Overview Problem Definition Interrupt- Driven Programs Data-Race Detection for Interrupt-Driven Data-Races and Happens- Kernels Before Analyzing FreeRTOS Kernel Library Nikita Chopra, Deepak D’Souza and Rekha Pai Conclusion Indian Institute of Science Bangalore July 20, 2018
Overview Overview Problem Definition Interrupt- Driven Programs Data-Races Problem Definition and Happens- Before Interrupt-Driven Programs Analyzing FreeRTOS Data-Races and Happens-Before Relation Kernel Library Analyzing FreeRTOS Kernel Conclusion Conclusion
Problem Definition Overview Problem Definition Interrupt- Driven Programs Data-Races and Happens- Before Given an “interrupt-driven kernel program” detect data races in Analyzing FreeRTOS the program. Kernel Library Conclusion
Interrupt-Driven Programs Overview Application: Problem main() Definition { Interrupt- createTask(f1); Driven . Programs . Data-Races createTask(fn); and Happens- Before startScheduler(); } Analyzing FreeRTOS Kernel Library f1() f2() fn() Conclusion { { { ... ... .. ... } } } ============================================== Kernel: startScheduler() kAPI1() kAPIn() { { { ... ... .. ... <== } } }
Interrupt-Driven Programs Overview Problem Definition Interrupt- Driven Programs Data-Races and Happens- - finite number of threads Before - disableint - enableint , suspendsch - resumesch , and Analyzing FreeRTOS synchronization flags Kernel Library Conclusion - “task” threads and “ISR” threads
Interrupt-Driven Programs Overview main: Problem 1. x := 0; Definition 2. y := 0; Interrupt- 3. t := 0; Driven 4. create(t1); Programs 5. create(t2); Data-Races 6. and Happens- Before t1: t2: Analyzing FreeRTOS 7. x := x + 1; 9. disableint; Kernel Library 8. 10. y := t; Conclusion 11. t := x; 12. if(t > 0) { 13. y := y + 1; 14. } 15. else { 16. t := t + 1; 17. } 18. enableint; 19. Figure: Example program
Claim Overview Problem Definition Interrupt- Driven Programs Data-Races and Happens- Given an interrupt-driven program, we proposed a sound Before algorithm to detect data-races in the program. Analyzing FreeRTOS Kernel Library - key insight is the notion of “disjoint blocks” Conclusion
Data-Races Overview Problem Definition Interrupt- Driven Programs Data-Races and Happens- Motivation: Before Analyzing Give a definition of data-race based on the operational FreeRTOS Kernel Library semantics of the class of interrupt-driven programs, that Conclusion capture what a programmer typically tries to avoid.
Data-Races Overview Problem Definition Conflicting accesses: Interrupt- Driven Programs Two accesses are conflicting accesses if they are Data-Races read/write accesses to the same variable, and at least one and Happens- Before of them is a write. Analyzing FreeRTOS Kernel Library Conclusion
Data-Races Overview Problem Definition Conflicting accesses: Interrupt- Driven Programs Two accesses are conflicting accesses if they are Data-Races read/write accesses to the same variable, and at least one and Happens- Before of them is a write. Analyzing FreeRTOS Kernel Library Conclusion Data-race: For classical concurrent programs, define a race as consecutive occurrences of conflicting accesses in an execution.
Data-Races Overview main: Problem 1. x := 0; Definition 2. y := 0; Interrupt- 3. t := 0; Driven 4. create(t1); Programs 5. create(t2); Data-Races 6. and Happens- Before t1: t2: Analyzing FreeRTOS 7. x := x + 1; 9. disableint; Kernel Library 8. 10. y := t; Conclusion 11. t := x; 12. if(t > 0) { 13. y := y + 1; 14. } 15. else { 16. t := t + 1; 17. } 18. enableint; 19. Figure: Example program - race between Lines 7 and 11
Data-Races Overview Problem Definition Interrupt- Proposed Definition: Driven Programs Two statements s and t in a program P are involved in a Data-Races and Happens- data-race if the following is true: Before Analyzing Consider the program P ′ which is obtained from P by FreeRTOS Kernel Library replacing the statement s with “ skip ; s ; skip ”, and Conclusion similarly for statement t . Then there is an execution of P ′ in which the two blocks containing s and t are involved in a high-level race.
Data-Races Overview Problem Definition P ′ P Interrupt- Driven t1 t2 t1: t2: t1: t2: Programs Data-Races and Happens- t; skip; Before s; skip; t; Analyzing s; skip; FreeRTOS skip; Kernel Library Conclusion Figure: Illustrating the definition of a data-race on statements s and t . A program P , its transformation P ′ , and an execution of P ′ in which the blocks overlap.
Happens-Before Relation Overview Problem Definition In the classical setting of lock-based synchronization, Interrupt- happens-before relation is a partial order on the Driven Programs instructions in an execution, that is the union of Data-Races and Happens- the program-order relation between two instructions in the Before same thread, and Analyzing FreeRTOS the synchronizes-with relation which relates a release of a Kernel Library lock in a thread to the next acquire of the same lock in Conclusion another thread.
Happens-Before Relation Overview Problem Definition In the classical setting of lock-based synchronization, Interrupt- happens-before relation is a partial order on the Driven Programs instructions in an execution, that is the union of Data-Races and Happens- the program-order relation between two instructions in the Before same thread, and Analyzing FreeRTOS the synchronizes-with relation which relates a release of a Kernel Library lock in a thread to the next acquire of the same lock in Conclusion another thread. How does one define synchronizes-with relation in interrupt-driven programs?
Happens-Before Relation Overview Problem Definition Interrupt- Driven Programs Data-Races Disjoint blocks : and Happens- Before Disjoint blocks are syntactically identifiable pairs of code Analyzing blocks in different threads, which are guaranteed by the FreeRTOS Kernel Library execution semantics of the class of programs never to Conclusion overlap in any execution of a program.
Happens-Before Relation Overview Problem Definition Proposed Definitions Interrupt- Driven Synchronizes-with relation: Programs Data-Races for every pair ( A , B ) of disjoint blocks in the program, the and Happens- Before end of block A synchronizes-with the beginning of the Analyzing succeeding occurrence of block B in the execution; and FreeRTOS Kernel Library vice-versa. Conclusion
Happens-Before Relation Overview Problem Definition Proposed Definitions Interrupt- Driven Synchronizes-with relation: Programs Data-Races for every pair ( A , B ) of disjoint blocks in the program, the and Happens- Before end of block A synchronizes-with the beginning of the Analyzing succeeding occurrence of block B in the execution; and FreeRTOS Kernel Library vice-versa. Conclusion Happens-Before relation: defined, as before, in terms of the program order and the synchronizes-with order.
Happens-Before Relation Overview task: task: task: ISR: ISR: ISR: disableint ; disableint ; disableint ; // begin // begin // begin Problem Definition Interrupt- Driven enableint enableint enableint // end // end // end Programs (a) (b) (c) Data-Races and Happens- task: task: task: task: main: t: suspendsch ; suspendsch ; suspendsch ; Before disableint ; // begin // begin Analyzing FreeRTOS Kernel Library enableint resumesch ; resumesch ; resumesch ; create (t) // end Conclusion (d) (e) (f) task: ISR: task: ISR: if(ssflag = 0){ if(f = 0){ suspendsch ; f := 1; } } else { else { resumesch ; f := 0; } } (g) (h)
Recommend
More recommend