Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pallavi Joshi* Mayur Naik † Koushik Sen* David Gay ‡ *UC Berkeley † Intel Labs Berkeley ‡ Google Inc.

Published byCorey Gray Modified over 9 years ago

Similar presentations

Presentation on theme: "Pallavi Joshi* Mayur Naik † Koushik Sen* David Gay ‡ *UC Berkeley † Intel Labs Berkeley ‡ Google Inc."— Presentation transcript:

1 Pallavi Joshi* Mayur Naik † Koushik Sen* David Gay ‡ *UC Berkeley † Intel Labs Berkeley ‡ Google Inc

2 Motivation  Today’s concurrent programs are rife with deadlocks 6,500/198,000 (~ 3%) of bug reports in Sun’s bug database at http://bugs.sun.com are deadlocks  Deadlocks are difficult to detect Usually triggered non-deterministically, on specific thread schedules  Fixing other concurrency bugs like races can introduce new deadlocks Our past experience with reporting races: developers often ask for deadlock checker

3 Motivation  Most of previous deadlock detection work has focused on resource deadlocks  Example // Thread 1 // Thread 2 sync(L1) { sync(L2) { sync(L2) { sync(L1) { …. …. } } L1L1 T1T1 L2L2 T2T2

4 Motivation  Other kinds of deadlocks, e.g. communication deadlocks, are equally notorious  Example // Thread 1 // Thread 2 if(!b) { b = true; sync(L) { sync(L) { L.wait(); L.notify(); } } } T2T1 if(!b) wait L b = true notify L b is initially false

5 Goal  Build a dynamic analysis based tool that detects communication deadlocks scales to large programs has low false positive rate

6 Our Initial Effort  Take cue from existing dynamic analyses for other concurrency errors  Existing dynamic analyses check for the violation of an idiom Races ○ every shared variable is consistently protected by a lock Resource deadlocks ○ no cycle in lockgraph Atomicity violations ○ atomic blocks should have the pattern (R+B)*N(L+B)*

7 Our Initial Effort  Which idiom should we check for communication deadlocks?

8 Our Initial Effort  Recommended usage of condition variables // F1 // F2 sync (L) { sync (L) { while (!b) b = true; L.wait ();L.notifyAll (); assert (b == true); } }

9 Our Initial Effort  Recommended usage pattern (or idiom) based checking does not work  Example // Thread 1 // Thread 2 sync (L1) sync (L2) while (!b) L2.wait (); sync (L1) sync (L2) L2.notifyAll (); No violation of idiom, but still there is a deadlock!

10 Revisiting existing analyses  Relax the dependencies between relevant events from different threads verify all possible event orderings for errors use data structures to check idioms (vector clocks, lock-graphs etc.) to implicitly verify all event orderings

11 Revisiting existing analyses  Idiom based checking does not work for communication deadlocks  But, we can still explicitly verify all orderings of relevant events for deadlocks

12 Trace Program // Thread 1 // Thread 2 if (!b) { b = true; sync (L) { L.wait (); L.notify (); } } } b is initially false lock L wait L unlock L lock L unlock L notify L T1T2

13 Trace Program lock L wait L unlock L lock L unlock L notify L T1T2 Thread t1 { lock L; wait L; unlock L; } Thread t2 { lock L; notify L; unlock L; }

14 Trace Program lock L wait L unlock L lock L unlock L notify L T1T2 Thread t1 { Thread t2 { lock L; wait L; || notify L; unlock L; }

15 Trace Program  Built out of only a subset of events usually much smaller than original program  Throws away a lot of dependencies between threads could give false positives but increases coverage

16 Trace Program : Add Dependencies // Thread 1 // Thread 2 if (!b) { b = true; sync (L) { L.wait (); L.notify (); } } } b is initially false lock L wait L unlock L lock L unlock L notify L T1T2 if (!b) b = true

17 lock L wait L unlock L lock L unlock L notify L T1T2 if (!b) b = true Thread t1 { if (!b) { lock L; wait L; unlock L; } Thread t2 { b = true; lock L; notify L; unlock L; } Trace Program : Add Dependencies

18 Trace Program : Add Power  Use static analysis to add to the predictive power of the trace program // Thread 1 // Thread 2 @ !b => L.wait() if (!b) { b = true; sync (L) { L.wait (); L.notify (); } } } b is initially false Thread t1 { if (!b) { lock L; wait L; unlock L; }

19 Trace Program : Other Errors  Effective for concurrency errors that cannot be detected using an idiom communication deadlocks, deadlocks because of exceptions, … // Thread 1 // Thread 2 while (!b) { try{ sync (L) { foo(); L.wait (); b = true; } sync (L) { L.notify(); } } } catch (Exception e) {…} b is initially false can throw an exception

20 Implementation and Evaluation  Implemented for deadlock detection both communication and resource deadlocks  Built a prototype tool for Java called CHECKMATE  Experimented with a number of Java libraries and applications log4j, pool, felix, lucene, jgroups, jruby....  Found both previously known and unknown deadlocks (17 in total)

21 Conclusion  CHECKMATE is a novel dynamic analysis for finding deadlocks both resource and communication deadlocks  Effective on a number of real-world Java benchmarks  Trace program based approach is generic can be applied to other errors, e.g. deadlocks because of exceptions

Download ppt "Pallavi Joshi* Mayur Naik † Koushik Sen* David Gay ‡ *UC Berkeley † Intel Labs Berkeley ‡ Google Inc."

Similar presentations

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Pallavi Joshi  Chang-Seo Park  Koushik Sen  Mayur Naik ‡  Par Lab, EECS, UC Berkeley‡

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Pallavi Joshi  Chang-Seo Park  Koushik Sen  Mayur Naik ‡  Par Lab, EECS, UC Berkeley‡
Effective Static Deadlock Detection

Effective Static Deadlock Detection
1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.

1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.
Runtime Verification Ali Akkaya Boğaziçi University.

Runtime Verification Ali Akkaya Boğaziçi University.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Conditional Must Not Aliasing for Static Race Detection Mayur Naik Alex Aiken Stanford University.

Conditional Must Not Aliasing for Static Race Detection Mayur Naik Alex Aiken Stanford University.
Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,

Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,
A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.
Simulation Verification of Different Constraints in System Level Design in SystemC Piyush Ranjan Satapathy CS220 Class Project Presentation.

Simulation Verification of Different Constraints in System Level Design in SystemC Piyush Ranjan Satapathy CS220 Class Project Presentation.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
ADVERSARIAL MEMORY FOR DETECTING DESTRUCTIVE RACES Cormac Flanagan & Stephen Freund UC Santa Cruz Williams College PLDI 2010 Slides by Michelle Goodstein.

ADVERSARIAL MEMORY FOR DETECTING DESTRUCTIVE RACES Cormac Flanagan & Stephen Freund UC Santa Cruz Williams College PLDI 2010 Slides by Michelle Goodstein.
© Andy Wellings, 2004 Roadmap  Introduction  Concurrent Programming  Communication and Synchronization  Completing the Java Model  Overview of the.

© Andy Wellings, 2004 Roadmap  Introduction  Concurrent Programming  Communication and Synchronization  Completing the Java Model  Overview of the.
Mayur Naik Alex Aiken John Whaley Stanford University Effective Static Race Detection for Java.

Mayur Naik Alex Aiken John Whaley Stanford University Effective Static Race Detection for Java.
Microsoft Research Faculty Summit 2008. Yuanyuan(YY) Zhou Associate Professor University of Illinois, Urbana-Champaign.

Microsoft Research Faculty Summit Yuanyuan(YY) Zhou Associate Professor University of Illinois, Urbana-Champaign.
Partial Order Reduction for Scalable Testing of SystemC TLM Designs Sudipta Kundu, University of California, San Diego Malay Ganai, NEC Laboratories America.

Partial Order Reduction for Scalable Testing of SystemC TLM Designs Sudipta Kundu, University of California, San Diego Malay Ganai, NEC Laboratories America.
Cormac Flanagan UC Santa Cruz Velodrome: A Sound and Complete Dynamic Atomicity Checker for Multithreaded Programs Jaeheon Yi UC Santa Cruz Stephen Freund.

Cormac Flanagan UC Santa Cruz Velodrome: A Sound and Complete Dynamic Atomicity Checker for Multithreaded Programs Jaeheon Yi UC Santa Cruz Stephen Freund.
Learning From Mistakes—A Comprehensive Study on Real World Concurrency Bug Characteristics Shan Lu, Soyeon Park, Eunsoo Seo and Yuanyuan Zhou Appeared.

Learning From Mistakes—A Comprehensive Study on Real World Concurrency Bug Characteristics Shan Lu, Soyeon Park, Eunsoo Seo and Yuanyuan Zhou Appeared.
Exceptions and Mistakes CSE788 John Eisenlohr. Big Question How can we improve the quality of concurrent software?

Exceptions and Mistakes CSE788 John Eisenlohr. Big Question How can we improve the quality of concurrent software?
Testing Concurrent Programs COMP 402 - Production Programming Mathias Ricken Rice University Spring 2009.

Testing Concurrent Programs COMP Production Programming Mathias Ricken Rice University Spring 2009.
Unit Testing & Defensive Programming. F-22 Raptor Fighter.

Unit Testing & Defensive Programming. F-22 Raptor Fighter.

Similar presentations

Ads by Google