Detecting Access Anomalies in Programs with Critical Sections

1. Detecting Access Anomalies in Programs with Critical Sections Anne Dinning Edith Schonberg 2010. 4. 3 OSLab

2. Access Anomaly • At least one access is a write • The two tasks do not synchronize between the accesses i = 2 i = 1 doall i = 1, N … X := i + 7 endall Y := X * 3 X := i + 7 X := i + 7 8 = 1 + 7 9 = 2 + 7 Y := X * 3 i = 1: 24 = 8 * 3 i = 2: 27 = 9 * 3 nondeterministic result

3. task-create (3) X := Y lock (L) lock (L) lock (L) Y := Y + i Y := Y + i Y := Y + i unlock (L) unlock (L) unlock (L) X := i task-terminate ( ) POEG (Partial Order execution Graph) Vertices - parallel operations (task create/terminate, lock/unlock) - an instruction block Edges - execution ordering of parallel operations

4. On-the-fly detection • Advantage • diagnostic precision • space efficient (cf. traced-based methods) • Restriction • SISE property (single input, single execution) • A single execution instance is sufficient to determine the existence of an anomaly for a given input.

5. On-the-fly detection using the POEG • Information • Which blocks are ordered (tag) • What variables are accessed by each block • Access history • Readers (X), Writers (X) (a variable X) • Only the most recent accesses Readers (X) Writers (X) The maximum parallelism Of the program At most of a single tag • guaranteed to detect at least one anomaly

6. procedure Check-Read(X) for all a in Writers(X) do if not Ordered(current-tag, a) then report Access Anomaly endfor end procedure procedure Check-Write(X) for all a in Readers(X) U Writers(X) do if not Ordered(current-tag, a) then report Access Anomaly endfor end procedure Check for Read and Write Events procedure Subtract-Read(X) for all a in Readers(X) do if Ordered(current-tag, a) then delete a from Readers(X) endfor add current-tag to Readers(X) end procedure procedure Subtract-Write(X) Readers(X) = Ø Writers(X) = {current-tag} end procedure Subtraction for Read and Write Events

7. Problems with POEG representation task-create (3) X := Y lock (L) lock (L) lock (L) Y := Y + i Y := Y + i Y := Y + i unlock (L) unlock (L) unlock (L) X := i task-terminate ( )

8. r L L w Properties of unlock-lock edges • Accesses inside critical sections protected by the same lock L never appear as access anomalies • Accesses that occur before and after critical sections, as well as accesses within critical sections, are ordered by these edges. L L r w

9. Lock Covers task-create (3) X := Y • Lock Cover (LC) • the set of the locks (a block B) lock (L) lock (L) lock (L) Y := L Y + i Y := L Y + i Y :=L Y + i unlock (L) unlock (L) unlock (L) X := i task-terminate ()

10. Anomaly detection using Lock Covers • Access History Readers (X) Writers (X) The maximum parallelism of the program At most of a single tag Readers (X) Writers (X) The maximum parallelism of the program At most of a single tag CS-Readers (X) CS-Writers (X) <tag, lock cover> <tag, lock cover>

11. Detection using LC task-create (3) <tag> <tag, lc> 1 X := Y 1 lock (L) 2 3 1 lock (L) lock (L) 5 4 1 3 4 7 6 5 3 2 5 6 7 1 3 Y := L Y + i Y := L Y + i Y :=L Y + i 5 1 7 8 3 Access History (Y) unlock (L) unlock (L) unlock (L) 8 1-3 1-5 5-8 7-8 X := i X := i Report Access Anomaly task-terminate ()

12. B1 B3 X := L1 B2 B4 X := L1, L2 X := L2 X := L2 Nested lock Hidden Anomaly

13. Non-SISE S := 1 doalli = 1, 2 A[i] := … lock(L) j := S S := S + 1 unlock(L) if (j = 1) then A[1] := … endall A[1] := A[2] := lock (L) lock (L) j := S S := S + 1 j := S S := S + 1 unlock (L) unlock (L) A[1] := Static analysis approach, based on program slicing

14. False Anomalies A[j] := … lock(L) enqueue(j) Unlock(L) lock(L) k := dequeue(j) Unlock(L) … := A[k] A[j] := lock (L) lock (L) k := dequeue(j) enqueue(j) unlock (L) unlock (L) := A[k] * j and k are private variables