1 / 12

Understanding Bugs in System Code: A Detailed Analysis

Explore the nuances of bugs in system code, from deviant behavior to data race detection. Learn how to identify and fix errors, and delve into statistical and intentional race scenarios.

ecockrell
Download Presentation

Understanding Bugs in System Code: A Detailed Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Bugs (part 1) CPS210 Spring 2006

  2. Papers • Bugs as Deviant Behavior: A General Approach to Inferring Errors in System Code • Dawson Engler • Eraser: A Dynamic Data Race Detector for Multithreaded Programs • Stefan Savage

  3. Take a deep breath • One month is over, 2.5 left • 15 papers down, 19 to go • (the reading schedule lightens) • Done with most “core OS” topics • Address spaces, page tables, threads, etc

  4. What’s left • Various forms of IO • e.g. networking and storage • Broader system properties • e.g. reliability and security • Projects!

  5. Dealing with bugs • We know how to build systems • How do we fix the ones we’re stuck with? • What is a buggy program? • One that behaves “incorrectly”

  6. What does “correct” look like? • At the macro-level this is really hard • Need to know user expectations • Need to know programmers intentions • Easier to look at a micro-level • Are variables used as we expect? • Are primitives used as we expect?

  7. Consistency example • int mxser_write (strcut ttyp_struct *tty) { // B(tty)=unknown • struct msxer_sstruct *info = tty>driver_data; // B(tty)=notnull • unsigned long flags; • if (!tty || !info->xmit_buf) // B(tty)=null,notnull • return 0; • … Beliefs are MUST beliefs

  8. Example template • T = “do not dereference null pntr <p>” • Slote instance p • Belief set Bp • {}, {null}, {notnull}, {null, notnull} • Which actions matter? • Pointer dereferences, comparisons to null

  9. Statistical analysis example • lock l; // lock • int a,b; // variables potentially protected byl • void foo () { • lock (l); // enter critical section • a = a + b; // MAY:a, bprotected byl • unlock (l); // exit critical section • b = b + 1; // MUST:bnot protected byl • } • void bar () { • lock (l); • a = a + 1; // MAY:aprotected byl • unlock (l); • } • void baz () { • a = a + 1; // MAY:aprotected byl • unlock (l); • b = b – 1; // MUST:bnot protected byl • a = a / 5; // MUST:anot protected byl • } check check check check (ERROR) T = variable <v> must be protected by lock <l> Slot combination = (a,l)

  10. Statistical analysis example • lock l; // lock • int a,b; // variables potentially protected byl • void foo () { • lock (l); // enter critical section • a = a + b; // MAY:a, bprotected byl • unlock (l); // exit critical section • b = b + 1; // MUST:bnot protected byl • } • void bar () { • lock (l); • a = a + 1; // MAY:aprotected byl • unlock (l); • } • void baz () { • a = a + 1; // MAY:aprotected byl • unlock (l); • b = b – 1; // MUST:bnot protected byl • a = a / 5; // MUST:anot protected byl • } check check (ERROR) check (ERROR) T = variable <v> must be protected by lock <l> Slot combination = (b,l)

  11. C(v) changes Errors reported C(v) does not change C(v) changes No errors reported Eraser variable state machine Virgin wr wr, new thread Exclusive Shared- modified rd/wr, first thread rd Shared rd, new thread wr

  12. Intentional races • if (p->ip_fp == (NI2_XFILE *) 0) { // fpntr set? • NI2_LOCKS_LOCK (&p->ip_lock); // acq lock • if (p->ip_fp == (NI2_XFILE *) 0) { // fpntr set since we last checked? • p->ip_fp = ni2_xfopen (p->ip_name, “rb”); • } • NI2_LOCKS_UNLOCK (&p->ip_lock); // rel lock • } • … // no locking overhead if fpntr set

More Related