Abstract
We propose to specify the correctness of a program's parallelism using a sequential version of the program with controlled nondeterminism. Such a nondeterministic sequential specification allows (1) the correctness of parallel interference to be verified independently of the program's functional correctness, and (2) the functional correctness of a program to be understood and verified on a sequential version of the program, one with controlled nondeterminism but no interleaving of parallel threads.
We identify a number of common patterns for writing nondeterministic sequential specifications. We apply these patterns to specify the parallelism correctness for a variety of parallel Java benchmarks, even in cases when the functional correctness is far too complex to feasibly specify.
We describe a sound runtime checking technique to validate that an execution of a parallel program conforms to its nondeterministic sequential specification. The technique uses a novel form of conflict-serializability checking to identify, for a given interleaved execution of a parallel program, an equivalent nondeterministic sequential execution. Our experiments show a significant reduction in the number of false positives versus traditional conflict-serializability in checking for parallelization bugs.
- T. Ball, A. Podelski, and S. K. Rajamani. Boolean and cartesian abstraction for model checking C programs. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), pages 268--283, 2001. Google Scholar
Digital Library
- P. A. Bernstein, V. Hadzilacos, and N. Goodman. Concurrency Control and Recovery in Database Systems. Addison-Wesley, 1987. Google Scholar
Digital Library
- D. Beyer, T. A. Henzinger, R. Jhala, and R. Majumdar. The software model checker Blast: Applications to software engineering. Int. J. Softw. Tools Technol. Transf., 9: 505--525, October 2007. Google Scholar
Digital Library
- VanDrunen, von Dincklage, and Wiedermann}dacapoS. M. Blackburn, R. Garner, C. Hoffmann, A. M. Khang, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. Hosking, M. Jump, H. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanović, T. VanDrunen, D. von Dincklage, and B. Wiedermann. The DaCapo benchmarks: Java benchmarking development and analysis. In Object-oriented Programming Systems, Languages, and Applications (OOPSLA), pages 169--190, 2006. Google Scholar
- R. L. Bocchino, Jr., V. S. Adve, D. Dig, S. V. Adve, S. Heumann, R. Komuravelli, J. Overbey, P. Simmons, H. Sung, and M. Vakilian. A type and effect system for Deterministic Parallel Java. In Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 97--116, 2009. Google Scholar
- R. L. Bocchino, Jr., S. Heumann, N. Honarmand, S. V. Adve, V. S. Adve, A. Welc, and T. Shpeisman. Safe nondeterminism in a deterministic-by-default parallel language. In Principles of Programming Languages (POPL), pages 535--548, 2011. Google Scholar
Digital Library
- S. Burckhardt, C. Dern, M. Musuvathi, and R. Tan. Line-up: A complete and automatic linearizability checker. In Programming Language Design and Implementation (PLDI), pages 330--340, 2010. Google Scholar
Digital Library
- J. Burnim and K. Sen. Asserting and checking determinism for multithreaded programs. In Foundations of Software Engineering (FSE), 2009. Google Scholar
Digital Library
- J. Burnim, G. Necula, and K. Sen. Separating functional and parallel correctness using nondeterministic sequential specifications. In Hot Topics in Parallelism (HOTPAR), 2010. Position paper. Google Scholar
Digital Library
- R. Colvin, L. Groves, V. Luchangco, and M. Moir. Formal verification of a lazy concurrent list-based set algorithm. In Computer Aided Verification (CAV), 2006. Google Scholar
Digital Library
- T. Elmas, S. Qadeer, and S. Tasiran. A calculus of atomic actions. In Principles of Programming Languages (POPL), pages 2--15, 2009. Google Scholar
Digital Library
- A. Farzan and P. Madhusudan. Monitoring atomicity in concurrent programs. In Computer Aided Verification (CAV), pages 52--65, 2008. Google Scholar
Digital Library
- A. Finkel, B. Willems, and P. Wolper. A direct symbolic approach to model checking pushdown systems. In Workshop on Verification of Infinite State Systems (INFINITY), 1997.Google Scholar
- C. Flanagan and S. Qadeer. A type and effect system for atomicity. In Programming Language Design and Implementation (PLDI), 2003. Google Scholar
Digital Library
- C. Flanagan, S. N. Freund, and S. Qadeer. Exploiting purity for atomicity. In International Symposium on Software Testing and Analysis (ISSTA), pages 221--231, 2004. Google Scholar
Digital Library
- C. Flanagan, S. N. Freund, and J. Yi. Velodrome: A sound and complete dynamic atomicity checker for multithreaded programs. In Programming Language Design and Implementation (PLDI), pages 293--303, 2008. Google Scholar
Digital Library
- C. Hammer, J. Dolby, M. Vaziri, and F. Tip. Dynamic detection of atomic-set-serializability violations. In International Conference on Software Engineering (ICSE), pages 231--240, 2008. Google Scholar
Digital Library
- M. Herlihy and N. Shavit. The Art of Multiprocessor Programming. Morgan Kaufmann, March 2008. Google Scholar
Digital Library
- M. P. Herlihy and J. M. Wing. Linearizability: A correctness condition for concurrent objects. ACM Trans. Prog. Lang. Syst., 12: 463--492, July 1990. Google Scholar
Digital Library
- A. Kaminsky. Parallel Java: A Unified API for Shared Memory and Cluster Parallel Programming in 100% Java. In Parallel and Distributed Processing Symposium (IPDPS), March 2007.Google Scholar
- M. Kulkarni, K. Pingali, B. Walter, G. Ramanarayanan, K. Bala, and L. P. Chew. Optimistic parallelism requires abstractions. In Programming Language Design and Implementation (PLDI), 2007. Google Scholar
Digital Library
- M. Kulkarni, M. Burtscher, C. Cascaval, and K. Pingali. Lonestar: A suite of parallel irregular programs. In International Symposium on Performance Analysis of Systems and Software, (ISPASS), April 2009.Google Scholar
Cross Ref
- Z. Lai, S. C. Cheung, and W. K. Chan. Detecting atomic-set serializability violations in multithreaded programs through active randomized testing. In International Conference on Software Engineering (ICSE), pages 235--244, 2010. Google Scholar
Digital Library
- R. J. Lipton. Reduction: A method of proving properties of parallel programs. Communications of the ACM, 18 (12): 717--721, 1975. Google Scholar
Digital Library
- S. Lu, J. Tucek, F. Qin, and Y. Zhou. AVIO: Detecting atomicity violations via access interleaving invariants. In Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2006. Google Scholar
Digital Library
- M. M. Michael and M. L. Scott. Simple, fast, and practical non-blocking and blocking concurrent queue algorithms. In Principles of Distributed Computing (PDOC), 1996. Google Scholar
Digital Library
- R. H. B. Netzer and B. P. Miller. What are race conditions?: Some issues and formalizations. ACM Lett. Prog. Lang. Syst., 1 (1): 74--88, 1992. Google Scholar
Digital Library
- M. Olszewski, J. Ansel, and S. Amarasinghe. Kendo: Efficient deterministic multithreading in software. In Architectural Support for Programming Languages and Operating Systems (ASPLOS), pages 97--108, 2009. Google Scholar
Digital Library
- C. Papadimitriou. The theory of database concurrency control. Computer Science Press, Inc., 1986. Google Scholar
Digital Library
- P. Prabhu, G. Ramalingam, and K. Vaswani. Safe programmable speculative parallelism. In Programming Language Design and Implementation (PLDI), pages 50--61, 2010. Google Scholar
Digital Library
- G. Ramalingam. Context-sensitive synchronization-sensitive analysis is undecidable. ACM Trans. Prog. Lang. Syst., 22 (2): 416--430, 2000. Google Scholar
Digital Library
- L. Rauchwerger and D. Padua. The lrpd test: speculative run-time parallelization of loops with privatization and reduction parallelization. In Programming Language Design and Implementation (PLDI), pages 218--232, 1995. Google Scholar
Digital Library
- M. C. Rinard and P. C. Diniz. Commutativity analysis: A new analysis framework for parallelizing compilers. In Programming Language Design and Implementation (PLDI), pages 54--67, 1996. Google Scholar
Digital Library
- C. Sadowski, S. Freund, and C. Flanagan. SingleTrack: A Dynamic Determinism Checker for Multithreaded Programs. In European Symposium on Programming (ESOP), 2009. Google Scholar
Digital Library
- J. Saltz, R. Mirchandaney, and K. Crowley. Run-time parallelization and scheduling of loops. Computers, IEEE Transactions on, 40 (5): 603 --612, 1991. Google Scholar
Digital Library
- K. Sen. Race directed random testing of concurrent programs. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI'08), 2008. Google Scholar
Digital Library
- N. Shavit and D. Touitou. Software transactional memory. In Principles of Distributed Computing (PODC), pages 204--213, 1995. Google Scholar
Digital Library
- L. A. Smith, J. M. Bull, and J. Obdrzálek. A parallel Java Grande benchmark suite. In Supercomputing (SC), 2001. Google Scholar
Digital Library
- R. K. Treiber. Systems programming: Coping with parallelism. Technical Report RJ 5118, IBM Almaden Research Center, Apr. 1986.Google Scholar
- V. Vafeiadis. Shape-value abstraction for verifying linearizability. In Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 335--348, 2009. Google Scholar
- V. Vafeiadis, M. Herlihy, T. Hoare, and M. Shapiro. Proving correctness of highly-concurrent linearisable objects. In Principles and Practice of Parallel Programming (PPOPP), 2006. Google Scholar
Digital Library
- R. Vallée-Rai, P. Co, E. Gagnon, L. Hendren, P. Lam, and V. Sundaresan. Soot - a Java bytecode optimization framework. In Centre for Advanced Studies on Collaborative Research (CASCON), pages 125--135, 1999.Google Scholar
- M. Vaziri, F. Tip, and J. Dolby. Associating synchronization constraints with data in an object-oriented language. In Principles of Programming Languages (POPL), pages 334--345, 2006. Google Scholar
Digital Library
- M. Vechev, E. Yahav, and G. Yorsh. Experience with model checking linearizability. In SPIN Workshop on Model Checking Software, pages 261--278, 2009. Google Scholar
Digital Library
- M. Vechev, E. Yahav, R. Raman, and V. Sarkar. Verifying determinism of structured parallel programs. In Static Analysis Symposium (SAS), 2010. Google Scholar
Digital Library
- C. von Praun and T. R. Gross. Object race detection. In Object Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 70--82, 2001. Google Scholar
- C. von Praun, L. Ceze, and C. Caşcaval. Implicit parallelism with ordered transactions. In Principles and Practice of Parallel Programming (PPoPP), pages 79--89, 2007. Google Scholar
Digital Library
- L. Wang and S. D. Stoller. Runtime analysis of atomicity for multithreaded programs. IEEE Trans. Softw. Eng., 32: 93--110, 2006. Google Scholar
Digital Library
- J. M. Wing and C. Gong. Testing and verifying concurrent objects. J. Parallel Distrib. Comput., 17 (1--2): 164--182, 1993. Google Scholar
Digital Library
Index Terms
NDSeq: runtime checking for nondeterministic sequential specifications of parallel correctness
Recommendations
NDSeq: runtime checking for nondeterministic sequential specifications of parallel correctness
PLDI '11: Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and ImplementationWe propose to specify the correctness of a program's parallelism using a sequential version of the program with controlled nondeterminism. Such a nondeterministic sequential specification allows (1) the correctness of parallel interference to be ...
Using eternity variables to specify and prove a serializable database interface
Special issue on mathematics of program construction (MPC 2002)Eternity variables are introduced to specify and verify serializability of transactions of a distributed database. Eternity variables are a new kind of auxiliary variables. They do not occur in the implementation but are used in specification and ...
Specification, Refinement and Verification of Concurrent Systems—An Integration of Object-Z and CSP
This paper presents a method of formally specifying, refining and verifying concurrent systems which uses the object-oriented state-based specification language Object-Z together with the process algebra CSP. Object-Z provides a convenient way of ...







Comments