Abstract:
We design a concurrent separation logic for GPGPU, namely GPUCSL, and prove its soundness by using Coq. GPUCSL is based on a CSL proposed by Blom et al., which is for automatic verification of GPGPU kernels, but employs different inference rules because the rules in Blom's CSL are not standard. For example, Blom's CSL does not have a frame rule. Our CSL is a simple extension of the original CSL, and it is more suitable as a basis of advanced properties proposed for other studies on CSLs. Our soundness proof is based on Vafeiadis' method, which is for a CSL with a fork-join concurrency model. The proof reveals two problems in Blom's approach in terms of soundness and extensibility. First, their assumption that thread ID independence of a kernel implies barrier divergence freedom does not hold. Second, it is not easy to extend their proof to other CSLs with a frame rule. Although our CSL covers only a subset of CUDA, our preliminary experiment shows that it is useful and expressive enough to verify a simple kernel with barriers.
Reference:
Proof of Soundness of Concurrent Separation Logic for GPGPU in Coq (Izumi Asakura, Hidehiko Masuhara and Tomoyuki Aotani), In Journal of Information Processing, volume 24, 2016. (IPSJ Outstanding Paper Award)
Bibtex Entry:
@article{asakura2015jip,
author = {Izumi Asakura and Hidehiko Masuhara and Tomoyuki Aotani},
pdf = {asakura2015jip.pdf},
title = {Proof of Soundness of Concurrent Separation Logic for {GPGPU} in {Coq}},
journal = {Journal of Information Processing},
year = 2016,
month = jan,
pages = {132--140},
volume = {24},
number = {1},
doi = {http://doi.org/10.2197/ipsjjip.24.132},
note = {\href{http://prg.is.titech.ac.jp/news/izumi-asakura-receives-award/}{IPSJ Computer Science Research Award for Young Scientists} and \href{http://prg.is.titech.ac.jp/news/ipsj-outstanding-paper-award/}{IPSJ Outstanding Paper Award}},
annote = {extended from \cite{asakura2015-ipsj-pro}, accepted: 2015-07-28},
abstract = {We design a concurrent separation logic for GPGPU, namely GPUCSL, and prove its soundness by using Coq. GPUCSL is based on a CSL proposed by Blom et al., which is for automatic verification of GPGPU kernels, but employs different inference rules because the rules in Blom's CSL are not standard. For example, Blom's CSL does not have a frame rule. Our CSL is a simple extension of the original CSL, and it is more suitable as a basis of advanced properties proposed for other studies on CSLs. Our soundness proof is based on Vafeiadis' method, which is for a CSL with a fork-join concurrency model. The proof reveals two problems in Blom's approach in terms of soundness and extensibility. First, their assumption that thread ID independence of a kernel implies barrier divergence freedom does not hold. Second, it is not easy to extend their proof to other CSLs with a frame rule. Although our CSL covers only a subset of CUDA, our preliminary experiment shows that it is useful and expressive enough to verify a simple kernel with barriers.}
}