Skip to main content

On Automation in the Verification of Software Barriers: Experience Report

Abstract

We present an experience report on automating the verification of the software barrier synchronization primitive. The informal specification of the primitive is: when a thread calls the software barrier function, the thread halts until all other threads call their instances of the software barrier function. A successful software barrier call ensures that each thread has finished its portion of work before the threads start exchanging the results of these portions of work. While software barriers are widely used in parallel versions of major numerical algorithms and are indispensable in scientific computing, software barrier algorithms and their implementations scarcely have been verified. We improve the state of the art in proving the correctness of the major software barrier algorithms with off-the-shelf automatic verification systems such as Jahob, VCC, Boogie, Spin and Checkfence. We verify a central barrier, a C implementation of a barrier, a static tree barrier, a combining tree barrier, a dissemination barrier, a tournament barrier, a barrier with its client and a barrier on a weak memory model. In the process, we introduce a novel theorem proving method for proving validity of formulas containing cardinalities of comprehensions and improve the capabilities of one of the verification systems. Based on our experience, we propose new challenges in the verification of software barriers.

This is a preview of subscription content, access via your institution.

References

  1. Aiken, A., Gay, D.: Barrier inference. In: MacQueen, D.B., Cardelli, L. (eds.) ACM Symposium on Principles of Programming Languages, pp. 342–354. ACM (1998)

  2. Aldrich, J., Barnett, M., Giannakopoulou, D., Leavens, G.T., Sharygina, N. (eds.): Proceedings of the SAVCBS’08Workshop at SIGSOFT 2008/FSE 16, 9–10 November. Technical Report CSTR-08-07 (2008)

  3. Ayari, A.: System verification tools based on Monadic logics. PhD thesis, University of Freiburg (2003)

  4. Benten, M.S., Jordan, H.F.: Multiprogramming and the performance of parallel programs. In: Rodrigue, G.H. (ed.) Proceedings of the Third SIAM Conference on Parallel Processing for Scientific Computing, 1–4 Dec 1987, pp. 374–383. SIAM, Los Angeles, California, USA (1989)

  5. Bienia, C.: PARSEC—the Princeton application repository for shared memory computers. http://parsec.cs.princeton.edu, version 2.1 (2009). Retrieved on 5 Jan 2011

  6. Braun, P., Lötzbeyer, H., Slotosch, O.: Quest users guide. Technical report, Technische Universität München (2000)

  7. Brooks III, E.D., Axelrod, T.S., Darmohray, G.A.: The Cerberus multiprocessor simulator. In: Rodrigue, G.H. (ed.) Proceedings of the Third SIAM Conference on Parallel Processing for Scientific Computing, 1–4 Dec 1987, pp. 384–390. SIAM, Los Angeles, California, USA (1989)

  8. Bull, J.M., Davey, R.A., Freeman, R., Graham, P.J., Henty, D.S., Kambites, M.E., Obdrzálek, J., Pottage, L., Smith, L.A., Telford, S.D., Westhead, M.D.: The Java Grande benchmark suite. http://www2.epcc.ed.ac.uk/computing/research_activities/java_grande/index_1.html (2001). Accessed 5 June 2013

  9. Burckhardt, S.: Memory model sensitive analysis of concurrent data types. PhD thesis, University of Pennsylvania (2007)

  10. Celmaster, W.: Implementation of the acceptance-rejection method on parallel processors: a case study in scheduling. In: Rodrigue, G.H. (ed.) Proceedings of the Third SIAM Conference on Parallel Processing for Scientific Computing, 1–4 Dec 1987, pp. 131–136. SIAM, Los Angeles, California, USA (1989)

  11. Cohen, E., Dahlweid, M., Hillebrand, M., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC—the verifying C compiler. http://vcc.codeplex.com (2012). Accessed 7 June 2013

  12. Cordina, J., Fenech, S., Pace, G.J.: Model checking concurrent assembly algorithms. Technical report, Departments of Computer Science and AI, University of Malta (2007)

  13. Darmohray, G.A., Brooks III, E.D.: Gaussian techniques on shared memory multiprocessor computers. In: Rodrigue, G.H. (ed.) Proceedings of the Third SIAM Conference on Parallel Processing for Scientific Computing, 1–4 Dec 1987, pp. 20–26. SIAM, Los Angeles, California, USA (1989)

  14. Dennis Jr., J.E., Martínez, J.M., Zhang, X.: Parallel block triangular decompositions for solving sparse nonlinear systems of equations. In: Dongarra, J., Kennedy, K., Messina, P., Sorensen, D.C., Voigt, R.G. (eds.) PPSC, pp. 168–173. SIAM (1991)

  15. Elmas, T., Qadeer, S., Tasiran, S.: A calculus of atomic actions. In: Shao, Z., Pierce, B.C. (eds.) ACM Symposium on Principles of Programming Languages, pp. 2–15. ACM (2009)

  16. Friesen, J.: Beginning Java 7. Apress. ISBN 978-1-4302-3909-3 (2011)

  17. Gebali, F.: Algorithms and Parallel Computing. John Wiley & Sons, Inc. ISBN 978-0-470-90210-3 (2011)

  18. Gupta, R.: The fuzzy barrier: a mechanism for high speed synchronization of processors. In: Emer, J.S. (ed.) Intl. Conference on Architectural Support for Programming Languages and Operating Systems, pp. 54–63. ACM Press (1989)

  19. Hensgen, D., Finkel, R., Manber, U.: Two algorithms for barrier synchronization. Int. J. Parallel Prog. 17, 1–17 (1988)

    Article  MATH  Google Scholar 

  20. Herlihy, M., Shavit, N.: The Art of Multiprocessor Programming. Morgan Kaufmann (2008)

  21. Hobor, A., Gherghina, C.: Barriers in concurrent separation logic. In: Barthe, G. (ed.) Programming Languages and Systems, European Symposium on Programming. Lecture Notes in Computer Science, vol. 6602, pp. 276–296. Springer (2011)

  22. Holzmann, G.J.: The Spin Model Checker: Primer and Reference Manual. Addison-Wesley. http://www.spinroot.com (2003). Accessed 7 June 2013

  23. Holzmann, G.J., Puri, A.: A minimized automaton representation of reachable states. Intl. J. Softw. Tools Technol. Transfer 2(3), 270–278 (1999)

    Article  MATH  Google Scholar 

  24. Hsu, H.-M., Peir, J.-K., Haidvogel, D.B.: Performance of an ocean circulation model on LCAP. In: Rodrigue, G.H. (ed.) Proceedings of the Third SIAM Conference on Parallel Processing for Scientific Computing, 1–4 Dec 1987, p. 285. SIAM, Los Angeles, California, USA (1989)

  25. Huynh, T.Q., Roychoudhury, A.: A memory model sensitive checker for C#. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) Formal Methods. Lecture Notes in Computer Science, vol. 4085, pp. 476–491. Springer (2006)

  26. Jacobs, B.: Verified general barriers implementation. http://people.cs.kuleuven.be/~bart.jacobs/verifast/examples/barrier.c.html(2010). Retrieved on 7 Feb 2013

  27. Kuncak, V., Wies, T., Zee, K., Malkis, A., Bouillaguet, C., Nguyen, H.H., Schmitt, P.: Jahob verification system. The tool site is at http://lara.epfl.ch/w/jahob_system. The improved source code is at http://www4.in.tum.de/~malkis/jahob.7z and http://software.imdea.org/~alexmalkis/jahob.7z. Accessed 7 June 2013

  28. Leinenbach, D., Santen, T.: Verifying the Microsoft Hyper-V hypervisor with VCC. In: Cavalcanti, A., Dams, D. (eds.) Formal Methods. Lecture Notes in Computer Science, vol. 5850, pp. 806–809. Springer (2009)

  29. Leino, K.R.M.: This is Boogie 2. Technical Report KRML 178, Microsoft Research (2008)

  30. Leino, K.R.M., Moskal, M.: VACID-0: Verification of ample correctness of invariants of data-structures, edition 0. In: Tools & Experiments Workshop (2010)

  31. Lubachevsky, B.D.: Synchronization barrier and related tools for shared memory parallel programming. Int. J. Parallel Prog. 19(3), 225–250 (1990)

    Article  Google Scholar 

  32. Malkis, A., Banerjee, A.: Detailed input and comments on the verification tools applied to software barriers. Available at http://www4.in.tum.de/~malkis/BarrierVerification and http://software.imdea.org/~ab/BarrierVerification (2011). Accessed 7 June 2013

  33. Manna, Z., Pnueli, A.: Temporal Verification of Reactive Systems: Safety. Springer (1995)

  34. Matlin, O.S., Lusk, E.L., McCune, W.: SPINning parallel systems software. In: Bosnacki, D., Leue, S. (eds.) SPIN. Lecture Notes in Computer Science, vol. 2318, pp. 213–220. Springer (2002)

  35. May, J.M.: Parallel I/O for High-Performace Computing. Academic Press (2001). ISBN 1-55860-664-5

  36. Mellor-Crummey, J.M., Scott, M.L.: Barriers for the BBN Butterfly 1. ftp://ftp.cs.rochester.edu/pub/packages/scalable_synch/locks_and_barriers/Bfly1.tar.Z. Retrieved on 16 Feb 2013

  37. Mellor-Crummey, J.M., Scott, M.L.: Barriers for the Sequent Symmetry. ftp://ftp.cs.rochester.edu/pub/packages/scalable_synch/locks_and_barriers/Symmetry.tar.Z. Retrieved on 16 Feb 2013

  38. Mellor-Crummey, J.M., Scott, M.L.: Algorithms for scalable synchronization on shared-memory multiprocessors. ACM Trans. Comput. Syst. 9(1), 21–65 (1991)

    Article  Google Scholar 

  39. Microsoft Corp.: .NET framework libraries. http://referencesource.microsoft.com/netframework.aspx, version 4, file Barrier.cs (2008). Retrieved on 23 May 2011

  40. Microsoft Corp.: MSDN barrier documentation. http://msdn.microsoft.com/en-us/library/system.threading.barrier.aspx, sample C# code (2011). Retrieved on 5 July 2011

  41. Moskal, M., Schulte, W., Cohen, E., Hillebrand, M.A., Tobies, S.: Verifying C programs: a VCC tutorial, (2012). Retrieved from http://www.codeplex.com/Download?ProjectName=VCC&DownloadId=476507 on 23 July 2011

  42. Nagel, C., Evjen, B., Glynn, J., Watson, K., Skinner, M.: Professional C# 2012 and .NET 4.5. John Wiley & Sons, Inc. (2012). ISBN 978-1-1183-1442-5

  43. Prevosto, V., Waldmann, U.: SPASS+T. In: Sutcliffe, G., Schmidt, R., Schulz, S. (eds.) ESCoR: FLoC’06 Workshop on Empirically Successful Computerized Reasoning. CEUR Workshop Proceedings, vol. 192, pp. 18–33. Seattle, WA, USA (2006)

  44. Scott, M.L., Mellor-Crummey, J.M.: Fast, contention-free combining tree barriers for shared-memory multiprocessors. Int. J. Parallel Prog. 22, 449–481 (1994)

    Article  Google Scholar 

  45. Scott, M.L., Mellor-Crummey, J.M.: Pseudocode of scalable synchronization. http://www.cs.rochester.edu/research/synchronization/pseudocode/ss.html(1994). Retrieved on 23 Feb 2013

  46. Smit, A.: Verifying a barrier algorithm with a mechanical theorem prover. Master thesis, Faculty of Mathematics and Natural Sciences, University of Groningen (2001)

  47. Suter, P., Steiger, R., Kuncak, V.: Sets with cardinality constraints in satisfiability modulo theories. In: Jhala, R., Schmidt, D.A. (eds.) Intl. Conf. on Verification, Model Checking, and Abstract Interpretation. Lecture Notes in Computer Science, vol. 6538, pp. 403–418. Springer (2011)

  48. Wies, T., Piskac, R., Kuncak, V.: Combining theories with shared set operations. In: Ghilardi, S., Sebastiani, R. (eds.) Frontiers of Combining Systems. Lecture Notes in Computer Science, vol. 5749, pp. 366–382. Springer (2009)

  49. Yew, P.-C., Tzeng, N.-F., Lawrie, D.H.: Distributing hot-spot addressing in large-scale multiprocessors. IEEE Trans. Comput. 36(4), 388–395 (1987)

    Google Scholar 

  50. Yu, S., Kowalski, A.D.: A study of parallel numerical algorithms for the solution of the Navier-Stokes equation. In: Dongarra, J., Messina, P., Sorensen, D.C., Voigt, R.G. (eds.) PPSC, pp. 285–290. SIAM (1989)

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Alexander Malkis.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Malkis, A., Banerjee, A. On Automation in the Verification of Software Barriers: Experience Report. J Autom Reasoning 52, 275–329 (2014). https://doi.org/10.1007/s10817-013-9290-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10817-013-9290-9

Keywords

  • Barrier
  • Verification
  • Invariant
  • Safety
  • Verifier
  • Automation

Mathematics Subject Classifications (2010)

  • 68Q60
  • 03B70
  • 68T15
  • 03B35
  • 68W40
  • 68Q55
  • 68Q10
  • 68W10