Presentation is loading. Please wait.

Presentation is loading. Please wait.

Testing Atomicity of Composed Concurrent Operations Ohad Shacham Tel Aviv University Nathan Bronson Stanford University Alex Aiken Stanford University.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Testing Atomicity of Composed Concurrent Operations Ohad Shacham Tel Aviv University Nathan Bronson Stanford University Alex Aiken Stanford University."— Presentation transcript:

1 Testing Atomicity of Composed Concurrent Operations Ohad Shacham Tel Aviv University Nathan Bronson Stanford University Alex Aiken Stanford University Mooly Sagiv Tel Aviv University Martin Vechev ETH & IBM Research Eran Yahav Technion

2 Concurrent Data Structures Writing highly concurrent data structures is complicated Modern programming languages provide efficient concurrent collections with atomic semantics. … … … … … … … …

3 Challenge Testing the atomicity of composed operations … … … … … … … …

4 TOMCAT Motivating Example attr = new HashMap(); … Attribute removeAttribute(String name){ Attribute val = null; synchronized(attr) { found = attr.containsKey(name) ; if (found) { val = attr.get(name); attr.remove(name); } return val; } TOMCAT 5.*TOMCAT 6.* Invariant: removeAttribute(name) returns the value it removes from attr or null attr = new ConcurrentHashMap(); … Attribute removeAttribute(String name){ Attribute val = null; /* synchronized(attr) { */ found = attr.containsKey(name) ; if (found) { val = attr.get(name); attr.remove(name); } /* } */ return val; }

5 removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; attr.put(“A”, o); attr.remove(“A”); o

6 Linearizability removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; attr.put(“A”, o); attr.remove(“A”); attr.put(“A”, o); attr.remove(“A”); removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { return val; removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { return val; attr.put(“A”, o); attr.remove(“A”); attr.put(“A”, o); attr.remove(“A”); removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; o o null o o o

7 Challenge Testing the linearizabiliy of composed operations … … … … … … … …

8 removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; attr.put(“A”, o); attr.remove(“A”); Reconstruction in TOMCAT extremely challenging –Large traces –Large number of traces –Bugs occur in rare cases with specific key values

9 Our Solution Modularity Generates simple traces Base linearizabilityRestrict generated traces InfluenceRestrict generated traces Enables Env control

10 removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; attr.put(“A”, o); attr.remove(“A”); Modular Checking

11 Challenge Testing Linearizability of composed operation in a modular fashion … … … … … … … …

12 removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { return val; removeAttribute(“B”) { Attribute val = null; found = attr.containsKey(“B”) ; if (found) { return val; removeAttribute(“GGG”) { Attribute val = null; found = attr.containsKey(“GGG”) if (found) { return val; attr.put(“A”, o); removeAttribute(“GGG”) { Attribute val = null; found = attr.containsKey(“GGG”) if (found) { val = attr.get(“GGG”); attr.remove(“GGG”); } return val; attr.put(“GGG”, o); removeAttribute(“K”) { Attribute val = null; found = attr.containsKey(“K”) if (found) { val = attr.get(“K”); attr.remove(“K”); } return val; attr.put(“K”, o’); removeAttribute(“K”) { Attribute val = null; found = attr.containsKey(“K”) if (found) { return val; attr.put(“K”, o’); removeAttribute(“P”) { Attribute val = null; found = attr.containsKey(“P”) if (found) { val = attr.get(“P”); attr.remove(“P”); } return val; attr.put(“P”, o’); removeAttribute(“P”) { Attribute val = null; found = attr.containsKey(“P”) if (found) { val = attr.get(“P”); attr.remove(“P”); } return val; attr.put(“P”, o’); removeAttribute(“O”) { Attribute val = null; found = attr.containsKey(“O”) if (found) { val = attr.get(“O”); attr.remove(“O”); } return val; attr.put(“O”, o’); removeAttribute(“LL”) { Attribute val = null; found = attr.containsKey(“LL”) if (found) { val = attr.get(“LL”); attr.remove(“LL”); } return val; attr.put(“LL”, o’); removeAttribute(“L”) { Attribute val = null; found = attr.containsKey(“L”) if (found) { val = attr.get(“L”); attr.remove(“L”); } return val; attr.put(“L”, o’); removeAttribute(“G”) { Attribute val = null; found = attr.containsKey(“G”) if (found) { val = attr.get(“G”); attr.remove(“G”); } return val; attr.put(“G”, o’); removeAttribute(“R”) { Attribute val = null; found = attr.containsKey(“R”) if (found) { val = attr.get(“R”); attr.remove(“R”); } return val; attr.put(“R”, o’); attr.remove(“R”);

13 removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; attr.put(“A”, o); attr.remove(“A”); Influence Base Environment

14 Running Example Attribute removeAttribute(String name){ Attribute val = null; found = attr.containsKey(name) ; if (found) { val = attr.get(name); attr.remove(name); } return val; }

15 removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; attr.put(“A”, o); attr.remove(“A”); Attribute removeAttribute(String name){ Attribute val = null; found = attr.containsKey(name) ; if (found) { val = attr.get(name); attr.remove(name); } return val; }

16 removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; attr.put(“A”, o); attr.remove(“A”); attr.put(“A”, o); attr.remove(“A”); removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { return val; removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { return val; attr.put(“A”, o); attr.remove(“A”); attr.put(“A”, o); attr.remove(“A”); removeAttribute(“A”) { Attribute val = null; found = attr.containsKey(“A”) ; if (found) { val = attr.get(“A”); attr.remove(“A”); } return val; o o null o o o

17 COLT program CO extractor candidate COs Timeout instrument linearizability checking CO key/value driver Non-Lin Execution library spec influence driver

18 Benchmark Used simple static analysis to extract composed operations –19% needed manual modification Extracted 112 composed operations from 55 applications –Apache Tomcat, Cassandra, MyFaces – Trinidad, etc… Extracted all composed operations per application We did not find additional composed operations –Using Google Code and Koders

19 112 Unknown

20 59 Non Linearizable 53 Unknown

21 42 Non Linearizable 17 Open Non Linearizable

22 42 Non Linearizable 27 Linearizable 26 Globals

23 Globals … … … … … … … … … … … … … … … … … … m.put(k,v) …

24 27 Linearizable 85 Non-linearizable

25 Easy Detection Attribute removeAttribute(String name){ Attribute val = null; found = attr.containsKey(name) ; if (found) { val = attr.get(name); attr.remove(name); } return val; }

26 Current Work Define a class of data-independent composed operations Use small model reduction to prove linearizability of data- independent composed operations Empirical study for the ratio of real life data-independent composed operations

27 Summary Writing concurrent data structures is hard Employing atomic library operations is error prone Modular linearizability checking Leverage influence Sweet spot –Identify many important bugs together with a traces showing and explaining the violations –Hard to find –Simple and efficient technique

Download ppt "Testing Atomicity of Composed Concurrent Operations Ohad Shacham Tel Aviv University Nathan Bronson Stanford University Alex Aiken Stanford University."

Similar presentations

Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,

Writing specifications for object-oriented programs K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 21 Jan 2005 Invited talk, AIOOL 2005 Paris,
Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.

Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.
CSF Analysis WS-CHOR. Goals Capture the interaction of a set of web services … from a global perspective –Promote interoperability Software engineering.

CSF Analysis WS-CHOR. Goals Capture the interaction of a set of web services … from a global perspective –Promote interoperability Software engineering.
Objects and Classes David Walker CS 320. Advanced Languages advanced programming features –ML data types, exceptions, modules, objects, concurrency,...

Objects and Classes David Walker CS 320. Advanced Languages advanced programming features –ML data types, exceptions, modules, objects, concurrency,...
Guy Golan-GuetaTel-Aviv University Nathan Bronson Stanford University Alex Aiken Stanford University G. Ramalingam Microsoft Research Mooly Sagiv Tel-Aviv.

Guy Golan-GuetaTel-Aviv University Nathan Bronson Stanford University Alex Aiken Stanford University G. Ramalingam Microsoft Research Mooly Sagiv Tel-Aviv.
Model Driven Generative Programming Reza Azimi February 6, 2003 ECE1770: Trends in Middleware Systems.

Model Driven Generative Programming Reza Azimi February 6, 2003 ECE1770: Trends in Middleware Systems.
Modular and Verified Automatic Program Repair Francesco Logozzo, Thomas Ball RiSE - Microsoft Research Redmond.

Modular and Verified Automatic Program Repair Francesco Logozzo, Thomas Ball RiSE - Microsoft Research Redmond.
Programming Technologies, MIPT, April 7th, 2012 Introduction to Binary Translation Technology Roman Sokolov SMWare

Programming Technologies, MIPT, April 7th, 2012 Introduction to Binary Translation Technology Roman Sokolov SMWare
1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.

1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.
Automatic Memory Management Noam Rinetzky Schreiber 123A 2015/seminar/seminar1415a.html.

Automatic Memory Management Noam Rinetzky Schreiber 123A /seminar/seminar1415a.html.
Interprocedural Analysis Mooly Sagiv Tel Aviv University 640-6706 Sunday 18-21 Scrieber 8 Monday 10-12.

Interprocedural Analysis Mooly Sagiv Tel Aviv University Sunday Scrieber 8 Monday
Identification of Distributed Features in SOA Anis Yousefi, PhD Candidate Department of Computing and Software McMaster University July 30, 2010 1.

Identification of Distributed Features in SOA Anis Yousefi, PhD Candidate Department of Computing and Software McMaster University July 30,
“FENDER” AUTOMATIC MEMORY FENCE INFERENCE Presented by Michael Kuperstein, Technion Joint work with Martin Vechev and Eran Yahav, IBM Research 1.

“FENDER” AUTOMATIC MEMORY FENCE INFERENCE Presented by Michael Kuperstein, Technion Joint work with Martin Vechev and Eran Yahav, IBM Research 1.
1 © R. Guerraoui The Power of Registers Prof R. Guerraoui Distributed Programming Laboratory.

1 © R. Guerraoui The Power of Registers Prof R. Guerraoui Distributed Programming Laboratory.
1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.

1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.
Runtime checking of expressive heap assertions Greta Yorsh, Martin Vechev, Eran Yahav, Bard Bloom.

Runtime checking of expressive heap assertions Greta Yorsh, Martin Vechev, Eran Yahav, Bard Bloom.
Paraglide Martin Vechev Eran Yahav Martin Vechev Eran Yahav.

Paraglide Martin Vechev Eran Yahav Martin Vechev Eran Yahav.
CS7100 (Prasad)L16-7AG1 Attribute Grammars Attribute Grammar is a Framework for specifying semantics and enables Modular specification.

CS7100 (Prasad)L16-7AG1 Attribute Grammars Attribute Grammar is a Framework for specifying semantics and enables Modular specification.
1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.

1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.
Collinearity. Symptoms of collinearity Collinearity between independent variables – High r 2 High vif of variables in model Variables significant in simple.

Collinearity. Symptoms of collinearity Collinearity between independent variables – High r 2 High vif of variables in model Variables significant in simple.

Similar presentations

Ads by Google