Static Data Race Detection for Interrupt-Driven Embedded Software

Interrupt mechanisms are widely used to process multiple concurrent tasks in the software without OS abstraction layer in various cyber physical systems (CPSs), such as space flight control systems. Data races caused by interrupt preemption frequently occur in those systems, leading to unexpected results or even severe system failures. In recent Chinese space projects, many software defects related to data races have been reported. How to detect interrupt based data races is an important issue in the quality assurance for aerospace software. In this paper, we propose a tool named Race Checker that can statically detect data races for interrupt-driven software. Given the source code or binary code of interrupt-driven software, the tool aggressively infers information such as interrupts priority states, interrupt enable states and memory accesses at each program point using our extended interprocedural data flow analysis. With the information above, it identifies the suspicious program points that may lead to data races. Race Checker is explicitly designed to find data race bugs in real-life aerospace software. Up to now, the tool has been applied in aerospace software V&V and found several severe data race bugs that may lead to system failures.

[1]  Dinghao Wu,et al.  KISS: keep it simple and sequential , 2004, PLDI '04.

[2]  Gary A. Kildall,et al.  A unified approach to global program optimization , 1973, POPL.

[3]  Rahul Agarwal,et al.  Automated type-based analysis of data races and atomicity , 2005, PPoPP.

[4]  Dan Grossman,et al.  Type-safe multithreading in cyclone , 2003, TLDI '03.

[5]  Martin C. Rinard,et al.  A parameterized type system for race-free Java programs , 2001, OOPSLA '01.

[6]  Jong-Deok Choi,et al.  Efficient and precise datarace detection for multithreaded object-oriented programs , 2002, PLDI '02.

[7]  Dawson R. Engler,et al.  RacerX: effective, static detection of race conditions and deadlocks , 2003, SOSP '03.

[8]  Yuanyuan Zhou,et al.  AVIO: Detecting Atomicity Violations via Access-Interleaving Invariants , 2007, IEEE Micro.

[9]  Michael Burrows,et al.  Eraser: a dynamic data race detector for multi-threaded programs , 1997, TOCS.

[10]  Sorin Lerner,et al.  RELAY: static race detection on millions of lines of code , 2007, ESEC-FSE '07.

[11]  John Regehr,et al.  Interrupt Verification via Thread Verification , 2007, Electron. Notes Theor. Comput. Sci..

[12]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[13]  Alexander Aiken,et al.  Saturn: A SAT-Based Tool for Bug Detection , 2005, CAV.

[14]  Satish Narayanasamy,et al.  LiteRace: effective sampling for lightweight data-race detection , 2009, PLDI '09.

[15]  Thomas A. Henzinger,et al.  Race checking by context inference , 2004, PLDI '04.

[16]  Dawson R. Engler,et al.  Checking system rules using system-specific, programmer-written compiler extensions , 2000, OSDI.

[17]  Nancy G. Leveson,et al.  An investigation of the Therac-25 accidents , 1993, Computer.

[18]  Michael D. Jones,et al.  Model Checking Machine Code with the GNU Debugger , 2005, SPIN.

[19]  Stephen N. Freund,et al.  Detecting race conditions in large programs , 2001, PASTE '01.

[20]  Sriram K. Rajamani,et al.  Thorough static analysis of device drivers , 2006, EuroSys.