queue is private; function Get_Model (S : Queue) return Nat_Array with Ghost; -- Returns an array as a model of a queue procedure Push_Front (S : in out Queue; E : in Natural) with Pre => Get_Model (S)’Length < Max, Post => Get_Model (S) = E & Get_Model (S)’Old; procedure Pop_Back (S : in out Queue; E : out Natural) with Pre => Get_Model (S)’Length > 0, Post => Get_Model (S) & E = Get_Model (S)’Old; 5 / 9

  6. Verification case study 1 Verification of Selection sort ◮ Shows where Spark verification starts needing major user guidance package Sort with SPARK_Mode is -- Sorts the elements in the array Values in ascending order procedure Selection_Sort (Values : in out Nat_Array) with Post => Is_Perm (Values’Old, Values) and then (if Values’Length > 0 then (for all I in Values’First .. Values’Last - 1 => Values (I) <= Values (I + 1))); end Sort; 6 / 9

  7. Verification case study 2 Definition of Is_Perm function package Perm with SPARK_Mode, Ghost is subtype Nb_Occ is Integer range 0 .. 100; function Remove_Last (A : Nat_Array) return Nat_Array is (A (A’First .. A’Last - 1)) with Pre => A’Length > 0; function Occ (A : Nat_Array; E : Natural) return Nb_Occ is (if A’Length = 0 then 0 elsif A (A’Last) = E then Occ (Remove_Last (A), E) + 1 else Occ (Remove_Last (A), E)) with Post => Occ’Result <= A’Length; function Is_Perm (A, B : Nat_Array) return Boolean is (for all E in Natural => Occ (A, E) = Occ (B, E)); end Perm; 7 / 9

  8. Verification case study 3 procedure Selection_Sort (A : in out Nat_Array) is Smallest : Positive; begin if A’Length = 0 then return; end if; for K in A’First .. A’Last - 1 loop Smallest := Index_Of_Minimum (A (K .. A’Last)); if Smallest /= K then Swap (Values => A, X => K, Y => Smallest); end if; pragma Loop_Invariant (for all I in A’First .. K => (for all J in I + 1 .. A’Last => A (I) <= A (J))); pragma Loop_Invariant (Is_Perm (A’Loop_Entry, A)); end loop; end Selection_Sort; 8 / 9

  9. Verification case study 4 Full info in Gnat prove by Example section of Spark UG ◮ Definition of Index_Of_Minimum function ◮ Swap contract procedure Swap (Values : in out Nat_Array; X : in Positive; Y : in Positive) with Pre => (X in Values’Range and then Y in Values’Range and then X /= Y), Post => Is_Perm (Values’Old, Values) and Values (X) = Values’Old (Y) and Values (Y) = Values’Old (X) and (for all Z in Values’Range => (if Z /= X and Z /= Y then Values (Z) = Values’Old (Z))) ◮ Justification for Swap realising its specification ◮ Pragma assertions provide hints to prover ◮ Ghost loop helps establish Is_Perm (Values’Old, Values) 9 / 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Spark verification features Paul Jackson School of Informatics University of Edinburgh Formal

Spark verification features Paul Jackson School of Informatics University of Edinburgh Formal

Spark verification features Paul Jackson School of Informatics University of Edinburgh Formal Verification Spring 2018 Adding specification information to programs Verification concerns checking whether some model (or program) has desired

476 views • 22 slides
Intr Intro o to Spark to Spark and Spark and Spark SQL SQL AMP Camp 2014 Michael Armbrust -

Intr Intro o to Spark to Spark and Spark and Spark SQL SQL AMP Camp 2014 Michael Armbrust -

Intr Intro o to Spark to Spark and Spark and Spark SQL SQL AMP Camp 2014 Michael Armbrust - @michaelarmbrust What is Apache Spark? Fast and general cluster computing system, interoperable with Hadoop, included in all major distros

667 views • 43 slides
Spark Overview / High-level Architecture Indexing from Spark Reading data from Solr + term

Spark Overview / High-level Architecture Indexing from Spark Reading data from Solr + term

Spark Overview / High-level Architecture Indexing from Spark Reading data from Solr + term vectors &amp; Spark SQL Document Matching user since 2010, committer since April 2014, work for SolrCloud features and bin/solr! Release manager

569 views • 22 slides
Big Data Meets Machine Learning Apache Spark MLlib 1 MLlib Spark MLlib Graphx

Big Data Meets Machine Learning Apache Spark MLlib 1 MLlib Spark MLlib Graphx

Big Data Meets Machine Learning Apache Spark MLlib 1 MLlib Spark MLlib Graphx Streaming Spark Dataframe Spark Core (RDD) 2 Machine Learning Algorithms Supervised learning Given a set of features and labels Builds a model that

590 views • 24 slides
Boundaries of Formal Program Verification Yannick Moy AdaCore SPARK the language strong

Boundaries of Formal Program Verification Yannick Moy AdaCore SPARK the language strong

Boundaries of Formal Program Verification Yannick Moy AdaCore SPARK the language strong typing low level programming generics object orientation concurrency Abstract_State pointers Initializes Core Ada exception handlers

730 views • 17 slides
Spark Code Camp Discover Spark Streaming &amp; Spark SQL Project Overview Focus on Spark

Spark Code Camp Discover Spark Streaming &amp; Spark SQL Project Overview Focus on Spark

Spark Code Camp Discover Spark Streaming &amp; Spark SQL Project Overview Focus on Spark Streaming and Spark SQL Explored Streaming API of Apache Spark on Ukko Cluster Window based Stream Content Direct Stream content

221 views • 9 slides
Spark Technology 1. Spark main objectives 2. RDD concepts and operations 3. SPARK application

Spark Technology 1. Spark main objectives 2. RDD concepts and operations 3. SPARK application

10/05/2019 Big Data : Informatique pour les donnes et calculs massifs 7 SPARK technology Stphane Vialle Stephane.Vialle@centralesupelec.fr http://www.metz.supelec.fr/~vialle Spark Technology 1. Spark main objectives 2. RDD concepts

818 views • 39 slides
High Integrity Ada with SPARK Praxis Critical Systems 1 SPARK and the SPARK Examiner What is

High Integrity Ada with SPARK Praxis Critical Systems 1 SPARK and the SPARK Examiner What is

High Integrity Ada with SPARK Praxis Critical Systems 1 SPARK and the SPARK Examiner What is SPARK? A sub-language of Ada 83 and 95 with particular properties that make it ideally suited to the most critical of applications: completely

848 views • 10 slides
WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh

WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh

WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh Formal Verification Spring 2017 Levels of formal verification Checking freedom from run-time exceptions Dominant level for Spark tools

263 views • 8 slides
Spark Processing 101 September 10, 2015 Justin Sun Overview What is Spark? SparkContext

Spark Processing 101 September 10, 2015 Justin Sun Overview What is Spark? SparkContext

Spark Processing 101 September 10, 2015 Justin Sun Overview What is Spark? SparkContext Resilient Distributed Datasets (RDDs) Transformations Actions Code Examples Resources What is Spark? General cluster

356 views • 10 slides
SPARK G N I T E R R A M E V I T A E C u s t o m L o g o P r o j e c t Introduction

SPARK G N I T E R R A M E V I T A E C u s t o m L o g o P r o j e c t Introduction

C K PROPOSAL SPARK G N I T E R R A M E V I T A E C u s t o m L o g o P r o j e c t Introduction We are excited to quote on your logo design project and believe that Spark is a perfect fit for your needs. Concept Presentation

554 views • 30 slides
SPARK NEW ZEALAND ANNUAL MEETING 2015 Spark New Zealand 2015 Spark New Zealand 2015 2 Order of

SPARK NEW ZEALAND ANNUAL MEETING 2015 Spark New Zealand 2015 Spark New Zealand 2015 2 Order of

SPARK NEW ZEALAND ANNUAL MEETING 2015 Spark New Zealand 2015 Spark New Zealand 2015 2 Order of Meeting: Introductions and formalities Chairmans address Managing Director update Resolutions Shareholder questions Conduct of polls Meeting

421 views • 38 slides
Distributing Matrix Computations with Spark MLlib Reza Zadeh A General Platform Standard libraries

Distributing Matrix Computations with Spark MLlib Reza Zadeh A General Platform Standard libraries

Distributing Matrix Computations with Spark MLlib Reza Zadeh A General Platform Standard libraries included with Spark Spark MLlib Spark SQL GraphX Streaming machine structured graph learning real-time Spark Core Outline Introduction to

682 views • 40 slides
Histogram-based matching of GMM encoded features for online signature verification Vivek

Histogram-based matching of GMM encoded features for online signature verification Vivek

Histogram-based matching of GMM encoded features for online signature verification Vivek Venugopal On behalf of Abhishek Sharma,Dr. Suresh Sundaram Multimedia Analytics Laboratory, Electronics and Electrical Engineering Department IIT Guwahati

187 views • 15 slides
Integrated Presentation Attack Detection and Automatic Speaker Verification: Common Features and

Integrated Presentation Attack Detection and Automatic Speaker Verification: Common Features and

Integrated Presentation Attack Detection and Automatic Speaker Verification: Common Features and Gaussian Back-end Fusion Massimiliano Todisco 1 , H ector Delgado 1 , Kong Aik Lee 2 , Md Sahidullah 3 , Nicholas Evans 1 , Tomi Kinnunen 4 and

292 views • 5 slides
Flex 4 - Spark Containers Ryan Frishberg Software Consultant, Lab49 http://www.frishy.com Spark

Flex 4 - Spark Containers Ryan Frishberg Software Consultant, Lab49 http://www.frishy.com Spark

Flex 4 - Spark Containers Ryan Frishberg Software Consultant, Lab49 http://www.frishy.com Spark Architecture From MX to Spark MX Rich, styleable components Heavy components =&gt; Easy to use (most of the time) Spark introduces

500 views • 30 slides
Bimetric theory, partial masslessness and conformal gravity Fawad Hassan Stockholm University,

Bimetric theory, partial masslessness and conformal gravity Fawad Hassan Stockholm University,

Bimetric theory, partial masslessness and conformal gravity Fawad Hassan Stockholm University, Sweden GGI Conference on Higher Spins, Strings and Duality Florence, May 6-9, 2013 Based on SFH, Angnis Schmidt-May, Mikael von Strauss

585 views • 44 slides
Number of confirmation blocks for Bitcoin and GHOST consensus protocols on networks with delayed

Number of confirmation blocks for Bitcoin and GHOST consensus protocols on networks with delayed

Number of confirmation blocks for Bitcoin and GHOST consensus protocols on networks with delayed message delivery Lyudmila Kovalchuk 1,2 Joint work with Dmytro Kaidalov 1 , Andrii Nastenko 1 , Olexiy Shevtsov 1 , Mariia Rodinko 1,3 , Roman

316 views • 18 slides
CS4100 Outline CS 4100: Artificial Intelligence We Were re done one with h Part art I:

CS4100 Outline CS 4100: Artificial Intelligence We Were re done one with h Part art I:

CS4100 Outline CS 4100: Artificial Intelligence We Were re done one with h Part art I: Search earch and and Planni anning ng! Probability Part II: Probabilist stic Reaso soning Diagnosi sis Spe Speech r recogn

243 views • 10 slides
Ghost effect by curvature Providence, November 2011 M&amp;MOCS MATHEMATICS AND MECHANICS OF

Ghost effect by curvature Providence, November 2011 M&amp;MOCS MATHEMATICS AND MECHANICS OF

Ghost effect by curvature Providence, November 2011 M&amp;MOCS MATHEMATICS AND MECHANICS OF COMPLEX SYSTEMS Universit` a dellAquila - Italy Ghost effect by curvature p. 1/39 Joint project with : L. Arkeryd R. Marra A. Nouri

749 views • 39 slides
PROGRAMMING ADVANCED FEEDBACK WITH ARDUINO Part 09 - State machine structure The

PROGRAMMING ADVANCED FEEDBACK WITH ARDUINO Part 09 - State machine structure The

Part 09 - State machine structure PROGRAMMING ADVANCED FEEDBACK WITH ARDUINO Part 09 - State machine structure The Pomodoro Technique Part 09 - State machine structure The Pomodoro Technique 1. Decide on the task to be done. 2.

139 views • 9 slides
Toward Gear-Change and Beam-Beam Simula5ons with GHOST Bala Terzi Department of Physics, Old

Toward Gear-Change and Beam-Beam Simula5ons with GHOST Bala Terzi Department of Physics, Old

Toward Gear-Change and Beam-Beam Simula5ons with GHOST Bala Terzi Department of Physics, Old Dominion University Center for Accelerator Studies (CAS), Old Dominion University JLEIC CollaboraCon MeeCng, Jefferson Lab, March 31, 2016 1

447 views • 20 slides
Local Verification of Global Invariants in Concurrent Programs Ernie Cohen 1 , Michal Moskal 2 ,

Local Verification of Global Invariants in Concurrent Programs Ernie Cohen 1 , Michal Moskal 2 ,

Local Verification of Global Invariants in Concurrent Programs Ernie Cohen 1 , Michal Moskal 2 , Wolfram Schulte 2 , Stephan Tobies 1 1 European Microsoft Innovation Center, Aachen 2 Microsoft Research, Redmond Presentation: Florian Besser

746 views • 27 slides
On fermionic ghosts and the removal from scalar-fermion systems Yuki Sakakihara (Osaka City

On fermionic ghosts and the removal from scalar-fermion systems Yuki Sakakihara (Osaka City

15:50-16:10, 9th Feb., GC2018 On fermionic ghosts and the removal from scalar-fermion systems Yuki Sakakihara (Osaka City University) ref. Rampei Kimura, YS, Masahide Yamaguchi Phys. Rev. D96 (2017) 044015, another paper in prep. WHY

855 views • 12 slides

More recommend