Methods to Model-Check Parallel Systems Software

We report on an effort to develop methodologies for formal verification of parts of the Multi-Purpose Daemon (MPD) parallel process management system. MPD is a distributed collection of communicating processes. While the individual components of the collection execute simple algorithms, their interaction leads to unexpected errors that are difficult to uncover by conventional means. Two verification approaches are discussed here: the standard model checking approach using the software model checker SPIN and the nonstandard use of a general-purpose first-order resolution-style theorem prover OTTER to conduct the traditional state space exploration. We compare modeling methodology and analyze performance and scalability of the two methods with respect to verification of MPD.Comment: 12 pages, 3 figures, 1 tabl

08332 Abstracts Collection -- Distributed Verification and Grid Computing

From 08/10/2008 to 08/14/2008 the Dagstuhl Seminar 08332 ``Distributed Verification and Grid Computing\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

GEM: graphical explorer for MPI programs

technical reportFormal dynamic verification can complement MPI program testing by detecting hard-to-find concurrency bugs. In previous work, we described our dynamic verifier called ISP that can parsimoniously search the execution space of an MPI program while detecting important classes of bugs. One major limitation of ISP, when used by itself, is the lack of a powerful and widely usable graphical front-end. We present a new tool called Graphical Explorer of Message Passing (GEM) that overcomes this limitation. GEM is a plug-in architecture that greatly enhances the usability of ISP, and may help bring ISP within reach of a wide array of programmers, given its imminent release as part of the Eclipse Foundation Parallel Tools Platform (PTP) Version 3.0. This paper describes GEM?s features, its architecture, and usage experience summary of the ISP/GEM combination. Recently, we applied this combination on a widely used parallel hypergraph partitioner. Even with modest amounts of computational resources, the ISP/GEM combination finished quickly, and intuitively displayed a previously unknown resource leak in this code-base

Verification of MPI programs using Spin

technical reportVerification of distributed systems is a complex yet important process. Concurrent systems are vulnerable to problems such as deadlock, starvation, and race conditions. Parallel programs written using the MPI (Message Passing Interface) Standard are no exception. Spin can be used to formally verify a parallel program if it is given an accurate model written is Spin's process meta language (Promela). In this paper, we describe a generalized framework for verification of MPI-based parallel programs using the Spin model checker. Only select MPI calls are covered, but this framework could potentially be extended to include all of the MPI Standard. Our reduced MPI implementation (written in Promela) is designed to follow the MPI Standard as well as allow for the flexibility provided in certain aspects (like buffering). We also present a few examples to illustrate the use of our MPI implementation in Promela

Master of Science

thesisConcurrent programs are extremely important for efficiently programming future HPC systems. Large scientific programs may employ multiple processes or threads to run on HPC systems for days. Reliability is an essential requirement of existing concurrent programs. Therefore, verification of concurrent programs becomes increasingly important. Today we have two significant challenges in developing concurrent program verification tools: The first is scalability. Since new types of concurrent programs keep being created, verification tools need to scale to handle all these new types of programs. The second is providing formal coverage guarantee. Dynamic verification tools always face a huge schedule space. Both these capabilities must exist for testing programs that follow multiple concurrency models. Most current dynamic verification tools can only explore either thread level or process level schedules. Consequently, they fail to verify hybrid programs. Exploring mixed process and thread level schedules is not an ideal solution because the state space will grow exponentially in both levels. It is hard to systematically traverse these mixed schedules. Therefore, our approach is to determinize all concurrent APIs except one API whose schedules will then be explored. To improve search efficiency, we proposed a random-walk based heuristic algorithm. We observed many concurrent programs and concluded some common structures of them. Based on the existence of these structures, we can make dynamic verification tools focusing on specific regions and bypassing regions of less interest. We propose a random sampling of executions in the regions of less interest