kiss keep it simple and sequential
play

KISS: Keep it Simple and Sequential A tool for finding bugs in - PowerPoint PPT Presentation

KISS: Keep it Simple and Sequential A tool for finding bugs in concurrent programs Steffen Juilf Smolka Technische Universitt Mnchen 17. Juli 2012 S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 1 Overview Motivation


  1. KISS: Keep it Simple and Sequential A tool for finding bugs in concurrent programs Steffen Juilf Smolka Technische Universität München 17. Juli 2012 S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 1

  2. Overview Motivation and Intuition behind KISS 1 The Transformation 2 Analysis and Conclusion 3 S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 2

  3. Motivation Gordan E. Moore, Intel Co-Founder, 1965 "The Free Lunch Is Over", Herb Sutter, 2005 increasing number of transistors now manifests itself in an increasing number of cores performant software relies on concurrency S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 3

  4. Challenges of Concurrent Programs Difficult to get right access to shared variables has to be synchronized sometimes counter-intuitive S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 4

  5. Challenges of Concurrent Programs Difficult to get right access to shared variables has to be synchronized sometimes counter-intuitive Difficult to debug nondeterministic in nature combinatorical explosion in number of possible schedules "Heisenbugs" 1 → 1 → 3 → 1 → 2 → 3 � 3 → 1 → 3 → 1 → 2 → 1 � 3 → 2 → 1 → 3 → 1 → 1 × ⇒ Testing is no longer an effective method for finding bugs ⇒ Tools for finding bugs are invaluable S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 4

  6. Traditional Approach Define safety properties assertions reachability, race conditions Explore all possible thread interleavings forbidding complexity, exponential in # threads Problem is undecidable [Ramalingam] S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 5

  7. Example Main Thread Thread A Thread B // global variables void thrA () { void thrB () { usb_driver driver; if(is_running ){ assume (! is_in_use ); boolean is_running; is_in_use = true; is_running = false; boolean is_in_use; // use driver ... // clean up ... void main () { free(driver ); . . driver = init (); . . . . is_running = true; is_in_use = false; is_in_use = false; async(thrA ); } } async(thrB ); } } What assumptions are we making? S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 6

  8. Example Main Thread Thread A Thread B // global variables void thrA () { void thrB () { usb_driver driver; if(is_running ){ assume (! is_in_use ); boolean is_running; is_in_use = true; is_running = false; boolean is_in_use; // use driver ... // clean up ... void main () { free(driver ); . . driver = init (); . . . assert( is_running ); . is_running = true; is_in_use = false; is_in_use = false; assert (! is_in_use ); async(thrA ); } } async(thrB ); } } What assumptions are we making? S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 7

  9. Example Main Thread Thread A Thread B // global variables void thrA () { void thrB () { usb_driver driver; assume (! is_in_use ); boolean is_running; boolean is_in_use; if(is_running ){ is_in_use = true; void main () { driver = init (); is_running = false; is_running = true; // clean up ... is_in_use = false; free(driver ); async(thrA ); . . async(thrB ); . } assert (! is_in_use ); // use driver ... . . . assert( is_running ); is_in_use = false; } } } S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 8

  10. The Kiss Aproach Idea: Transform concurrent program P to nondeterministic, sequential program P seq , which simulates subset of possbile executions of P .  1 → 1 → 3 → 1 → 2 → 3    P seq 3 → 1 → 3 → 1 → 2 → 1   3 → 2 → 1 → 3 → 1 → 1  P seq is a nondeterministic scheduler executing P . Motivation Semantics of sequential program are easier Make problem decidable Maybe we can avoid exponential complexity . . . Keep it Simple and Sequential! S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 9

  11. Properties of P seq P seq satisfies = ⇒ P satisfies safety property ⇐ = safety property S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 10

  12. � Properties of P seq DECIDABLE UNDECIDABLE P seq satisfies = ⇒ P satisfies safety property ⇐ = safety property S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 10

  13. � � Properties of P seq DECIDABLE UNDECIDABLE P seq satisfies = ⇒ P satisfies safety property ⇐ = safety property P seq violates = ⇒ P violates safety property ⇐ = safety property S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 10

  14. The KISS architecture Concurrent program P KISS Sequential program P seq Error trace for P seq Sequential Error trace KISS Checker for P No error found S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 11

  15. Motivation and Intuition behind KISS 1 The Transformation 2 Analysis and Conclusion 3 S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 12

  16. Execution of Concurrent Programs Basically, we want to implement a nondeterministic scheduler. Problem: We need to manage n PCs and n Stacks, all with one Stack! Thread 1 PC 1 = 2 Thread n PC n = 2 1 void main1 () { 1 void mainN () { f(); foo; 2 2 exit (0); bar; 3 3 4 } foobar; 4 5 } 5 6 void f() { g(); 7 main1 mainN return; 8 9 } 10 Stack 1 Stack n 11 void g() { return; 12 13 } S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 13

  17. Execution of Concurrent Programs Basically, we want to implement a nondeterministic scheduler. Problem: We need to manage n PCs and n Stacks, all with one Stack! Thread 1 PC 1 = 7 Thread n PC n = 2 1 void main1 () { 1 void mainN () { f(); foo; 2 2 exit (0); bar; 3 3 4 } foobar; 4 5 } 5 f 6 void f() { g(); 7 main1 mainN return; 8 9 } 10 Stack 1 Stack n 11 void g() { return; 12 13 } S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 13

  18. Execution of Concurrent Programs Basically, we want to implement a nondeterministic scheduler. Problem: We need to manage n PCs and n Stacks, all with one Stack! Thread 1 PC 1 = 12 Thread n PC n = 2 1 void main1 () { 1 void mainN () { f(); foo; 2 2 exit (0); g bar; 3 3 4 } foobar; 4 5 } 5 f 6 void f() { g(); 7 main1 mainN return; 8 9 } 10 Stack 1 Stack n 11 void g() { return; 12 13 } S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 13

  19. Execution of Concurrent Programs Basically, we want to implement a nondeterministic scheduler. Problem: We need to manage n PCs and n Stacks, all with one Stack! Thread 1 PC 1 = 8 Thread n PC n = 2 1 void main1 () { 1 void mainN () { f(); foo; 2 2 exit (0); bar; 3 3 4 } foobar; 4 5 } 5 f 6 void f() { g(); 7 main1 mainN return; 8 9 } 10 Stack 1 Stack n 11 void g() { return; 12 13 } S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 13

  20. Execution of Concurrent Programs Basically, we want to implement a nondeterministic scheduler. Problem: We need to manage n PCs and n Stacks, all with one Stack! Thread 1 PC 1 = 3 Thread n PC n = 2 1 void main1 () { 1 void mainN () { f(); foo; 2 2 exit (0); bar; 3 3 4 } foobar; 4 5 } 5 6 void f() { g(); 7 main1 mainN return; 8 9 } 10 Stack 1 Stack n 11 void g() { return; 12 13 } S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 13

  21. Execution of Concurrent Programs Basically, we want to implement a nondeterministic scheduler. Problem: We need to manage n PCs and n Stacks, all with one Stack! Thread 1 PC 1 = 3 Thread n PC n = 2 1 void main1 () { 1 void mainN () { f(); foo; 2 2 exit (0); bar; 3 3 4 } foobar; 4 5 } 5 6 void f() { g(); 7 main1 mainN return; 8 9 } 10 Stack 1 Stack n 11 void g() { return; 12 13 } Naive Solution: Store information in global variables. But: Sequential model checking is exponential in # global variables! S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 13

  22. Scheduling with (almost) no Global Variables Idea: Think of Threads as Functions! At any point during execution we may nondeterministically Schedule a new thread by calling its starting function S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 14

  23. Scheduling with (almost) no Global Variables Idea: Think of Threads as Functions! At any point during execution we may thr1 nondeterministically Schedule a new thread by calling its starting function 1 → 1 → 1 → S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 14

  24. Scheduling with (almost) no Global Variables Idea: Think of Threads as Functions! thr3 At any point during execution we may thr1 nondeterministically Schedule a new thread by calling its starting function 1 → 1 → 1 → 3 → 3 → S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 14

  25. Scheduling with (almost) no Global Variables Idea: Think of Threads as Functions! At any point during execution we may thr1 nondeterministically Schedule a new thread by calling its starting function 1 → 1 → 1 → Continue a thread already running by 3 → 3 → 1 → popping the current stack frame (return ;) S. Smolka (TUM) KISS: Keep it Simple and Sequential 17. Juli 2012 14

Recommend


More recommend