/ PSWLAB Eraser: A Dynamic Data Race Detector for Multithreaded Programs By Stefan Savage et al 5 th Mar 2008 presented by Hong,Shin Eraser: A Dynamic Data Race Detector for Multithreaded Programs
/ PSWLAB Introduction 1/3 Multi-threading has become a common programming technique. It is easy to make a mistake in synchronization that produces a data race, yet it can be hard to locate the mistake during debugging. Eraser is a tool to dynamically detect data races in multi- threaded programs Eraser: A Dynamic Data Race Detector for Multithreaded Programs 2
/ PSWLAB Introduction 2/3 Definitions – Lock a synchronization object used for mutual exclusion. a lock is either available or owned by a thread. the operations on a lock m are lock ( m ) and unlock ( m ) – Data race occurs when two concurrent threads access a shared variable, and at least one access is a write, and the threads use no explicit mechanism to prevent the accesses from being simultaneous Eraser: A Dynamic Data Race Detector for Multithreaded Programs 3
/ PSWLAB Introduction 3/3 Eraser checks that all shared memory accesses follow a consistent locking discipline. – a locking discipline is a programming policy that ensures the absence of data races. – E.g. every variable shared between threads is protected by a matual exclusion lock. What is the locking discipline Eraser checks? How the locking discipline checking works in Eraser? Eraser: A Dynamic Data Race Detector for Multithreaded Programs 4
/ PSWLAB Lockset Algorithm 1/4 The basic lockset algorithm enforce the locking discipline that every shared variable is protected by some lock, in the sense that the lock is held by any thread whenever it accesses the variable. Eraser checks whether the program respect this discipline by monitoring all reads and writes as the program executes. Eraser infers the protection relation from the execution history Eraser: A Dynamic Data Race Detector for Multithreaded Programs 5
/ PSWLAB Lockset Algorithm 2/4 For each shared variable v, Eraser maintains the set C ( v ) of candidate locks for v. This set contains those locks that have protected v for the computation so far. A lock l is in C ( v ) if in the computation up to that point, every thread that has accessed v was holding l at the moment of the access. When a new variable v is initialized, its candidate set C ( v ) is considered to hold all possible locks. When the variable is accessed, Eraser updates C ( v ) with the intersection of C ( v ) and the set of locks held by the current thread(Lockset refinement) Eraser: A Dynamic Data Race Detector for Multithreaded Programs 6
/ PSWLAB Lockset Algorithm 3/4 If some lock l consistently protects v, it will remain in C ( v ) as C ( v ) is refined. If C ( v ) becomes empty, this indicates that there is no lock that consistently protects v. In summary, the first lockset algorithm is Let locks _ held ( t ) be the set of locks held by thread t For each v, initialize C ( v ) to the set of all locks. On each access to v by thread t, set C ( v ) := C ( v ) Å locks _ held ( t ) ; if C ( v ) = { }, then issue a warning Eraser: A Dynamic Data Race Detector for Multithreaded Programs 7
/ PSWLAB Lockset Algorithm 4/4 lock(mu1) ; lock(mu2) ; v := v+1 ; unlock(mu2) ; v := v+2 ; unlock(mu1) ; lock(mu2) ; v := v+1 ; unlock(mu2) ; Eraser: A Dynamic Data Race Detector for Multithreaded Programs 8 { } {mu1} {mu1,mu2} {mu1} { } {mu2} { } {mu1, mu2} {mu1} { } issues an alarm Programs locks _ heldC(v)C(v)
/ PSWLAB Improving the Locking Discipline1/5 Improving the locking discipline, there are 3 very common programming practices that violate the discipline yet are free from any data race. – Initialization Shared variables are frequently initialized without holding a lock. – Read-shared data Some shared variables are written during initialization only and are read-only thereafter. – Read-write lock extends the lockset algorithm to accommodate these 3 cases Eraser: A Dynamic Data Race Detector for Multithreaded Programs 9
/ PSWLAB Improving the Locking Discipline2/5 Initialization and read-sharing To avoid false alarms caused by unlocked initialization writes, Eraser delays the refinement of a location’s candidate set until after it has been initialized. → No easy way of knowing when initialization is complete. Eraser considers a shared variable to be initialized when it is first accessed by a second thread Eraser: A Dynamic Data Race Detector for Multithreaded Programs 10
/ PSWLAB Improving the Locking Discipline3/ Eraser: A Dynamic Data Race Detector for Multithreaded Programs 11 Virgin Exclusive Shared Shared- Modified read or write by first thread read by new thread read or write write by new thread read read or write by first thread the variable is new and has not yet been referenced by any thread. the variable has been accessed, but by one thread only. The subsequent reads and writes by the same thread do not update C ( v ). C ( v ) is updated, but data races are not reported even if C ( v ) is empty. C ( v ) is updated, but data races are reported if C ( v ) is empty.
/ PSWLAB Improving the Locking Discipline4/5 Read-write lock – pthread_rwlock_rdlock(pthread_rwlock_t * rwlock) the calling thread acquires the read lock if a writer does not hold the lock and no writers are blocked on the lock. – pthread_rwlock_wrlock(pthread_rwlock_t * rwlock) the calling thread acquires the write lock if no other reader thread or writer thread holds the lock Eraser: A Dynamic Data Race Detector for Multithreaded Programs 12 pthread_rwlock_t rwlock ; int data = 0 ; thread2() { int local ; pthread_rwlock_rdlock(&rwlock) ; local = data ; pthread_rwlock_unlock(&rwlock) ; } thread1() { pthread_rwlock_rdlock(&rwlock) ; data = data + 1 ;/* data is not protected by rwlock */ pthread_rwlock_unlock(&rwlock) ; }
/ PSWLAB Improving the Locking Discipline5/5 In Shared-Modified state, Let locks _ held ( t ) be the set of locks held in any mode by thread t. Let write _ locks _ held ( t ) be the set of locks held in write mode by thread t. On each read of v by thread t, set C ( v ) := C ( v ) Å locks _ held ( t ) ; ( if C ( v ) = { }, then issue a warning ) On each write of v by thread t, set C ( v ) := C ( v ) Å write _ locks _ held ( t ) ; ( if C ( v ) = { }, then issue a warning ) Eraser: A Dynamic Data Race Detector for Multithreaded Programs 13
/ PSWLAB Implementation 1/4 Eraser is implemented using ATOM binary modification system. To maintain C ( v ), Eraser instruments each load and store in the program and also each call to storage allocator for dynamically allocated data To maintain lock _ held ( t ) for each thread t, Eraser instruments each call to acquire or release a lock as well as the stubs that manage thread initialization and finalization. In Eraser, shared variables are assumed to be in global location, or in heap Eraser: A Dynamic Data Race Detector for Multithreaded Programs 14
/ PSWLAB Implementation 2/4 A naïve implementation of locksets would store a list of candidate locks for each memory location. → Potentially consuming many times the allocated memory of the program. The number of distinct sets of locks observed in practice is quite small. represent each set of locks by a small integer, a lockset index into a table whose entries canonically represent the set of locks as sorted vectors of lock addresses. For every 32-bit word in data segment and heap, there is a corresponding shadow word that is used to contain a 30- bit lockset index and 2-bit state condition Eraser: A Dynamic Data Race Detector for Multithreaded Programs 15
/ PSWLAB Implementation 3/4 Eraser shows that it can produce false alarms. Find effective annotations to suppress false alarms without accidentally losing useful warnings. Three broad categories of false alarms – Memory reuse – Private locks – Benign races For each of these categories, we developed a program annotation to allow user of Eraser to eliminate the false alarms. inform additional information to race detector by annotations Eraser: A Dynamic Data Race Detector for Multithreaded Programs 16
/ PSWLAB Implementation 4/4 For memory reuse EraserReuse(address, size) For private locks EraserReadLock(lock) EraserReadUnlock(lock) EraserWriteLock(lock) EraserWriteUnlock(lock) For benign races EraserIgnoreOn() EraserIgnoreOff() Eraser: A Dynamic Data Race Detector for Multithreaded Programs 17
/ PSWLAB Experience 1/1 Performance Application typically slow down by a factor of 10 to 30 while using Eraser. AltaVista – mhttpd – 5,000 lines of C source code, 100 distinct locks, 9 annotations. – Ni2 – 20,000 lines of C source code, 900 distinct locks, 10 annotations. Vesta Cache Server – 30,000 lines of C++ source code, 10 threads, 26 distinct locks, 10 annotations Eraser: A Dynamic Data Race Detector for Multithreaded Programs 18
/ PSWLAB Conclusion 1/1 The advantage of enforcing a simple locking discipline instead of checking for races in general parallel programs. Eraser is practical and effective way to avoid data races Eraser: A Dynamic Data Race Detector for Multithreaded Programs 19
/ PSWLAB Reference [1] Eraser: A Dynamic Data Race Detector for Multithreaded Programs, Stefan Savage et al, ACM TOCS 97 [2] Solaris 10 Software Developer Collection Eraser: A Dynamic Data Race Detector for Multithreaded Programs 20