Deadlock Analysis with Fewer False Positives Thread T1: sync(G){ sync(L1){ sync(L2){} } }; T3 = new T3(); j3.start(); J3.join(); sync(L2){ sync(L1){} }

Slides:

Advertisements

Similar presentations

Verification and Validation

Advertisements

A Survey of Runtime Verification Jonathan Amir 2004.

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Pallavi Joshi  Chang-Seo Park  Koushik Sen  Mayur Naik ‡  Par Lab, EECS, UC Berkeley‡

1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.

Runtime Verification Ali Akkaya Boğaziçi University.

Debugging Multi-agent Systems Using Design Artifacts: The Case of Interaction Protocols By David Poutakidis.

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.

Programming Types of Testing.

Chapter 2- Visual Basic Schneider1 Chapter 2 Problem Solving.

Iterative Context Bounding for Systematic Testing of Multithreaded Programs Madan Musuvathi Shaz Qadeer Microsoft Research.

1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.

PROBLEMSOLUTION TECHNOLOGY Traceability relations between requirements and code are generally derived manually, and must be manually updated when software.

The Path to Multi-core Tools Paul Petersen. Multi-coreToolsThePathTo 2 Outline Motivation Where are we now What is easy to do next What is missing.

Software Quality Assurance Inspection by Ross Simmerman Software developers follow a method of software quality assurance and try to eliminate bugs prior.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.

Utah Verifier Group Research Overview Robert Palmer.

1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.

Cormac Flanagan UC Santa Cruz Velodrome: A Sound and Complete Dynamic Atomicity Checker for Multithreaded Programs Jaeheon Yi UC Santa Cruz Stephen Freund.

Methods have limits … Matthew Dwyer Steve Goddard Sebastian Elbaum.

Chapter 2- Visual Basic Schneider1 Chapter 2 Problem Solving.

Learning From Mistakes—A Comprehensive Study on Real World Concurrency Bug Characteristics Shan Lu, Soyeon Park, Eunsoo Seo and Yuanyuan Zhou Appeared.

1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.

Data Structures and Programming.  John Edgar2.

Your Interactive Guide to the Digital World Discovering Computers 2012.

OOSE 01/17 Institute of Computer Science and Information Engineering, National Cheng Kung University Member:Q 薛弘志 P 蔡文豪 F 周詩御.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.

Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.

Managing the development and purchase of information systems (Part 1)

Programming Translators.

Dr. Tom WayCSC Code Reviews & Inspections CSC 4700 Software Engineering.

Chapter 8 – Software Testing Lecture 1 1Chapter 8 Software testing The bearing of a child takes nine months, no matter how many women are assigned. Many.

Lifecycle Verification of the NASA Ames K9 Rover Executive Dimitra Giannakopoulou Mike Lowry Corina Păsăreanu Rich Washington.

Programming Lifecycle

Threading and Concurrency Issues ● Creating Threads ● In Java ● Subclassing Thread ● Implementing Runnable ● Synchronization ● Immutable ● Synchronized.

Automatic Software Design Document Generation Input Specification Synthesis System data double x(I); x~gauss(mu,sigma); … data double x(I); x~gauss(mu,sigma);

Describe the Program Development Cycle. Program Development Cycle The program development cycle is a series of steps programmers use to build computer.

Survey on Trace Analyzer (2) Hong, Shin /34Survey on Trace Analyzer (2) KAIST.

Dynamic Analysis of Multithreaded Java Programs Dr. Abhik Roychoudhury National University of Singapore.

Pallavi Joshi* Mayur Naik † Koushik Sen* David Gay ‡ *UC Berkeley † Intel Labs Berkeley ‡ Google Inc.

DEBUGGING. BUG A software bug is an error, flaw, failure, or fault in a computer program or system that causes it to produce an incorrect or unexpected.

Problem Solving Techniques. Compiler n Is a computer program whose purpose is to take a description of a desired program coded in a programming language.

C++ Programming Language Lecture 2 Problem Analysis and Solution Representation By Ghada Al-Mashaqbeh The Hashemite University Computer Engineering Department.

This chapter is extracted from Sommerville’s slides. Textbook chapter

COMP 111 Threads and concurrency Sept 28, Tufts University Computer Science2 Who is this guy? I am not Prof. Couch Obvious? Sam Guyer New assistant.

Ch 22 Verification and Validation

The basics of the programming process The development of programming languages to improve software development Programming languages that the average user.

Software Engineering Laboratory, Department of Computer Science, Graduate School of Information Science and Technology, Osaka University IWPSE 2003 Program.

Software Development Problem Analysis and Specification Design Implementation (Coding) Testing, Execution and Debugging Maintenance.

Software Engineering 2004 Jyrki Nummenmaa 1 BACKGROUND There is no way to generally test programs exhaustively (that is, going through all execution.

Parallelism without Concurrency Charles E. Leiserson MIT.

Deadlock Bug Detection Techniques Prof. Moonzoo Kim CS KAIST CS492B Analysis of Concurrent Programs 1.

The Hashemite University Computer Engineering Department

Grigore Rosu Founder, President and CEO Professor of Computer Science, University of Illinois

( = “unknown yet”) Our novel symbolic execution framework: - extends model checking to programs that have complex inputs with unbounded (very large) data.

This chapter is extracted from Sommerville’s slides. Textbook chapter 22 1 Chapter 8 Validation and Verification 1.

Reachability Testing of Concurrent Programs1 Reachability Testing of Concurrent Programs Richard Carver, GMU Yu Lei, UTA.

Testing Concurrent Programs Sri Teja Basava Arpit Sud CSCI 5535: Fundamentals of Programming Languages University of Colorado at Boulder Spring 2010.

Chapter 2- Visual Basic Schneider1 Chapter 2 Problem Solving.

1 Active Random Testing of Parallel Programs Koushik Sen University of California, Berkeley.

Healing Data Races On-The-Fly

SOFTWARE TESTING OVERVIEW

Verification and Validation

Chapter 8 – Software Testing

Verification and Validation

runtime verification Brief Overview Grigore Rosu

Monitoring Programs using Rewriting

Baisc Of Software Testing

Chapter 7 Software Testing.

Presentation transcript:

Deadlock Analysis with Fewer False Positives Thread T1: sync(G){ sync(L1){ sync(L2){} } }; T3 = new T3(); j3.start(); J3.join(); sync(L2){ sync(L1){} } Thread T2: sync(G){ sync(L2){ sync(L1){} } Thread T3: sync(L1){ sync(L2){} } Lock(T1,G) Lcck(T1,L1) Lock(T1,L2)... Start(T1,T3) Lock(T2,G) Lock(T2,L2) Lock(T2,L1)... Lock(T3,L1) Lock(T3,L2)... Join(T1,T3) Lock(T1,L2) Lock(T1,L1)... Execute instrumented version of program and extract execution trace L1 L2 T3,{},(4,4) T1,{G},(1,1) T1,{},(2,2) T2,{G},(3,3) Compute graph of lock hierarchies Issue warnings for all proper cycles Deadlock? noyes Multi-threaded program Program deadlocks between T2 and T3 Algorithm builds lock graph from trace Deadlock potentials show as cycles in graph Cycle freedom is by far easier to test Old algorithm reports 4 deadlocks, 3 false New algorithm only reports 1 (the real one) Hence algorithm reduces false positives This means less time spent by programmer

Deadlock Analysis with Fewer False Positives The Problem of Non-Determinism Multithreaded software is non-deterministic. Some executions may exhibit a bug, eg. a deadlock, while others may not. Standard testing may therefore not reveal the bug. The Solution of Runtime Analysis Runtime analysis examines a single execution trace for the “footprints” of bugs; eg. cycles in a lock graph. A bug usually leaves prints in most execution traces, even if the executions do not exhibit the bug. Our Improved Runtime Analysis Algorithm Standard runtime analysis of deadlocks yields false positives. New algorithm reduces number of false positives by using labeled lock graphs. Case Study results K9 rover: Found one unexpected deadlock, confirmed one data race, and found all seeded deadlocks and data races. DS1 Attitude Control System: Found two unexpected data races, and all seeded data races.

Explanation of Accomplishment POC: Klaus Havelund (ASE group, Code IC, Background: Concurrency-related errors in multi-threaded mission software often manifest themselves only by intermittent bugs and hence are difficult to find by testing. Runtime Analysis is a solution; it is a technique that analyzes the trace of a single execution of a program, inferring possible problems in other executions. It scales well to large programs. The standard runtime analysis algorithm detects possible deadlocks. However, it suffers in that it reports many false positives. This requires the user to investigate deadlocks that cannot actually appear, making the technique less usable. Accomplishment: We have developed an enhanced runtime analysis algorithm for deadlock detection that issues fewer false positives. It reduces the problem of finding deadlocks to finding a cycle in a labeled graph that describes the lock hierarchies appearing during execution. This algorithm, and a data race detection algorithm, have been implemented in the Java PathExplorer (JPaX) runtime verification tool. JPaX has been applied to two major case studies. The K9 rover developed at Ames was analyzed after having been seeded with deadlocks. All deadlocks were found. An early version of the algorithm found an unexpected deadlock in the K9 rover. JPaX has also been applied to the Deep-Space 1 attitude control system. This system was cycle free, but two unexpected data races were identified. Future Plans: We are currently extending the capability of JPaX to be able to detect other kinds of concurrency errors. Currently we are implementing an algorithm for detecting higher level data races. Errors in the Remote Agent found by the POC were caused by such higher level data races. We are also extending the tool to find other forms of deadlocks, also referred to as communication deadlocks. JPaX furthermore includes a capability for checking conformance of an execution trace with a user provided requirements document. Future work includes improving this framework.