EnforceMOP: a runtime property enforcement system for multithreaded programs

Multithreaded programs are hard to develop and test. In order for programs to avoid unexpected concurrent behaviors at runtime, for example data-races, synchronization mechanisms are typically used to enforce a safe subset of thread interleavings. Also, to test multithreaded programs, devel- opers need to enforce the precise thread schedules that they want to test. These tasks are nontrivial and error prone. This paper presents EnforceMOP, a framework for specifying and enforcing complex properties in multithreaded Java programs. A property is enforced at runtime by blocking the threads whose next actions would violate it. This way the remaining threads, whose execution is safe, can make global progress until the system eventually reaches a global state in which the blocked threads can be safely unblocked and allowed to execute. Users of EnforceMOP can specify the properties to be enforced using the expressive MOP multi-formalism notation, and can provide code to be executed at deadlock (when no thread is safe to continue). EnforceMOP was used in two different kinds of applications. First, to enforce general properties in multithreaded programs, as a formal, semantic alternative to the existing rigid and sometimes expensive syntactic synchronization mechanisms. Second, to enforce testing desirable schedules in unit testing of multithreaded programs, as an alternative to the existing limited and often adhoc techniques. Results show that EnforceMOP is able to effectively express and enforce complex properties and schedules in both scenarios.

[1]  William G. Griswold,et al.  An Overview of AspectJ , 2001, ECOOP.

[2]  Eitan Farchi,et al.  Framework for testing multi‐threaded Java programs , 2003, Concurr. Comput. Pract. Exp..

[3]  Marcelo d'Amorim,et al.  Event-based runtime verification of java programs , 2005, WODA '05.

[4]  Eric Bodden,et al.  Racer: effective race detection using aspectj , 2008, ISSTA '08.

[5]  Stephen N. Freund,et al.  FastTrack: efficient and precise dynamic race detection , 2009, PLDI '09.

[6]  Richard W. Vuduc,et al.  Falcon: fault localization in concurrent programs , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[7]  R. E. Kurt Stirewalt,et al.  The universe model: an approach for improving the modularity and reliability of concurrent programs , 2000, SIGSOFT '00/FSE-8.

[8]  Yuanyuan Zhou,et al.  CTrigger: exposing atomicity violation bugs from their hiding places , 2009, ASPLOS.

[9]  Grigore Rosu,et al.  Mop: an efficient and generic runtime verification framework , 2007, OOPSLA.

[10]  Grigore Rosu,et al.  Java-MOP: A Monitoring Oriented Programming Environment for Java , 2005, TACAS.

[11]  Marcelo d'Amorim,et al.  Event-based runtime verification of java programs , 2005, ACM SIGSOFT Softw. Eng. Notes.

[12]  Madan Musuvathi,et al.  Iterative context bounding for systematic testing of multithreaded programs , 2007, PLDI '07.

[13]  Stephen N. Freund,et al.  Velodrome: a sound and complete dynamic atomicity checker for multithreaded programs , 2008, PLDI '08.

[14]  William Pugh,et al.  Unit testing concurrent software , 2007, ASE.

[15]  Daniel Hoffman,et al.  Tool Support for Testing Concurrent Java Components , 2003, IEEE Trans. Software Eng..

[16]  Grigore Rosu,et al.  An Overview of the Runtime Verification Tool Java PathExplorer , 2004, Formal Methods Syst. Des..

[17]  Grigore Rosu,et al.  Improved multithreaded unit testing , 2011, ESEC/FSE '11.

[18]  Sampath Kannan,et al.  Steering of Discrete Event Systems: Control Theory Approach , 2006, Electron. Notes Theor. Comput. Sci..

[19]  Tevfik Bultan,et al.  Verifiable concurrent programming using concurrency controllers , 2004, Proceedings. 19th International Conference on Automated Software Engineering, 2004..

[20]  Jan Vitek,et al.  A data-centric approach to synchronization , 2012, TOPL.

[21]  Sebastian Burckhardt,et al.  Effective ? , 2010 .

[22]  Mahesh Viswanathan,et al.  Java-MaC: a Run-time Assurance Tool for Java Programs , 2001, RV@CAV.

[23]  Benjamin Livshits,et al.  Finding application errors and security flaws using PQL: a program query language , 2005, OOPSLA '05.

[24]  Alexander Aiken,et al.  Relational queries over program traces , 2005, OOPSLA '05.

[25]  George C. Necula,et al.  CONCURRIT: testing concurrent programs with programmable state-space exploration , 2012, HotPar'12.

[26]  Frank Tip,et al.  Associating synchronization constraints with data in an object-oriented language , 2006, POPL '06.

[27]  Ondrej Lhoták,et al.  Adding trace matching with free variables to AspectJ , 2005, OOPSLA '05.

[28]  Roy H. Campbell,et al.  The specification of process synchronization by path expressions , 1974, Symposium on Operating Systems.

[29]  Masaaki Mizuno,et al.  Invariant-based specification, synthesis, and verification of synchronization in concurrent programs , 2002, ICSE '02.

[30]  Klaus Havelund,et al.  Model checking JAVA programs using JAVA PathFinder , 2000, International Journal on Software Tools for Technology Transfer.