Deadlock Bug Detection Techniques Prof. Moonzoo Kim CS KAIST CS492B Analysis of Concurrent Programs 1.

Slides:

Advertisements

Similar presentations

Operating Systems: Monitors 1 Monitors (C.A.R. Hoare) higher level construct than semaphores a package of grouped procedures, variables and data i.e. object.

Advertisements

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Pallavi Joshi  Chang-Seo Park  Koushik Sen  Mayur Naik ‡  Par Lab, EECS, UC Berkeley‡

Operating Systems Mehdi Naghavi Winter 1385.

Practice Session 7 Synchronization Liveness Deadlock Starvation Livelock Guarded Methods Model Thread Timing Busy Wait Sleep and Check Wait and Notify.

Effective Static Deadlock Detection

Deadlocks Operating Systems (234123) Spring 2013 Deadlocks Dan Tsafrir (13/5/2013) Partially based on slides by Hagit Attiya OS (234123) - spring 2013.

Runtime Verification Ali Akkaya Boğaziçi University.

Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.

Simulation Verification of Different Constraints in System Level Design in SystemC Piyush Ranjan Satapathy CS220 Class Project Presentation.

Liveness and Performance Issues

Chapter 6: Process Synchronization

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 6: Process Synchronization.

Prof. Moonzoo Kim Computer Science, KAIST

1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.

Avishai Wool lecture Introduction to Systems Programming Lecture 5 Deadlocks.

Atomicity Violation Detection Prof. Moonzoo Kim CS492B Analysis of Concurrent Programs.

Deadlock CSCI 444/544 Operating Systems Fall 2008.

Race Conditions CS550 Operating Systems. Review So far, we have discussed Processes and Threads and talked about multithreading and MPI processes by example.

Operating System Concepts with Java – 7 th Edition, Nov 15, 2006 Silberschatz, Galvin and Gagne ©2007 Chapter 7: Deadlocks.

Cormac Flanagan UC Santa Cruz Velodrome: A Sound and Complete Dynamic Atomicity Checker for Multithreaded Programs Jaeheon Yi UC Santa Cruz Stephen Freund.

/ PSWLAB Eraser: A Dynamic Data Race Detector for Multithreaded Programs By Stefan Savage et al 5 th Mar 2008 presented by Hong,Shin Eraser:

Learning From Mistakes—A Comprehensive Study on Real World Concurrency Bug Characteristics Shan Lu, Soyeon Park, Eunsoo Seo and Yuanyuan Zhou Appeared.

DETECTION OF POTENTIAL DEADLOCKS AND DATARACES ROZA GHAMARI Bogazici UniversityMarch 2009.

Thread-modular Abstraction Refinement Thomas A. Henzinger, et al. CAV 2003 Seonggun Kim KAIST CS750b.

1 Concurrent Languages – Part 1 COMP 640 Programming Languages.

Deadlock Detection Nov 26, 2012 CS 8803 FPL 1. Part I Static Deadlock Detection Reference: Effective Static Deadlock Detection [ICSE’09]

1 Processes, Threads, Race Conditions & Deadlocks Operating Systems Review.

Survey on Trace Analyzer (2) Hong, Shin /34Survey on Trace Analyzer (2) KAIST.

Pallavi Joshi* Mayur Naik † Koushik Sen* David Gay ‡ *UC Berkeley † Intel Labs Berkeley ‡ Google Inc.

50.530: Software Engineering Sun Jun SUTD. Week 8: Race Detection.

6.3 Peterson’s Solution The two processes share two variables: Int turn; Boolean flag[2] The variable turn indicates whose turn it is to enter the critical.

Deadlock Questions answered in this lecture: What are the four necessary conditions for deadlock? How can deadlock be prevented? How can deadlock be avoided?

COMP 111 Threads and concurrency Sept 28, Tufts University Computer Science2 Who is this guy? I am not Prof. Couch Obvious? Sam Guyer New assistant.

Operating Systems ECE344 Ashvin Goel ECE University of Toronto Mutual Exclusion.

Producer-Consumer Problem The problem describes two processes, the producer and the consumer, who share a common, fixed-size buffer used as a queue.bufferqueue.

Operating Systems (OS)

Random Testing of Concurrent Programs Prof. Moonzoo Kim Computer Science, KAIST CS492B Analysis of Concurrent Programs.

1 Interprocess Communication (IPC) - Outline Problem: Race condition Solution: Mutual exclusion –Disabling interrupts; –Lock variables; –Strict alternation.

November 2005Scott Stoller, Stony Brook University1 Detecting Potential Deadlocks with Static Analysis and Run-Time Monitoring Rahul Agarwal, Liqiang Wang,

Deadlock Analysis with Fewer False Positives Thread T1: sync(G){ sync(L1){ sync(L2){} } }; T3 = new T3(); j3.start(); J3.join(); sync(L2){ sync(L1){} }

CS 162 Discussion Section Week 4. Administrivia Design reviews Friday, Monday and Tuesday – Every member must attend – Will test that every member understands.

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Concurrency & Dynamic Programming.

CS265: Dynamic Partial Order Reduction Koushik Sen UC Berkeley.

Copyright © Curt Hill Concurrent Execution An Overview for Database.

Debugging Threaded Applications By Andrew Binstock CMPS Parallel.

Threads and Singleton. Threads  The JVM allows multiple “threads of execution”  Essentially separate programs running concurrently in one memory space.

Effective Static Deadlock Detection Mayur Naik* Chang-Seo Park +, Koushik Sen +, David Gay* *Intel Research, Berkeley + UC Berkeley.

Grigore Rosu Founder, President and CEO Professor of Computer Science, University of Illinois

Comunication&Synchronization threads 1 Programación Concurrente Benemérita Universidad Autónoma de Puebla Facultad de Ciencias de la Computación Comunicación.

Effective Static Deadlock Detection Mayur Naik (Intel Research) Chang-Seo Park and Koushik Sen (UC Berkeley) David Gay (Intel Research)

/ PSWLAB Thread Modular Model Checking by Cormac Flanagan and Shaz Qadeer (published in Spin’03) Hong,Shin Thread Modular Model.

Eraser: A dynamic Data Race Detector for Multithreaded Programs Stefan Savage, Michael Burrows, Greg Nelson, Patrick Sobalvarro, Thomas Anderson Presenter:

6.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Module 6: Process Synchronization.

CSCI1600: Embedded and Real Time Software Lecture 17: Concurrent Programming Steven Reiss, Fall 2015.

Testing Concurrent Programs Sri Teja Basava Arpit Sud CSCI 5535: Fundamentals of Programming Languages University of Colorado at Boulder Spring 2010.

7.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 7: Deadlocks.

Operating Systems Unit 4: – Dining Philosophers – Deadlock – Indefinite postponement Operating Systems.

1 Active Random Testing of Parallel Programs Koushik Sen University of California, Berkeley.

Deadlock CS Introduction to Operating Systems.

Healing Data Races On-The-Fly

Operating Systems Design (CS 423)

runtime verification Brief Overview Grigore Rosu

Concurrency Specification

Producer-Consumer Problem

50.530: Software Engineering

EECE.4810/EECE.5730 Operating Systems

CSE 542: Operating Systems

CSE 542: Operating Systems

Presentation transcript:

Deadlock Bug Detection Techniques Prof. Moonzoo Kim CS KAIST CS492B Analysis of Concurrent Programs 1

Bug Detection Techniques for Concurrent Programs 1,000,000 LOC <100~1,000 LOC Precision rstest ConTest MetaL RacerX Java PathFinder jCute CHESS SPIN CalFuzzer Atomizer Eraser Eraser Fusion KISS Scalability Verification False alarm Model checking techniques + High precision + Comprehensive error detection - Scalability (state explosion problem) - Verification expertise is required Testing techniques + High precision + Friendly to developers - Difficult to generate test cases and thread schedules Bug detection techniques + Fast and convenient (no need to generate many executions) - False alarms 2 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Deadlock Bugs Frequently Occur in Real World In a survey on 105 real-world concurrency bugs in open- source applications, 31 out of 105 bugs are deadlock bugs [Lu et al., ASPLOS 08] 3 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Deadlock Bugs Frequently Occur in Real World According to Apache bug tracking systems, there have been 200 deadlock related issues since CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Deadlock A deadlock occurs when each of a set of threads is blocked, waiting for another thread in the set to satisfy certain condition 5 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim release shared resource raise event

Resource Deadlock Ex. Dining philosopher problem 1.Think 2.If left fork is available, pick it up 3.If right fork is available, pick it up 4.Eat 5.Put the right folk down 6.Put the left folk down Folk#1 Folk#2 [Milner] Pick up Folk#1 Pick up Folk#2 [Dijkstra] Pick up Folk#2 Pick up Folk#1 [Milner] Pick up Folk#1 Wait for Folk#2 [Dijkstra] Pick up Folk#2 Wait for Folk#1 6 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Resource Deadlock in Concurrent Programs ABBA deadlock t1: Thread 1 1:lock(X) 2:x = … 3:lock(Y) t2: Thread 2 11:lock(Y) 12:y=... 13:lock(X) Thread1() { 1: lock(X) 2: x = … ; 3: lock(Y) 4: y = … ; 5: unlock(Y) 6: unlock(X) } Thread2() { 11: lock(Y) 12: y = … ; 13: lock(X) 14: x = … ; 15: unlock(X) 16: unlock(Y) } 7 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Communication Deadlock t 1 : Thread 1 3:wait(m)//i==0 … 3:wait(m)//i==9 t 2 : Thread 2 13:notify(m)//j==0 … 13:notify(m)//j==1 … 13:notify(m)//j==9 (terminate) Thread1() { 1:... 2: for(i=0;i<10;i++){ 3: wait(m) ;} } Thread2() { 11:... 12: for(j=0;j<10;j++){ 13: notify(m);} } 8 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim Lost notify

Finding Deadlock Bugs is Difficult A deadlock bug induces deadlock situations only under certain thread schedules Systems software creates a massive number of locks for fine-grained concurrency controls Function caller-callee relation complicates the reasoning about possible nested lockings 9 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Bug Detection Approach Resource deadlock Basic potential deadlock detection algorithm GoodLock algorithm Communication deadlock CHECKMATE: a trace program model-checking technique for deadlock detection 10 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Basic Potential Deadlock Detection Extend the cyclic deadlock monitoring algorithm Cyclic deadlock monitoring algorithm (e.g. LockDep) – Monitor lock acquires and releases in runtime – Lock graph (N, E N ) Create a node n X when a thread acquires lock X Create an edge (n X, n Y ) when a thread acquires lock Y while holding lock X Remove n X, (n X,*) and (*, n X ) when a thread releases X  Report deadlock when the graph has any cycle 11 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Cyclic Deadlock Detection Example (1/2) t1: Thread 1 1:lock(X) 2:a = … 3:lock(Y) t2: Thread 2 11:lock(Y) 12:b=... 13:lock(X) Thread1() { 1: lock(X) 2: a = … ; 3: lock(Y) 4: b = … ; 5: unlock(Y) 6: unlock(X) } Thread2() { 11: lock(Y) 12: b = … ; 13: lock(X) 14: a = … ; 15: unlock(X) 16: unlock(Y) } X Y 3 13 Deadlock detected! 12 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Cyclic Deadlock Detection Example (2/2) t1: Thread 1 1:lock(X) 2:a = … 3:lock(Y) 4:b = … 5:unlock(Y) 6:unlock(X) t2: Thread 2 11:lock(Y) 12:b =... 13:lock(X) 14:a =... 15:unlock(X) 16:unlock(Y) Thread1() { 1: lock(X); 2: a = … 3: lock(Y); 4: b = … 5: unlock(Y); 6: unlock(X); } Thread2() { 11: lock(Y); 12: b = … 13: lock(X); 14: a = … 15: unlock(X); 16: unlock(Y); } X Y 3 No problem 13 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim XX YY YX 13

Basic Deadlock Prediction Technique Potential cyclic deadlock detection algorithm [Harrow, SPIN 00] – Lock graph (N, E N ) Create a node n X when a thread acquires lock X Create an edge (n X, n Y ) when a thread acquires lock Y while holding lock X Remove n X, (n X,*) and (*, n X ) when a thread releases X  Report potential deadlocks if the resulted graph at the end of an execution has a cycle 14 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim [Harrow, SPIN 00] J. J. Harrow, Jr.: Runtime checking of multithreaded applications with Visual Threads, SPIN Workshop 2000

Potential Cyclic Deadlock Detection Example t1:Thread 1 1:lock(X) 2:a = … 3:lock(Y) 4:b = … 5:unlock(Y) 6:unlock(X) t2:Thread 2 11:lock(Y) 12:b=... 13:lock(X)... Thread1() { 1: lock(X) 2: a = … ; 3: lock(Y) 4: b = … ; 5: unlock(Y) 6: unlock(X) } Thread2() { 11: lock(Y) 12: b = … ; 13: lock(X) 14: a = … ; 15: unlock(X) 16: unlock(Y) } X Y 3 13 Cycle  Potential deadlock 15 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Basic Deadlock Prediction Technique The algorithm is commercialized as a SW tool VisualThreads (HP) Empirical results show that the algorithm is very effective to discover hidden deadlock bugs Challenge: generate many false positive 16 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

False Positive Example#1 – Single Thread Cycle Thread1() { 1: lock(X); 2: lock(Y); 3: unlock(Y); 4: unlock(X); 5: lock(Y); 6: lock(X); 7: unlock(X); 8: unlock(Y);} Thread2() { 11: lock(X); 12: unlock(X); 13: lock(Y); 14: unlock(Y);} X Y 2 5 The lock graph has a cycle, but no deadlock A cycle that consists of edges created by one thread is a false positive 17 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

False Positive Example#2: Gate Lock Thread1() { 1: lock(X); 2: lock(Y); 3: lock(Z) ; 4: unlock(Z); 5: unlock(Y); 6: unlock(X); } Thread2() { 11: lock(X); 12: lock(Z) ; 13: lock(Y) ; 14: unlock(Y); 15: unlock(Z); 16: unlock(X); X Y Z , 13 2, 3 Cycle, but no deadlock Gate lock (guard lock) 18 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

False Positive Example#3: Thread Creation f1(){ 1: lock(X); 2: lock(Y); 3: unlock(Y); 4: unlock(X); 5: start(f2); } Cycle, but no deadlock f2(){ 11: lock(Y) ; 12: lock(X); 13: unlock(X); 14: unlock(Y); } X Y 2 12 Thread segment#1 Thread segment#2 19 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim main(){ 0: start(f1); }

GoodLock Algorithm [Agarwal, IBM 10] Extend the lock graph in the basic potential deadlock detection algorithm to consider thread, gate lock, and thread segment Thread segment graph (S, E S ) – When the main thread t 0 starts: Create a thread segment node s 0 ; map t 0 to s 0 (M(t 0 ) = s 0 ); n = 1. – When a thread t i starts a new thread t j Create two thread segment nodes s n and s n+1 ; Create two edges (M(t i ), s n ) and (M(t i ), s n+1 ) ; M(t i ) = s n ; M(t j ) = s n+1 ; n = n + 2 ; [Agarwal, IBM 10] R. Agarwal et al., Detection of deadlock potential in multithreaded programs, IBM Journal of Research and Development, 54(5), CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Thread Segment Graph Example f1(){ 1: lock(X); 2: lock(Y); 3: start(f2); 4: unlock(Y); 5: unlock(X);} f2(){ 11: lock(Y) ; 12: lock(X); 13: unlock(X); 14: unlock(Y); main(){ 0: … 1: start(f1); 2: … } s0s0 s1s1 s3s3 s2s2 s4s4 t0 : main()t1: f1()t2: f2() s0s0 s1s1 s2s2 s4s4 s3s3 21 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Extended Lock Graph 22 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Potential Deadlock Detection 23 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Thread Creation Example Revisit f1(){ 1: lock(X); 2: lock(Y); 3: start(f2); 4: unlock(Y); 5: unlock(X);} f2(){ 11: lock(Y) ; 12: lock(X); 13: unlock(X); 14: unlock(Y); main(){ 0: … 1: start(f1); 2: … } s0s0 s1s1 s3s3 s2s2 s4s4 t0 : main()t1: f1()t2: f2() 24 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim X Y e 2 : (n Y, (s 4, t 2, {Y}, s 4 ), n X ) e 1 : (n X, (s 2, t 1, {X}, s 2 ), n Y ) s0s0 s1s1 s2s2 s4s4 s3s3

Revising Singe Thread Cycle Example main() { 1: start(Thread1); 2: start(Thread2); } Thread2() { 21: lock(X); 22: unlock(X); 23: lock(Y); 24: unlock(Y);} X Y e 1 : (n X, (s 2, t 1,{X}, s 2 ), n Y ) e 2 : (n Y, (s 2, t 1, {Y}, s 2 ), n X ) s0s0 s1s1 s2s2 s3s3 s4s4 Thread1() { 11: lock(X); 12: lock(Y); 13: unlock(Y); 14: unlock(X); 15: lock(Y); 16: lock(X); 17: unlock(X); 18: unlock(Y);} 25 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Revising Gate Lock Example Thread1() { 1: lock(X); 2: lock(Y); 3: lock(Z) ; 4: unlock(Z); 5: unlock(Y); 6: unlock(X); } Thread2() { 11: lock(X); 12: lock(Z) ; 13: lock(Y) ; 14: unlock(Y); 15: unlock(Z); 16: unlock(X); X Y Z e 1 : (n Y, (s 2, t 1, {X, Y}, s 2 ), n Z ) e 2 : (n Z, (s 4, t 2, {X, Z}, s 4 ), n Z ) main() { start(Thread1); start(Thread2); } s0s0 s1s1 s2s2 s3s3 s4s4 26 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Detecting Potential Deadlock with Wait/Notify, Semaphore, etc* *P. Joshi et al., An Effective Dynamic Analysis for Detecting Generalized Deadlocks, FSE CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim class BlockedBuffer { List buf = new ArrayList(); int cursize = 0; int maxsize; BlockedBuffer(int max){ maxsize = max; } sync boolean isFull(){ return(cursize>=maxsize); } sync boolean isEmpty(){ return(cursize == 0) ; } sync void resize(int m){ maxsize = m; } Object get(){ Object e; sync(this){ while(isEmpty()) wait() ; e = buf.remove(0); if(isFull()){ cursize--; notify(); } else{ cursize--; } return e; } sync void put(Object e){ while(isFull()) wait() ; buf.add(e); cursize++ ; notify(); }

Correct Execution Scenario main() { BoundedBuffer bf = new BoundedBuffer(1); (new Thread1(bf)).start(); (new Thread2(bf)).start(); (new Thread3(bf)).start();} Thread1(BoundedBuffer bf){ bf.put(0); bf.put(1);} Thread2(BoundedBuffer bf){ bf.resize(10);} Thread3(BoundedBuffer bf){ bf.get();} Thread1Thread2Thread3 bf.put(0) bf.resize(10) bf.put(1) bf.get() 28 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Another Correct Execution Scenario main() { BoundedBuffer bf = new BoundedBuffer(1); (new Thread1(bf)).start(); (new Thread2(bf)).start(); (new Thread3(bf)).start();} Thread1(BoundedBuffer bf){ bf.put(0); bf.put(1);} Thread2(BoundedBuffer bf){ bf.resize(10);} Thread3(BoundedBuffer bf){ bf.get();} Thread1Thread2Thread3 bf.put(0) bf.resize(10) bf.put(1) bf.get() 29 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim bf.put(1) while(isFull()) wait(); if(isFull()) {… notify() ; }

Deadlock Execution Scenario main() { BoundedBuffer bf = new BoundedBuffer(1); (new Thread1(bf)).start(); (new Thread2(bf)).start(); (new Thread3(bf)).start();} Thread1(BoundedBuffer bf){ bf.put(0); bf.put(1);} Thread2(BoundedBuffer bf){ bf.resize(10);} Thread3(BoundedBuffer bf){ bf.get();} Thread1Thread2Thread3 bf.put(0) bf.resize(10) bf.put(1) bf.get() 30 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim while(isFull()) wait(); if(isFull()) {… notify() ; }

CHECKMATE: Trace Program Model Checking Observe a multi-threaded program execution Retain only the synchronization operations observed during execution – Throw away all other operations like memory update and method calls Create a program from the retained operations (trace program) Model checking trace program – Check partial behaviors 31 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim

Trace Program Example main() { bf = Lock(); isFull=false; start(t1); start(t2); start(t3);} t1() { lock(bf) ; if(isFull) wait(bf) ; isFull=true; notify(bf) ; unlock(bf); lock(bf); if(isFull) wait(bf) ; notify(bf); unlock(bf);} t2() { lock(bf); isFull=false; unlock(bf); } t3() { lock(bf) ; if(isFull) notify(bf); unlock(bf); } Thread1Thread2Thread3 bf.put(0) bf.resize(10) bf.put(1) bf.get() bf.put(0) bf.put(1) bf.get() bf.resize() 32 CS492B Analysis of Concurrent Programs, Prof. Moonzoo Kim