1 / 24

João Paulo, Elton Alves , Marcelo Damorim , Fernando Castor

Efficient Model Checking of Data Races with Automatically-extracted Distance-based Fitness Functions. João Paulo, Elton Alves , Marcelo Damorim , Fernando Castor.

elvin
Download Presentation

João Paulo, Elton Alves , Marcelo Damorim , Fernando Castor

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Efficient Model Checking of Data Races withAutomatically-extracted Distance-based Fitness Functions João Paulo, Elton Alves, Marcelo Damorim, Fernando Castor

  2. “The biggest sea change in software development since the OO revolution is knocking at the door, and its name is Concurrency”. Herb Sutter

  3. Concurrent Programming • Is too hard! • Error prone • It’s difficult to debug and find errors • Most programmers thinks that know how to do it, but they don’t • NonDeterminism, Deadlocks, Data Races…

  4. Race Condition publicclass Ref { inti; voidinc() { int t = i + 1; i = t; } publicstaticvoid main(String args[]){ final Ref ref = new Ref(); new Thread(new Runnable(){ publicvoid run(){ ref.inc(); } }).start(); new Thread(new Runnable(){ publicvoid run(){ ref.inc(); } }).start(); assertref.i == 2; } } A race condition occurs if • two threads access a shared variable at the same time without synchronization • at least one of those accesses is a write

  5. Guarantees the mutual exclusion • Field Guarded by Lock • Lock acquired before the thread enter in block • Ensure race freedom publicclass Ref { inti; voidinc() { synchronized(this) { intt = i + 1; i= t; } } publicstaticvoid main(String args[]) { final Ref ref = new Ref(); new Thread(new Runnable() { publicvoid run() { ref.inc(); } }).start(); new Thread(new Runnable() { publicvoid run() { ref.inc(); } }).start(); assertref.i == 2; } }

  6. So, we need (an easy) way to discover these kind error

  7. And there’s some tools to help us…

  8. Program Model Checking • It performs model checking directly into the code • Rigorous method that exhaustively explores all possible SUT behaviors • Is it a test?

  9. Model Checking Fonte: http://babelfish.arc.nasa.gov/trac/jpf/wiki/intro/testing_vs_model_checking

  10. Java PathFinder(JPF) • An explicit state software model checker • Focus is on finding bugs in Java programs • Developed by NASA since 1999 • Turned Open Source in 2005 • State Explosion problem

  11. State Explosion

  12. How JPF Works • Backtracking • State Matching • Partial Order Reduction • Listener

  13. How do we DetectPotencialRaces? • Using a customized JPF listener • For each PUTFIELD or GETFIELD • Get Object Reference • Get the accessed Field • Get Current Thread • Get Current Instruction • Get the set of Acquireds Locks

  14. How do we DetectPotencialRaces?[2] • So, we have a report like this:

  15. How do we DetectPotencialRaces?[3] • which can be simplified for this

  16. How good is our solution? • Running Subject account , input 6 • JPF go through 27.670 states • The solution converges in just 67 states • = 0,002 < 1 % of search State

  17. But we have some false positives…

  18. And we don´t want them.

  19. Our Research Idea • Guide Model Checking • Attempt to Avoid State explosion • Uses heuristics to classifies a given a state • Interesting State has value 0 • Boring State has value Integer.Max • Uses distance based fitness function

  20. Our work-in-progress • Find a heuristic function to guide the Model Checking • Evaluate the function • This is harder than we thought 

  21. Our work-in-progress[2] CallTrace cg; /* computed on-the-fly */ AccessPair[] goals; /* computed on-the-fly */ MethodInfo driver; /* test driver */ inteval(State jpfState) { ThreadInfo[] tis = jpfState.threadInfos(); TraceInfoti = cg.getTrace(); for(int i=0; i<tis.length; i++) { MethodInfo ma = tis[j].getCurrentMethod(); foreach p:Pair in goals { int d = dist(ti, p.mx) * dist(ti, p.my); if (d < min) min = d; } } return min; } intdist(TraceInfotSource, MethodInfomDest) { int result = shortestPath(cg, tSource, mDest); if (result == -1) { // mDest not reachable from mSource return shortestPathFromDriver(cg, driver, mSource, mDest); } }

  22. If we are not so good to do it… • The research goal could moves to compare the ‘potencial data race’ finded with other approaches 

  23. Thanks

More Related