tmpa-2017: a survey of high-performance computing for software verification
TRANSCRIPT
Institute for System Programming of the Russian Academy of Sciences
A Survey of High-Performance Computing for Software Verification
2017, Moscow, Russia
Ilja [email protected]
2
Software Verification
Static verification of C programs
(CEGAR, BMC, ...)
LTL model checkingStatic analysis
3
Linux Drivers Verificationcatc.ko cdrom.ko usbcore.ko
raid1.ko etx2.ko ext3.ko rtc-lib.ko
The Linux Kernel
catc.ko
catc.koenv
envcatc.ko
env
catc.koenv
catc.ko
linux:mutexgeneric:memory
linux:clock
Extract a module source code
Generate an environment model
Add a safety property specification
4
Linux Drivers Verification
Verification task
Verification task
Verification task
Linux
5
Static Verification of C Programs
void main() { int x = nondet(); int y = nondet();
int z = nondet();L1: if (x > y) {L2: z = y - x;
} else {L3: z = x - y;
}L4: if (z < 0)ERR: goto ERR;L5: }
Enter main() x = nondet();y = nondet();z = nondet();assume(x > y)z = x - y;assume(z < 0)ERR;
6
Linux Driver Verification
7
Verification Tasks
4500 Modules
30 Safety properties
2 Verification tool configurations
50 Sec of CPU time per verification task
*
*
*
= ?
8
Verification Performance
5 months
9
Verification Performance
10
High-Performance Computing
●Distributed computing● Multi-Core computing● GPU computing
11
Distributed Verification
● Verification of a single task using several nodes
● Distributing tasks into several nodes
12
Distributed Verification of a Single Task
● Nodes explore parts of the state space● Data transfer has high latency● Modern work stations are used inefficiently
Murφ SPIN ARMC DiVinE
13
Distributed Verification of a Single Task
● Nodes explore parts of the state space● Data transfer has high latency● Modern work stations are used inefficiently
Speedup
ThreadNums1
14
Distributed Verification of Several Tasks
● VerifierCloud for SV-COMP annual competition
Program Verdict
4 days787 463 verification tasks,CPU wall time of 3a 27d 15h 49min 35s
15
Platform as a Service
● Platforms create application instances depending on current workload
● An application must use the platform API● Platforms imply hard restrictions on task
pending time and task solution time
16
CPAchecker in GAE
● Faster application startup● Pure Java SMT interpolating Solver● Specific API to access file system● Restricted time for task solution and pending
17
Infrastructure as a Service
● EC2, OpenStack, …● Clouds provide virtual machines● Users can adjust VM characteristics
18
Multi-Core Computing
● Multiple hyper-threading cores● Shared memory
19
Multi-Core Verification
● Parallel state space exploration● Lockless hash tables to store state space● Cache coherence may introduce significant
latency
DiVinE, SPIN, LTSminBOLT (Map-Reduce)
20
Multi-Core Verification
● Parallel state space exploration● Lockless hash tables to store state space● Cache coherence may introduce significant
latency
DiVinE, SPIN, LTSminBOLT (Map-Reduce)
Speedup
ThreadNums1
21
GPU Computing
● Hundreds cores organized as SMX● GPU Memory hierarchy● Longer clock cycle● Separated code for GPU and CPU
22
GPU Verification
● Linear arithmetic● Sparse matrixes● Less system calls● CPU and GPU combination
GPU-PRISMCADPDiVinESPINLTSmin
100 times faster than CPU using Kepler Architecture
23
Few High Performance Static Verifiers
● Proof of concepts available● No best solution● Difficulty of tools comparison
from different classes
24
Linux Driver Verification
● Distributed task solution● Tasks distribution● IaaS● PaaS● Multi-core verification● GPU verification
25
Ongoing Work
VM VMVM VMVM
Consul, DockerSwarm
OpenStack
CPAcheckerBenchExec
CPAcheckerBenchExec
CPAcheckerBenchExec
MasterScheduler
Web-Interface
VM
TaskGeneratorRunExec
Client
Client
26
Linux Driver Verification
28
29
30