Abstract
This paper considers the problem of formal verification of MPI programs operating under a fixed test harness for safety properties without building verification models. In our approach, we directly model-check the MPI/C source code, executing its interleavings with the help of a verification scheduler. Unfortunately, the total feasible number of interleavings is exponential, and impractical to examine even for our modest goals. Our earlier publications formalized and implemented a partial order reduction approach that avoided exploring equivalent interleavings, and presented a verification tool called ISP. This paper presents algorithmic and engineering innovations to ISP, including the use of OpenMP parallelization, that now enables it to handle practical MPI programs, including:(i)~ParMETIS - a widely used hypergraph partitioner, and (ii)~MADRE - a Memory Aware Data Re-distribution Engine, both developed outside our group. Over these benchmarks, ISP has automatically verified up to 14K lines of MPI/C code, producing error traces of deadlocks and assertion violations within seconds.
- http://www.cs.utah.edu/formal_verification/ISPGoogle Scholar
- E. M. Clarke, O. Grumberg, and D. Peled. Model Checking. MIT Press, Dec. 1999. Google Scholar
Digital Library
- C. Flanagan and P. Godefroid. Dynamic partial-order reduction for model checking software. In POPL, pages 110--121. ACM, 2005. Google Scholar
Digital Library
- A. Geist. Sustained Petascale: The next MPI challenge. Invited Talk at EuroPVM/MPI 2007. Google Scholar
Digital Library
- P. Godefroid.Partial-Order Methods for the Verification of Concurrent Systems: An approach to the State-Explosion Problem. PhD thesis, Universite De Liege, 1994--95.Google Scholar
- P. Godefroid, B. Hanmer, and L. Jagadeesan. Systematic software testing using VeriSoft: An analysis of the 4ess heart-beat monitor. Bell Labs Technical Journal, 3(2), April-June 1998.Google Scholar
Cross Ref
- W. Gropp, E. Lusk, N. Doss, and A. Skjellum. A high-performance, portable implementation of the MPI message passing interface standard. Parallel Computing, 22(6):789--828, Sept. 1996. Google Scholar
Digital Library
- G. Karypis. METIS and ParMETIS. http://glaros.dtc.umn.edu/gkhome/views/metis.Google Scholar
- G. Karypis and V. Kumar. Parallel multilevel k-way partitioning scheme for irregular graphs. In SuperComputing (SC), 1996. Google Scholar
Digital Library
- B. Krammer, K. Bidmon, M. S. Müller, and M. M. Resch. Marmot: An MPI analysis and checking tool. In Parallel Computing 2003, Sept. 2003.Google Scholar
- L. Lamport. Time, clocks and ordering of events in distributed systems. Communications of the ACM, 21(7):558--565, July 1978. Google Scholar
Digital Library
- A. L. Lastovetsky, T. Kechadi, and J. Dongarra, editors. Recent Advances in Parallel Virtual Machine and Message Passing Interface, 15th European PVM/MPI Users' Group Meeting, 2008, volume 5205 of Lecture Notes in Computer Science. Springer, 2008. Google Scholar
Digital Library
- G. Luecke, H. Chen, J. Coyle, J. Hoekstra, M. Kraeva, and Y. Zou. MPI-CHECK: A tool for checking Fortran 90 MPI programs. Concurrency and Computation: Practice and Experience, 15:93--100, 2003.Google Scholar
Cross Ref
- M. Musuvathi and S. Qadeer. Fair stateless model checking. In PLDI '08: Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation, pages 362--371, New York, NY, USA, 2008. ACM. Google Scholar
Digital Library
- V. Prasad. Scalable and Accurate Approaches to Program Dependence Analysis, Slicing, and Verification of Concurrent Object Oriented Programs. PhD thesis, Kansas State University, 2006.Google Scholar
- S. Sharma, S. Vakkalanka, G. Gopalakrishnan, R. M. Kirby, R. Thakur, and W. Gropp. A formal approach to detect functionally irrelevant barriers in mpi programs. In Lastovetsky et al. {12}, pages 265--273. Google Scholar
Digital Library
- S. V. Sharma, G. Gopalakrishnan, and R. M. Kirby. A survey of MPI related debuggers and tools. Technical Report UUCS-07-015, University of Utah, School of Computing, 2007. http://www.cs.utah.edu/research/techreports.shtml.Google Scholar
- S. Siegel. The MADRE manual. http://vsl.cis.udel.edu/madre/.Google Scholar
- S. F. Siegel and G. S. Avrunin. Verification of MPI-based software for scientific computation. In Proceedings of the 11th International SPIN Workshop on Model Checking Software, pages 286--303, 2004.Google Scholar
Cross Ref
- S. F. Siegel and L. F. Rossi. Analyzing BlobFlow: A case study using model checking to verify parallel scientific software. In Lastovetsky et al. DBLP:conf/pvm/2008, pages 274--282. Google Scholar
Digital Library
- S. F. Siegel and A. R. Siegel. MADRE: The Memory-Aware Data Redistribution Engine. In Lastovetsky et al. {12}, pages 218--226. Google Scholar
Digital Library
- S. Vakkalanka, M. DeLisi, G. Gopalakrishnan, and R. M. Kirby. Scheduling considerations for building dynamic verification tools for MPI. In Parallel and Distributed Systems -- Testing and Debugging (PADTAD-VI), July 2008. Google Scholar
Digital Library
- S. Vakkalanka, M. DeLisi, G. Gopalakrishnan, R. M. Kirby, R. Thakur, and W. Gropp. Implementing efficient dynamic formal verification methods for mpi programs. In Lastovetsky et al. {12}, pages 248--256. Google Scholar
Digital Library
- S. Vakkalanka, G. Gopalakrishnan, and R. M. Kirby.Dynamic verification of MPI programs with reductions in presence of split operations and relaxed orderings. In CAV, volume 5123 of Lecture Notes in Computer Science, pages 66--79. Springer, 2008. Google Scholar
Digital Library
- J. S. Vetter and B. R. de Supinski. Dynamic software testing of MPI applications with Umpire. In Supercomputing, pages 70--79, 2000. Google Scholar
Digital Library
- Y. Yang, X. Chen, G. Gopalakrishnan, and R. M. Kirby. Distributed dynamic partial order reduction based verification of threaded software. In SPIN, Lecture Notes in Computer Science, pages 58--75. Springer, 2007. Google Scholar
Digital Library
- Y. Yang, X. Chen, G. Gopalakrishnan, and R. M. Kirby. Efficient stateful dynamic partial order reduction. In SPIN, Lecture Notes in Computer Science, pages 288--305. Springer, 2008. Google Scholar
Digital Library
Index Terms
Formal verification of practical MPI programs
Recommendations
Symbolic verification of message passing interface programs
ICSE '20: Proceedings of the ACM/IEEE 42nd International Conference on Software EngineeringMessage passing is the standard paradigm of programming in high-performance computing. However, verifying Message Passing Interface (MPI) programs is challenging, due to the complex program features (such as non-determinism and non-blocking operations). ...
Formal verification of practical MPI programs
PPoPP '09: Proceedings of the 14th ACM SIGPLAN symposium on Principles and practice of parallel programmingThis paper considers the problem of formal verification of MPI programs operating under a fixed test harness for safety properties without building verification models. In our approach, we directly model-check the MPI/C source code, executing its ...
Modeling wildcard-free MPI programs for verification
PPoPP '05: Proceedings of the tenth ACM SIGPLAN symposium on Principles and practice of parallel programmingWe give several theorems that can be used to substantially reduce the state space that must be considered in applying finite-state verification techniques, such as model checking, to parallel programs written using a subset of MPI. We illustrate the ...







Comments