Presentation is loading. Please wait.

Presentation is loading. Please wait.

Static Detection of Race Conditions in Erlang Maria Christakis National Technical University of Athens, Greece Joint work with Kostis Sagonas.

Published byGrace Copeland Modified over 8 years ago

Similar presentations

Presentation on theme: "Static Detection of Race Conditions in Erlang Maria Christakis National Technical University of Athens, Greece Joint work with Kostis Sagonas."— Presentation transcript:

1 Static Detection of Race Conditions in Erlang Maria Christakis National Technical University of Athens, Greece Joint work with Kostis Sagonas

2 Maria ChristakisStatic Race Detection in Erlang Concurrency A method to better structure programs A means to speed up their execution A necessity in order to take advantage of multi- core machines which are ubiquitous these days The catch: Concurrent programming is harder and more error-prone than its sequential counterpart

3 Maria ChristakisStatic Race Detection in Erlang Erlang Erlang is a strict, dynamically typed functional programming language The main implementation of the language is the Erlang/OTP system from Ericsson Its concurrency model is based on user-level processes that communicate using asynchronous message passing

4 Maria ChristakisStatic Race Detection in Erlang Erlang is not immune to Heisenbugs Its implementation in Erlang/OTP allows for many kinds of race conditions in programs But Erlang is often advertized as supporting a shared nothing concurrency model If there is nothing shared between processes, how can there be race conditions? System built-ins allow processes to share data Erlang currently provides no atomicity constructs

5 Maria ChristakisStatic Race Detection in Erlang Data races can happen If it is possible for another process to succeed in changing the value stored on that variable in between the read and the action in such a way that the action about to be taken is no longer appropriate, then we say that our program has a race condition When a process reads some variable, it then decides to take some write action based on the value of that variable

6 Maria ChristakisStatic Race Detection in Erlang proc_reg(Name) ->... case whereis(Name) of undefined -> Pid = spawn(...), register(Name, Pid); Pid -> % already ok % registered end,... Data races in the process registry

7 Maria ChristakisStatic Race Detection in Erlang Data races in the process registry

8 Maria ChristakisStatic Race Detection in Erlang run() -> Tab = ets:new(some_tab_name, [public]), Inc = compute_inc(), Fun = fun () -> ets_inc(Tab, Inc) end, spawn_some_processes(Fun). ets_inc(Tab, Inc) -> case ets:lookup(Tab, some_key) of [] -> ets:insert(Tab, {some_key, Inc}); [{some_key, OldValue}] -> NewValue = OldValue + Inc, ets:insert(Tab, {some_key, NewValue})‏ end. Data races in ETS

9 Maria ChristakisStatic Race Detection in Erlang -export([table_func/2]). table_func(...) -> create_time_stamp_table(),... create_time_stamp_table() -> Props = [{type, set},...], create_table(time_stamp, Props, ram_copies, false), NRef = case mnesia:dirty_read(time_stamp, ref_count) of [] -> 1; [#time_stamp{data = Ref}] -> Ref + 1 end, mnesia:dirty_write(#time_stamp{data = NRef}). Data races in mnesia

10 Maria ChristakisStatic Race Detection in Erlang Single-threaded Erlang A single scheduler picks up processes from a single ready queue The selected process gets assigned a number of reductions to execute Each time the process does a function call, a reduction is consumed A process gets suspended when the number of remaining reductions reaches zero, or when it gets stuck

11 Maria ChristakisStatic Race Detection in Erlang Single-threaded Erlang Being struck by a lightning seems more likely! proc_reg(Name) ->... case whereis(Name) of undefined -> Pid = spawn(...), register(Name, Pid); Pid -> % already ok % registered end,...

12 Maria ChristakisStatic Race Detection in Erlang Multi-threaded Erlang Since May 2006, a multi-threaded version of the system has been released, which is the default on multi-core architectures There are multiple schedulers, each having its own ready queue Since March 2009, the runtime system employs a redistribution scheme based on work stealing when some scheduler’s run queue becomes empty

13 Maria ChristakisStatic Race Detection in Erlang Dialyzer A DIscrepancy AnaLYZer for ERlang programs Dialyzer has been used by the Erlang community since 2007, as part of the Erlang/OTP distribution A lightweight static analysis tool for finding discrepancies in Erlang programs  Type errors  Exception-raising code  Unsatisfiable conditions  Redundancies such as unreachable code, etc.

14 Maria ChristakisStatic Race Detection in Erlang Dialyzer Characteristics of dialyzer (in sequential programs) : Sound for defect detection – not for correctness! Push-button technology, completely automatic Fast and scalable Why dialyzer? Inter-modular call graph and escape analysis Control-flow graphs Type information

15 Maria ChristakisStatic Race Detection in Erlang The analysis Characteristics: Sound for either correctness or defect detection! As precise as possible Completely automatic Fast and scalable Smoothly integrated into dialyzer

16 Maria ChristakisStatic Race Detection in Erlang The analysis: a three-step process 1.Collecting information  Control-flow graphs of functions and closures  Escape analysis  Inter-modular call graph  Sharing/alias analysis  Fine-grained type information (singleton types)‏

17 Maria ChristakisStatic Race Detection in Erlang The analysis: a three-step process 2.Determining all code points with possible race conditions  Find the root nodes in the inter-modular call graph  Traverse their CFGs using depth-first search  Special cases: Statically known function or closure calls Unknown higher-order calls Recursion

18 Maria ChristakisStatic Race Detection in Erlang The analysis: a three-step process 3.Filtering false alarms  Variable sharing  Type information  Characteristics of race conditions foo(Fun, N, M) ->... case whereis(N) of undefined ->..., Fun(M); Pid ->... end,...

19 Maria ChristakisStatic Race Detection in Erlang Some optimizations Control-flow graph minimization Avoiding repeated traversals and benefiting from temporal locality Making unknown function calls less unknown

20 Maria ChristakisStatic Race Detection in Erlang Detecting data races 1 : proc_reg(Name) -> 2 :... 3 : case whereis(Name) of 4 : undefined -> 5 : Pid = spawn(...), 6 : register(Name, Pid); 7 : Pid -> % already 8 : ok % registered 9 : end, 10:... mod.erl:6:The call erlang:register(Name::atom(),Pid::pid()) might fail due to a possible race condition caused by its combination with the ‏ erlang:whereis(Name::atom()) in mod.erl on line 3 mod.erl

21 Maria ChristakisStatic Race Detection in Erlang Performance

22 Maria ChristakisStatic Race Detection in Erlang Since September… Our analysis has been publicly released as part of the latest Erlang/OTP distribution (November 2009) From: Bernard Duggan (Erlang developer)‏ Sent to us on 27 November 2009 “Our Erlang codebase comprises 5 applications and a few little ancillary bits and pieces on the side – it's about 40k lines. So far it's turned up three race conditions. … Thanks for a brilliant tool.”

23 Maria ChristakisStatic Race Detection in Erlang Race Detection in Erlang (ICFP’09) ‏ QuickCheck: A property-based testing tool PULSE is a ProTest User Level Scheduler for Erlang that randomly schedules the test case processes and records a detailed trace A race condition is a possibility of non- deterministic execution that can make a program fail to meet its specification

24 Maria ChristakisStatic Race Detection in Erlang Concluding remarks Future work:  Detection of more kinds of race conditions  Detection of more types of concurrency errors  Addition of an atomic construct to the language Besides providing a tool that statically detects data races, we believe that we have also contributed to raising the awareness of the Erlang community on race conditions

Download ppt "Static Detection of Race Conditions in Erlang Maria Christakis National Technical University of Athens, Greece Joint work with Kostis Sagonas."

Similar presentations

Threads, SMP, and Microkernels

Threads, SMP, and Microkernels
Threads Cannot be Implemented As a Library Andrew Hobbs.

Threads Cannot be Implemented As a Library Andrew Hobbs.
White Box and Black Box Testing Tor Stålhane. What is White Box testing White box testing is testing where we use the info available from the code of.

White Box and Black Box Testing Tor Stålhane. What is White Box testing White box testing is testing where we use the info available from the code of.
Dialyzer – a DIscrepancy AnaLYZer of ERlang programs Tobias Lindahl and Kostis Sagonas Dept of Information Technology Uppsala University.

Dialyzer – a DIscrepancy AnaLYZer of ERlang programs Tobias Lindahl and Kostis Sagonas Dept of Information Technology Uppsala University.
Lecture 11: Operating System Services. What is an Operating System? An operating system is an event driven program which acts as an interface between.

Lecture 11: Operating System Services. What is an Operating System? An operating system is an event driven program which acts as an interface between.
D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.

D u k e S y s t e m s Time, clocks, and consistency and the JMM Jeff Chase Duke University.
Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.

Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.
Concurrency The need for speed. Why concurrency? Moore’s law: 1. The number of components on a chip doubles about every 18 months 2. The speed of computation.

Concurrency The need for speed. Why concurrency? Moore’s law: 1. The number of components on a chip doubles about every 18 months 2. The speed of computation.
Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.

Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.
Overview Motivations Basic static and dynamic optimization methods ADAPT Dynamo.

Overview Motivations Basic static and dynamic optimization methods ADAPT Dynamo.
/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.

/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.
HiPE version 1.0 Kostis Sagonas Uppsala University.

HiPE version 1.0 Kostis Sagonas Uppsala University.
Chapter 4 Threads, SMP, and Microkernels Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

Chapter 4 Threads, SMP, and Microkernels Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.
..................................... Model for Supporting High Integrity and Fault Tolerance Brian Dobbing, Aonix Europe Ltd Chief Technical Consultant.

Model for Supporting High Integrity and Fault Tolerance Brian Dobbing, Aonix Europe Ltd Chief Technical Consultant.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.

Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
Computer Systems/Operating Systems - Class 8

Computer Systems/Operating Systems - Class 8
1 Threads, SMP, and Microkernels Chapter 4. 2 Process: Some Info. Motivation for threads! Two fundamental aspects of a “process”: Resource ownership Scheduling.

1 Threads, SMP, and Microkernels Chapter 4. 2 Process: Some Info. Motivation for threads! Two fundamental aspects of a “process”: Resource ownership Scheduling.
Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.

Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.
Erlang concurrency. Where were we? Finished talking about sequential Erlang Left with two questions  retry – not an issue; I mis-read the statement in.

Erlang concurrency. Where were we? Finished talking about sequential Erlang Left with two questions  retry – not an issue; I mis-read the statement in.
Turning Eclipse Against Itself: Finding Errors in Eclipse Sources Benjamin Livshits Stanford University.

Turning Eclipse Against Itself: Finding Errors in Eclipse Sources Benjamin Livshits Stanford University.

Similar presentations

Ads by Google