Presentation is loading. Please wait.

Presentation is loading. Please wait.

Scaling Model Checking of Dataraces Using Dynamic Information Ohad Shacham Tel Aviv University IBM Haifa Lab Mooly Sagiv Tel Aviv University Assaf Schuster.

Published byKerry Black Modified over 9 years ago

Similar presentations

Presentation on theme: "Scaling Model Checking of Dataraces Using Dynamic Information Ohad Shacham Tel Aviv University IBM Haifa Lab Mooly Sagiv Tel Aviv University Assaf Schuster."— Presentation transcript:

1 Scaling Model Checking of Dataraces Using Dynamic Information Ohad Shacham Tel Aviv University IBM Haifa Lab Mooly Sagiv Tel Aviv University Assaf Schuster Technion

2 Datarace Happens when two threads access a memory location concurrently At least one access is a write Unpredictable results Can indicate bugs Hard to detect Hard to reproduce

3 Datarace example TicketPurchase(NumOfTickets) { if (NumOfTickets · FreeTickets) FreeTickets -= NumOfTickets else Print “ Full ” ; }

4 Datarace example Thread IThread II TicketPurchase(2) if (NumOfTickets · FreeTickets) TicketPurchase(4) if (NumOfTickets · FreeTickets) FreeTickets -= NumOfTickets {FreeTickets = -2} {FreeTickets = 4} TicketPurchase(NumOfTickets) { if (NumOfTickets · FreeTickets) FreeTickets -= NumOfTickets else Print “ Full ” ; }

5 Datarace example TicketPurchase(NumOfTickets) { Lock(lock FreeTickets ) if (NumOfTickets · FreeTickets) FreeTickets -= NumOfTickets else Print “ Full ” ; Unlock(lock FreeTickets ) }

6 Datarace detection Static datarace detection tools Racex [Engler and Ashcraft] TVLA [Sagiv et. al.] Dynamic datarace detection tools: Lamport ’ s happens-before partial order (Djit) Lock based techniques (Lockset)

7 Difficulties in model checking dataraces Infinite state space Huge number of interleavings Huge transition systems Size problem

8 Observation Programs maintaining a locking discipline are dataraces free

9 Hybrid solution Dynamically check a locking discipline Produce witnesses for dataraces using a model checker Explore suffixes of the trace

10 Basic idea

11 Algorithm flow Lockset Multithreaded program List of Warnings Find a 1 11 22 Model Checker

12 Lockset Savage et. al. SOSP 1997 Lockset invariant multiple accesses to a specific memory location are guarded by a unique lock

13 Lockset example Lock(lock x ) X = 7 Unlock(lock x ) Lock(lock y ) Z = Y Lock(lock y ) Y = 2 Unlock(lock y ) Lock(lock y ) Y = X  {lock x }  {lock y }  Thread IThread IIC(X) {lock x, lock y } {lock x }   {lock y } Unlock(lock y ) Locks I Locks II

14 Lockset Advantage Predict dataraces which may occur in a different thread interleaving Disadvantages Spurious dataraces Hard to use Lack of trace

15 Lockset strength Lock(lock x ); X = 7; Unlock(lock x ); Lock(lock y ); Z = Y; Lock(lock y ); Y = 2; Unlock(lock y ); Lock(lock y ); Y = X;  {lock x }  {lock y }  Thread IThread IIC(X) {lock x, lock y } {lock x }   {lock y } Unlock(lock y ); Locks I Locks II

16 Our hybrid solution Combine Lockset & Model Checking Provide witnesses for dataraces Rare dataraces Dataraces in large programs Model Checking Provide witnesses for rare DR Lockset scale for large programs+

17 A witness for a datarace a1a1 a2a2 11 22 m a 1 = m a 2 a 1 =Write Ç a 2 =Write

18 Required data from Lockset X=7 Y=2 Z=Y Y=X Thread IThread II

19 Lockset provides for each warning only a single access event a 2 Find a prior access event a 1 which can take part in a race with a 2 a1a1 a2a2 Using Lockset data

20 X = 7 Z = Y Y = 2 Y = X A Warning on X X=7 Z=Y Y=2 Y=X {lock x } {lock y }

21 Prefix a1a1 a2a2

22 MODEL without t 1 Building a model a1a1

23 Using a model checker a1a1 11 a2a2 Is a 2 reachable by t 2 ?

24 Using a model checker a2a2 a1a1 a1a1

25 Reduce the model checker cost Reduction in the model size Elimination of thread t 1 Providing a single new initial configuration Heuristically reducing the number of steps that the model checker should carry out

26 Example Lock(lock x ); X = 7; Unlock(lock x ); Lock(lock y ); Z = Y; Lock(lock y ); Y = 2; Unlock(lock y ); Lock(lock y ); Y = X;  {lock x }  {lock y } Thread IThread IIC(X) {lock x, lock y } {lock x }   {lock y } Unlock(lock y ); Lock(lock y ); Y = 2; Unlock(lock y ); Lock(lock y ); Y = X; 11 22 X = 7; Locks I Locks II

27 Prototype implementation A prototype tool based on IBM tools Lockset – The IBM Watson tool Wolf – IBM Haifa ’ s software model checker

28 Prototype implementation Lockset Multi-threaded program List of Warnings Find a 1 Extend  1 Wolf 11 22

29 Benchmark programs LinesDescriptionProgram 706 traveling salesman from ETH Tsp 708 Enhanced traveling salesman Our_tsp 3751 Multithreaded raytracer from specjvm98 mtrt 29948 Web Crawler Kernel from ETH Hedc 362 Parallel sort SortArray 129 Finds prime numbers in a given interval PrimeFinder 150 Elevator simulator Elevsim 166 Shared DB simulator DQueries

30 Experimental results 4 threads3 threads2 threadsProgram Memory (MB) Time (sec) Memory (MB) Time (sec) Memory (MB) Time (sec) Mem Out 35335069 our_tsp Mem Out3961334.93123569.3 SortArray 1684547.11432645.5116888.7 PrimeFinder 48147.93367.922833.02 ElevSim 136585.9789201.860140.1 DQueries 179127.33112.66 Hedc Mem OutOut Mem37735243 tsp

31 Conclusion Hybrid technique which combines dynamic datarace detector and a model checker Provide witnesses for dataraces which occur only in rare interleavings Helps the user in analyzing the datarace No spurious dataraces

Download ppt "Scaling Model Checking of Dataraces Using Dynamic Information Ohad Shacham Tel Aviv University IBM Haifa Lab Mooly Sagiv Tel Aviv University Assaf Schuster."

Similar presentations

Hybrid BDD and All-SAT Method for Model Checking Orna Grumberg Joint work with Assaf Schuster and Avi Yadgar Technion – Israel Institute of Technology.

Hybrid BDD and All-SAT Method for Model Checking Orna Grumberg Joint work with Assaf Schuster and Avi Yadgar Technion – Israel Institute of Technology.
Software & Services Group PinPlay: A Framework for Deterministic Replay and Reproducible Analysis of Parallel Programs Harish Patil, Cristiano Pereira,

Software & Services Group PinPlay: A Framework for Deterministic Replay and Reproducible Analysis of Parallel Programs Harish Patil, Cristiano Pereira,
1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.

1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.
1 Write Barrier Elision for Concurrent Garbage Collectors Martin T. Vechev Cambridge University David F. Bacon IBM T.J.Watson Research Center.

1 Write Barrier Elision for Concurrent Garbage Collectors Martin T. Vechev Cambridge University David F. Bacon IBM T.J.Watson Research Center.
Conditional Must Not Aliasing for Static Race Detection Mayur Naik Alex Aiken Stanford University.

Conditional Must Not Aliasing for Static Race Detection Mayur Naik Alex Aiken Stanford University.
Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,

Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,
Race Directed Random Testing of Concurrent Programs KOUSHIK SEN - UNIVERSITY OF CALIFORNIA, BERKELEY PRESENTED BY – ARTHUR KIYANOVSKI – TECHNION, ISRAEL.

Race Directed Random Testing of Concurrent Programs KOUSHIK SEN - UNIVERSITY OF CALIFORNIA, BERKELEY PRESENTED BY – ARTHUR KIYANOVSKI – TECHNION, ISRAEL.
A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.
Scalable and Precise Dynamic Datarace Detection for Structured Parallelism Raghavan RamanJisheng ZhaoVivek Sarkar Rice University June 13, 2012 Martin.

Scalable and Precise Dynamic Datarace Detection for Structured Parallelism Raghavan RamanJisheng ZhaoVivek Sarkar Rice University June 13, 2012 Martin.
Eraser: A Dynamic Data Race Detector for Multithreaded Programs STEFAN SAVAGE, MICHAEL BURROWS, GREG NELSON, PATRICK SOBALVARRO and THOMAS ANDERSON.

Eraser: A Dynamic Data Race Detector for Multithreaded Programs STEFAN SAVAGE, MICHAEL BURROWS, GREG NELSON, PATRICK SOBALVARRO and THOMAS ANDERSON.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.
Iterative Context Bounding for Systematic Testing of Multithreaded Programs Madan Musuvathi Shaz Qadeer Microsoft Research.

Iterative Context Bounding for Systematic Testing of Multithreaded Programs Madan Musuvathi Shaz Qadeer Microsoft Research.
The Path to Multi-core Tools Paul Petersen. Multi-coreToolsThePathTo 2 Outline Motivation Where are we now What is easy to do next What is missing.

The Path to Multi-core Tools Paul Petersen. Multi-coreToolsThePathTo 2 Outline Motivation Where are we now What is easy to do next What is missing.
Static Data Race detection for Concurrent Programs with Asynchronous Calls Presenter: M. Amin Alipour Software Design Laboratory

Static Data Race detection for Concurrent Programs with Asynchronous Calls Presenter: M. Amin Alipour Software Design Laboratory
An Case for an Interleaving Constrained Shared-Memory Multi- Processor CS6260 Biao xiong, Srikanth Bala.

An Case for an Interleaving Constrained Shared-Memory Multi- Processor CS6260 Biao xiong, Srikanth Bala.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
CS 263 Course Project1 Survey: Type Systems for Race Detection and Atomicity Feng Zhou, 12/3/2003.

CS 263 Course Project1 Survey: Type Systems for Race Detection and Atomicity Feng Zhou, 12/3/2003.
OOPSLA 2003 Mostly Concurrent Garbage Collection Revisited Katherine Barabash - IBM Haifa Research Lab. Israel Yoav Ossia - IBM Haifa Research Lab. Israel.

OOPSLA 2003 Mostly Concurrent Garbage Collection Revisited Katherine Barabash - IBM Haifa Research Lab. Israel Yoav Ossia - IBM Haifa Research Lab. Israel.
Thread-modular Abstraction Refinement Tom Henzinger Ranjit Jhala Rupak Majumdar Shaz Qadeer.

Thread-modular Abstraction Refinement Tom Henzinger Ranjit Jhala Rupak Majumdar Shaz Qadeer.
ADVERSARIAL MEMORY FOR DETECTING DESTRUCTIVE RACES Cormac Flanagan & Stephen Freund UC Santa Cruz Williams College PLDI 2010 Slides by Michelle Goodstein.

ADVERSARIAL MEMORY FOR DETECTING DESTRUCTIVE RACES Cormac Flanagan & Stephen Freund UC Santa Cruz Williams College PLDI 2010 Slides by Michelle Goodstein.

Similar presentations

Ads by Google