Download
1 / 24
240 likes | 397 Vues
Efficient Model Checking of Data Races with Automatically-extracted Distance-based Fitness Functions. João Paulo, Elton Alves , Marcelo Damorim , Fernando Castor.
E N D
Efficient Model Checking of Data Races withAutomatically-extracted Distance-based Fitness Functions João Paulo, Elton Alves, Marcelo Damorim, Fernando Castor
“The biggest sea change in software development since the OO revolution is knocking at the door, and its name is Concurrency”. Herb Sutter
Concurrent Programming • Is too hard! • Error prone • It’s difficult to debug and find errors • Most programmers thinks that know how to do it, but they don’t • NonDeterminism, Deadlocks, Data Races…
Race Condition publicclass Ref { inti; voidinc() { int t = i + 1; i = t; } publicstaticvoid main(String args[]){ final Ref ref = new Ref(); new Thread(new Runnable(){ publicvoid run(){ ref.inc(); } }).start(); new Thread(new Runnable(){ publicvoid run(){ ref.inc(); } }).start(); assertref.i == 2; } } A race condition occurs if • two threads access a shared variable at the same time without synchronization • at least one of those accesses is a write
Guarantees the mutual exclusion • Field Guarded by Lock • Lock acquired before the thread enter in block • Ensure race freedom publicclass Ref { inti; voidinc() { synchronized(this) { intt = i + 1; i= t; } } publicstaticvoid main(String args[]) { final Ref ref = new Ref(); new Thread(new Runnable() { publicvoid run() { ref.inc(); } }).start(); new Thread(new Runnable() { publicvoid run() { ref.inc(); } }).start(); assertref.i == 2; } }
So, we need (an easy) way to discover these kind error
Program Model Checking • It performs model checking directly into the code • Rigorous method that exhaustively explores all possible SUT behaviors • Is it a test?
Model Checking Fonte: http://babelfish.arc.nasa.gov/trac/jpf/wiki/intro/testing_vs_model_checking
Java PathFinder(JPF) • An explicit state software model checker • Focus is on finding bugs in Java programs • Developed by NASA since 1999 • Turned Open Source in 2005 • State Explosion problem
How JPF Works • Backtracking • State Matching • Partial Order Reduction • Listener
How do we DetectPotencialRaces? • Using a customized JPF listener • For each PUTFIELD or GETFIELD • Get Object Reference • Get the accessed Field • Get Current Thread • Get Current Instruction • Get the set of Acquireds Locks
How do we DetectPotencialRaces?[2] • So, we have a report like this:
How do we DetectPotencialRaces?[3] • which can be simplified for this
How good is our solution? • Running Subject account , input 6 • JPF go through 27.670 states • The solution converges in just 67 states • = 0,002 < 1 % of search State
Our Research Idea • Guide Model Checking • Attempt to Avoid State explosion • Uses heuristics to classifies a given a state • Interesting State has value 0 • Boring State has value Integer.Max • Uses distance based fitness function
Our work-in-progress • Find a heuristic function to guide the Model Checking • Evaluate the function • This is harder than we thought
Our work-in-progress[2] CallTrace cg; /* computed on-the-fly */ AccessPair[] goals; /* computed on-the-fly */ MethodInfo driver; /* test driver */ inteval(State jpfState) { ThreadInfo[] tis = jpfState.threadInfos(); TraceInfoti = cg.getTrace(); for(int i=0; i<tis.length; i++) { MethodInfo ma = tis[j].getCurrentMethod(); foreach p:Pair in goals { int d = dist(ti, p.mx) * dist(ti, p.my); if (d < min) min = d; } } return min; } intdist(TraceInfotSource, MethodInfomDest) { int result = shortestPath(cg, tSource, mDest); if (result == -1) { // mDest not reachable from mSource return shortestPathFromDriver(cg, driver, mSource, mDest); } }
If we are not so good to do it… • The research goal could moves to compare the ‘potencial data race’ finded with other approaches
