Scalable and precise symbolic analysis for atomicity violations

We present a symbolic testing tool BEST for finding atomicity violations. We automatically infer and generate potential atomicity properties from an observed run of a multi-threaded program, and use precise modeling and constraint-based symbolic search to find atomicity violating schedules in the most generalization of the observed run. We focus mainly on the tool scalability by devising various simplification steps to reduce the formula and the search space by orders-of-magnitude. To that effect, we also introduce a new notion of atomicity that is useful and simple to check. We demonstrate the effectiveness of the combined techniques on several public C/C++/Java benchmarks in finding known/unknown atomicity bugs.

[1]  Aarti Gupta,et al.  Efficient Modeling of Concurrent Systems in BMC , 2008, SPIN.

[2]  Chao Wang,et al.  Trace-Based Symbolic Analysis for Atomicity Violations , 2010, TACAS.

[3]  Francesco Sorrentino,et al.  PENELOPE: weaving threads to expose atomicity violations , 2010, FSE '10.

[4]  Malay K. Ganai,et al.  Reduction of Verification Conditions for Concurrent System Using Mutually Atomic Transactions , 2009, SPIN.

[5]  Frank Tip,et al.  Dynamic detection of atomic-set-serializability violations , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[6]  Koushik Sen,et al.  Randomized active atomicity violation detection in concurrent programs , 2008, SIGSOFT '08/FSE-16.

[7]  Antoni W. Mazurkiewicz,et al.  Basic notions of trace theory , 1988, REX Workshop.

[8]  Cormac Flanagan,et al.  SideTrack: generalizing dynamic atomicity analysis , 2009, PADTAD '09.

[9]  Scott D. Stoller,et al.  Accurate and efficient runtime detection of atomicity errors in concurrent programs , 2006, PPoPP '06.

[10]  John S. White,et al.  Conference notes , 2004, Computers and translation.

[11]  Yuanyuan Zhou,et al.  CTrigger: exposing atomicity violation bugs from their hiding places , 2009, ASPLOS.

[12]  Yuanyuan Zhou,et al.  Learning from mistakes: a comprehensive study on real world concurrency bug characteristics , 2008, ASPLOS.

[13]  Frank Tip,et al.  Associating synchronization constraints with data in an object-oriented language , 2006, POPL '06.

[14]  Chao Wang,et al.  Universal Causality Graphs: A Precise Happens-Before Model for Detecting Bugs in Concurrent Programs , 2010, CAV.

[15]  Patrice Godefroid,et al.  Dynamic partial-order reduction for model checking software , 2005, POPL '05.

[16]  Matthew B. Dwyer,et al.  Verifying Atomicity Specifications for Concurrent Object-Oriented Software Using Model-Checking , 2004, VMCAI.

[17]  Zijiang Yang,et al.  HAVE: Detecting Atomicity Violations via Integrated Dynamic and Static Analysis , 2009, FASE.

[18]  Cormac Flanagan,et al.  Verifying Commit-Atomicity Using Model-Checking , 2004, SPIN.

[19]  Thomas R. Gross,et al.  Object race detection , 2001, OOPSLA '01.

[20]  Xiao Ma,et al.  MUVI: automatically inferring multi-variable access correlations and detecting related semantic and concurrency bugs , 2007, SOSP.

[21]  Harish Patil,et al.  Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.

[22]  Grigore Rosu,et al.  jPredictor: a predictive runtime analysis tool for java , 2008, ICSE '08.

[23]  Yuanyuan Zhou,et al.  AVIO: Detecting Atomicity Violations via Access-Interleaving Invariants , 2007, IEEE Micro.

[24]  Azadeh Farzan,et al.  Causal Atomicity , 2006, CAV.

[25]  Cormac Flanagan,et al.  A type and effect system for atomicity , 2003, PLDI.

[26]  Min Xu,et al.  A serializability violation detector for shared-memory server programs , 2005, PLDI '05.

[27]  Francesco Sorrentino,et al.  Meta-analysis for Atomicity Violations under Nested Locking , 2009, CAV.