Fully Automatic and Precise Detection of Thread Safety Violations
Size: px
Start display at page:

Download "Fully Automatic and Precise Detection of Thread Safety Violations"

Transcription

1 Fully Automatic and Precise Detection of Thread Safety Violations Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1

2 Motivation Thread-safe classes: Building blocks for concurrent programs 2

3 Motivation Thread-safe classes: Building blocks for concurrent programs 2

4 Motivation Thread-safe classes: Building blocks for concurrent programs 2

5 Example from JDK b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 3

6 Example from JDK b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1)! IndexOutOfBoundsException Confirmed as bug: Issue #

7 Example from JDK b.append("abc") b.insert(1, b) How to test Thread 1 Thread 2 b.deletecharat(1) thread safety?! IndexOutOfBoundsException Confirmed as bug: Issue #

8 Goal Automatic and precise bug detection Class Tool Thread safety violations 4

9 Goal Automatic and precise bug detection Tests Class Formal specs Tool Thread safety violations False positives 4

10 Goal Automatic and precise bug detection Class Tool Thread safety violations 4

11 Thread-Safe Classes behaves correctly when accessed from multiple threads... with no additional synchronization... (in the) calling code page 18 5

12 Thread-Safe Classes behaves correctly when accessed from multiple threads... with no additional synchronization... (in the) calling code page 18 5

13 Thread-Safe Classes behaves correctly when accessed from multiple threads... with no additional synchronization... (in the) calling code page 18 5

14 Thread-Safe Classes behaves correctly when accessed from multiple threads... with no additional synchronization... (in the) calling code page 18 operations... behave as if they occur in some serial order that is consistent with the order of the method calls made by each of the individual threads StringBuffer API documentation, JDK 6 5

15 Thread-Safe Classes behaves correctly when accessed from multiple threads... with no additional synchronization... (in the) calling code page 18 operations... behave as if they occur in some serial order that is consistent with the order of the method calls made by each of the individual threads StringBuffer API documentation, JDK 6 5

16 Example Thread 1 Thread 2 b.append("a") b.append("b") b.append("c") 6

17 Example Thread 1 Thread 2 b.append("a") b.append("b") b.append("c") "abc" "cab" "acb" "ac" 6

18 Example Thread 1 Thread 2 b.append("a") b.append("b") b.append("c") "abc" "cab" "acb" "ac" 6

19 Example Thread 1 Thread 2 b.append("a") b.append("b") b.append("c") "abc" "cab" "acb" "ac" 6

20 Example Thread 1 Thread 2 b.append("a") b.append("b") b.append("c") "abc" "cab" "acb" "ac" 6

21 Example Thread 1 Thread 2 b.append("a") b.append("b") b.append("c") "abc" "cab" "acb" "ac" 6

22 Approach Class under test (CUT) Generate a concurrent test Execute Thread safety oracle Bug 7

23 Approach Class under test (CUT) Generate a concurrent test Execute Thread safety oracle Bug 7

24 Approach Class under test (CUT) Generate a concurrent test Execute Thread safety oracle Bug 7

25 Generating Concurrent Tests Example: b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 8

26 Generating Concurrent Tests Example: Sequential prefix: Create and set up CUT instance b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 8

27 Generating Concurrent Tests Example: b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) Concurrent suffixes: Use shared CUT instance 8

28 Test Generation Algorithm 1. Create prefix Instantiate CUT Call methods 2. Create suffixes for prefix Call methods on shared CUT instance 3. Prefix + two suffixes = test 9

29 Creating a Prefix 1. Create prefix Instantiate CUT Call methods b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

30 Creating a Prefix 1. Create prefix Instantiate CUT Call methods Randomly select a constructor b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

31 Creating a Prefix 1. Create prefix Instantiate CUT Call methods Randomly select a constructor b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

32 Creating a Prefix 1. Create prefix Instantiate CUT After adding a call: Execute Call methods b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

33 Creating a Prefix 1. Create prefix Instantiate CUT After adding a call: Execute Call methods b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

34 Creating a Prefix 1. Create prefix Instantiate CUT Call methods Randomly select a method b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

35 Creating a Prefix 1. Create prefix Instantiate CUT Call methods Randomly select a method b.append(/* b.append("abc") String */) Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

36 Creating a Prefix 1. Create prefix Instantiate CUT Call methods Arguments: a) Take available object b) Call method returning required type c) Random value b.append(/* b.append("abc") String */) Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

37 Creating a Prefix 1. Create prefix Instantiate CUT Call methods Arguments: a) Take available object b) Call method returning required type c) Random value b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

38 Creating a Prefix 1. Create prefix Instantiate CUT After adding a call: Execute Call methods b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

39 Creating a Prefix 1. Create prefix Instantiate CUT After adding a call: Execute Call methods b.append("abc") b.insert(1, b) Thread 1 Thread 2 b.deletecharat(1) 10

40 Creating a Prefix 1. Create prefix Instantiate CUT Call methods b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 10

41 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance 11

42 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance b.append("abc") b.insert(1, b) 11

43 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance Randomly select a method b.append("abc") b.insert(1, b) 11

44 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance Randomly select a method b.append("abc") b.insert(1, b.insert(/* int b) */, /* CharSequence */) 11

45 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance Arguments: a) Take available object b) Call method returning required type c) Random value b.append("abc") b.insert(1, b.insert(/* int b) */, /* CharSequence */) 11

46 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance Arguments: a) Take available object b) Call method returning required type c) Random value b.append("abc") b.insert(1, b.insert(-5, b) b) 11

47 Creating Suffixes 2. Create suffixes for prefix After adding a call: Execute Call methods on shared CUT instance b.append("abc") b.insert(1, b.insert(-5, b) b) 11

48 Creating Suffixes 2. Create suffixes for prefix After adding a call: Execute Call methods on shared CUT instance b.append("abc") b.insert(1, b.insert(-5, b) b)! 11

49 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance Arguments: a) Take available object b) Call method returning required type c) Random value b.append("abc") b.insert(1, b.insert(/* int b) */, /* CharSequence */) 11

50 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance Arguments: a) Take available object b) Call method returning required type c) Random value b.append("abc") b.insert(1, b) 11

51 Creating Suffixes 2. Create suffixes for prefix After adding a call: Execute Call methods on shared CUT instance b.append("abc") b.insert(1, b) 11

52 Creating Suffixes 2. Create suffixes for prefix After adding a call: Execute Call methods on shared CUT instance b.append("abc") b.insert(1, b) 11

53 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance b.append("abc") b.insert(1, b) 11

54 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance b.append("abc") b.insert(1, b) b.deletecharat(1) 11

55 Creating Suffixes 2. Create suffixes for prefix After adding a call: Execute Call methods on shared CUT instance b.append("abc") b.insert(1, b) b.deletecharat(1) 11

56 Creating Suffixes 2. Create suffixes for prefix After adding a call: Execute Call methods on shared CUT instance b.append("abc") b.insert(1, b) b.deletecharat(1) 11

57 Creating Suffixes 2. Create suffixes for prefix Call methods on shared CUT instance b.append("abc") b.insert(1, b) b.deletecharat(1) 11

58 Creating a Test 3. Prefix + two suffixes = test 12

59 Creating a Test 3. Prefix + two suffixes = test b.append("abc") b.insert(1, b) b.deletecharat(1) 12

60 Creating a Test 3. Prefix + two suffixes = test Spawn new thread for each suffix b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 12

61 Approach Class under test (CUT) Generate a concurrent test Execute Thread safety oracle Bug 13

62 Approach Class under test (CUT) Generate a concurrent test Execute Thread safety oracle Bug 13

63 Thread Safety Oracle Does the test execution expose a thread safety violation? Focus on exceptions and deadlocks Compare concurrent execution to linearizations 14

64 Assumptions Concurrency-only crashes are undesired Matches definition of thread safety Control over all input to tests Sequential execution: Deterministic 15

65 Linearizations Put all calls into one thread Preserve order of calls within a thread 16

66 Linearizations Put all calls into one thread Preserve order of calls within a thread

67 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

68 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

69 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

70 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

71 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

72 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

73 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

74 The Oracle Execute concurrently Exception or deadlock? No Yes Execute linearization Same failure? Yes No All linearizations checked Thread safety violation 17

75 Example b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1) 18

76 Example b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1)! 18

77 Example b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1)! StringBuffer b =.. b.append("abc") b.insert(1, b) b.deletecharat(1) 18

78 Example b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1)! StringBuffer b =.. b.append("abc") b.insert(1, b) b.deletecharat(1) StringBuffer b =.. b.append("abc") b.deletecharat(1) b.insert(1, b) 18

79 Example b.append("abc") Thread 1 Thread 2 b.insert(1, b) b.deletecharat(1)! Thread safety violation StringBuffer b =.. b.append("abc") b.insert(1, b) b.deletecharat(1) StringBuffer b =.. b.append("abc") b.deletecharat(1) b.insert(1, b) 18

80 Properties of the Oracle Sound but incomplete * All reported violations are real Cannot guarantee thread safety Independent of bug type Data races Atomicity violations Deadlocks * with respect to incorrectness 19

81 Implementation 20

82 Evaluation 1. Effectiveness in finding bugs 2. Performance Setup: Thread-safe classes from six Java libraries (e.g., JDK, Apache DBCP) Intel Xeon (8x3GHz) 21

83 Bugs Found 15 bugs and 0 false positives 9 known bugs 6 previously unknown bugs E.g., in JDK and Apache DBCP 22

84 Example: Apache DBCP DataSource ds = new DataSource() Thread 1 Thread 2 ds.setdatasourcename("a") ds.close() 23

85 Example: Apache DBCP DataSource ds = new DataSource() Thread 1 Thread 2 ds.setdatasourcename("a") ds.close()! ConcurrentModificationException Reason: Unsynchronized use of thread-unsafe collection Confirmed as bug: Issue #369 23

86 Kinds of Failures 12 of 15 failures are implicit (VM or JDK) Most common: NullPointerException ConcurrentModificationException 24

87 Performance 25

88 Performance 8 hours 25

89 Conclusion Concurrency: More and more important Need tools to test thread-safe classes This work: Fully automatic testing Only real bugs reported 26

90 Thank you! Try it: Fully Automatic and Precise Detection of Thread Safety Violations Michael Pradel and Thomas R. Gross, ETH Zurich 27

Similar documents

FULLY AUTOMATIC AND PRECISE DETECTION OF THREAD SAFETY VIOLATIONS

FULLY AUTOMATIC AND PRECISE DETECTION OF THREAD SAFETY VIOLATIONS FULLY AUTOMATIC AND PRECISE DETECTION OF THREAD SAFETY VIOLATIONS PLDI 2012 by Michael Pradel and Thomas R. Gross ETH Zurich presented by Martin Aigner University of Salzburg May 2, 2013 OVERVIEW The problem

More information

Automatic Testing of Sequential and Concurrent Substitutability

Automatic Testing of Sequential and Concurrent Substitutability Automatic Testing of Sequential and Concurrent Substitutability Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation void bar(foo f) { f.m();... } bar() expects functionality

More information

Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives

Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation API usage

More information

Synchronization SPL/2010 SPL/20 1

Synchronization SPL/2010 SPL/20 1 Synchronization 1 Overview synchronization mechanisms in modern RTEs concurrency issues places where synchronization is needed structural ways (design patterns) for exclusive access 2 Overview synchronization

More information

Finding Concurrency Bugs in Java

Finding Concurrency Bugs in Java July 25, 2004 Background Our Work Recommendations Background Our Work Programmers are Not Scared Enough Java makes threaded programming too easy Language often hides consequences of incorrect synchronization

More information

Introduction to Locks. Intrinsic Locks

Introduction to Locks. Intrinsic Locks CMSC 433 Programming Language Technologies and Paradigms Spring 2013 Introduction to Locks Intrinsic Locks Atomic-looking operations Resources created for sequential code make certain assumptions, a large

More information

ASaP: Annotations for Safe Parallelism in Clang. Alexandros Tzannes, Vikram Adve, Michael Han, Richard Latham

ASaP: Annotations for Safe Parallelism in Clang. Alexandros Tzannes, Vikram Adve, Michael Han, Richard Latham ASaP: Annotations for Safe Parallelism in Clang Alexandros Tzannes, Vikram Adve, Michael Han, Richard Latham Motivation Debugging parallel code is hard!! Many bugs are hard to reason about & reproduce

More information

Static Detection of Brittle Parameter Typing

Static Detection of Brittle Parameter Typing Static Detection of Brittle Parameter Typing Michael Pradel, Severin Heiniger, and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation void m(a a) {... } Object A.. B C D E F 2 Motivation

More information

Practical Concurrency. Copyright 2007 SpringSource. Copying, publishing or distributing without express written permission is prohibited.

Practical Concurrency. Copyright 2007 SpringSource. Copying, publishing or distributing without express written permission is prohibited. Practical Concurrency Agenda Motivation Java Memory Model Basics Common Bug Patterns JDK Concurrency Utilities Patterns of Concurrent Processing Testing Concurrent Applications Concurrency in Java 7 2

More information

Semantic Atomicity for Multithreaded Programs!

Semantic Atomicity for Multithreaded Programs! P A R A L L E L C O M P U T I N G L A B O R A T O R Y Semantic Atomicity for Multithreaded Programs! Jacob Burnim, George Necula, Koushik Sen! Parallel Computing Laboratory! University of California, Berkeley!

More information

Midterm Exam. CS169 Fall November 17, 2009 LOGIN: NAME: SID: Problem Max Points Points TOTAL 100

Midterm Exam. CS169 Fall November 17, 2009 LOGIN: NAME: SID: Problem Max Points Points TOTAL 100 Midterm Exam CS169 Fall 2009 November 17, 2009 Please read all instructions (including these) carefully. Write your name, login, and SID. There are 12 pages in this exam and 6 questions, each with multiple

More information

Processor speed. Concurrency Structure and Interpretation of Computer Programs. Multiple processors. Processor speed. Mike Phillips <mpp>

Processor speed. Concurrency Structure and Interpretation of Computer Programs. Multiple processors. Processor speed. Mike Phillips <mpp> Processor speed 6.037 - Structure and Interpretation of Computer Programs Mike Phillips Massachusetts Institute of Technology http://en.wikipedia.org/wiki/file:transistor_count_and_moore%27s_law_-

More information

Sharing Objects Ch. 3

Sharing Objects Ch. 3 Sharing Objects Ch. 3 Visibility What is the source of the issue? Volatile Dekker s algorithm Publication and Escape Thread Confinement Immutability Techniques of safe publication Assignment 1 Visibility

More information

Java SE 7 Programming

Java SE 7 Programming Oracle University Contact Us: Local: 1800 103 4775 Intl: +91 80 4108 4709 Java SE 7 Programming Duration: 5 Days What you will learn This is the second of two courses that cover the Java Standard Edition

More information

The Java Memory Model

The Java Memory Model Jeremy Manson 1, William Pugh 1, and Sarita Adve 2 1 University of Maryland 2 University of Illinois at Urbana-Champaign Presented by John Fisher-Ogden November 22, 2005 Outline Introduction Sequential

More information

DMP Deterministic Shared Memory Multiprocessing

DMP Deterministic Shared Memory Multiprocessing DMP Deterministic Shared Memory Multiprocessing University of Washington Joe Devietti, Brandon Lucia, Luis Ceze, Mark Oskin A multithreaded voting machine 2 thread 0 thread 1 while (more_votes) { load

More information

Java Memory Model. Jian Cao. Department of Electrical and Computer Engineering Rice University. Sep 22, 2016

Java Memory Model. Jian Cao. Department of Electrical and Computer Engineering Rice University. Sep 22, 2016 Java Memory Model Jian Cao Department of Electrical and Computer Engineering Rice University Sep 22, 2016 Content Introduction Java synchronization mechanism Double-checked locking Out-of-Thin-Air violation

More information

Tom Ball Sebastian Burckhardt Madan Musuvathi Microsoft Research

Tom Ball Sebastian Burckhardt Madan Musuvathi Microsoft Research Tom Ball (tball@microsoft.com) Sebastian Burckhardt (sburckha@microsoft.com) Madan Musuvathi (madanm@microsoft.com) Microsoft Research P&C Parallelism Concurrency Performance Speedup Responsiveness Correctness

More information

Active Testing for Concurrent Programs

Active Testing for Concurrent Programs Active Testing for Concurrent Programs Pallavi Joshi Mayur Naik Chang-Seo Park Koushik Sen 1/8/2009 ParLab Retreat ParLab, UC Berkeley Intel Research Overview Checking correctness of concurrent programs

More information

The New Java Technology Memory Model

The New Java Technology Memory Model The New Java Technology Memory Model java.sun.com/javaone/sf Jeremy Manson and William Pugh http://www.cs.umd.edu/~pugh 1 Audience Assume you are familiar with basics of Java technology-based threads (

More information

Deterministic Shared Memory Multiprocessing

Deterministic Shared Memory Multiprocessing Deterministic Shared Memory Multiprocessing Luis Ceze, University of Washington joint work with Owen Anderson, Tom Bergan, Joe Devietti, Brandon Lucia, Karin Strauss, Dan Grossman, Mark Oskin. Safe MultiProcessing

More information

Heuristics-based Parameter Generation for Java Methods

Heuristics-based Parameter Generation for Java Methods Universität Karlsruhe (TH) Research University founded 1825 Heuristics-based Parameter Generation for Java Methods Michael Kuperberg (mkuper@ipd.uka.de) Fouad Omri (fouad.omri@stud.uni-karlsruhe.de) Chair

More information

A Parameterized Type System for Race-Free Java Programs

A Parameterized Type System for Race-Free Java Programs A Parameterized Type System for Race-Free Java Programs Chandrasekhar Boyapati Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology {chandra, rinard@lcs.mit.edu Data races

More information

Do you have to reproduce the bug on the first replay attempt?

Do you have to reproduce the bug on the first replay attempt? Do you have to reproduce the bug on the first replay attempt? PRES: Probabilistic Replay with Execution Sketching on Multiprocessors Soyeon Park, Yuanyuan Zhou University of California, San Diego Weiwei

More information

Randomized Active Atomicity Violation Detection in Concurrent Programs

Randomized Active Atomicity Violation Detection in Concurrent Programs Randomized Active Atomicity Violation Detection in Concurrent Programs Chang-Seo Park EECS Department, UC Berkeley, CA, USA. parkcs@cs.berkeley.edu Koushik Sen EECS Department, UC Berkeley, CA, USA. ksen@cs.berkeley.edu

More information

A Sophomoric Introduction to Shared-Memory Parallelism and Concurrency Lecture 5 Programming with Locks and Critical Sections

A Sophomoric Introduction to Shared-Memory Parallelism and Concurrency Lecture 5 Programming with Locks and Critical Sections A Sophomoric Introduction to Shared-Memory Parallelism and Concurrency Lecture 5 Programming with Locks and Critical Sections Dan Grossman Last Updated: May 2012 For more information, see http://www.cs.washington.edu/homes/djg/teachingmaterials/

More information

Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts

Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts Toshiyuki Maeda and Akinori Yonezawa University of Tokyo Quiz [Environment] CPU: Intel Xeon X5570 (2.93GHz)

More information

Java SE 7 Programming

Java SE 7 Programming Oracle University Contact Us: +40 21 3678820 Java SE 7 Programming Duration: 5 Days What you will learn This Java Programming training covers the core Application Programming Interfaces (API) you'll use

More information

CSE332: Data Abstractions Lecture 23: Programming with Locks and Critical Sections. Tyler Robison Summer 2010

CSE332: Data Abstractions Lecture 23: Programming with Locks and Critical Sections. Tyler Robison Summer 2010 CSE332: Data Abstractions Lecture 23: Programming with Locks and Critical Sections Tyler Robison Summer 2010 1 Concurrency: where are we Done: The semantics of locks Locks in Java Using locks for mutual

More information

Runtime assertion checking of multithreaded Java programs

Runtime assertion checking of multithreaded Java programs Master Thesis Runtime assertion checking of multithreaded Java programs An extension of the STROBE framework Author: Jorne Kandziora Supervisors: dr. M. Huisman dr. C.M. Bockisch M. Zaharieva-Stojanovski,

More information

CFix. Automated Concurrency-Bug Fixing. Guoliang Jin, Wei Zhang, Dongdong Deng, Ben Liblit, and Shan Lu. University of Wisconsin Madison

CFix. Automated Concurrency-Bug Fixing. Guoliang Jin, Wei Zhang, Dongdong Deng, Ben Liblit, and Shan Lu. University of Wisconsin Madison CFix Automated Concurrency-Bug Fixing Guoliang Jin, Wei Zhang, Dongdong Deng, Ben Liblit, and Shan Lu. University of Wisconsin Madison 1 Bugs Need to be Fixed Buggy software is an unfortunate fact; There

More information

Distributed Systems Programming F29NM1 2. Promela I. Andrew Ireland. School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh

Distributed Systems Programming F29NM1 2. Promela I. Andrew Ireland. School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Distributed Systems Programming F29NM1 Promela I Andrew Ireland School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Distributed Systems Programming F29NM1 2 Overview Basic building

More information

CS 351 Design of Large Programs Singleton Pattern

CS 351 Design of Large Programs Singleton Pattern CS 351 Design of Large Programs Singleton Pattern Brooke Chenoweth University of New Mexico Spring 2019 The Notion of a Singleton There are many objects we only need one of: Thread pools, caches, dialog

More information

Thread Synchronization: Foundations. Properties. Safety properties. Edsger s perspective. Nothing bad happens

Thread Synchronization: Foundations. Properties. Safety properties. Edsger s perspective. Nothing bad happens Edsger s perspective Testing can only prove the presence of bugs Thread Synchronization: Foundations Properties Property: a predicate that is evaluated over a run of the program (a trace) every message

More information

Active Testing for Concurrent Programs

Active Testing for Concurrent Programs Active Testing for Concurrent Programs Pallavi Joshi, Mayur Naik, Chang-Seo Park, Koushik Sen 12/30/2008 ROPAS Seminar ParLab, UC Berkeley Intel Research Overview ParLab The Parallel Computing Laboratory

More information

Program Verification (6EC version only)

Program Verification (6EC version only) Program Verification (6EC version only) Erik Poll Digital Security Radboud University Nijmegen Overview Program Verification using Verification Condition Generators JML a formal specification language

More information

Safety and liveness for critical sections

Safety and liveness for critical sections Safety and liveness for critical sections! At most k threads are concurrently in the critical section A. Safety B. Liveness C. Both! A thread that wants to enter the critical section will eventually succeed

More information

Runtime Atomicity Analysis of Multi-threaded Programs

Runtime Atomicity Analysis of Multi-threaded Programs Runtime Atomicity Analysis of Multi-threaded Programs Focus is on the paper: Atomizer: A Dynamic Atomicity Checker for Multithreaded Programs by C. Flanagan and S. Freund presented by Sebastian Burckhardt

More information

Java 8 Programming for OO Experienced Developers

Java 8 Programming for OO Experienced Developers www.peaklearningllc.com Java 8 Programming for OO Experienced Developers (5 Days) This course is geared for developers who have prior working knowledge of object-oriented programming languages such as

More information

Audience. Revising the Java Thread/Memory Model. Java Thread Specification. Revising the Thread Spec. Proposed Changes. When s the JSR?

Audience. Revising the Java Thread/Memory Model. Java Thread Specification. Revising the Thread Spec. Proposed Changes. When s the JSR? Audience Revising the Java Thread/Memory Model See http://www.cs.umd.edu/~pugh/java/memorymodel for more information 1 This will be an advanced talk Helpful if you ve been aware of the discussion, have

More information

Programmazione di sistemi multicore

Programmazione di sistemi multicore Programmazione di sistemi multicore A.A. 2015-2016 LECTURE 14 IRENE FINOCCHI http://wwwusers.di.uniroma1.it/~finocchi/ Programming with locks and critical sections MORE BAD INTERLEAVINGS GUIDELINES FOR

More information

Transaction Management: Concurrency Control, part 2

Transaction Management: Concurrency Control, part 2 Transaction Management: Concurrency Control, part 2 CS634 Class 16 Slides based on Database Management Systems 3 rd ed, Ramakrishnan and Gehrke Locking for B+ Trees Naïve solution Ignore tree structure,

More information

Locking for B+ Trees. Transaction Management: Concurrency Control, part 2. Locking for B+ Trees (contd.) Locking vs. Latching

Locking for B+ Trees. Transaction Management: Concurrency Control, part 2. Locking for B+ Trees (contd.) Locking vs. Latching Locking for B+ Trees Transaction Management: Concurrency Control, part 2 Slides based on Database Management Systems 3 rd ed, Ramakrishnan and Gehrke CS634 Class 16 Naïve solution Ignore tree structure,

More information

The Singleton Pattern. Design Patterns In Java Bob Tarr

The Singleton Pattern. Design Patterns In Java Bob Tarr The Singleton Pattern Intent Ensure a class only has one instance, and provide a global point of access to it Motivation Sometimes we want just a single instance of a class to exist in the system For example,

More information

Concurrency Quiz: Java Threads

Concurrency Quiz: Java Threads Concurrency Quiz: Java Threads First name, last name:................................................................. Background information In this part of the quiz, we would like to collect some information

More information

A unified machine-checked model for multithreaded Java

A unified machine-checked model for multithreaded Java A unified machine-checked model for multithreaded Java Andre Lochbihler IPD, PROGRAMMING PARADIGMS GROUP, COMPUTER SCIENCE DEPARTMENT KIT - University of the State of Baden-Wuerttemberg and National Research

More information

Thread Synchronization: Too Much Milk

Thread Synchronization: Too Much Milk Thread Synchronization: Too Much Milk 1 Implementing Critical Sections in Software Hard The following example will demonstrate the difficulty of providing mutual exclusion with memory reads and writes

More information

CSE 374 Programming Concepts & Tools

CSE 374 Programming Concepts & Tools CSE 374 Programming Concepts & Tools Hal Perkins Fall 2017 Lecture 22 Shared-Memory Concurrency 1 Administrivia HW7 due Thursday night, 11 pm (+ late days if you still have any & want to use them) Course

More information

Review of last lecture. Peer Quiz. DPHPC Overview. Goals of this lecture. Lock-based queue

Review of last lecture. Peer Quiz. DPHPC Overview. Goals of this lecture. Lock-based queue Review of last lecture Design of Parallel and High-Performance Computing Fall 2016 Lecture: Linearizability Motivational video: https://www.youtube.com/watch?v=qx2driqxnbs Instructor: Torsten Hoefler &

More information

COMP Parallel Computing. CC-NUMA (2) Memory Consistency

COMP Parallel Computing. CC-NUMA (2) Memory Consistency COMP 633 - Parallel Computing Lecture 11 September 26, 2017 Memory Consistency Reading Patterson & Hennesey, Computer Architecture (2 nd Ed.) secn 8.6 a condensed treatment of consistency models Coherence

More information

Data abstractions: ADTs Invariants, Abstraction function. Lecture 4: OOP, autumn 2003

Data abstractions: ADTs Invariants, Abstraction function. Lecture 4: OOP, autumn 2003 Data abstractions: ADTs Invariants, Abstraction function Lecture 4: OOP, autumn 2003 Limits of procedural abstractions Isolate implementation from specification Dependency on the types of parameters representation

More information

Lab. Lecture 26: Concurrency & Responsiveness. Assignment. Maze Program

Lab. Lecture 26: Concurrency & Responsiveness. Assignment. Maze Program Lab Lecture 26: Concurrency & Responsiveness CS 62 Fall 2016 Kim Bruce & Peter Mawhorter Using parallelism to speed up sorting using Threads and ForkJoinFramework Review relevant material. Some slides

More information

Advanced MEIC. (Lesson #18)

Advanced MEIC. (Lesson #18) Advanced Programming @ MEIC (Lesson #18) Last class Data races Java Memory Model No out-of-thin-air values Data-race free programs behave as expected Today Finish with the Java Memory Model Introduction

More information

Computer Science Technical Report

Computer Science Technical Report Computer Science Technical Report Feasibility of Stepwise Addition of Multitolerance to High Atomicity Programs Ali Ebnenasir and Sandeep S. Kulkarni Michigan Technological University Computer Science

More information

11/19/2013. Imperative programs

11/19/2013. Imperative programs if (flag) 1 2 From my perspective, parallelism is the biggest challenge since high level programming languages. It s the biggest thing in 50 years because industry is betting its future that parallel programming

More information

CalFuzzer: An Extensible Active Testing Framework for Concurrent Programs Pallavi Joshi 1, Mayur Naik 2, Chang-Seo Park 1, and Koushik Sen 1

CalFuzzer: An Extensible Active Testing Framework for Concurrent Programs Pallavi Joshi 1, Mayur Naik 2, Chang-Seo Park 1, and Koushik Sen 1 CalFuzzer: An Extensible Active Testing Framework for Concurrent Programs Pallavi Joshi 1, Mayur Naik 2, Chang-Seo Park 1, and Koushik Sen 1 1 University of California, Berkeley, USA {pallavi,parkcs,ksen}@eecs.berkeley.edu

More information

Course Description. Learn To: : Intro to JAVA SE7 and Programming using JAVA SE7. Course Outline ::

Course Description. Learn To: : Intro to JAVA SE7 and Programming using JAVA SE7. Course Outline :: Module Title Duration : Intro to JAVA SE7 and Programming using JAVA SE7 : 9 days Course Description The Java SE 7 Fundamentals course was designed to enable students with little or no programming experience

More information

CSE332: Data Abstractions Lecture 19: Mutual Exclusion and Locking

CSE332: Data Abstractions Lecture 19: Mutual Exclusion and Locking CSE332: Data Abstractions Lecture 19: Mutual Exclusion and Locking James Fogarty Winter 2012 Including slides developed in part by Ruth Anderson, James Fogarty, Dan Grossman Banking Example This code is

More information

Discussion CSE 224. Week 4

Discussion CSE 224. Week 4 Discussion CSE 224 Week 4 Midterm The midterm will cover - 1. Topics discussed in lecture 2. Research papers from the homeworks 3. Textbook readings from Unit 1 and Unit 2 HW 3&4 Clarifications 1. The

More information

Classes, interfaces, & documentation. Review of basic building blocks

Classes, interfaces, & documentation. Review of basic building blocks Classes, interfaces, & documentation Review of basic building blocks Objects Data structures literally, storage containers for data constitute object knowledge or state Operations an object can perform

More information

The ComFoRT Reasoning Framework

The ComFoRT Reasoning Framework Pittsburgh, PA 15213-3890 The ComFoRT Reasoning Framework Sagar Chaki James Ivers Natasha Sharygina Kurt Wallnau Predictable Assembly from Certifiable Components Enable the development of software systems

More information

Overview. CMSC 330: Organization of Programming Languages. Concurrency. Multiprocessors. Processes vs. Threads. Computation Abstractions

Overview. CMSC 330: Organization of Programming Languages. Concurrency. Multiprocessors. Processes vs. Threads. Computation Abstractions CMSC 330: Organization of Programming Languages Multithreaded Programming Patterns in Java CMSC 330 2 Multiprocessors Description Multiple processing units (multiprocessor) From single microprocessor to

More information

Deterministic Parallel Programming

Deterministic Parallel Programming Deterministic Parallel Programming Concepts and Practices 04/2011 1 How hard is parallel programming What s the result of this program? What is data race? Should data races be allowed? Initially x = 0

More information

Parallel Programming Languages COMP360

Parallel Programming Languages COMP360 Parallel Programming Languages COMP360 The way the processor industry is going, is to add more and more cores, but nobody knows how to program those things. I mean, two, yeah; four, not really; eight,

More information

Verification & Validation of Open Source

Verification & Validation of Open Source Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open

More information

Synchronization. Announcements. Concurrent Programs. Race Conditions. Race Conditions 11/9/17. Purpose of this lecture. A8 released today, Due: 11/21

Synchronization. Announcements. Concurrent Programs. Race Conditions. Race Conditions 11/9/17. Purpose of this lecture. A8 released today, Due: 11/21 Announcements Synchronization A8 released today, Due: 11/21 Late deadline is after Thanksgiving You can use your A6/A7 solutions or ours A7 correctness scores have been posted Next week's recitation will

More information

Safety SPL/2010 SPL/20 1

Safety SPL/2010 SPL/20 1 Safety 1 system designing for concurrent execution environments system: collection of objects and their interactions system properties: Safety - nothing bad ever happens Liveness - anything ever happens

More information

Performance Improvements in 2016 release of ColdFusion. - A study in numbers -

Performance Improvements in 2016 release of ColdFusion. - A study in numbers - Performance Improvements in 216 release of ColdFusion - A study in numbers - Overview The 216 release of Adobe ColdFusion with a wide range of performance improvement features, such as, array pass-by-reference,

More information

Advances in Programming Languages

Advances in Programming Languages O T Y H Advances in Programming Languages APL8: ESC/Java2 David Aspinall (including slides by Ian Stark and material adapted from ESC/Java2 tutorial by David Cok, Joe Kiniry and Erik Poll) School of Informatics

More information

RACE CONDITIONS AND SYNCHRONIZATION

RACE CONDITIONS AND SYNCHRONIZATION RACE CONDITIONS AND SYNCHRONIZATION Lecture 21 CS2110 Fall 2010 Reminder 2 A race condition arises if two threads try and share some data One updates it and the other reads it, or both update the data

More information

Quis Custodiet Ipsos Custodes The Java memory model

Quis Custodiet Ipsos Custodes The Java memory model Quis Custodiet Ipsos Custodes The Java memory model Andreas Lochbihler funded by DFG Ni491/11, Sn11/10 PROGRAMMING PARADIGMS GROUP = Isabelle λ β HOL α 1 KIT 9University Oct 2012 of the Andreas State of

More information

AC OB S. Multi-threaded FW framework (OS) for embedded ARM systems Torsten Jaekel, June 2014

AC OB S. Multi-threaded FW framework (OS) for embedded ARM systems Torsten Jaekel, June 2014 AC OB S Multi-threaded FW framework (OS) for embedded ARM systems Torsten Jaekel, June 2014 ACOBS ACtive OBject (operating) System Simplified FW System for Multi-Threading on ARM embedded systems ACOBS

More information

Computation Abstractions. Processes vs. Threads. So, What Is a Thread? CMSC 433 Programming Language Technologies and Paradigms Spring 2007

Computation Abstractions. Processes vs. Threads. So, What Is a Thread? CMSC 433 Programming Language Technologies and Paradigms Spring 2007 CMSC 433 Programming Language Technologies and Paradigms Spring 2007 Threads and Synchronization May 8, 2007 Computation Abstractions t1 t1 t4 t2 t1 t2 t5 t3 p1 p2 p3 p4 CPU 1 CPU 2 A computer Processes

More information

A Serializability Violation Detector for Shared-Memory Server Programs

A Serializability Violation Detector for Shared-Memory Server Programs A Serializability Violation Detector for Shared-Memory Server Programs Min Xu Rastislav Bodík Mark Hill University of Wisconsin Madison University of California, Berkeley Serializability Violation Detector:

More information

Types for Precise Thread Interference

Types for Precise Thread Interference Types for Precise Thread Interference Jaeheon Yi, Tim Disney, Cormac Flanagan UC Santa Cruz Stephen Freund Williams College October 23, 2011 2 Multiple Threads Single Thread is a non-atomic read-modify-write

More information

F. Tip and M. Weintraub CONCURRENCY

F. Tip and M. Weintraub CONCURRENCY F. Tip and M. Weintraub CONCURRENCY SHARED-MEMORY CONCURRENCY threads execute concurrently threads communicate values via shared memory synchronization using locks 2 PITFALLS data races atomicity violations

More information

MultiJav: A Distributed Shared Memory System Based on Multiple Java Virtual Machines. MultiJav: Introduction

MultiJav: A Distributed Shared Memory System Based on Multiple Java Virtual Machines. MultiJav: Introduction : A Distributed Shared Memory System Based on Multiple Java Virtual Machines X. Chen and V.H. Allan Computer Science Department, Utah State University 1998 : Introduction Built on concurrency supported

More information

CSE332: Data Abstractions Lecture 25: Deadlocks and Additional Concurrency Issues. Tyler Robison Summer 2010

CSE332: Data Abstractions Lecture 25: Deadlocks and Additional Concurrency Issues. Tyler Robison Summer 2010 CSE332: Data Abstractions Lecture 25: Deadlocks and Additional Concurrency Issues Tyler Robison Summer 2010 1 Where we are We ve covered basic concurrency, then some odds and ends: Readers/writer locks

More information

Program Graph. Lecture 25: Parallelism & Concurrency. Performance. What does it mean?

Program Graph. Lecture 25: Parallelism & Concurrency. Performance. What does it mean? Program Graph Lecture 25: Parallelism & Concurrency CS 62 Fall 2015 Kim Bruce & Michael Bannister Some slides based on those from Dan Grossman, U. of Washington Program using fork and join can be seen

More information

Introducing Shared-Memory Concurrency

Introducing Shared-Memory Concurrency Race Conditions and Atomic Blocks November 19, 2007 Why use concurrency? Communicating between threads Concurrency in Java/C Concurrency Computation where multiple things happen at the same time is inherently

More information

JML tool-supported specification for Java Erik Poll Radboud University Nijmegen

JML tool-supported specification for Java Erik Poll Radboud University Nijmegen JML tool-supported specification for Java Erik Poll Radboud University Nijmegen Erik Poll - JML p.1/41 Overview The specification language JML Tools for JML, in particular runtime assertion checking using

More information

Problems with Concurrency. February 19, 2014

Problems with Concurrency. February 19, 2014 with Concurrency February 19, 2014 s with concurrency interleavings race conditions dead GUI source of s non-determinism deterministic execution model 2 / 30 General ideas Shared variable Access interleavings

More information

Multithreading Programming II

Multithreading Programming II Multithreading Programming II Content Review Multithreading programming Race conditions Semaphores Thread safety Deadlock Review: Resource Sharing Access to shared resources need to be controlled to ensure

More information

Viper: Communication-Layer Determinism and Scaling in Low-Latency Stream Processing

Viper: Communication-Layer Determinism and Scaling in Low-Latency Stream Processing Viper: Communication-Layer Determinism and Scaling in Low-Latency Stream Processing Ivan Walulya, Yiannis Nikolakopoulos, Vincenzo Gulisano Marina Papatriantafilou and Philippas Tsigas Auto-DaSP 2017 Chalmers

More information

MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING

MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING FEDERAL UNIVERSITY OF AMAZONAS INSTITUTE OF COMPUTING GRADUATE PROGRAM IN COMPUTER SCIENCE MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING Herbert Rocha, Raimundo Barreto,

More information

A Causality-Based Runtime Check for (Rollback) Atomicity

A Causality-Based Runtime Check for (Rollback) Atomicity A Causality-Based Runtime Check for (Rollback) Atomicity Serdar Tasiran Koc University Istanbul, Turkey Tayfun Elmas Koc University Istanbul, Turkey RV 2007 March 13, 2007 Outline This paper: Define rollback

More information

Verification Finite-state process modeling and reachability analysis

Verification Finite-state process modeling and reachability analysis Verification Finite-state process modeling and reachability analysis Topics: Finite-state process modeling Verification through interactive simulation Concurrent composition of processes Verification through

More information

Symbolic Execution, Dynamic Analysis

Symbolic Execution, Dynamic Analysis Symbolic Execution, Dynamic Analysis http://d3s.mff.cuni.cz Pavel Parízek CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics Symbolic execution Pavel Parízek Symbolic Execution, Dynamic Analysis

More information

1. Introduction to Concurrent Programming

1. Introduction to Concurrent Programming 1. Introduction to Concurrent Programming A concurrent program contains two or more threads that execute concurrently and work together to perform some task. When a program is executed, the operating system

More information

7. Testing and Debugging Concurrent Programs

7. Testing and Debugging Concurrent Programs 7. Testing and Debugging Concurrent Programs The purpose of testing is to find program failures => A successful test is a test that causes a program to fail. Ideally, tests are designed before the program

More information

Synchronization Lecture 23 Fall 2017

Synchronization Lecture 23 Fall 2017 Synchronization Lecture 23 Fall 2017 Announcements A8 released today, Due: 11/21 Late deadline is after Thanksgiving You can use your A6/A7 solutions or ours A7 correctness scores have been posted Next

More information

SCOOP A contract-based concurrent object-oriented programming model

SCOOP A contract-based concurrent object-oriented programming model SCOOP A contract-based concurrent object-oriented programming model Benjamin Morandi 1, Sebastian S. Bauer 2, and Bertrand Meyer 1 1 Chair of Software Engineering, Swiss Federal Institute of Technology

More information

Tasks with Effects. A Model for Disciplined Concurrent Programming. Abstract. 1. Motivation

Tasks with Effects. A Model for Disciplined Concurrent Programming. Abstract. 1. Motivation Tasks with Effects A Model for Disciplined Concurrent Programming Stephen Heumann Vikram Adve University of Illinois at Urbana-Champaign {heumann1,vadve}@illinois.edu Abstract Today s widely-used concurrent

More information

PROVING THINGS ABOUT PROGRAMS

PROVING THINGS ABOUT PROGRAMS PROVING THINGS ABOUT CONCURRENT PROGRAMS Lecture 23 CS2110 Fall 2010 Overview 2 Last time we looked at techniques for proving things about recursive algorithms We saw that in general, recursion matches

More information

Foundations of the C++ Concurrency Memory Model

Foundations of the C++ Concurrency Memory Model Foundations of the C++ Concurrency Memory Model John Mellor-Crummey and Karthik Murthy Department of Computer Science Rice University johnmc@rice.edu COMP 522 27 September 2016 Before C++ Memory Model

More information

New Programming Abstractions for Concurrency. Torvald Riegel Red Hat 12/04/05

New Programming Abstractions for Concurrency. Torvald Riegel Red Hat 12/04/05 New Programming Abstractions for Concurrency Red Hat 12/04/05 1 Concurrency and atomicity C++11 atomic types Transactional Memory Provide atomicity for concurrent accesses by different threads Both based

More information

Static Deadlock Detection for Java Libraries

Static Deadlock Detection for Java Libraries Static Deadlock Detection for Java Libraries Amy Williams, William Thies, and Michael D. Ernst Massachusetts Institute of Technology Deadlock Each deadlocked thread attempts to acquire a lock held by another

More information

Threads Cannot Be Implemented As a Library

Threads Cannot Be Implemented As a Library Threads Cannot Be Implemented As a Library Authored by Hans J. Boehm Presented by Sarah Sharp February 18, 2008 Outline POSIX Thread Library Operation Vocab Problems with pthreads POSIX Thread Library

More information

Oracle Utilities Application Framework

Oracle Utilities Application Framework Oracle Utilities Application Framework API Reference Notes Release 4.x E54104-04 March 2017 Oracle Utilities Application Framework API Reference Notes Release 4.x E54104-04 Copyright 2017, Oracle and/or

More information

Advanced Threads & Monitor-Style Programming 1/24

Advanced Threads & Monitor-Style Programming 1/24 Advanced Threads & Monitor-Style Programming 1/24 First: Much of What You Know About Threads Is Wrong! // Initially x == 0 and y == 0 // Thread 1 Thread 2 x = 1; if (y == 1 && x == 0) exit(); y = 1; Can

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback