reproducing concurrency failures from crash stacks
play

Reproducing Concurrency Failures from Crash Stacks Francesco A. - PowerPoint PPT Presentation

Feb 04, 2023 •350 likes •695 views

Reproducing Concurrency Failures from Crash Stacks Francesco A. Bianchi* Mauro Pezz* Valerio Terragni * Universit di Milano Bicocca, * USI Universit della Svizzera italiana, Switzerland Italy ESEC/FSE 2017 Introduction

  1. Reproducing Concurrency Failures from Crash Stacks Francesco A. Bianchi* Mauro Pezzè* ◇ Valerio Terragni * ◇ Università di Milano Bicocca, * USI Università della Svizzera italiana, Switzerland Italy ESEC/FSE 2017

  2. Introduction Concurrent Programs are OUR GOAL everywhere, difficult to write and test Automated reproduction of concurrency failures manifested in the field Many concurrency bugs manifest in the field

  3. Reproducing Concurrency Failures Why is it important? Ease understanding and fixing the related concurrency fault Difficult problem! What is needed? A failure-inducing test code and thread interleaving runnable piece of code temporal order of that exercises the program shared memory under test accesses

  4. State of The Art Output Technique Input Test code Interleaving ODR [Altekar SOSP ’09] LEAP [Huang FSE ’10] CLAP [Huang PLDI ’13] CARE [Jiang ICSE ’14] Execution Cortex [Machado PPoPP ’16] trace STRIDE [Zhou ICSE ’12] ESD [Zamfir EuroSys ’10] Memory Weeratunge ASPLOS ‘10 core-dumps Privacy concerns Overhead issues Hard to obtain in the field

  5. State of The Art Output Technique Input Test code Interleaving ODR [Altekar SOSP ’09] LEAP [Huang FSE ’10] CLAP [Huang PLDI ’13] CARE [Jiang ICSE ’14] Execution Cortex [Machado PPoPP ’16] trace STRIDE [Zhou ICSE ’12] ESD [Zamfir EuroSys ’10] Memory Weeratunge ASPLOS ‘10 core-dumps ConCrash Crash stack (our contribution) Less privacy concerns No overhead issues Easily obtainable in the field

  6. ConCrash Targets Thread-safe Classes “A class that encapsulates synchronizations that ensure a correct behavior when the same instance of the class is accessed from multiple threads”

  7. Crash Stack type of exception Point Of Failure (POF) java.lang.NullPointerException at java.util.logging.Logger.log(Logger.java:421) at java.util.logging.Logger.doLog(Logger.java:458) at java.util.Logging.Logger.log(Logger.java:482) at java.util.logging.Logger.info(Logger.java:996)

  8. Example of Thread-safety Violation Thread 1 Thread 2 public void setFilter(Filter f) { public void log(LogRecord r) { this.filter = f; synchronized(this) { if(filter != null) { } if(!filter.isLoggable(r)) { = null return; } Point Of Failure (POF) } } } failure-inducing interleaving

  9. Concurrent Test Code Logger sout = Logger.getAnonymousLogger(); Sequential MyFilter myFilter0 = new MyFilter(); Prefix sout.setFilter(myFilter0); Thread 2 Thread 1 Concurrent sout.info(""); sout.setFilter(null); Suffixes Set of method call sequences that exercise the public interface of a class from multiple threads.

  10. Challenge Crash Stacks provides only limited information on how to generate a failure-inducing test code Crash Stack java.lang.NullPointerException at java.util.logging.Logger.log(Logger.java:421) at java.util.logging.Logger.doLog(Logger.java:458) at java.util.Logging.Logger.log(Logger.java:482) at java.util.logging.Logger.info(Logger.java:996) Crashing method and Class Under Test (CUT) Failure-inducing Test Code Logger sout = Logger.getAnonymousLogger(); Sequential MyFilter myFilter0 = new MyFilter(); Prefix sout.setFilter(myFilter0); CUT Thread 1 Thread 2 sout.info(""); sout.setFilter(null); Input Interfering Crashing Parameter Method Method

  11. Challenge Crash Stacks provides only limited information on how to generate a failure-inducing test code Crash Stack java.lang.NullPointerException at java.util.logging.Logger.log(Logger.java:421) at java.util.logging.Logger.doLog(Logger.java:458) at java.util.Logging.Logger.log(Logger.java:482) at java.util.logging.Logger.info(Logger.java:996) Implication: The search space of candidate Crashing method and Class Under Test (CUT) failure-inducing test codes is very huge Failure-inducing Test Code Logger sout = Logger.getAnonymousLogger(); Sequential MyFilter myFilter0 = new MyFilter(); Prefix sout.setFilter(myFilter0); CUT Thread 1 Thread 2 sout.info(""); sout.setFilter(null); Input Interfering Crashing Parameter Method Method

  12. ConCrash Failure-Inducing Test Code Crash Interleaving Test Code Concurrent & Stack Explorer Generator Test Code Interleaving [if failure not found] Pruning Strategies Avoid exploring the interleaving space of redundant and irrelevant test codes

  13. Test Code Generator Failure-Inducing Test Code Crash Interleaving Test Code Concurrent & Stack Explorer Generator Test Code Interleaving [if failure not found] • Build on top of AutoConTest [Terragni and Cheung ICSE ‘16] • Systematically explores test codes with fixed pool of input parameters • It performs state matching to prune redundant test codes.

  14. Pruning Strategies Failure-Inducing Test Code Crash Interleaving Test Code Concurrent & Stack Explorer Generator Test Code Interleaving [if failure not found] Pruning Strategies

  15. Pruning Strategies Rely on information obtained by executing the call sequences of a test code sequentially Low computational cost Good proxy Sequential Coverage (Terragni and Cheung ICSE ‘16) - write W(x) and read R(x) of shared memory x - lock acquire ACQ(l) and lock release REL(l) - method enter ENTER(m) and exit EXIT(m)

  16. Pruning Strategies (cont.) candidate test code CUT sout = new CUT(); sout.m1(); sout.m2(“hi”); Thread 2 Thread 1 Interfering Crashing Method Method sout.m3(5); sout.m4(10); CUT sout = new CUT(); CUT sout = new CUT(); sout.m1(); sout.m1(); sout.m2(“hi”); sout.m2(“hi”); sout.m3(5); sout.m4(10); … … REL(lock) REL(lock) EXIT(m2) EXIT(m2) ENTER(m4) ENTER(m3) Sequential Coverage ACQ(l) W(x) R(k) R(k) REL(l) EXIT(m3) EXIT(m4)

  17. Pruning Strategy : PS-Exception Prunes a candidate test code if one of its method call sequences throws an exception sequentially CUT sout = new CUT(); CUT sout = new CUT(); sout.m1(); sout.m1(); sout.m2(“hi”); sout.m2(“hi”); Crashing sout.m9(null); sout.m4(10); Method … … REL(lock) REL(lock) EXIT(m2) EXIT(m2) ENTER(m4) ENTER(m9) ACQ(l) R(x) R(k) java.lang.NullPointerException REL(l) EXIT(m4) Our focus are concurrent (not sequential) failures!

  18. Pruning Strategy : PS-Stack Prunes a candidate test code if the sequential coverage of the crashing method does not match the crash stack CUT sout = new CUT(); CUT sout = new CUT(); sout.m1(); sout.m1(); sout.m2(“hi”); sout.m2(“hi”); Crashing sout.m3(); sout.m4(10); Method … … REL(lock) REL(lock) EXIT(m2) EXIT(m2) Stack Trace ENTER(m4) ENTER(m3) MyException ACQ(l) ENTER(m8) at cut.m6() R(k) ENTER(m12) at cut.m8() REL(l) … at cut.m3() EXIT(m4)

  19. Pruning Strategy : PS-Redundant Prunes a candidate test code if the sequential coverages of the concurrent suffixes are redundant CUT sout = new CUT(); CUT sout = new CUT(); sout.m1(); sout.m1(); sout.m2(“hi”); sout.m2(“hi”); Interfering Crashing sout.m3(); sout.m4(10); Method Method … … REL(lock) REL(lock) EXIT(m2) EXIT(m2) Redundant? ENTER(m3) ENTER(m4) W(x) ACQ(l) R(k) R(k) EXIT(m3) REL(l) EXIT(m4) repository

  20. Pruning Strategy : PS-Interfere Prunes a candidate test code if the concurrent suffixes do not access (at least one write) the same shared memory location CUT sout = new CUT(); CUT sout = new CUT(); sout.m1(); sout.m1(); sout.m2(“hi”); sout.m2(“hi”); Interfering Crashing sout.m3(); sout.m4(10); Method Method … … REL(lock) REL(lock) EXIT(m2) EXIT(m2) ENTER(m4) ENTER(m3) ACQ(l) Shared memory accessed W(x) W(x) R(y) R(y) EXIT(m3) x y REL(l) EXIT(m4)

  21. Pruning Strategy : PS-Interleave Prunes a candidate test code if the concurrent suffixes are mutually exclusive CUT sout = new CUT(); CUT sout = new CUT(); sout.m1(); sout.m1(); sout.m2(“hi”); sout.m2(“hi”); Interfering Crashing sout.m1(); sout.m4(10); Method Method … … REL(lock) REL(lock) EXIT(m2) EXIT(m2) ENTER(m4) ENTER(m1) ACQ(l) ACQ(l) ACQ(l) ACQ(l ) Cannot interleave! R(x) R(x) W(x) REL(l) REL(l) REL(l) REL(l) EXIT(m4) EXIT(m1)

  22. Interleaving Explorer Failure-Inducing Test Code Crash Interleaving Test Code Concurrent & Stack Explorer Generator Test Code Interleaving [if failure not found] • Relies on Cortex [Machado et al. PPoPP’16] • Uses symbolic execution and constraint solving to identify failure inducing interleavings

  23. Evaluation RQ1: ConCrash effectiveness RQ2 : Contribution of each Pruning Strategy RQ3: Comparison with Testing Approaches

  24. Subjects 10 real, known and fixed concurrency faults of thread- safe classes in 5 popular codebases Crash Stack Class Under Test Code Base SLOC # Methods Type of Except. Depth PerUserPoolDataSource 719 68 ConcurrentModif. 4 Commons DBCP SharedPoolDataSource 546 44 ConcurrentModif. 4 IntRange Commons Math 278 44 AssertionError 1 BufferedInputStream 304 12 NullPointerExc. 2 Logger Java JDK 528 45 NullPointerExc. 4 PushbackReader 143 13 NullPointerExc. 1 NumberAxis 1,662 119 IllegalArgumentExc. 2 JFreeChart XYSeries 200 28 ConcurrentModif. 4 Category 387 43 NullPointerExc. 1 Log4j FileAppender 185 13 NullPointerExc. 2

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Prophecy : Using History for High Throughput Fault Tolerance Siddhartha Sen Joint work with

Prophecy : Using History for High Throughput Fault Tolerance Siddhartha Sen Joint work with

Prophecy : Using History for High Throughput Fault Tolerance Siddhartha Sen Joint work with Wyatt Lloyd and Mike Freedman Princeton University Non crash failures happen Non crash failures happen Non crash failures happen Non crash

1.28k views • 106 slides
Contention-Related Crash Failures Anas Durand LIP6, Sorbonne Universit, Paris April 1st,

Contention-Related Crash Failures Anas Durand LIP6, Sorbonne Universit, Paris April 1st,

Contention-Related Crash Failures Anas Durand LIP6, Sorbonne Universit, Paris April 1st, 2019 1 / 25 Anas Durand Contention-Related Crash Failures Set Agreement and Renaming in the Presence of Contention-Related Crash Failures SSS 2018

1.02k views • 52 slides
Global view mutual exclusion despite process crash failures? But Which is the weakest

Global view mutual exclusion despite process crash failures? But Which is the weakest

Summary Global view of the paper On the Weakest Failure Detector For Crash failures and failure detectors Read/Write-Based Mutual Exclusion Mutual exclusion Technical content Carole D ELPORTE , Hugues F AUCONNIER

571 views • 7 slides
Figure 1: List of all Boolean clones with bases ( h n = i =1 x 1 x i 1 x i +1

Figure 1: List of all Boolean clones with bases ( h n = i =1 x 1 x i 1 x i +1

Class Definition Base(s) BF all Boolean functions { and , not } R 0 { f BF | f is 0-reproducing } { and , xor } R 1 { f BF | f is 1-reproducing } { or , x y 1 } R 2 R 1 R 0 { or , x ( y z 1) } M { f BF | f is

351 views • 5 slides
Investigation of Failures 49 CFR 192.617 192.617 Investigation of Failures Each operator

Investigation of Failures 49 CFR 192.617 192.617 Investigation of Failures Each operator

Investigation of Failures 49 CFR 192.617 192.617 Investigation of Failures Each operator shall establish procedures for analyzing accidents and failures, including the selection of samples of the failed facility or equipment for

948 views • 55 slides
Sorting with Pop Stacks Stacks Pop stacks 1-Pop-stack sortability 2-Pop-stack sortability

Sorting with Pop Stacks Stacks Pop stacks 1-Pop-stack sortability 2-Pop-stack sortability

Sorting with Pop Stacks Lara Pudwell Sorting with Pop Stacks Stacks Pop stacks 1-Pop-stack sortability 2-Pop-stack sortability Polyominoes on a helix Lara Pudwell Width 2 Width 3 faculty.valpo.edu/lpudwell Wrapping up joint work with

825 views • 34 slides
Concurrency What is concurrency? In computer science, concurrency is a property of systems which

Concurrency What is concurrency? In computer science, concurrency is a property of systems which

C Concurrency and Synchronization Concurrency What is concurrency? In computer science, concurrency is a property of systems which consist of computations that execute overlapped in time, and which may permit the sharing of common resources

621 views • 34 slides
Lists, Stacks and Queues Stacks and Queues Stacks n A restricted list where insertions and

Lists, Stacks and Queues Stacks and Queues Stacks n A restricted list where insertions and

Lists, Stacks and Queues Stacks and Queues Stacks n A restricted list where insertions and deletions can only be performed at one location, the end of the list (top). n LIFO Last In First Out q Laundry Basket last thing you put

348 views • 12 slides
Verifying concurrent, crash-safe systems with Perennial Tej Chajed , Joseph Tassarotti*, Frans

Verifying concurrent, crash-safe systems with Perennial Tej Chajed , Joseph Tassarotti*, Frans

Verifying concurrent, crash-safe systems with Perennial Tej Chajed , Joseph Tassarotti*, Frans Kaashoek, Nickolai Zeldovich MIT and *Boston College Many systems need concurrency and crash safety Examples: file systems, databases, and key-value

852 views • 46 slides
Stacks Stacks The unorganized persons data structure stacks 1 Stack characteristics Stack

Stacks Stacks The unorganized persons data structure stacks 1 Stack characteristics Stack

Stacks Stacks The unorganized persons data structure stacks 1 Stack characteristics Stack characteristics Entries are ordered in terms of access -- both insertion and removal take place at same spot (top of stack) Specialized

629 views • 42 slides
Localized failures: synchrony Nicola Santaro: Design and Analysis of Distributed Algorithms

Localized failures: synchrony Nicola Santaro: Design and Analysis of Distributed Algorithms

Localized failures: synchrony Nicola Santaro: Design and Analysis of Distributed Algorithms Chapter 7.3 March 28 th , 2007 Jani Lampinen jalampin@cc.hut.fi Single-Failure Disaster theorem States that EFT-Consensus (1, crash, n-1) is

592 views • 25 slides
Asynchronous Programming Model for Concurrency concurrency Concurrency is when two or more tasks

Asynchronous Programming Model for Concurrency concurrency Concurrency is when two or more tasks

Asynchronous Programming Model for Concurrency concurrency Concurrency is when two or more tasks can start, run, and complete in overlapping time periods. It doesn't necessarily mean they'll ever both be running at the same instant. For

915 views • 24 slides
csci 210: Data Structures Stacks and Queues Summary Topics stacks and queues as

csci 210: Data Structures Stacks and Queues Summary Topics stacks and queues as

csci 210: Data Structures Stacks and Queues Summary Topics stacks and queues as abstract data types implementations arrays linked lists analysis and comparison application: searching with stacks and

284 views • 16 slides
Reliability In case of a crash, recover to a consistent (or correct state) and continue

Reliability In case of a crash, recover to a consistent (or correct state) and continue

Reliability In case of a crash, recover to a consistent (or correct state) and continue processing. Types of Failures Node failure 1. Communication line of failure 2. Loss of a message (or transaction) 3. Network partition 4. Any

559 views • 21 slides
Reverse Debugging of Kernel Failures in Deployed Systems Xinyang Ge, Ben Niu and Weidong Cui

Reverse Debugging of Kernel Failures in Deployed Systems Xinyang Ge, Ben Niu and Weidong Cui

Reverse Debugging of Kernel Failures in Deployed Systems Xinyang Ge, Ben Niu and Weidong Cui Microsoft Research USENIX Annual Technical Conference, 2020 What happened before the crash? REPT: Reverse Execution with Processor Trace REPT:

593 views • 21 slides
Stacks, Queues, and Priority Queues Inf 2B: Heaps and Priority Queues Stacks, queues, and priority

Stacks, Queues, and Priority Queues Inf 2B: Heaps and Priority Queues Stacks, queues, and priority

Stacks, Queues, and Priority Queues Inf 2B: Heaps and Priority Queues Stacks, queues, and priority queues are all ADTs for storing collections of elements. They differ in their access policy: Lecture 6 of ADS thread Stacks: Last-in-first-out

444 views • 7 slides
Education for Sustainable Development (ESD) The Nature can be a classroom Conference of the

Education for Sustainable Development (ESD) The Nature can be a classroom Conference of the

City of Nuremberg, Department of Education, Schools and Sports Education for Sustainable Development (ESD) The Nature can be a classroom Conference of the European RCEs RCE Bretagne - Vannes ESD and enviromental education in Bavarian

507 views • 18 slides
Integration and Installation Marco Verzocchi Fermilab 21 August 2019 Production, Integration,

Integration and Installation Marco Verzocchi Fermilab 21 August 2019 Production, Integration,

TPC Electronics Integration and Installation Marco Verzocchi Fermilab 21 August 2019 Production, Integration, Installation With respect to these consortia talks, four key elements are required: (1) Parts Breakdown Structure for your

204 views • 19 slides
Outline The Esterel Language Introduction to Esterel and Existing Compilers Developed by G

Outline The Esterel Language Introduction to Esterel and Existing Compilers Developed by G

Outline The Esterel Language Introduction to Esterel and Existing Compilers Developed by G erard Berry starting 1983 My Software Compiler [DAC 2000, TransCAD 2002] Originally for robotics applications Compiling Esterel My Hardware Compiler

305 views • 5 slides
Programming Design Introduction Ling-Chieh Kung Ling-Chieh Kung Department of Information

Programming Design Introduction Ling-Chieh Kung Ling-Chieh Kung Department of Information

Basic structure and cout Variable declaration and cin Computer programming the if and while statements Formatting a C++ program Programming Design Introduction Ling-Chieh Kung Ling-Chieh Kung Department of Information Management National

566 views • 45 slides
Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT

Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT

Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT PROOF Modify it... Run a task that accesses MC PROOF Reading log files, resetting session, etc. Running the tasks from

679 views • 19 slides
Implementation Update January, 2016 Steve Smothers- Marijuana Prevention & Education Program

Implementation Update January, 2016 Steve Smothers- Marijuana Prevention & Education Program

DOH- Marijuana Prevention/Education Program Implementation Update January, 2016 Steve Smothers- Marijuana Prevention & Education Program Manager Washington State Department of Health- Community Based Prevention 1 Distribution of Funds From

358 views • 8 slides
Number of Tracks with HFE cuts and HFE AOD discussion MinJung Kweon University of Heidelberg

Number of Tracks with HFE cuts and HFE AOD discussion MinJung Kweon University of Heidelberg

Number of Tracks with HFE cuts and HFE AOD discussion MinJung Kweon University of Heidelberg May 25, 2009, HFE meeting HFE AOD? We are considering HFE AOD, then how do we proceed? The question will be if we want to use standard AOD(with more

296 views • 7 slides
AMBER Active Measurement Box of Electrostatic Risk Denis PAYAN CNES The French Space Agency

AMBER Active Measurement Box of Electrostatic Risk Denis PAYAN CNES The French Space Agency

AMBER Active Measurement Box of Electrostatic Risk Denis PAYAN CNES The French Space Agency Jean-Andr Sauvaud, Benot Lavraud et al. - IRAP Radiation and Plasma Monitoring Workshop 13-14 May 2014 Introduction Electrostatic

378 views • 10 slides

More recommend