chess analysis and t esting of concurrent programs
play

CHESS: Analysis and T esting of Concurrent Programs Sebastian - PowerPoint PPT Presentation

Nov 20, 2023 •103 likes •673 views

CHESS: Analysis and T esting of Concurrent Programs Sebastian Burckhardt, Madan Musuvathi, Shaz Qadeer Microsoft Research Joint work with T om Ball, Peli de Halleux, and interns Gerard Basler (ETH Zurich), Katie Coons (U. T. Austin), P .

  1. CHESS: Analysis and T esting of Concurrent Programs Sebastian Burckhardt, Madan Musuvathi, Shaz Qadeer Microsoft Research Joint work with T om Ball, Peli de Halleux, and interns Gerard Basler (ETH Zurich), Katie Coons (U. T. Austin), P . Arumuga Nainar (U. Wisc. Madison), Iulian Neamtiu (U. Maryland, U.C. Riverside) Adjusted by Maria Christakis

  2. Concurrent Programming is HARD  Concurrent executions are highly nondeterminisitic  Rare thread interleavings result in Heisenbugs  Diffjcult to fjnd, reproduce, and debug  Observing the bug can “fjx” it  Likelihood of interleavings changes, say, when you add printfs  A huge productivity problem  Developers and testers can spend weeks chasing a single Heisenbug

  3. Main T akeaways  You can fjnd and reproduce Heisenbugs  new automatic tool called CHESS  for Win32 and .NET  CHESS used extensively inside Microsoft  Parallel Computing Platform (PCP)  Singularity  Dryad/Cosmos  Released by DevLabs

  4. CHESS in a nutshell  CHESS is a user-mode scheduler  Controls all scheduling nondeterminism  Guarantees:  Every program run takes a difgerent thread interleaving  Reproduce the interleaving for every run  Provides monitors for analyzing each execution

  5. CHESS Architecture Concurrency Concurrency Unmanaged Unmanaged Analysis Analysis Program Program Monitors Monitors Win32 Wrappers Windows Windows CHESS CHESS Exploration Exploration Engine Engine CHESS CHESS Scheduler Scheduler Managed Managed • Every run takes a different interleaving Program Program • Reproduce the interleaving for every run .NET Wrappers CLR CLR

  6. CHESS Specifjcs  Ability to explore all interleavings  Need to understand complex concurrency APIs (Win32, System.Threading)  Threads, threadpools, locks, semaphores, async I/O, APCs, timers, …  Does not introduce false behaviors  Any interleaving produced by CHESS is possible on the real scheduler

  7. CHESS: Find and Reproduce Heisenbugs Program CHESS runs the scenario in a loop CHESS • Every run takes a different interleaving TestScenario() { While(not done) { While(not done) { … • Every run is repeatable TestScenario() TestScenario() } } } Uses the CHESS scheduler CHESS CHESS • T o control and direct interleavings scheduler scheduler Win32/.NET Detect • Assertion violations Kernel: Kernel: Threads, Scheduler, Threads, Scheduler, • Deadlocks Synchronization Objects Synchronization Objects • Dataraces • Livelocks

  8. The Design Space for CHESS  Scale  Apply to large programs  Precision  Any error found by CHESS is possible in the wild  CHESS should not introduce any new behaviors  Coverage  Any error found in the wild can be found by CHESS  Capture all sources of nondeterminism  Exhaustively explore the nondeterminism

  9. CHESS Scheduler

  10. Concurrent Executions are Nondeterministic x = 1; x = 1; x = 2; x = 2; y = 1; y = 1; y = 2; y = 2; 0,0 0,0 2,0 2,0 1,0 1,0 x = 1; x = 1; 1,1 1,1 2,0 2,0 1,0 1,0 2,2 2,2 y = 1; y = 1; 2,1 2,1 2,1 2,1 1,1 1,1 1,2 1,2 1,2 1,2 2,2 2,2 x = 2; x = 2; y = 2; y = 2; 2,1 2,1 1,2 1,2 1,1 1,1 1,1 1,1 2,2 2,2 2,2 2,2

  11. High level goals of the scheduler  Enable CHESS on real-world applications  IE, Firefox, Office, Apache, …  Capture all sources of nondeterminism  Required for reliably reproducing errors  Ability to explore these nondeterministic choices  Required for finding errors

  12. Sources of Nondeterminism 1. Scheduling Nondeterminism  Interleaving nondeterminism  Threads can race to access shared variables or monitors  OS can preempt threads at arbitrary points  Timing nondeterminism  Timers can fire in different orders  Sleeping threads wake up at an arbitrary time in the future  Asynchronous calls to the file system complete at an arbitrary time in the future

  13. Sources of Nondeterminism 1. Scheduling Nondeterminism  Interleaving nondeterminism  Threads can race to access shared variables or monitors  OS can preempt threads at arbitrary points  Timing nondeterminism  Timers can fire in different orders  Sleeping threads wake up at an arbitrary time in the future  Asynchronous calls to the file system complete at an arbitrary time in the future  CHESS captures and explores this nondeterminism

  14. Sources of Nondeterminism 2. Input nondeterminism  User Inputs  User can provide difgerent inputs  The program can receive network packets with difgerent contents  Nondeterministic system calls  Calls to gettimeofday(), random()  ReadFile can either fjnish synchronously or asynchronously

  15. Sources of Nondeterminism 2. Input nondeterminism  User Inputs  User can provide difgerent inputs  The program can receive network packets with difgerent contents  CHESS relies on the user to provide a scenario  Nondeterministic system calls  Calls to gettimeofday(), random()  ReadFile can either fjnish synchronously or asynchronously  CHESS provides wrappers for such system calls

  16. Sources of Nondeterminism 3. Memory Model Effects  Hardware relaxations  The processor can reorder memory instructions  Can potentially introduce new behavior in a concurrent program  Compiler relaxations  Compiler can reorder memory instructions  Can potentially introduce new behavior in a concurrent program (with data races)

  17. Sources of Nondeterminism 3. Memory Model Effects  Hardware relaxations  The processor can reorder memory instructions  Can potentially introduce new behavior in a concurrent program  CHESS contains a monitor for detecting such relaxations  Compiler relaxations  Compiler can reorder memory instructions  Can potentially introduce new behavior in a concurrent program (with data races)  Future Work

  18. Interleaving Nondeterminism: Example init: init: balance = 100; balance = 100; Deposit Thread Withdraw Thread void Deposit100(){ void Deposit100(){ void Withdraw100(){ void Withdraw100(){ EnterCriticalSection(&cs); EnterCriticalSection(&cs); int t; int t; balance += 100; balance += 100; LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); EnterCriticalSection(&cs); EnterCriticalSection(&cs); } } t = balance; t = balance; LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); EnterCriticalSection(&cs); EnterCriticalSection(&cs); balance = t - 100; balance = t - 100; LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); } } final: final: assert(balance = 100); assert(balance = 100);

  19. Invoke the Scheduler at Preemption Points Deposit Thread Withdraw Thread void Deposit100(){ void Deposit100(){ void Withdraw100(){ void Withdraw100(){ ChessSchedule(); ChessSchedule(); int t; int t; EnterCriticalSection(&cs); EnterCriticalSection(&cs); balance += 100; balance += 100; ChessSchedule(); ChessSchedule(); ChessSchedule(); ChessSchedule(); EnterCriticalSection(&cs); EnterCriticalSection(&cs); LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); t = balance; t = balance; } } ChessSchedule(); ChessSchedule(); LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); ChessSchedule(); ChessSchedule(); EnterCriticalSection(&cs); EnterCriticalSection(&cs); balance = t - 100; balance = t - 100; ChessSchedule(); ChessSchedule(); LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); } }

  20. Introducing Unpredictable Delays Deposit Thread Withdraw Thread void Deposit100(){ void Deposit100(){ void Withdraw100(){ void Withdraw100(){ Sleep( rand () ); Sleep( rand () ); int t; int t; EnterCriticalSection(&cs); EnterCriticalSection(&cs); balance += 100; balance += 100; Sleep( rand() ); Sleep( rand() ); Sleep( rand() ); Sleep( rand() ); EnterCriticalSection(&cs); EnterCriticalSection(&cs); LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); t = balance; t = balance; } } Sleep( rand() ); Sleep( rand() ); LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); Sleep( rand() ); Sleep( rand() ); EnterCriticalSection(&cs); EnterCriticalSection(&cs); balance = t - 100; balance = t - 100; Sleep( rand() ); Sleep( rand() ); LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); } }

  21. Introduce Predictable Delays with Additional Synchronization Deposit Thread Withdraw Thread void Deposit100(){ void Deposit100(){ void Withdraw100(){ void Withdraw100(){ int t; int t; EnterCriticalSection(&cs); EnterCriticalSection(&cs); t = balance; t = balance; LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); SetEvent( e1 ); SetEvent( e1 ); WaitEvent( e1 ); WaitEvent( e1 ); EnterCriticalSection(&cs); EnterCriticalSection(&cs); balance += 100; balance += 100; LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); SetEvent( e2 ); SetEvent( e2 ); } } WaitEvent( e2 ); WaitEvent( e2 ); EnterCriticalSection(&cs); EnterCriticalSection(&cs); balance = t - 100; balance = t - 100; LeaveCriticalSection(&cs); LeaveCriticalSection(&cs); } }

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CHESS: Analysis and Testing of Concurrent Programs Sebastian Burckhardt, Madan Musuvathi, Shaz

CHESS: Analysis and Testing of Concurrent Programs Sebastian Burckhardt, Madan Musuvathi, Shaz

CHESS: Analysis and Testing of Concurrent Programs Sebastian Burckhardt, Madan Musuvathi, Shaz Qadeer Microsoft Research Joint work with Tom Ball, Peli de Halleux, and interns Gerard Basler (ETH Zurich), Katie Coons (U. T. Austin), P.

709 views • 60 slides
Lecture 2: Verification of Concurrent Programs Part 2: Under Approximate Analysis Ahmed

Lecture 2: Verification of Concurrent Programs Part 2: Under Approximate Analysis Ahmed

Lecture 2: Verification of Concurrent Programs Part 2: Under Approximate Analysis Ahmed Bouajjani LIAFA, University Paris Diderot Paris 7 VTSA, MPI-Saarbr ucken, September 2012 A. Bouajjani (LIAFA, UP7) Lecture 2: Concurrent Programs

654 views • 47 slides
Verifying Concurrent Programs (Tutorial) Aarti Gupta Systems Analysis & Verification Group

Verifying Concurrent Programs (Tutorial) Aarti Gupta Systems Analysis & Verification Group

Verifying Concurrent Programs (Tutorial) Aarti Gupta Systems Analysis & Verification Group NEC Labs America, Princeton, USA www.nec-labs.com Tutorial: Verifying Concurrent Programs Oct 2011 Acknowledgements Malay Ganai, Vineet

982 views • 72 slides
Automata-Based Analysis of Recursive Concurrent Programs Markus Mller-Olm Westflische

Automata-Based Analysis of Recursive Concurrent Programs Markus Mller-Olm Westflische

Automata-Based Analysis of Recursive Concurrent Programs Markus Mller-Olm Westflische Wilhelms-Universitt Mnster, Germany 2nd Tutorial of SPP RS3: Reliably Secure Software Systems Schloss Buchenau, September 3-6, 2012 Introduction

842 views • 39 slides
Chess 101 The pieces (http://en.lichess.org/analysis) Chess can be artsy The smothered mate

Chess 101 The pieces (http://en.lichess.org/analysis) Chess can be artsy The smothered mate

Chess 101 The pieces (http://en.lichess.org/analysis) Chess can be artsy The smothered mate white to play and win rr4k1/6pp/2Q5/3KN3/8/q7/8/8 w - - 0 1 Reti problem White to play and draw 7K/8/k1P5/7p/8/8/8/8 w - - 0 1 Top players

793 views • 14 slides
From Concurrent Programs to Simulating Sequential Programs: Correctness of a Transformation VPT

From Concurrent Programs to Simulating Sequential Programs: Correctness of a Transformation VPT

From Concurrent Programs to Simulating Sequential Programs: Correctness of a Transformation VPT 2017 Allan Blanchard, Fr ed eric Loulergue, Nikolai Kosmatov April 29 th , 2017 From Concurrent Programs to Simulating Sequential Programs

488 views • 37 slides
Relational interprocedural analysis for concurrent programs Bertrand Jeannet INRIA Rhne-Alpes

Relational interprocedural analysis for concurrent programs Bertrand Jeannet INRIA Rhne-Alpes

Relational interprocedural analysis for concurrent programs Bertrand Jeannet INRIA Rhne-Alpes December 5, 2008 Outline Introduction Challenge: combining recursion and concurrency Existing approaches Our approach Program model and

901 views • 67 slides
Resource Analysis of Distributed and Concurrent Programs Elvira Albert Complutense University

Resource Analysis of Distributed and Concurrent Programs Elvira Albert Complutense University

Resource Analysis of Distributed and Concurrent Programs Elvira Albert Complutense University of Madrid (Spain) DICE-FOPARA 2017 April 22-23, 2017, Uppsala, Sweden Elvira Albert, UCM Resource Analysis 1/37 what is resource analysis? The

1.66k views • 155 slides
SteelCore: An Extensible Concurrent Separation Logic for Effectful Dependent Programs Nikhil

SteelCore: An Extensible Concurrent Separation Logic for Effectful Dependent Programs Nikhil

SteelCore: An Extensible Concurrent Separation Logic for Effectful Dependent Programs Nikhil Swamy, Aseem Rastogi, Aymeric Fromherz , Denis Merigoux, Danel Ahman, Guido Martinez ICFP 2020 1/12 Verifying Concurrent Programs Lots of recent work

556 views • 37 slides
Theory and Practice Rune Djurhuus Chess Grandmaster runed@ifi.uio.no / runedj@microsoft.com

Theory and Practice Rune Djurhuus Chess Grandmaster runed@ifi.uio.no / runedj@microsoft.com

Chess Algorithms Theory and Practice Rune Djurhuus Chess Grandmaster runed@ifi.uio.no / runedj@microsoft.com October 4, 2018 1 Content Complexity of a chess game Solving chess , is it a myth? History of computer chess

278 views • 23 slides
Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer

Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer

Data Flow Analysis Concurrent Programs Race-Free Programs Sync-CFG Analysis Analysis Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer Science and Automation Indian Institute of Science,

981 views • 47 slides
Verifying Concurrent Programs Daniel Kroening 28 May 1 June 2012 Outline Shared-Variable

Verifying Concurrent Programs Daniel Kroening 28 May 1 June 2012 Outline Shared-Variable

Verifying Concurrent Programs Daniel Kroening 28 May 1 June 2012 Outline Shared-Variable Concurrency Predicate Abstraction for Concurrent Programs Boolean Programs with Bounded Replication Boolean Programs with Unbounded Replication D.

774 views • 50 slides
A Graph-Based Semantics Workbench for Concurrent Asynchronous Programs Alexander Heuner Chris

A Graph-Based Semantics Workbench for Concurrent Asynchronous Programs Alexander Heuner Chris

A Graph-Based Semantics Workbench for Concurrent Asynchronous Programs Alexander Heuner Chris Poskitt Otto-Friedrich-Universitt ETH Zrich Bamberg Dagstuhl, November 2015 Analysis (Verification) of Evolving Graph Structures 2 CP AH

370 views • 15 slides
Computational Logic Concurrent (Constraint) Logic Programming 1 Concurrent Logic Programs

Computational Logic Concurrent (Constraint) Logic Programming 1 Concurrent Logic Programs

Computational Logic Concurrent (Constraint) Logic Programming 1 Concurrent Logic Programs Predicate: Set of clauses Clause: Head :- Guard | Body. Head is an atom Guard and Body are conjunctions of atoms Resolvent: Set of goals

623 views • 28 slides
Java Concurrency 1 Shell CSCE 314 TAMU The World is Concurrent Concurrent programs: more than

Java Concurrency 1 Shell CSCE 314 TAMU The World is Concurrent Concurrent programs: more than

Shell CSCE 314 TAMU CSCE 314: Programming Languages Dr. Dylan Shell Java Concurrency 1 Shell CSCE 314 TAMU The World is Concurrent Concurrent programs: more than one activities execute simultaneously (concurrently) no interference

518 views • 35 slides
On Congruence Property of Scope Equivalence for Concurrent Programs with Higher-Order

On Congruence Property of Scope Equivalence for Concurrent Programs with Higher-Order

On Congruence Property of Scope Equivalence for Concurrent Programs with Higher-Order Communication Masaki Murakami Okayama University JAPAN A Formal Model of Concurrent Systems the model presented here is a translation of asynchronous

847 views • 31 slides
Chess Q&A : Question Answering on Chess Games Reasoning, Attention, Memory NIPS Workshop 12

Chess Q&A : Question Answering on Chess Games Reasoning, Attention, Memory NIPS Workshop 12

Chess Q&A : Question Answering on Chess Games Reasoning, Attention, Memory NIPS Workshop 12 December 2015 Volkan Cirik Louis-Philippe Morency Eduard Hovy 1 Visual Question Answering Which city is pictured? Malinowski et. al. 2015, Gao

466 views • 13 slides
Lecture 2: Intelligent Agents Key concepts from last lecture Prof. Julia

Lecture 2: Intelligent Agents Key concepts from last lecture Prof. Julia

CS440/ECE448: Intro to Artificial Intelligence Lecture 2: Intelligent Agents Key concepts from last lecture Prof. Julia Hockenmaier juliahmr@illinois.edu http://cs.illinois.edu/fa11/cs440 Last time s

351 views • 10 slides
Evolutionary Design of FreeCell Solvers Achiya Elyasaf, Ami Hauptman, Moshe Sipper Ben-Gurion

Evolutionary Design of FreeCell Solvers Achiya Elyasaf, Ami Hauptman, Moshe Sipper Ben-Gurion

Evolutionary Design of FreeCell Solvers Achiya Elyasaf, Ami Hauptman, Moshe Sipper Ben-Gurion University 2012 HUMIES AWARDS FOR HUMAN -COMPETITIVE RESULTS 1 The Game of FreeCell 2 EASY TO LEARN HARD TO PLAY HARD FOR AIer 3 Humans 4 Top

560 views • 15 slides
Programming a Computer for Playing Chess by C.E. Shannon Tsan-sheng Hsu tshsu@iis.sinica.edu.tw

Programming a Computer for Playing Chess by C.E. Shannon Tsan-sheng Hsu tshsu@iis.sinica.edu.tw

Programming a Computer for Playing Chess by C.E. Shannon Tsan-sheng Hsu tshsu@iis.sinica.edu.tw http://www.iis.sinica.edu.tw/~tshsu 1 Abstract About C.E. Shannon. 1916 2001. The father of Information theory. The father of

600 views • 21 slides
Divide And Conquer Small And Large Instance Small instance. Sort a list that has n <=

Divide And Conquer Small And Large Instance Small instance. Sort a list that has n <=

Divide And Conquer Small And Large Instance Small instance. Sort a list that has n <= 10 elements. Find the minimum of n <= 2 elements. Distinguish between small and large instances. Large instance. Small instances

86 views • 6 slides
Chess Playing Robot using Lego Mindstorms Raghav Gupta Nikhil Aggarwal Our Alg lgorithm

Chess Playing Robot using Lego Mindstorms Raghav Gupta Nikhil Aggarwal Our Alg lgorithm

Chess Playing Robot using Lego Mindstorms Raghav Gupta Nikhil Aggarwal Our Alg lgorithm Detecting the Move of human Calculating best possible move using chess playing program Executing the move using the Robot Detecting the Move 1. The

1.55k views • 8 slides
CS 309: Autonomous Robots FRI I Behavior Based Systems Elephants Dont Play Chess

CS 309: Autonomous Robots FRI I Behavior Based Systems Elephants Dont Play Chess

CS 309: Autonomous Robots FRI I Behavior Based Systems Elephants Dont Play Chess Instructor: Justin Hart http://justinhart.net/teaching/2020_spring_cs309/ The Symbol System Hypothesis Newell & Simon (Turing Award Lecture) a

406 views • 27 slides
Games vs. search problems Unpredictable opponent solution is a strategy specifying a

Games vs. search problems Unpredictable opponent solution is a strategy specifying a

Games vs. search problems Unpredictable opponent solution is a strategy specifying a move for every possible opponent reply Time limits unlikely to find goal, must approximate Adversarial Search Plan of attack: Computer

292 views • 8 slides

More recommend