Presentation is loading. Please wait.

Presentation is loading. Please wait.

C. FlanaganDynamic Analysis for Atomicity1. C. Flanagan2Dynamic Analysis for Atomicity Atomicity The method inc() is atomic if concurrent threads do not.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "C. FlanaganDynamic Analysis for Atomicity1. C. Flanagan2Dynamic Analysis for Atomicity Atomicity The method inc() is atomic if concurrent threads do not."— Presentation transcript:

1 C. FlanaganDynamic Analysis for Atomicity1

2 C. Flanagan2Dynamic Analysis for Atomicity Atomicity The method inc() is atomic if concurrent threads do not interfere with its behavior Guarantees that for every execution there is a serial execution with same behavior         acq(this)t=i i=t+1rel(this)xyz         acq(this) t=i i=t+1rel(this)xyz         acq(this) t=i i=t+1rel(this)xyz

3 C. Flanagan3Dynamic Analysis for Atomicity Tools for Checking Atomicity Calvin: ESC for multithreaded code –[Freund-Qadeer 03]

4 C. Flanagan4Dynamic Analysis for Atomicity Experience with Calvin /*@ global_invariant (\forall int i; inodeLocks[i] == null ==> 0 <= inodeBlocknos[i] && inodeBlocknos[i] < Daisy.MAXBLOCK) */ //@ requires 0 <= inodenum && inodenum < Daisy.MAXINODE; //@ requires i != null //@ requires DaisyLock.inodeLocks[inodenum] == \tid //@ modifies i.blockno, i.size, i.used, i.inodenum //@ ensures i.blockno == inodeBlocknos[inodenum] //@ ensures i.size == inodeSizes[inodenum] //@ ensures i.used == inodeUsed[inodenum] //@ ensures i.inodenum == inodenum //@ ensures 0 <= i.blockno && i.blockno < Daisy.MAXBLOCK static void readi(long inodenum, Inode i) { i.blockno = Petal.readLong(STARTINODEAREA + (inodenum * Daisy.INODESIZE)); i.size = Petal.readLong(STARTINODEAREA + (inodenum * Daisy.INODESIZE) + 8); i.used = Petal.read(STARTINODEAREA + (inodenum * Daisy.INODESIZE) + 16) == 1; i.inodenum = inodenum; // read the right bytes, put in inode }

5 C. Flanagan5Dynamic Analysis for Atomicity Tools for Checking Atomicity Calvin: ESC for multithreaded code –[Freund-Qadeer 03] A type system for atomicity –[Flanagan-Qadeer 03,Flanagan-Freund-Lifshin 05]

6 C. Flanagan6Dynamic Analysis for Atomicity Tools for Checking Atomicity Calvin: ESC for multithreaded code –[Freund-Qadeer 03] A type system for atomicity –[Flanagan-Qadeer 03,Flanagan-Freund-Lifshin 05] Atomizer: dynamic atomicity checker –[Flanagan-Freund 04] http://www.soe.ucsc.edu/~cormac/atom.html

7 C. FlanaganDynamic Analysis for Atomicity7

8 C. FlanaganDynamic Analysis for Atomicity8

9 C. FlanaganDynamic Analysis for Atomicity9

10 C. Flanagan10Dynamic Analysis for Atomicity Atomizer: Instrumentation Architecture Atomizer Instrumented Source Code javac +JVM Warning: method “append” may not be atomic at line 43 Runtime Lockset Reduction /*# atomic */ void append(...) {... } T1: begin_atomic T2: acquire(lock3) T2: read(x,5) T1: write(y,3) T1: end_atomic T2: release(lock3) event stream

11 C. Flanagan11Dynamic Analysis for Atomicity Atomizer: Dynamic Analysis Lockset algorithm –from Eraser [Savage et al. 97] –identifies race conditions Reduction [Lipton 75] –proof technique for verifying atomicity, using information about race conditions

12 C. Flanagan12Dynamic Analysis for Atomicity Analysis 1: Lockset Algorithm Tracks lockset for each field –lockset = set of locks held on all accesses to field Dynamically infers protecting lock for each field Empty lockset indicates possible race condition

13 C. Flanagan13Dynamic Analysis for Atomicity First access to o.f: LockSet( o.f ) = Held(curThread) = { x, y } Thread 1 synchronized(x) { synchronized(y) { o.f = 2; } o.f = 11; } Thread 2 synchronized(y) { o.f = 2; } Lockset Example

14 C. Flanagan14Dynamic Analysis for Atomicity Subsequent access to o.f: LockSet( o.f ) := LockSet( o.f )  Held(curThread) = { x, y }  { x } = { x } Lockset Example Thread 1 synchronized(x) { synchronized(y) { o.f = 2; } o.f = 11; } Thread 2 synchronized(y) { o.f = 2; }

15 C. Flanagan15Dynamic Analysis for Atomicity Subsequent access to o.f: LockSet( o.f ) := LockSet( o.f )  Held(curThread) = { x }  { y } = { } => race condition Lockset Example Thread 1 synchronized(x) { synchronized(y) { o.f = 2; } o.f = 11; } Thread 2 synchronized(y) { o.f = 2; }

16 C. Flanagan16Dynamic Analysis for Atomicity Lockset Shared-exclusive Track lockset any thread r/w Shared-read/write Track lockset race condition!

17 C. Flanagan17Dynamic Analysis for Atomicity Lockset with Thread Local Data Thread Local Shared-exclusive Track lockset first thread r/w any thread r/w Shared-read/write Track lockset race condition! second thread r/w

18 C. Flanagan18Dynamic Analysis for Atomicity Lockset with Read Shared Data Thread Local Read Shared Shared-exclusive Track lockset first thread r/w any thread read any thread write any thread r/w Shared-read/write Track lockset race condition! second thread read second thread write

19 C. Flanagan19Dynamic Analysis for Atomicity Lockset for Producer-Consumer Thread Local Thread Local (2) Read Shared Shared-exclusive Track lockset first thread r/w second thread r/w any thread read any thread read any thread write any thread r/w Shared-read/write Track lockset [Gross-Von Praun 01]

20 C. Flanagan20Dynamic Analysis for Atomicity Atomizer: Dynamic Analysis Lockset algorithm –from Eraser [Savage et al. 97] –identifies race conditions Reduction [Lipton 75] –proof technique for verifying atomicity, using information about race conditions

21 C. Flanagan21Dynamic Analysis for Atomicity Reduction [Lipton 75] acq(this)  Xt=i Y i=t+1Z rel(this)      acq(this)  X t=i Y i=t+1Z rel(this)         acq(this) X t=i Y i=t+1Z rel(this)        acq(this) X t=i Y i=t+1Z rel(this)      

22 C. Flanagan22Dynamic Analysis for Atomicity  Reducible methods: (R|B)* [N] (L|B)* Performing Reduction Dynamically R: right-mover –lock acquire L: left-mover –lock release B: both-mover –race-free field access N: non-mover –access to "racy" fields InRightInLeft R|B L|N start atomic block Error L|B R|N acq(lock) j=bal bal=j+n rel(lock) R B B L

23 C. Flanagan23Dynamic Analysis for Atomicity public class StringBuffer { private int count; public synchronized int length() { return count; } public synchronized void getChars(...) {... } /*# atomic */ public synchronized void append(StringBuffer sb){ int len = sb.length();... sb.getChars(...,len,...);... } java.lang.StringBuffer sb.length() acquires lock on sb, gets length, and releases lock use of stale len may yield StringIndexOutOfBoundsException inside getChars(...) other threads can change sb

24 C. Flanagan24Dynamic Analysis for Atomicity public class StringBuffer { private int count; public synchronized int length() { return count; } public synchronized void getChars(...) {... } /*# atomic */ public synchronized void append(StringBuffer sb){ int len = sb.length();... sb.getChars(...,len,...);... } java.lang.StringBuffer StringBuffer.append is not atomic: Start: at StringBuffer.append(StringBuffer.java:701) at Thread1.run(Example.java:17) Commit: Lock Release at StringBuffer.length(StringBuffer.java:221) at StringBuffer.append(StringBuffer.java:702) at Thread1.run(Example.java:17) Error: Lock Acquire at StringBuffer.getChars(StringBuffer.java:245) at StringBuffer.append(StringBuffer.java:710) at Thread1.run(Example.java:17)

25 C. Flanagan25Dynamic Analysis for Atomicity Atomizer Review Instrumented code calls Atomizer runtime –on field accesses, sync ops, etc Lockset algorithm identifies races –used to classify ops as movers or non-movers Atomizer checks reducibility of atomic blocks –warns about atomicity violations

26 C. Flanagan26Dynamic Analysis for Atomicity /*# atomic */ void deposit(int n) { synchronized (this) { int j = bal; // other thread changes bal bal = j + n; } R B A L Refining Race Information Discovery of races during reduction

27 C. Flanagan27Dynamic Analysis for Atomicity Extensions Redundant lock operations –acquire is right-mover –release is left-mover –Want to treat them as both movers when possible Write-protected data –common idiom

28 C. Flanagan28Dynamic Analysis for Atomicity Thread-Local Locks class Vector { atomic synchronized Object get(int i) {... } atomic synchronized void add(Object o) {... } } class WorkerThread { atomic void transaction() { Vector v = new Vector(); v.add(x1); v.add(x2);... v.get(i); }

29 C. Flanagan29Dynamic Analysis for Atomicity Reentrant Locks class Vector { atomic synchronized Object get(int i) {... } atomic synchronized Object add(Object o) {... } atomic boolean contains(Object o) { synchronized(this) { for (int i = 0; i < size(); i++) if (get(i).equals(o)) return true; } return false; }

30 C. Flanagan30Dynamic Analysis for Atomicity Layered Abstractions class Set { Vector elems; atomic void add(Object o) { synchronized(this) { if (!elems.contains(o)) elems.add(o); }

31 C. Flanagan31Dynamic Analysis for Atomicity Redundant Lock Operations Acquire is right-mover Release is left-mover Redundant lock operations are both-movers –acquiring/releasing a thread-local lock –re-entrant acquire/release –acquiring/releasing lock A, if lock B always acquired before A

32 C. Flanagan32Dynamic Analysis for Atomicity Write-Protected Data class Account { volatile int bal; /*# atomic */ int read() { return bal; } /*# atomic */ void deposit(int n) { synchronized (this) { int j = bal; bal = j + n; } RBNLRBNL

33 C. Flanagan33Dynamic Analysis for Atomicity Write-Protected Data class Account { int bal; /*# atomic */ int read() { return bal; } /*# atomic */ void deposit(int n) { synchronized (this) { int j = bal; bal = j + n; } Lock this held whenever balance is updated –write must hold lock, and is non-mover –read without lock held is non-mover –read with lock held is both-mover RBALRBAL

34 C. Flanagan34Dynamic Analysis for Atomicity Lockset for Write-Protected Data Track access lockset and write lockset –access lockset = locks held on every access –write lockset = locks held on every write For regularly-protected data –access lockset = write lockset = { protecting lock } For write-protected data –access lockset = Ø –write lockset = { write-protecting lock } Read is both-mover if some write lock held Write is both-mover if access lockset nonempty

35 C. Flanagan35Dynamic Analysis for Atomicity Evaluation 12 benchmarks –scientific computing, web server, std libraries,... –200,000+ lines of code Heuristics for atomicity –all synchronized blocks are atomic –all public methods are atomic, except main and run Slowdown:1.5x - 40x

36 C. Flanagan36Dynamic Analysis for Atomicity BenchmarkLines Base Time (s)Slowdown elevator50011.2- hedc29,9006.4- tsp7001.921.8 sor17,7001.31.5 moldyn1,30090.61.5 montecarlo3,6006.42.7 raytracer1,9004.841.8 mtrt11,3002.838.8 jigsaw90,1003.04.7 specJBB30,50026.212.1 webl22,30060.3- lib-java75,30596.5- Performance

37 C. Flanagan37Dynamic Analysis for Atomicity Extensions Reduce Number of Warnings Total 341 Total 97

38 C. Flanagan38Dynamic Analysis for Atomicity Evaluation Warnings: 97 (from 200KLOC) At least 7 are real errors False alarms due to: –simplistic heuristics for atomicity programmer should specify atomicity –false races –methods irreducible yet still "atomic" eg caching, lazy initialization No warnings reported in more than 90% of exercised methods

39 C. Flanagan39Dynamic Analysis for Atomicity Example Bugs class PrintWriter { Writer out; public void println(String s) { synchronized(lock) { out.print(s); out.println(); } } } class ResourceStoreManager { synchronized checkClosed() {... } synchronized lookup(...) {... } public ResourceStore loadResourceStore(...) { checkClosed(); return lookup(...); } }

Download ppt "C. FlanaganDynamic Analysis for Atomicity1. C. Flanagan2Dynamic Analysis for Atomicity Atomicity The method inc() is atomic if concurrent threads do not."

Similar presentations

Types for Atomicity Authors: Cormac Flanagan, UC Santa Cruz Stephen Freund, Marina Lifshin, Williams College Shaz Qadeer, Microsoft Research Presentation.

Types for Atomicity Authors: Cormac Flanagan, UC Santa Cruz Stephen Freund, Marina Lifshin, Williams College Shaz Qadeer, Microsoft Research Presentation.
A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Pallavi Joshi  Chang-Seo Park  Koushik Sen  Mayur Naik ‡  Par Lab, EECS, UC Berkeley‡

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Pallavi Joshi  Chang-Seo Park  Koushik Sen  Mayur Naik ‡  Par Lab, EECS, UC Berkeley‡
Reduction, abstraction, and atomicity: How much can we prove about concurrent programs using them? Serdar Tasiran Koç University Istanbul, Turkey Tayfun.

Reduction, abstraction, and atomicity: How much can we prove about concurrent programs using them? Serdar Tasiran Koç University Istanbul, Turkey Tayfun.
Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,

Goldilocks: Efficiently Computing the Happens-Before Relation Using Locksets Tayfun Elmas 1, Shaz Qadeer 2, Serdar Tasiran 1 1 Koç University, İstanbul,
Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.

Verification of Multithreaded Object- Oriented Programs with Invariants Bart Jacobs, K. Rustan M. Leino, Wolfram Schulte.
A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.

A Randomized Dynamic Program Analysis for Detecting Real Deadlocks Koushik Sen CS 265.
Chapter 6: Process Synchronization

Chapter 6: Process Synchronization
Concurrency 101 Shared state. Part 1: General Concepts 2.

Concurrency 101 Shared state. Part 1: General Concepts 2.
/ PSWLAB Concurrent Bug Patterns and How to Test Them by Eitan Farchi, Yarden Nir, Shmuel Ur published in the proceedings of IPDPS’03 (PADTAD2003)

/ PSWLAB Concurrent Bug Patterns and How to Test Them by Eitan Farchi, Yarden Nir, Shmuel Ur published in the proceedings of IPDPS’03 (PADTAD2003)
1 Beyond Reduction.... 2 Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else.

1 Beyond Reduction Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } if (m == 0) { m = 1; return true; } else.
Part IV: Exploiting Purity for Atomicity. Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)

Part IV: Exploiting Purity for Atomicity. Busy Acquire atomic void busy_acquire() { while (true) { if (CAS(m,0,1)) break; } } CAS(m,0,1) (fails) (succeeds)
Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs Stephen Freund Williams College Cormac Flanagan University of California, Santa Cruz.

Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs Stephen Freund Williams College Cormac Flanagan University of California, Santa Cruz.
Types for Atomicity in Multithreaded Software Shaz Qadeer Microsoft Research (Joint work with Cormac Flanagan)

Types for Atomicity in Multithreaded Software Shaz Qadeer Microsoft Research (Joint work with Cormac Flanagan)
Synchronization. Shared Memory Thread Synchronization Threads cooperate in multithreaded environments – User threads and kernel threads – Share resources.

Synchronization. Shared Memory Thread Synchronization Threads cooperate in multithreaded environments – User threads and kernel threads – Share resources.
CS294-32: Dynamic Data Race Detection Koushik Sen UC Berkeley.

CS294-32: Dynamic Data Race Detection Koushik Sen UC Berkeley.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
C. Flanagan1Types for Atomicity Cormac Flanagan UC Santa Cruz Stephen N. Freund Williams College Shaz Qadeer Microsoft Research Analysis of Concurrent.

C. Flanagan1Types for Atomicity Cormac Flanagan UC Santa Cruz Stephen N. Freund Williams College Shaz Qadeer Microsoft Research Analysis of Concurrent.
/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.

/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.
CS 263 Course Project1 Survey: Type Systems for Race Detection and Atomicity Feng Zhou, 12/3/2003.

CS 263 Course Project1 Survey: Type Systems for Race Detection and Atomicity Feng Zhou, 12/3/2003.
Atomicity Violation Detection Prof. Moonzoo Kim CS492B Analysis of Concurrent Programs.

Atomicity Violation Detection Prof. Moonzoo Kim CS492B Analysis of Concurrent Programs.

Similar presentations

Ads by Google