Presenter: Godmar Back

Slides:



Advertisements
Similar presentations
1 Chao Wang, Yu Yang*, Aarti Gupta, and Ganesh Gopalakrishnan* NEC Laboratories America, Princeton, NJ * University of Utah, Salt Lake City, UT Dynamic.
Advertisements

Relaxed Consistency Models. Outline Lazy Release Consistency TreadMarks DSM system.
Race Detection for Android Applications
Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,
A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.
Scalable and Precise Dynamic Datarace Detection for Structured Parallelism Raghavan RamanJisheng ZhaoVivek Sarkar Rice University June 13, 2012 Martin.
D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.
Concurrent Programming James Adkison 02/28/2008. What is concurrency? “happens-before relation – A happens before B if A and B belong to the same process.
Time and Global States Part 3 ECEN5053 Software Engineering of Distributed Systems University of Colorado, Boulder.
Eraser: A Dynamic Data Race Detector for Multithreaded Programs STEFAN SAVAGE, MICHAEL BURROWS, GREG NELSON, PATRICK SOBALVARRO and THOMAS ANDERSON.
CSE , Autumn 2011 Michael Bond.  Name  Program & year  Where are you coming from?  Research interests  Or what’s something you find interesting?
Scaling Model Checking of Dataraces Using Dynamic Information Ohad Shacham Tel Aviv University IBM Haifa Lab Mooly Sagiv Tel Aviv University Assaf Schuster.
Dynamic Data Race Detection. Sources Eraser: A Dynamic Data Race Detector for Multithreaded Programs –Stefan Savage, Michael Burrows, Greg Nelson, Patric.
Race Conditions. Isolated & Non-Isolated Processes Isolated: Do not share state with other processes –The output of process is unaffected by run of other.
Today’s Agenda  Midterm: Nov 3 or 10  Finish Message Passing  Race Analysis Advanced Topics in Software Engineering 1.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.
ADVERSARIAL MEMORY FOR DETECTING DESTRUCTIVE RACES Cormac Flanagan & Stephen Freund UC Santa Cruz Williams College PLDI 2010 Slides by Michelle Goodstein.
Cormac Flanagan and Stephen Freund PLDI 2009 Slides by Michelle Goodstein 07/26/10.
TaintCheck and LockSet LBA Reading Group Presentation by Shimin Chen.
CS533 Concepts of Operating Systems Class 3 Data Races and the Case Against Threads.
Ordering and Consistent Cuts Presented By Biswanath Panda.
CS533 Concepts of Operating Systems Class 3 Monitors.
Cormac Flanagan UC Santa Cruz Velodrome: A Sound and Complete Dynamic Atomicity Checker for Multithreaded Programs Jaeheon Yi UC Santa Cruz Stephen Freund.
/ PSWLAB Eraser: A Dynamic Data Race Detector for Multithreaded Programs By Stefan Savage et al 5 th Mar 2008 presented by Hong,Shin Eraser:
15-740/ Oct. 17, 2012 Stefan Muller.  Problem: Software is buggy!  More specific problem: Want to make sure software doesn’t have bad property.
Accelerating Precise Race Detection Using Commercially-Available Hardware Transactional Memory Support Serdar Tasiran Koc University, Istanbul, Turkey.
Eraser: A Dynamic Data Race Detector for Multithreaded Programs STEFAN SAVAGE, MICHAEL BURROWS, GREG NELSON, PATRICK SOBALVARRO, and THOMAS ANDERSON Ethan.
50.530: Software Engineering Sun Jun SUTD. Week 8: Race Detection.
DoubleChecker: Efficient Sound and Precise Atomicity Checking Swarnendu Biswas, Jipeng Huang, Aritra Sengupta, and Michael D. Bond The Ohio State University.
COMP 111 Threads and concurrency Sept 28, Tufts University Computer Science2 Who is this guy? I am not Prof. Couch Obvious? Sam Guyer New assistant.
Synchronization. Why we need synchronization? It is important that multiple processes do not access shared resources simultaneously. Synchronization in.
“Virtual Time and Global States of Distributed Systems”
Dynamic Data Race Detection. Sources Eraser: A Dynamic Data Race Detector for Multithreaded Programs –Stefan Savage, Michael Burrows, Greg Nelson, Patric.
Memory Consistency Models. Outline Review of multi-threaded program execution on uniprocessor Need for memory consistency models Sequential consistency.
Michael Bond Katherine Coons Kathryn McKinley University of Texas at Austin.
Bugs (part 1) CPS210 Spring Papers  Bugs as Deviant Behavior: A General Approach to Inferring Errors in System Code  Dawson Engler  Eraser: A.
C H A P T E R E L E V E N Concurrent Programming Programming Languages – Principles and Paradigms by Allen Tucker, Robert Noonan.
Execution Replay and Debugging. Contents Introduction Parallel program: set of co-operating processes Co-operation using –shared variables –message passing.
Week 9, Class 3: Java’s Happens-Before Memory Model (Slides used and skipped in class) SE-2811 Slide design: Dr. Mark L. Hornick Content: Dr. Hornick Errors:
Eraser: A dynamic Data Race Detector for Multithreaded Programs Stefan Savage, Michael Burrows, Greg Nelson, Patrick Sobalvarro, Thomas Anderson Presenter:
Reachability Testing of Concurrent Programs1 Reachability Testing of Concurrent Programs Richard Carver, GMU Yu Lei, UTA.
Using Escape Analysis in Dynamic Data Race Detection Emma Harrington `15 Williams College
Synchronization Questions answered in this lecture: Why is synchronization necessary? What are race conditions, critical sections, and atomic operations?
FastTrack: Efficient and Precise Dynamic Race Detection [FlFr09] Cormac Flanagan and Stephen N. Freund GNU OS Lab. 23-Jun-16 Ok-kyoon Ha.
Detecting Data Races in Multi-Threaded Programs
W4118 Operating Systems Instructor: Junfeng Yang.
Data Race Detection Assaf Schuster.
Healing Data Races On-The-Fly
Instructor: Junfeng Yang
Memory Consistency Models
Threads Cannot Be Implemented As a Library
Memory Consistency Models
Yuan Yu(MSR) Tom Rodeheffer(MSR) Wei Chen(UC Berkeley) SOSP 2005
Threads and Memory Models Hal Perkins Autumn 2011
Lecture 15: Concurring Concurrently CS201j: Engineering Software
Concurrent Graph Exploration with Multiple Robots
Threads and Memory Models Hal Perkins Autumn 2009
Shared Memory Programming
Chapter 5 (through section 5.4)
CSE 153 Design of Operating Systems Winter 19
CS333 Intro to Operating Systems
Chapter 6: Synchronization Tools
50.530: Software Engineering
Programming with Shared Memory Specifying parallelism
Dynamic Race Prediction in Linear Time
Problems with Locks Andrew Whitaker CSE451.
Eraser: A dynamic data race detector for multithreaded programs
Pointer analysis John Rollinson & Kaiyuan Li
Presentation transcript:

Presenter: Godmar Back CS 5204 Eraser: A Dynamic Data Race Detector for Multithreaded Programs Savage et al (SOSP 1997, ACM TOCS) Presenter: Godmar Back

16 Years Back Parallel Computing Wave Emergence of low-cost SMP Several massively parallel designs Emergence of low-cost SMP OS Support for multi-threaded programs Multi-threaded OS kernels Emergence of the Internet CS 5204 Fall 2013

Why Threads Are A Bad Idea 1996 Usenix talk by John Ousterhout: “Why threads are a bad idea” Threads are hard to program (synchronization error-prone, prone to deadlock, convoying, etc.); experts only Threads can make modularization difficult Thread implementations are hard to make fast Threads aren’t well-supported (as of 1996) (Ousterhout’s) Conclusion: use threads only when their power is needed - for true CPU concurrency on an SMP – else use single-threaded event-based model CS 5204 Fall 2013

How to write save programs Build safety into the language! Hoare’s Monitors (see separate slide set) CS 5204 Fall 2013

Concurrency Errors vs Data Races Unintended sharing Atomicity violations Order violations Deadlocks/Livelocks Source: Freund et al Likely result in data race CS 5204 Fall 2013

Data Race Conflicting access to the same memory location, at least one of them being a write Read/write Write/read Write/write A race is a pair of conflicting accesses that happens concurrently CS 5204 Fall 2013

“Happens concurrently”? A & B are said to happen concurrently if, in a sequentially consistent execution, they could have occur in either order. That is, there exist sequentially consistent executions in which they could have occurred one after the other. Sequential Consistency Updates are seen in program order by each thread All updates to shared memory are seen in same order by all threads CS 5204 Fall 2013

Race Detection Approaches Happens-Before Relationship Lamport 1978 Distributed Systems Idea First applied by Dinning and Schonberg 1991 CS 5204 Fall 2013

HB in Distributed Systems a b c d f P1 [1 0 0] [2 0 0] [3 0 0] [4 3 0] [5 5 3] [2 0 0] [3 0 0] [2 3 0] [2 5 3] g i j k l m P2 [0 1 0] [2 2 0] [2 3 0] [2 4 3] [2 5 3] [3 6 5] [0 1 0] [0 1 3] [3 1 5] n o p q r s P3 [0 0 1] [0 1 2] [0 1 3] [3 1 4] [3 1 5] [3 1 6] a  f b  s c  m [1 0 0] < [5 5 3] [2 0 0] < [3 1 6] [3 0 0] < [3 6 5] CS 5204 Fall 2013

Vector Clocks a b c d f P1 [1 0 0] [2 0 0] [3 0 0] [4 3 0] [5 5 3] [2 3 0] [2 5 3] g i j k l m P2 [0 1 0] [2 2 0] [2 3 0] [2 4 3] [2 5 3] [3 6 5] [0 1 0] [0 1 3] [3 1 5] n o p q r s P3 [0 0 1] [0 1 2] [0 1 3] [3 1 4] [3 1 5] [3 1 6] d || s q || i k || r [4 3 0] < [3 1 6] [3 1 4] < [2 2 0] [2 4 3] < [3 1 5] CS 5204 Fall 2013

Vector Clocks Vector timestamps: Each node keeps track of logical time of other nodes (as far as it’s seen messages from them) in Vi[i] Send vector timestamp vt along with each message Reconcile vectors timestamp with own vectors upon receipt using MAX(vt[k], Vi [k]) for all k CS 5204 Fall 2013

HB for Race Detection Happens-Before relationships between synchronization and thread creation/join events Code leading to thread create happens before thread body Thread body happens before code subsequent to join() Unlock() happens before lock() CS 5204 Fall 2013

Happens Before Race Detection Monitor thread’s accesses to shared variables Find concurrent events (for instance, using vector clocks) Output warning Sound: never reports a false race Does not require races to manifest in execution, but may miss some races depending on execution CS 5204 Fall 2013

HB relationship is spurious – ‘mu’ doesn’t protect y Missed Race in HB Thread 1 y := y+1; Lock(mu); v:= v+1; Unlock(mu); HB relationship is spurious – ‘mu’ doesn’t protect y Thread 2 Lock(mu); v:= v+1; Unlock(mu); y := y+1; CS 5204 Fall 2013

Cost of HB (1997) Vector clocks Need one per memory location Of size O(t) where t is number of threads ever created in system; all operations on them are of size t. CS 5204 Fall 2013

Eraser Intuition HB too expensive Observation: properly written programs follow lock discipline Lock l protects variable v. If v is ever accessed while l isn’t held -> race How to find out which l protects which v? Infer it from the program CS 5204 Fall 2013

Lock Set Algorithm (Simple Version) Let locks_held(t) be the set of locks held by thread t For each shared memory location v, initialize C(v) to the set of all locks On each access to v by thread t, Set C(v) := C(v) ∩ locks_held(t) If C(v) := {}, then issue a warning CS 5204 Fall 2013

Example Program locks_held C(v) int v; {} {mu1, mu2} lock(mu1); {mu1} v := v + 1; unlock(mu1); lock(mu2); {mu2} {} Warning! unlock(mu2); CS 5204 Fall 2013

Refinement Simple version flags false positives for Variable initialization without locks held Read sharing Read-write locking mechanisms Handle 1., 2. by introducing states Handle 3. by changing algorithm CS 5204 Fall 2013

Refinement State Machine Virgin wr wr new thread Exclusive Shared Modified rd/wr first thread rd new thread Shared wr rd CS 5204 Fall 2013

Lock Set Algorithm (Extended) Let locks_held(t) be the set of locks held in any mode by thread t Let write_locks_held(t) be the set of locks held in write mode by thread t For each shared memory location v, initialize C(v) to the set of all locks On each read of v by thread t, Set C(v) := C(v) ∩ locks_held(t) If C(v) = {}, then issue a warning On each write of v by thread t, Set C(v) := C(v) ∩ write_locks_held(t) CS 5204 Fall 2013

Implementation Hashtable of locksets, indexed by integer Shadow memory Variable -> (state, lockset index) Fast access using simple offset CS 5204 Fall 2013

Shadow Memory CS 5204 Fall 2013

Missing Races Q: When is this race missed? int[] shared = new int[1]; Thread t = new Thread() { public void synchronized run() { shared[0] = shared[0] + 1; ... } }; shared[0] = 512; t.start(); shared[0] = shared[0] + 256; Q: When is this race missed? CS 5204 Fall 2013

Unhandled Cases Memory Reuse “Benign” races Not really benign, see You Don't Know Jack about Shared Variables or Memory Models  [Boehm/Adve 2011] If (fptr == NULL) { lock(fptr_mu); if (fptr == NULL) { fptr = open(filename); } unlock(fptr_mu); CS 5204 Fall 2013

Race Detection Since Eraser Combined HB + LockSet DJIT+ Google Thread Sanitizer Helgrind+ RaceTrack [Yu 2005] Goldilocks Helgrind <= 3.3 Pure HB Helgrind 3.4 and later Intel Thread Checker Fasttrack CS 5204 Fall 2013

Dynamic Data-Race Detection FastTrack [Flanagan-Freund 09] Vector Clocks [M 88] Goldilocks [EQT 07] DJIT+ [ISZ 99,PS 03] TRaDe [CB 01] ... Happens Before [Lamport 78] Eraser [SBN+ 97] RaceTrack [YRC 05] MultiRace [PS 03] Hybrid Race Detector [OC 03] ... Precision Design Criteria: sound & complete (find at least 1st data race on each var) efficient Insight: HB relation is a partial order But all accesses to a var are almost always totally ordered Barriers [PS 03] Initialization [vPG 01] ... Cost Source: Freund et al

Source: Flanagan 2009 CS 5204 Fall 2013

Source: Flanagan 2009 CS 5204 Fall 2013

In this paper, we focus on online dynamic race detectors, which generally fall into two categories depending on whether they report false alarms. Precise race detectors never produce false alarms.  (…) Precise dynamic race detectors do not reason about all possible traces, however, and may not identify races that occur only when other code paths are taken. (…) A variety of alternative imprecise race detectors have been developed, which may provide improved performance (and sometimes better coverage), but which report false alarms on some race-free programs. For example, Eraser's LockSet algorithm…. Views on precision Unfortunately, tools based on happens-before have two significant drawbacks. First, they are difficult to implement efficiently because they require per-thread information about concurrent accesses to each shared-memory location. More importantly, the effectiveness of tools based on happens before is highly dependent on the interleaving produced by the scheduler. While Eraser is a testing tool and therefore cannot guarantee that a program is free from races, it can detect more races than tools based on happens-before. Savage et al 1997 Flanagan & Freund 2010 CS 5204 Fall 2013

Aside on Helgrind CS 5204 Fall 2013

Project Idea Implement Fasttrack-like algorithm for node.js based on Boris Petrov, Martin Vechev, Manu Sridharan, and Julian Dolby. 2012. Race detection for web applications. In Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation (PLDI '12). ACM, New York, NY, USA, 251-262. DOI=10.1145/2254064.2254095 http:doi.acm.org/10.1145/2254064.2254095 http://researcher.watson.ibm.com/researcher/files/us-msridhar/pldi12-wr.pdf CS 5204 Fall 2013

Conclusion Eraser was influential paper that pioneered Lockset idea Influenced a decade of development and refinement of race detectors CS 5204 Fall 2013

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.