Hybrid Dynamic Data Race Detection

1. Hybrid Dynamic Data Race Detection Robert O'Callahan and Jong-Deok Choi 2011.11.23 OSLab Meng Ying

2. Contents 1 3 2 8 5 6 7 4 Introduction Lockset-Based Race Detection Happens-Before Race Detection Relationship Between Happens-Before Detection and Lockset-Based Detection Hybrid Race Detection Efficient Hybrid Detection Implementation Experimental Results

3. Introduction • Data Race • A data race occurs in a multithreaded program when two threads access the same memory location with no ordering constraints enforced between the accesses, such that at least one of the accesses is a write. • Programs with data races is notoriously difficult to debug. • Because they can exhibit different behaviors when executed repeatedly with the same set of inputs.

4. GF_w1 CHILD CT_R3 main GF_R5 CT_R4 CT_w6 CT_R7 Introduction MAIN

5. Lockeset-Based Detection Happens-Before Detection Introduction • Where a race is deemed to have occurred if two threads access a shared memory location without holding a common lock. • Where a race is deemed to have occurred if two threads access a shared memory location and the accesses are causally unordered in a precise sense as defined by Lamport.

6. MAIN CT_w6 GF_R5 GF_w1 CT_R3 CT_R4 CT_R7 CHILD main Lockset-Based Race Detection • The Lockset Hypothesis • IsPotentialLocksetRace(i, j) = ei = MEM(mi, ai, ti) ∧ ej = MEM(mj, aj, tj) ∧ ti ≠tj ∧ mi = mj ∧ (ai = WRITE ∨ aj = WRITE) ∧ Li(ti) ∩ Lj(tj) = 0

7. Happens-Before Race Detection • If ei and ej are events in the same thread, and ei comes before ej, then i → j. • Thread(ei) = Thread(ej) ^ i < j ⇒ i → j • If ei is the sending of message g and ej is the reception of g, then i → j. • ei = SND(g, t1) ^ ej = RCV(g, t2) ⇒ i → j • Happens-before is transitively closed. • i → j ^ j → k ⇒ i → k

8. MAIN CT_w6 GF_R5 GF_w1 CT_R3 CT_R4 CT_R7 CHILD main Happens-Before Race Detection • Happens-Before Race Detection • IsPotentialHBRace(i, j) = ei = MEM(mi, ai, ti) ∧ ej = MEM(mj, aj, tj) ∧ ti ≠tj ∧ mi = mj ∧ (ai = WRITE ∨ aj = WRITE) ∧ ￢(i → j) ∧ ￢(j → i)

9. Lockeset-Based Detection Happens-Before Detection Relationship Between Happens-Before Detection and Lockset-Based Detection • implemented with low overhead, atleast whenwhole program staticanalysis is available. • can lead false positives. • would detect some real bugs thatmay fail to detect by happens-before detection. • difficult to implement efficiently. • produces fewer false positives than lockset-based detection. • may miss races, reports only "real races" that are a subset of the races reported by lockset-based detection.

10. Hybrid Race Detection • Approach • starts with a lockset-based detector and to add limited happens-before checking. (start(), join(), wait(), notify().) • provides the ability for the user to mark arbitrary Java method. • does not create thread message corresponding to shared memory write/read or write/write pairs. • does not create thread message for lock release/acquire pairs. • Hybrid Race Detection • IsPotentialHybridRace(i, j) = ei = MEM(mi, ai, ti) ∧ ej = MEM(mj, aj, tj) ∧ ti ≠tj ∧ mi = mj ∧ (ai = WRITE ∨ aj = WRITE) ∧ Li(ti) ∩ Lj(tj) = 0 ∧ ￢(i →j) ∧ ￢(j →i) . .

11. R1 W2 W3 R4 W5 R1 W2 L1 L2 Efficient Hybrid Detection • The Lockset-Subset Condition • IsRedundantLocksetSubset(i, n) = ei = MEM(m, ai, ti) ∧ en = MEM(m, an, tn) ∧ ti = tn ∧ (ai = WRITE ∨ ai = an) ∧ Li(ti) ⊂ Ln(tn) ∧Vi(ti)(ti) = Vn(tn)(tn) L1

12. Efficient Hybrid Detection • The Oversized Lockset Condition • The number of locks held by a thread at any one time is very small. • But, for a new event to not be redundant, the size of the lockset of future racing events must be very large. • This paper determines a priori bound on the number of locks a thread can hold at one time.

13. Implementation • Two-Phase Mode Selection • The overhead of detailed detection is too high to apply it to every memory location in a program. • First : run the race detector in a low-overhead “simple” mode which is much less accurate but much more efficient than the detailed mode. • Second: rerun the detector in detailed mode, instrumenting accesses to only these "race-prone" fields.

14. Implementation • Simple Mode • is not necessary to this approach. • behaves almost identically to the lockset-based detector, Eraser. • reports a race if there is at least one write, not all accesses are performed by the same thread, and there is no lock that is held by all accesses.

15. Implementation • Instrumentation • This approach inserts probes into Java programs by modifying their bytecodes. • Bytecode instrumentation allows the users to analyze programs without source available. • Handling Class Initializers • While a thread is initializing a class C, accesses it performs to static fields of C cannot race with any other accesses to those fields. • This paper do not instrument accesses to static fields of C by C’s initializer.

16. Implementation • Debugging Support • In large programs, it can be difficult to understand the behavior that leads to a potential data race. • Detailed mode reports the name of the thread, the type of the access, the set of locks held, and full stack trace for each of the two accesses deemed to be a potential race. • This detector reports a potential race as soon as the second racing event occurs.

17. Benchmarks Experimental Results Table1:Benchmark programs and their characteristics

18. Experimental Results • Performance • Environment • 2GHz Pentium-4 machine with 1.5GB memory • IBM JDK 1.3.1 with initial and maximum heap size set to 1GB • Results Table2: Runtime Performance

19. Experimental Results • Accuracy Table3: Number of Fields With Dataraces Reported (classified as Bugs-Benign-False)

20. Thandk You!!