Zhenbang Chen,Hengbiao Yu,Xianjin Fu,Ji Wang

DOI: https://doi.org/10.1145/3377812.3382144

2020-01-01

Abstract:ABSTRACTMessage passing is the primary programming paradigm in high-performance computing. However, developing message passing programs is challenging due to the non-determinism caused by parallel execution and complex programming features such as non-deterministic communications and asynchrony. We present MPI-SV, a symbolic verifier for verifying the parallel C programs using message passing interface (MPI). MPI-SV combines symbolic execution and model checking in a synergistic manner to improve the scalability and enlarge the scope of verifiable properties. We have applied MPI-SV to real-world MPI C programs. The experimental results indicate that MPI-SV can, on average, achieve 19x speedups in verifying deadlock-freedom and 5x speedups in finding counter-examples. MPI-SV can be accessed at https://mpi-sv.github.io, and the demonstration video is at https://youtu.be/zzCY0CPDNCw.

Hengbiao Yu,Banghu Yin,Xin Yi

DOI: https://doi.org/10.1109/icst53961.2022.00029

2022-01-01

Abstract:The Message Passing Interface (MPI) is the standard paradigm of programming in high performance computing. However, the inherent complexity and the large size of MPI standard make it difficult for programmers to use the MPI APIs correctly. This paper focuses on the mismatch errors of message signatures. Considering that MPI errors may occur during some intricate, low probability interleavings under specific inputs, we adopt symbolic verification to verify the correct match of message signatures. Specifically, we propose a precise method for modeling the match of message signatures of an execution path in terms of communicating sequential processes. To improve the scalability, we give a partial order reduction based optimization to reduce the complexity of path-level communication models. We have implemented our method as a prototype tool and evaluated it on the typical correctness benchmark MPI-Corbench and 8 real-world open source MPI programs, totaling 37K lines of code. The experimental results demonstrate the effectiveness and scalability of our method.

Hengbiao Yu,Zhenbang Chen,Chun Huang,Ji Wang

DOI: https://doi.org/10.1007/978-3-030-62822-2_10

2020-01-01

Abstract:Message Passing Interface (MPI) is the current de-facto standard for developing applications in high-performance computing. MPI allows flexible implementations of message passing operations, which introduces non-deterministic synchronizations that challenge the correctness of MPI programs. We present in this paper a symbolic method for verifying the MPI programs with non-deterministic synchronizations. Insides the method, we propose a path-level modeling method that uses communicating sequential processes (CSP) to precisely encode the non-deterministic synchronizations of an execution path. Furthermore, for the execution paths without non-deterministic message receive operations, we propose an optimization method to reduce the complexity of the CSP models. We have implemented our technique on MPI-SV and evaluated it on 10 real-world MPI programs w.r.t. deadlock freedom. The experimental results demonstrate the effectiveness of our verification method.

Xianjin Fu,Zhenbang Chen,Yufeng Zhang,Chun Huang,Wei Dong,Ji Wang

DOI: https://doi.org/10.1109/hase.2015.35

2015-01-01

Abstract:MPI is widely used in high performance computing. In this extended abstract, we report our current status of analyzing MPI programs. Our method can provide coverage of both input and non-determinism for MPI programs with mixed blocking and non-blocking operations. In addition, to improve the scalability further, a deadlock-oriented guiding method for symbolic execution is proposed. We have implemented our methods, and the preliminary experimental results are promising.

Nenghui Hu,Zheng Bian,Ziqi Shuai,Zhenbang Chen,Yufeng Zhang

DOI: https://doi.org/10.1109/apsec60848.2023.00096

2023-01-01

Abstract:Message-passing interface (MPI) programs are non-deterministic and challenging to ensure correctness. The introduction of one-sided communications makes the problem of non-determinism more severe for MPI programs. This paper reports our in-progress work of symbolic execution for the MPI programs with one-sided communications. Our approach can cover the non-determinism caused by the inputs, one-sided communication, and message- passing operations of MPI programs. The preliminary evaluation's results indicate the promising of our approach.

Xianjin Fu,Zhenbang Chen,Chun Huang,Wei Dong,Ji Wang

DOI: https://doi.org/10.1109/apsec.2014.28

2014-01-01

Abstract:Asynchrony based overlapping of computation and communication is commonly used in MPI applications. However, this overlapping introduces synchronization errors frequently in asynchronous MPI programming. In this paper, we propose a symbolic execution based method for detecting input-related synchronization errors. The path space of an MPI program is systematically explored, and the related operations of the synchronization errors in the program are checked specifically. In addition, two optimizations are proposed to improve the efficiency. We have implemented our method as a prototype tool based on the symbolic executor Cloud9. The results of the extensive experiments indicate the effectiveness of our method.

Hengbiao Yu,Zhenbang Chen,Ji Wang,Zhendong Su,Wei Dong

DOI: https://doi.org/10.1145/3180155.3180227

2018-01-01

Abstract:Verifying the regular properties of programs has been a significant challenge. This paper tackles this challenge by presenting symbolic regular verification (SRV) that offers significant speedups over the state-of-the-art. SRV is based on dynamic symbolic execution (DSE) and enabled by novel techniques for mitigating path explosion: (1) a regular property-oriented path slicing algorithm, and (2) a synergistic combination of property-oriented path slicing and guiding. Slicing prunes redundant paths, while guiding boosts the search for counterexamples. We have implemented SRV for Java and evaluated it on 15 real-world open-source Java programs (totaling 259K lines of code). Our evaluation results demonstrate the effectiveness and efficiency of SRV. Compared with the state-of-the-art - pure DSE, pure guiding, and pure path slicing - SRV achieves average speedups of more than 8.4X, 8.6X, and 7X, respectively, making symbolic regular property verification significantly more practical.

Eduardo R. B. Marques,Francisco Martins,Vasco T. Vasconcelos,Nicholas Ng,Nuno Martins

DOI: https://doi.org/10.4204/EPTCS.137.9

2013-12-10

Abstract:The Message Passing Interface (MPI) is the de facto standard message-passing infrastructure for developing parallel applications. Two decades after the first version of the library specification, MPI-based applications are nowadays routinely deployed on super and cluster computers. These applications, written in C or Fortran, exhibit intricate message passing behaviours, making it hard to statically verify important properties such as the absence of deadlocks. Our work builds on session types, a theory for describing protocols that provides for correct-by-construction guarantees in this regard. We annotate MPI primitives and C code with session type contracts, written in the language of a software verifier for C. Annotated code is then checked for correctness with the software verifier. We present preliminary results and discuss the challenges that lie ahead for verifying realistic MPI program compliance against session types.

Distributed, Parallel, and Cluster Computing,Logic in Computer Science,Programming Languages

Andrew M. Mironov

DOI: https://doi.org/10.48550/arXiv.2110.08537

2021-10-16

Abstract:In this paper, we outline an approach to verifying parallel programs. A new mathematical model of parallel programs is introduced. The introduced model is illustrated by the verification of the matrix multiplication MPI program.

Logic in Computer Science,Programming Languages

Christopher Scherb,Luc Bryan Heitz,Hermann Grieder,Olivier Mattmann

2023-11-07

Abstract:Symbolic Execution is a formal method that can be used to verify the behavior of computer programs and detect software vulnerabilities. Compared to other testing methods such as fuzzing, Symbolic Execution has the advantage of providing formal guarantees about the program. However, despite advances in performance in recent years, Symbolic Execution is too slow to be applied to real-world software. This is primarily caused by the \emph{path explosion problem} as well as by the computational complexity of SMT solving. In this paper, we present a divide-and-conquer approach for symbolic execution by executing individual slices and later combining the side effects. This way, the overall problem size is kept small, reducing the impact of computational complexity on large problems.

Cryptography and Security,Symbolic Computation,Systems and Control

Lu Yang,Naijun Zhan,Bican Xia,Chaochen Zhou

DOI: https://doi.org/10.1007/978-3-540-69149-5_58

2008-01-01

Abstract:Recent advances in program verification indicate that various verification problems can be reduced to semi-algebraic system (SAS for short) solving. An SAS consists of polynomial equations and polynomial inequalities. Algorithms for quantifier elimination of real closed fields are the general method for those problems. But the general method usually has low efficiency for specific problems. To overcome the bottleneck of program verification with a symbolic approach, one has to combine special techniques with the general method. Based on the work of complete discrimination systems of polynomials [33,31],, we invented new theories and algorithms [32,30,35] for SAS solving and partly implemented them as a real symbolic computation tool in Maple named DISCOVERER. In this paper, we first summarize the results that we have done so far both on SAS-solving and program verification with DISCOVERER, and then discuss the future work in this direction, including SAS-solving itself, termination analysis and invariant generation of programs, and reachability computation of hybrid systems etc.

Guang Chen,Dexi Wang,Tianchi Li,Chao Zhang,Ming Gu,Jiaguang Sun

DOI: https://doi.org/10.1109/apsec.2018.00027

2018-01-01

Abstract:Software verification has been well applied in safety critical areas and has shown the ability to provide better quality assurance for modern software. However, as lines of code and complexity of software systems increase, the scalability of verification becomes a challenge. In this paper, we present an automatic software verification framework TSV to address the scalability issues: (i) the extended structural abstraction and property-guided program slicing to solve large-scale program verification problem, saving time and memory without losing accuracy; (ii) automatically select different verification methods according to the program and property context to improve the verification efficiency. For evaluation, we compare TSV's different configurations with existing C program verifiers based on open benchmarks. We found that TSV with auto-selection performs better than with bounded model checking only or with extended structural abstraction only. Compared to existing tools such as CMBC and CPAChecker, it acquires 10%-20% improvement of accuracy and 50%-90% improvement of memory consumption.

Weijiang Hong,Zhenbang Chen,Yufeng Zhang,Hengbiao Yu,Yide Du,Ji Wang

DOI: https://doi.org/10.1016/j.scico.2023.103075

IF: 1.039

2024-01-01

Science of Computer Programming

Abstract:Message-passing programs involve several processes with channel-based communications to deal with tasks concurrently. The complex computations and communications between processes make the verification of message-passing programs hard. By regarding the functions in programs as uninterpreted functions, we focus on the verification problem of message-passing uninterpreted programs. Although the usage of uninterpreted functions alleviates the computational difficulties brought by functions, the verification problem is still undecidable in general. In this work, we provide a decidable subclass of message-passing uninterpreted programs, wherein programs in this subclass satisfy the property of k-record coherence. The decidability result closely relies on communicating finite-state machine (CFM) with bounded channels. Based on the decidability result, we proposed a verification framework for message-passing uninterpreted programs.

Xin Li,Yongjuan Liang,Hong Qian,Yi-Qi Hu,Lei Bu,Yang Yu,Xin Chen,Xuandong Li

DOI: https://doi.org/10.1145/2970276.2970364

2016-01-01

Abstract:Symbolic execution is a widely-used program analysis technique. It collects and solves path conditions to guide the program traversing. However, due to the limitation of the current constraint solvers, it is difficult to apply symbolic execution on programs with complex path conditions, like nonlinear constraints and function calls. In this paper, we propose a new symbolic execution tool MLB to handle such problem. Instead of relying on the classical constraint solving, in MLB, the feasibility problems of the path conditions are transformed into optimization problems, by minimizing some dissatisfaction degree. The optimization problems are then handled by the underlying optimization solver through machine learning guided sampling and validation. MLB is implemented on the basis of Symbolic PathFinder and encodes not only the simple linear path conditions, but also nonlinear arithmetic operations, and even black-box function calls of library methods, into symbolic path conditions. Experiment results show that MLB can achieve much better coverage on complex real-world programs.

Teng Long,Xingtao Ren,Qing Wang,Chao Wang

DOI: https://doi.org/10.1016/j.sysarc.2022.102646

IF: 5.836

2022-09-01

Journal of Systems Architecture

Abstract:With the development of network technology and the increasing popularity of distributed systems, the society pays more and more attention to the reliability of distributed systems. Distributed systems establish services and communications among a large number of terminals, and message passing is a common communication method in distributed systems. In practice, asynchronous mode has better performance than synchronous mode, but asynchronous completion makes the task of specifying correct behaviors more difficult. Verification of asynchronous distributed systems is challenging due to unpredictable interleaving and possible network failures. Aiming to verify the safety properties of asynchronous programs, we propose a simple procedure with the assumption of mergeable parallelism in this paper. Then we characterize inference rules to describe the sequence combination that satisfies the conditions of the receive operations. The program’s execution can be reduced to executions with sets of fixed order. A proof is provided to show its soundness. The correctness of the mergeable message passing programs could be verified by a state-of-the-art verification framework. Experimental results show that our method is efficient and applicable in various message passing cases.

computer science, software engineering, hardware & architecture

邝宏斌,罗贵明

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.19.009

2008-01-01

Abstract:Parallelism is an effective method in improving the efficiency of model checking. C program model checking based on LTS is studied and a methodology for parallel software model checking is presented. It utilizes modularity of MAGIC, a software model checker, to decompose C program into components, distributes them over computational nodes and parallel call MAGIC to complete the verification. Close to linear speedup and good scalability can be achieved due to little synchronization and inter-nodes communication. The reduction of time expense is beneficial to formal verification of large-scale software.

Weijiang Hong,Zhenbang Chen,Hengbiao Yu,Ji Wang

DOI: https://doi.org/10.1007/s11432-018-9825-3

2019-01-01

Science China Information Sciences

Abstract:Benchmarks and evaluation are important for the development of techniques and tools. Studies regarding evaluation of model checkers by large-scale benchmarks are few. The lack of such studies is mainly because of the language difference of existing model checkers and the requirement of intensive labor in building models. In this study, we present a large-scale benchmark for evaluating model checkers whose inputs are concurrent models. The benchmark consists of 2318 models that are generated automatically from real-world message passing interface(MPI) programs. The complexities of the models have been inspected to be well distributed and suitable for evaluating model checkers. Based on the benchmark, we have evaluated five state-of-the-art model checkers, i.e., PAT, FDR, Spin, PRISM, and NuSMV, by verifying the deadlock freedom property. The evaluation results demonstrate the ability and performance difference of these model checkers in verifying message passing programs.

Zhen Yao,Jing Liu,Xiaohong Chen,Li Han,Haiying Sun

DOI: https://doi.org/10.1109/qrs62785.2024.00079

2024-01-01

Abstract:Multi-agent systems (MASs) have garnered significant interest across various academic fields. Although MASs are widely applicable, they continue to encounter several challenges, particularly in terms of security.. Model checking, a verification technique that examines all possible system states, is employed to address these challenges. However, the state space of many practical systems can be prohibitively large, leading to exponential growth in verification time. This study introduces a new method for verifying MASs using Strategy Computation Tree Logic (SCTL) via the connective probe machine, a model of fully parallel computing. This approach is pioneering in utilizing the probe machine to speed up MAS verification, specifically allowing for the parallel resolution of SCTL formulas. Unlike conventional model checkers, our method can uncover multiple counterexamples for specified properties, facilitating the identification of various system flaws. We have developed a model checker named MC2PM based on our approach and have validated its feasibility and efficiency through experiments.

Teng Long,Xingtao Ren,Qing Wang,Chao Wang

DOI: https://doi.org/10.1007/978-3-030-91265-9_7

2021-01-01

Abstract:With the development of network technology and the increasing popularity of distributed systems, the society pays more and more attention to the reliability of distributed systems. Distributed systems establish services and communications among a large number of terminals, and message passing is a common communication method in distributed systems. In practice, asynchronous mode has better performance than synchronous mode, but asynchronous completion makes the task of specifying correct behaviors more difficult. Verification of asynchronous distributed systems is challenging due to unpredictable interleaving and possible network failures. Aiming to verify the safety properties of asynchronous programs, we propose a simple procedure with the assumption of mergeable parallelism in this paper. Then we characterize inference rules to describe the sequence combination that satisfies the conditions of the receive operations. The program’s execution can be reduced to executions with sets of fixed order. A proof is provided to show its soundness. The correctness of the mergeable message passing programs could be verified by a state-of-the-art verification framework. Experimental results show that our method is efficient and applicable in various message passing cases.

Zhen Wang,Zhenbang Chen

DOI: https://doi.org/10.1007/978-3-031-57256-2_19

2024-01-01

Abstract:AISE is a static verifier that can verify the safety properties of C programs. The core of AISE is a program verification framework that synergizes abstract interpretation and symbolic execution in a novel manner. Compared to the individual application of symbolic execution or abstract interpretation, AISE has better efficiency and precision. The implementation of AISE is based on KLEE and CLAM.