DoubleChecker: efficient sound and precise atomicity checking

Atomicity is a key correctness property that allows programmers to reason about code regions in isolation. However, programs often fail to enforce atomicity correctly, leading to atomicity violations that are difficult to detect. Dynamic program analysis can detect atomicity violations based on an atomicity specification, but existing approaches slow programs substantially. This paper presents DoubleChecker, a novel sound and precise atomicity checker whose key insight lies in its use of two new cooperating dynamic analyses. Its imprecise analysis tracks cross-thread dependences soundly but imprecisely with significantly better performance than a fully precise analysis. Its precise analysis is more expensive but only needs to process a subset of the execution identified as potentially involved in atomicity violations by the imprecise analysis. If DoubleChecker operates in single-run mode, the two analyses execute in the same program run, which guarantees soundness and precision but requires logging program accesses to pass from the imprecise to the precise analysis. In multi-run mode, the first program run executes only the imprecise analysis, and a second run executes both analyses. Multi-run mode trades accuracy for performance; each run of multi-run mode outperforms single-run mode, but can potentially miss violations. We have implemented DoubleChecker and an existing state-of-the-art atomicity checker called Velodrome in a high-performance Java virtual machine. DoubleChecker's single-run mode significantly outperforms Velodrome, while still providing full soundness and precision. DoubleChecker's multi-run mode improves performance further, without significantly impacting soundness in practice. These results suggest that DoubleChecker's approach is a promising direction for improving the performance of dynamic atomicity checking over prior work.

[1]  Alex Aiken,et al.  Cooperative Bug Isolation , 2007 .

[2]  L.A. Smith,et al.  A Parallel Java Grande Benchmark Suite , 2001, ACM/IEEE SC 2001 Conference (SC'01).

[3]  Brandon Lucia,et al.  Atom-Aid: Detecting and Surviving Atomicity Violations , 2009, IEEE Micro.

[4]  Sharad Malik,et al.  Predictive analysis for detecting serializability violations through Trace Segmentation , 2011, Ninth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMPCODE2011).

[5]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[6]  Cormac Flanagan,et al.  Verifying Commit-Atomicity Using Model-Checking , 2004, SPIN.

[7]  David Lie,et al.  Kivati: fast detection and prevention of atomicity violations , 2010, EuroSys '10.

[8]  Amer Diwan,et al.  The DaCapo benchmarks: java benchmarking development and analysis , 2006, OOPSLA '06.

[9]  Koushik Sen,et al.  Randomized active atomicity violation detection in concurrent programs , 2008, SIGSOFT '08/FSE-16.

[10]  Stephen N. Freund,et al.  The RoadRunner Dynamic Analysis Framework for Concurrent Programs , 2010, PASTE '10.

[11]  Stephen N. Freund,et al.  Atomizer: A dynamic atomicity checker for multithreaded programs , 2008, Sci. Comput. Program..

[12]  Matthew B. Dwyer,et al.  Verifying Atomicity Specifications for Concurrent Object-Oriented Software Using Model-Checking , 2004, VMCAI.

[13]  Stephen N. Freund,et al.  Types for atomicity: Static checking and inference for Java , 2008, TOPL.

[14]  Vivek Sarkar,et al.  The Jikes Research Virtual Machine project: Building an open-source research community , 2005, IBM Syst. J..

[15]  Cormac Flanagan,et al.  A type and effect system for atomicity , 2003, PLDI.

[16]  Min Xu,et al.  A serializability violation detector for shared-memory server programs , 2005, PLDI '05.

[17]  Zhiqiang Ma,et al.  Demand-driven software race detection using hardware performance counters , 2011, 2011 38th Annual International Symposium on Computer Architecture (ISCA).

[18]  David A. Wood,et al.  LogTM: log-based transactional memory , 2006, The Twelfth International Symposium on High-Performance Computer Architecture, 2006..

[19]  Julian Dolby,et al.  Marathon: Detecting Atomic-Set Serializability Violations with Conflict Graphs , 2011, RV.

[20]  Azadeh Farzan,et al.  Causal Atomicity , 2006, CAV.

[21]  Michael Burrows,et al.  Eraser: a dynamic data race detector for multi-threaded programs , 1997, TOCS.

[22]  Scott D. Stoller,et al.  Accurate and efficient runtime detection of atomicity errors in concurrent programs , 2006, PPoPP '06.

[23]  Michael Burrows,et al.  Eraser: a dynamic data race detector for multithreaded programs , 1997, TOCS.

[24]  Francesco Sorrentino,et al.  PENELOPE: weaving threads to expose atomicity violations , 2010, FSE '10.

[25]  Maurice Herlihy,et al.  Transactional Memory: Architectural Support For Lock-free Data Structures , 1993, Proceedings of the 20th Annual International Symposium on Computer Architecture.

[26]  Xi Yang,et al.  Barriers reconsidered, friendlier still! , 2012, ISMM '12.

[27]  Scott D. Stoller,et al.  Runtime analysis of atomicity for multithreaded programs , 2006, IEEE Transactions on Software Engineering.

[28]  Azadeh Farzan,et al.  Monitoring Atomicity in Concurrent Programs , 2008, CAV.

[29]  Stephen N. Freund,et al.  Velodrome: a sound and complete dynamic atomicity checker for multithreaded programs , 2008, PLDI '08.

[30]  Yuanyuan Zhou,et al.  CTrigger: exposing atomicity violation bugs from their hiding places , 2009, ASPLOS.

[31]  LamportLeslie Time, clocks, and the ordering of events in a distributed system , 1978 .

[32]  Xi Yang,et al.  Why nothing matters: the impact of zeroing , 2011, OOPSLA '11.

[33]  Sumit Gulwani,et al.  Inferring locks for atomic sections , 2008, PLDI '08.

[34]  Frank Tip,et al.  Dynamic detection of atomic-set-serializability violations , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[35]  Thomas R. Gross,et al.  Static conflict analysis for multi-threaded object-oriented programs , 2003, PLDI '03.

[36]  Clifford Stein,et al.  Introduction to algorithms. Chapter 16. 2nd Edition , 2001 .

[37]  Zijiang Yang,et al.  HAVE: Detecting Atomicity Violations via Integrated Dynamic and Static Analysis , 2009, FASE.

[38]  Janak H. Patel,et al.  A low-overhead coherence solution for multiprocessors with private cache memories , 1984, ISCA '84.

[39]  Yuanyuan Zhou,et al.  Learning from mistakes: a comprehensive study on real world concurrency bug characteristics , 2008, ASPLOS.

[40]  Swarnendu Biswas,et al.  OCTET: capturing and controlling cross-thread dependences efficiently , 2013, OOPSLA.

[41]  Yuanyuan Zhou,et al.  AVIO: Detecting Atomicity Violations via Access-Interleaving Invariants , 2007, IEEE Micro.