data races are bad
play

Data Races are Bad Race: two threads access memory without - PowerPoint PPT Presentation

Oct 18, 2022 •508 likes •1.28k views

C ONTEXT - SENSITIVE C ORRELATION A NALYSIS FOR D ETECTING R ACES Polyvios Pratikakis Jeff Foster Michael Hicks University of Maryland, College Park Context-sensitive Correlation Analysis for Detecting Races p.1/ ?? Data Races are Bad

  1. C ONTEXT - SENSITIVE C ORRELATION A NALYSIS FOR D ETECTING R ACES Polyvios Pratikakis Jeff Foster Michael Hicks University of Maryland, College Park Context-sensitive Correlation Analysis for Detecting Races – p.1/ ??

  2. Data Races are Bad Race: two threads access memory without synchronization and at least one is a write Races are bad: August 14th 2004, Northeastern Blackout 1985-1987, Therac-25 medical accelerator Programs with races are difficult to understand Context-sensitive Correlation Analysis for Detecting Races – p.2/ ??

  3. A way to prevent races Shared locations ρ Locks ℓ Correlation ρ ⊲ ℓ : Lock ℓ is correlated with pointer ρ if-f ℓ is held while ρ is accessed Consistent correlation : A given pointer ρ is only correlated with one lock ℓ Assert that every shared location ρ is consistently correlated with a single lock ℓ Context-sensitive Correlation Analysis for Detecting Races – p.3/ ??

  4. Contribution Inference of correlation between locks and pointers for C: Universal and Existential context sensitivity in correlation propagation Sound race detection using assertion of consistent correlation It works: we found races! Context-sensitive Correlation Analysis for Detecting Races – p.4/ ??

  5. This presentation Correlation Inference Universal and Existential context sensitivity Linearity of locks Lock State (which locks are held at every program point?) Experimental Results Context-sensitive Correlation Analysis for Detecting Races – p.5/ ??

  6. Type Based Analysis Annotate types with labels: pthread_mutex_t → pthread_mutex_t � ℓ � τ * → τ * � ρ � Create constraints among labels to capture data flow and correlation Dereferencing ρ while ℓ is held: ρ ⊲ ℓ Aliasing ρ to ρ ′ : ρ ≤ ρ ′ Aliasing ℓ to ℓ ′ : ℓ = ℓ ′ Solve constraints to close the relation ρ ⊲ ℓ Verify consistent correlation of every shared ρ with a single lock ℓ for all dereferences of ρ Context-sensitive Correlation Analysis for Detecting Races – p.6/ ??

  7. Correlation pthread mutex t L1 = ...; int x; // &x: int* p) { void munge(pthread mutex t *l, int * pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ... munge(&L1, &x); Context-sensitive Correlation Analysis for Detecting Races – p.7/ ??

  8. Correlation pthread mutex t � ℓ 1 � L1 = ...; int* � ρ x � int x; // &x: void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); ρ x ℓ 1 *p = 3; pthread mutex unlock(l); } ... ρ ℓ munge(&L1, &x); munge Context-sensitive Correlation Analysis for Detecting Races – p.8/ ??

  9. Correlation pthread mutex t � ℓ 1 � L1 = ...; int* � ρ x � int x; // &x: void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); ρ x ℓ 1 *p = 3; pthread mutex unlock(l); } ... ρ ℓ munge(&L1, &x); munge Context-sensitive Correlation Analysis for Detecting Races – p.8/ ??

  10. Correlation pthread mutex t � ℓ 1 � L1 = ...; int* � ρ x � int x; // &x: void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); ρ x ℓ 1 *p = 3; pthread mutex unlock(l); } ... ρ ℓ munge(&L1, &x); munge Context-sensitive Correlation Analysis for Detecting Races – p.8/ ??

  11. Correlation pthread mutex t � ℓ 1 � L1 = ...; int* � ρ x � int x; // &x: void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); ρ x ℓ 1 *p = 3; pthread mutex unlock(l); } ... ρ ⊲ ℓ munge(&L1, &x); munge Context-sensitive Correlation Analysis for Detecting Races – p.8/ ??

  12. Correlation pthread mutex t � ℓ 1 � L1 = ...; int* � ρ x � int x; // &x: void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); ρ x ⊲ ℓ 1 *p = 3; pthread mutex unlock(l); } ... ρ ⊲ ℓ munge(&L1, &x); munge Context-sensitive Correlation Analysis for Detecting Races – p.8/ ??

  13. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge(&L1, &x); ⊲ ρ munge(&L2, &y); ℓ munge(&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  14. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge(&L1, &x); ⊲ ρ munge(&L2, &y); ℓ munge(&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  15. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge(&L1, &x); ⊲ ρ munge(&L2, &y); ℓ munge(&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  16. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ⊲ ⊲ ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge(&L1, &x); ⊲ ρ munge(&L2, &y); ℓ munge(&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  17. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; ( 1 ) 1 pthread mutex unlock(l); ( 1 } ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge 1 (&L1, &x); ( 1 ( 1 ) 1 munge 2 (&L2, &y); ⊲ ρ ℓ munge 3 (&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  18. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ⊲ ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge 1 (&L1, &x); ( 1 ( 1 ) 1 munge 2 (&L2, &y); ⊲ ρ ℓ munge 3 (&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  19. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); ( 2 ) 2 } ( 2 ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge 1 (&L1, &x); ( 2 ( 2 ) 2 munge 2 (&L2, &y); ⊲ ρ ℓ munge 3 (&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  20. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ⊲ ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge 1 (&L1, &x); ( 2 ( 2 ) 2 munge 2 (&L2, &y); ⊲ ρ ℓ munge 3 (&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  21. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ( 3 ) 3 ( 3 ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge 1 (&L1, &x); ( 3 ( 3 ) 3 munge 2 (&L2, &y); ⊲ ρ ℓ munge 3 (&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  22. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge 1 (&L1, &x); ( 3 ( 3 ) 3 ⊲ munge 2 (&L2, &y); ⊲ ρ ℓ munge 3 (&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

  23. Context Sensitivity pthread mutex t � ℓ 1 � L1 = ..., � ℓ 2 � L2 = ...; int x, y, z; // � ρ x � , ρ y , � ρ z � � � void munge(pthread mutex t � ℓ � *l, int * � ρ � p) { pthread mutex lock(l); *p = 3; pthread mutex unlock(l); } ⊲ ⊲ ... ρ x ρ y ρ z ℓ 1 ℓ 2 munge 1 (&L1, &x); ⊲ munge 2 (&L2, &y); ⊲ ρ ℓ munge 3 (&L2, &z); munge Context-sensitive Correlation Analysis for Detecting Races – p.9/ ??

Recommend

2012-08-07 CSE 332 Data Abstractions: Data Races and Memory, Reordering, Deadlock,

2012-08-07 CSE 332 Data Abstractions: Data Races and Memory, Reordering, Deadlock,

2012-08-07 CSE 332 Data Abstractions: Data Races and Memory, Reordering, Deadlock, Readers/Writer Locks, and Condition Variables (oh my!) *ominous music* THE FINAL EXAM Kate Deibel Summer 2012 August 6, 2012 CSE 332 Data Abstractions,

339 views • 14 slides
Data-Race Detection for Interrupt-Driven Data-Races and Happens- Kernels Before Analyzing

Data-Race Detection for Interrupt-Driven Data-Races and Happens- Kernels Before Analyzing

Overview Problem Definition Interrupt- Driven Programs Data-Race Detection for Interrupt-Driven Data-Races and Happens- Kernels Before Analyzing FreeRTOS Kernel Library Nikita Chopra, Deepak DSouza and Rekha Pai Conclusion Indian

512 views • 21 slides
CoRD: Collabora,ve Data Race Detec,on Baris Kasikci, Cris,an

CoRD: Collabora,ve Data Race Detec,on Baris Kasikci, Cris,an

CoRD: Collabora,ve Data Race Detec,on Baris Kasikci, Cris,an Zamfir, and George Candea School of Computer & Communica3on Sciences Data Races 2 Data Races

858 views • 70 slides
Looking Inside a Race Detector kavya @kavya719 data race detection data races when two+

Looking Inside a Race Detector kavya @kavya719 data race detection data races when two+

Looking Inside a Race Detector kavya @kavya719 data race detection data races when two+ threads concurrently access a shared memory location, at least one access is a write. data race // Shared variable R R R var count = 0 W R

695 views • 57 slides
Dynamically Detecting and Tolerating IF-Condition Data Races Shanxiang Qi (Google), Abdullah

Dynamically Detecting and Tolerating IF-Condition Data Races Shanxiang Qi (Google), Abdullah

Dynamically Detecting and Tolerating IF-Condition Data Races Shanxiang Qi (Google), Abdullah Muzahid (University of San Antonio), Wonsun Ahn , Josep Torrellas University of Illinois at Urbana-Champaign HPCA-2014, Feb 2014 Background: Data

266 views • 22 slides
ARES /RACES Par+cipa+on with Homeland Security Agencies in

ARES /RACES Par+cipa+on with Homeland Security Agencies in

ARES /RACES Par+cipa+on with Homeland Security Agencies in Full Scale Exercise 2012 and 2013 Monroe County ARES / RACES Inc. Tools used

1.05k views • 93 slides
Detecting Data Races in Multi-Threaded Programs Eraser A Dynamic Data-Race Detector for

Detecting Data Races in Multi-Threaded Programs Eraser A Dynamic Data-Race Detector for

Detecting Data Races in Multi-Threaded Programs Eraser A Dynamic Data-Race Detector for Multi-Threaded Programs MultiRace An Efficient On-the-Fly Data-Race Detection Tool for Multi-Threaded C++ Programs John C. Linford Slide 1 / 31 Key

606 views • 31 slides
Conflict Exceptions: Simplifying Concurrent Language Semantics with Precise Hardware Exceptions

Conflict Exceptions: Simplifying Concurrent Language Semantics with Precise Hardware Exceptions

Conflict Exceptions: Simplifying Concurrent Language Semantics with Precise Hardware Exceptions for Data-Races Brandon Lucia , Luis Ceze, Karin Strauss, Shaz Qadeer and Hans-J. Boehm Data-Races are Trouble Complicated language Usually

776 views • 52 slides
SWORD: A Bounded Memory-Overhead Detector of OpenMP Data Races in Production Runs Simone Atzeni,

SWORD: A Bounded Memory-Overhead Detector of OpenMP Data Races in Production Runs Simone Atzeni,

SWORD: A Bounded Memory-Overhead Detector of OpenMP Data Races in Production Runs Simone Atzeni, Ganesh Gopalakrishnan, Zvonimir Rakamaric School of Computing, University of Utah, Salt Lake City , UT 84112 Presented at IPDPS 2018 See paper for

870 views • 69 slides
Exploiting Kernel Races Through Taming Thread Interleaving Yoochan Lee, Byoungyoung Lee, Chanwoo

Exploiting Kernel Races Through Taming Thread Interleaving Yoochan Lee, Byoungyoung Lee, Chanwoo

Exploiting Kernel Races Through Taming Thread Interleaving Yoochan Lee, Byoungyoung Lee, Chanwoo Min Seoul National University, Virginia Tech #BHUSA @BLACKHATEVENTS Summary New technique turning Background on races

530 views • 37 slides
IPC, Threads, Races, Critical Sections Why We Wait 7C. Asynchronous Event Completion We

IPC, Threads, Races, Critical Sections Why We Wait 7C. Asynchronous Event Completion We

4/23/2018 IPC, Threads, Races, Critical Sections Why We Wait 7C. Asynchronous Event Completion We await completion of non-trivial operations 7D. Mutual Exclusion data to be read from disk a child process to be created 7E.

306 views • 8 slides
Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races

Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races

Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races CS 563 Young Li 10/31/18 Intel Software Guard eXtensions (SGX) and Hyper-Threading What is Intel SGX? Set of CPU instructions Present in

718 views • 44 slides
November 12, 2014 Presentation Overview Election trends: what happened? Senate races; key

November 12, 2014 Presentation Overview Election trends: what happened? Senate races; key

2014 Midterm Elections: Impact on Regional Development Organizations and Local Governments November 12, 2014 Presentation Overview Election trends: what happened? Senate races; key committees House races; key committees

869 views • 57 slides
Bounding Data Races in Space and Time KC Sivaramakrishnan University of Darwin College, 1851

Bounding Data Races in Space and Time KC Sivaramakrishnan University of Darwin College, 1851

Bounding Data Races in Space and Time KC Sivaramakrishnan University of Darwin College, 1851 Royal OCaml Labs Cambridge Cambridge Commission 1 Multicore OCaml 2 Multicore OCaml OCaml is an industrial-strength, functional

1.2k views • 99 slides
Protecting Applications Against TOCTTOU Races by User-Space Caching of File Metadata Mathias

Protecting Applications Against TOCTTOU Races by User-Space Caching of File Metadata Mathias

DynaRace Protecting Applications Against TOCTTOU Races by User-Space Caching of File Metadata Mathias Payer & Thomas R. Gross Department of Computer Science ETH Zrich, Switzerland TOCTTOU races Time Of Check To Time of Use (TOCTTOU)

828 views • 33 slides
IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating

IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating

4/18/2016 IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating Systems Principles 7C. Critical Sections IPC, Threads, Races, Critical Sections 7D. Asynchronous Event Completions Mark Kampe

245 views • 8 slides
IN INTERNATION IONAL MIX MIXED T TEAM R M RELAY Race format 2 rounds of 4 races 2 teams per

IN INTERNATION IONAL MIX MIXED T TEAM R M RELAY Race format 2 rounds of 4 races 2 teams per

IN INTERNATION IONAL MIX MIXED T TEAM R M RELAY Race format 2 rounds of 4 races 2 teams per race Race distance = 9 x 250m Winner = fastest accumulated time for the two races Teams 8 Teams 9 crews per team 3 JM1x, 3 JW1x, 1 or 2

379 views • 12 slides
IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

4/14/2017 IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process Communication the exchange of data between processes 3T. Threads Goals simplicity 7B. The Critical Section Problem convenience

205 views • 8 slides
IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

4/23/2018 IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process Communication the exchange of data between processes 3T. Threads Goals simplicity 7B. The Critical Section Problem convenience

355 views • 8 slides
Prime number races Greg Martin University of British Columbia Dartmouth Mathematics Colloquium

Prime number races Greg Martin University of British Columbia Dartmouth Mathematics Colloquium

Chebyshev, pretty pictures, and Dirichlet The prime number theorem Back to primes in arithmetic progressions Prime number races Greg Martin University of British Columbia Dartmouth Mathematics Colloquium May 6, 2010 Prime number races Greg

1.11k views • 83 slides
Concurrency, Races & Synchronization CS 450: Operating Systems Michael Lee

Concurrency, Races & Synchronization CS 450: Operating Systems Michael Lee

Concurrency, Races & Synchronization CS 450: Operating Systems Michael Lee <lee@iit.edu> Agenda - Concurrency: what, why, how - Concurrency-related problems - Locks & Locking strategies - Concurrent programming with semaphores

1.8k views • 177 slides
Cases of COVID-19 per 100,000 Population for Select Races/Ethnicities, Apr. 29 Aug. 30, 2020,

Cases of COVID-19 per 100,000 Population for Select Races/Ethnicities, Apr. 29 Aug. 30, 2020,

Cases of COVID-19 per 100,000 Population for Select Races/Ethnicities, Apr. 29 Aug. 30, 2020, Illinois 3500 2912 3000 2671 2457 2500 2273 2155 2096 1985 2000 1860 1694 1897 1771 1627 1500 1338 1468 1340 1285 1205 914 1150

451 views • 4 slides
Exploiting Unix File-System Races via Algorithmic Complexity Attacks By Cai, Gui, Johnson

Exploiting Unix File-System Races via Algorithmic Complexity Attacks By Cai, Gui, Johnson

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Exploiting Unix File-System Races via Algorithmic Complexity

643 views • 31 slides
Cases of COVID-19 per 100,000 Population for Select Races/Ethnicities, Select Dates (April 29 -

Cases of COVID-19 per 100,000 Population for Select Races/Ethnicities, Select Dates (April 29 -

Cases of COVID-19 per 100,000 Population for Select Races/Ethnicities, Select Dates (April 29 - June 8, 2020), Illinois 2500 2000 1860 1694 1723 1500 1338 914 1150 1000 1071 1084 928 592 763 492 469 462 394 500 586 318 230 326

278 views • 5 slides

More recommend