ABSTRACT
Atomicity is a key correctness property that allows programmers to reason about code regions in isolation. However, programs often fail to enforce atomicity correctly, leading to atomicity violations that are difficult to detect. Dynamic program analysis can detect atomicity violations based on an atomicity specification, but existing approaches slow programs substantially.
This paper presents DoubleChecker, a novel sound and precise atomicity checker whose key insight lies in its use of two new cooperating dynamic analyses. Its imprecise analysis tracks cross-thread dependences soundly but imprecisely with significantly better performance than a fully precise analysis. Its precise analysis is more expensive but only needs to process a subset of the execution identified as potentially involved in atomicity violations by the imprecise analysis. If DoubleChecker operates in single-run mode, the two analyses execute in the same program run, which guarantees soundness and precision but requires logging program accesses to pass from the imprecise to the precise analysis. In multi-run mode, the first program run executes only the imprecise analysis, and a second run executes both analyses. Multi-run mode trades accuracy for performance; each run of multi-run mode outperforms single-run mode, but can potentially miss violations.
We have implemented DoubleChecker and an existing state-of-the-art atomicity checker called Velodrome in a high-performance Java virtual machine. DoubleChecker's single-run mode significantly outperforms Velodrome, while still providing full soundness and precision. DoubleChecker's multi-run mode improves performance further, without significantly impacting soundness in practice. These results suggest that DoubleChecker's approach is a promising direction for improving the performance of dynamic atomicity checking over prior work.
- B. Alpern, S. Augart, S. M. Blackburn, M. Butrico, A. Cocchi, P. Cheng, J. Dolby, S. Fink, D. Grove, M. Hind, K. S. McKinley, M. Mergen, J. E. B. Moss, T. Ngo, and V. Sarkar. The Jikes Research Virtual Machine Project: Building an Open-Source Research Community. IBM Systems Journal, 44:399--417, 2005. Google ScholarDigital Library
- S. M. Blackburn, R. Garner, C. Hoffman, A. M. Khan, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. Hosking, M. Jump, H. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanović, T. VanDrunen, D. von Dincklage, and B. Wiedermann. The DaCapo Benchmarks: Java Benchmarking Development and Analysis. In OOPSLA, pages 169--190, 2006. Google ScholarDigital Library
- M. D. Bond, M. Kulkarni, M. Cao, M. Zhang, M. Fathi Salmi, S. Biswas, A. Sengupta, and J. Huang. Octet: Capturing and Controlling Cross-Thread Dependences Efficiently. In OOPSLA, pages 693--712, 2013. Google ScholarDigital Library
- Q. Chen, L. Wang, Z. Yang, and S. D. Stoller. HAVE: Detecting Atomicity Violations via Integrated Dynamic and Static Analysis. In FASE, pages 425--439, 2009. Google ScholarDigital Library
- S. Cherem, T. Chilimbi, and S. Gulwani. Inferring Locks for Atomic Sections. In PLDI, pages 304--315, 2008. Google ScholarDigital Library
- L. Chew and D. Lie. Kivati: Fast Detection and Prevention of Atomicity Violations. In EuroSys, pages 307--320, 2010. Google ScholarDigital Library
- T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein. Introduction to Algorithms, chapter 11. The MIT Press, McGraw-Hill Book Company, 2nd edition, 2001. Google ScholarDigital Library
- A. Farzan and P. Madhusudan. Causal Atomicity. In CAV, pages 315--328, 2006. Google ScholarDigital Library
- A. Farzan and P. Madhusudan. Monitoring Atomicity in Concurrent Programs. In CAV, pages 52--65, 2008. Google ScholarDigital Library
- C. Flanagan. Verifying Commit-Atomicity Using Model-Checking. In SPIN, pages 252--266, 2004.Google Scholar
- C. Flanagan and S. N. Freund. Atomizer: A Dynamic Atomicity Checker for Multithreaded Programs. SCP, 71(2):89--109, 2008. Google ScholarDigital Library
- C. Flanagan and S. N. Freund. The RoadRunner Dynamic Analysis Framework for Concurrent Programs. In PASTE, pages 1--8, 2010. Google ScholarDigital Library
- C. Flanagan, S. N. Freund, M. Lifshin, and S. Qadeer. Types for Atomicity: Static Checking and Inference for Java. TOPLAS, 30(4):20:1--20:53, 2008. Google ScholarDigital Library
- C. Flanagan, S. N. Freund, and J. Yi. Velodrome: A Sound and Complete Dynamic Atomicity Checker for Multithreaded Programs. In PLDI, pages 293--303, 2008. Google ScholarDigital Library
- C. Flanagan and S. Qadeer. A Type and Effect System for Atomicity. In PLDI, pages 338--349, 2003. Google ScholarDigital Library
- S. Freund, 2013. Personal communication.Google Scholar
- J. L. Greathouse, Z. Ma, M. I. Frank, R. Peri, and T. Austin. Demand-Driven Software Race Detection using Hardware Performance Counters. In ISCA, pages 165--176, 2011. Google ScholarDigital Library
- C. Hammer, J. Dolby, M. Vaziri, and F. Tip. Dynamic Detection of Atomic-Set-Serializability Violations. In ICSE, pages 231--240, 2008. Google ScholarDigital Library
- J. Hatcliff, Robby, and M. B. Dwyer. Verifying Atomicity Specifications for Concurrent Object-Oriented Software using Model-Checking. In VMCAI, pages 175--190, 2004.Google ScholarCross Ref
- M. Herlihy and J. E. B. Moss. Transactional Memory: Architectural Support for Lock-Free Data Structures. In ISCA, pages 289--300, 1993. Google ScholarDigital Library
- L. Lamport. Time, Clocks, and the Ordering of Events in a Distributed System. CACM, 21(7):558--565, 1978. Google ScholarDigital Library
- B. R. Liblit. Cooperative Bug Isolation. PhD thesis, University of California at Berkeley, 2004. Google ScholarDigital Library
- S. Lu, S. Park, E. Seo, and Y. Zhou. Learning from Mistakes: A Comprehensive Study on Real World Concurrency Bug Characteristics. In ASPLOS, pages 329--339, 2008. Google ScholarDigital Library
- S. Lu, J. Tucek, F. Qin, and Y. Zhou. AVIO: Detecting Atomicity Violations via Access-Interleaving Invariants. In ASPLOS, pages 37--48, 2006. Google ScholarDigital Library
- B. Lucia, J. Devietti, K. Strauss, and L. Ceze. Atom-Aid: Detecting and Surviving Atomicity Violations. In ISCA, pages 277--288, 2008. Google ScholarDigital Library
- C.-S. Park and K. Sen. Randomized Active Atomicity Violation Detection in Concurrent Programs. In FSE, pages 135--145, 2008. Google ScholarDigital Library
- S. Park, S. Lu, and Y. Zhou. CTrigger: Exposing Atomicity Violation Bugs from Their Hiding Places. In ASPLOS, pages 25--36, 2009. Google ScholarDigital Library
- S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A Dynamic Data Race Detector for Multi-Threaded Programs. In SOSP, pages 27--37, 1997. Google ScholarDigital Library
- A. Sinha, S. Malik, C. Wang, and A. Gupta. Predictive Analysis for Detecting Serializability Violations through Trace Segmentation. In MEMOCODE, pages 99--108, 2011.Google ScholarDigital Library
- L. A. Smith, J. M. Bull, and J. Obdrzálek. A Parallel Java Grande Benchmark Suite. In SC, pages 8--8, 2001. Google ScholarDigital Library
- F. Sorrentino, A. Farzan, and P. Madhusudan. PENELOPE: Weaving Threads to Expose Atomicity Violations. In FSE, pages 37--46, 2010. Google ScholarDigital Library
- W. N. Sumner, C. Hammer, and J. Dolby. Marathon: Detecting Atomic-Set Serializability Violations with Conflict Graphs. In RV, pages 161--176, 2012. Google ScholarDigital Library
- U.S.--Canada Power System Outage Task Force. Final Report on the August 14th Blackout in the United States and Canada. Technical report, Department of Energy, 2004.Google Scholar
- C. von Praun and T. R. Gross. Static Conflict Analysis for Multi-Threaded Object-Oriented Programs. In PLDI, pages 115--128, 2003. Google ScholarDigital Library
- L. Wang and S. D. Stoller. Accurate and Efficient Runtime Detection of Atomicity Errors in Concurrent Programs. In PPoPP, pages 137--146, 2006. Google ScholarDigital Library
- L. Wang and S. D. Stoller. Runtime Analysis of Atomicity for Multi-threaded Programs. IEEE TSE, 32:93--110, 2006. Google ScholarDigital Library
- M. Xu, R. Bodík, and M. D. Hill. A Serializability Violation Detector for Shared-Memory Server Programs. In PLDI, pages 1--14, 2005. Google ScholarDigital Library
- X. Yang, S. M. Blackburn, D. Frampton, and A. L. Hosking. Barriers Reconsidered, Friendlier Still! In ISMM, pages 37--48, 2012. Google ScholarDigital Library
- X. Yang, S. M. Blackburn, D. Frampton, J. B. Sartor, and K. S. McKinley. Why Nothing Matters: The Impact of Zeroing. In OOPSLA, pages 307--324, 2011. Google ScholarDigital Library
Index Terms
- DoubleChecker: efficient sound and precise atomicity checking
Recommendations
DoubleChecker: efficient sound and precise atomicity checking
PLDI '14Atomicity is a key correctness property that allows programmers to reason about code regions in isolation. However, programs often fail to enforce atomicity correctly, leading to atomicity violations that are difficult to detect. Dynamic program ...
Polymorphic bytecode instrumentation
Bytecode instrumentation is a widely used technique to implement aspect weaving and dynamic analyses in virtual machines such as the Java virtual machine. Aspect weavers and other instrumentations are usually developed independently and combining them ...
TxRace: Efficient Data Race Detection Using Commodity Hardware Transactional Memory
ASPLOS '16Detecting data races is important for debugging shared-memory multithreaded programs, but the high runtime overhead prevents the wide use of dynamic data race detectors. This paper presents TxRace, a new software data race detector that leverages ...
Comments