Modeling Asynchronous Message Passing for C Programs

This paper presents a formal modeling paradigm that is callable from C, the dominant language for embedded systems programming, for message passing APIs that provides reasonable assurance that the model correctly captures intended behavior. The model is a suitable reference solution for the API, and it supports putative what-if queries over API scenarios for behavior exploration, reproducibility for test and debug, full exhaustive search, and other advanced model checking analysis methods for C programs that use the API. This paper illustrates the modeling paradigm on the MCAPI interface, a growing industry standard message passing library, showing how the model exposes errors hidden by the C reference solution provided by the Multicore Association.

[1]  Patrice Godefroid,et al.  Model checking for programming languages using VeriSoft , 1997, POPL '97.

[2]  Matthias Felleisen,et al.  Semantics Engineering with PLT Redex , 2009 .

[3]  Edsger W. Dijkstra,et al.  Self-stabilizing systems in spite of distributed control , 1974, CACM.

[4]  Yu Yang,et al.  Dynamic Model Checking with Property Driven Pruning to Detect Race Conditions , 2008, ATVA.

[5]  Koen V. Hindriks,et al.  Model Checking Agent Programs by Using the Program Interpreter , 2010, CLIMA.

[6]  Michael R. Lowry,et al.  Combining unit-level symbolic execution and system-level concrete execution for testing nasa software , 2008, ISSTA '08.

[7]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[8]  Zijiang Yang,et al.  CRI: Symbolic Debugger for MCAPI Applications , 2010, ATVA.

[9]  Ganesh Gopalakrishnan,et al.  Dynamic Verification of MPI Programs with Reductions in Presence of Split Operations and Relaxed Orderings , 2008, CAV.

[10]  Andrew William Roscoe,et al.  Model-checking CSP , 1994 .

[11]  Swarat Chaudhuri,et al.  Symbolic pruning of concurrent program executions , 2009, ESEC/FSE '09.

[12]  Alan J. Hu,et al.  Protocol verification as a hardware design aid , 1992, Proceedings 1992 IEEE International Conference on Computer Design: VLSI in Computers & Processors.

[13]  Zijiang Yang,et al.  Debugging support tool for MCAPI applications , 2010, PADTAD '10.

[14]  Ganesh Gopalakrishnan,et al.  MCC: A runtime verification tool for MCAPI user applications , 2009, 2009 Formal Methods in Computer-Aided Design.

[15]  Madan Musuvathi,et al.  Iterative context bounding for systematic testing of multithreaded programs , 2007, PLDI '07.

[16]  Elisa Bertino,et al.  PARALLEL AND DISTRIBUTED SYSTEMS , 2010 .

[17]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[18]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[19]  Daniel Jackson,et al.  Software Abstractions - Logic, Language, and Analysis , 2006 .

[20]  Guodong Li,et al.  A symbolic verifier for CUDA programs , 2010, PPoPP '10.

[21]  Ganesh Gopalakrishnan,et al.  An Approach to Formalization and Analysis of Message Passing Libraries , 2007, FMICS.

[22]  Michael D. Jones,et al.  Model Checking Machine Code with the GNU Debugger , 2005, SPIN.

[23]  Garth A. Gibson,et al.  dBug: Systematic Testing of Unmodified Distributed and Multi-threaded Systems , 2011, SPIN.

[24]  GEORGE S. AVRUNIN ANALYSIS OF MPI PROGRAMS , 2003 .

[25]  Guodong Li,et al.  Formal specification of the MPI-2.0 standard in TLA+ , 2008, PPOPP.

[26]  Haoxiang Lin,et al.  MODIST: Transparent Model Checking of Unmodified Distributed Systems , 2009, NSDI.

[27]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[28]  Marvin V. Zelkowitz,et al.  Programming Languages: Design and Implementation , 1975 .