static versioning of global state for race condition
play

Static Versioning of Global State for Race Condition Detection - PowerPoint PPT Presentation

Jun 16, 2023 •284 likes •577 views

Introduction Static State Versioning Version Computation Conclusion Static Versioning of Global State for Race Condition Detection Steffen Keul Dept. of Programming Languages and Compilers Institute of Software Technology University of

  1. Introduction Static State Versioning Version Computation Conclusion Static Versioning of Global State for Race Condition Detection Steffen Keul Dept. of Programming Languages and Compilers Institute of Software Technology University of Stuttgart 15 th International Conference on Reliable Software Technologies – Ada-Europe 2010 Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 1 / 20

  2. Introduction Static State Versioning Version Computation Conclusion Outline Introduction Motivation Static State Versioning Motivation Algorithm Design Version Computation Algorithm Outline Interference Data Flow Versioning Conclusion Conclusion Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 2 / 20

  3. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Real-World Data Race Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 3 / 20

  4. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Real-World Data Race Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 3 / 20

  5. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Real-World Data Race Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 3 / 20

  6. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Real-World Data Race Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 3 / 20

  7. Introduction Static State Versioning Version Computation Conclusion Motivation Data Races Definition (Data Race) A data race occurs if two threads access a common storage location without ordering constraints, and one of the accesses modifies the storage contents. Presence of data race means: ◮ possibly missing explicit synchronization ◮ for non-atomic accesses, possibility of illegal bit-patterns Absence of data race means: ◮ some serialization of accesses exists ◮ no illegal bit-patterns are created Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 4 / 20

  8. Introduction Static State Versioning Version Computation Conclusion Motivation Race detection ◮ data races can indicate programming errors ◮ confidence in absence of races through static analysis ◮ many analysis algorithms exist for data race detection ◮ some data races can be tolerated if the shared variable is accessed atomically ◮ however, some critical race conditions are not data races ◮ this work aims at detection of all potentially harmful race conditions Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 5 / 20

  9. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Static State Versioning ◮ Shared Variables: sens_1 , sens_2 , sens_3 Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 6 / 20

  10. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Static State Versioning ◮ Shared Variables: sens_1 , sens_2 , sens_3 ◮ Data Race because of read of sens_3 ◮ no synchronization necessary if int s read atomically, Data Race uninteresting Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 6 / 20

  11. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Static State Versioning ◮ Shared Variables: sens_1 , sens_2 , sens_3 ◮ Data Race because of read of sens_3 ◮ no synchronization necessary if int s read atomically, Data Race uninteresting ◮ Versioning of reads Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 6 / 20

  12. Introduction Static State Versioning Version Computation Conclusion Motivation Example: Static State Versioning ◮ Shared Variables: sens_1 , sens_2 , sens_3 ◮ Data Race because of read of sens_3 ◮ no synchronization necessary if int s read atomically, Data Race uninteresting ◮ Versioning of reads ◮ Use of different versions indicates programming error Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 6 / 20

  13. Introduction Static State Versioning Version Computation Conclusion Motivation Violation of Atomicity: uninteresting warnings Example (Conflict accesses on g in thread2 and thread3 , but inconsistent expression only in thread3 ) int g; void *thread1( void *p) { while (1) g = read_sensor_value(); } void *thread2( void *p) { while (1) act_1(5 * g + 17); } void *thread3( void *p) { while (1) act_2(g * g); } Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 7 / 20

  14. Introduction Static State Versioning Version Computation Conclusion Motivation Violation of Atomicity: nonatomic expressions Example (Free of data races, but the mutex_lock -calls around g1+g2 have no effect) void *t1( void *p) void *t2( void *p) { mutex_lock(&m); { mutex_lock(&n); g1 = ...; g2 = ...; mutex_unlock(&m); mutex_unlock(&n); } } int main() { create(t1); create(t2); mutex_lock(&m); mutex_lock(&n); res = g1 + g2; mutex_unlock(&n); mutex_unlock(&m); } Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 8 / 20

  15. Introduction Static State Versioning Version Computation Conclusion Motivation Stale Updates Example (Nonatomic increments) pthread_mutex_lock(&m); int local = global; pthread_mutex_unlock(&m); local += 17; pthread_mutex_lock(&m); global = local; pthread_mutex_unlock(&m); The LHS’s version ( global directly before the assignment) differs from the RHS’s version ( local ). Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 9 / 20

  16. Introduction Static State Versioning Version Computation Conclusion Algorithm Outline State Versioning Algorithm 1. translate source code into intermediate representation, use only atomic read and write operations 2. represent interfering data flow explicitly by insertion of ψ -nodes for ◮ conflict reads ◮ uses of shared variables in protected regions 3. assign versions to reads in every function independent of calling context, in bottom-up traversal of the call graph 4. adjust versions depending on context in top-down traversal of the call graph 5. produce warning list for potentially inconsistent expressions Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 10 / 20

  17. Introduction Static State Versioning Version Computation Conclusion Interference Data Flow Lockset analysis ◮ determine the set of all possible (mutex-) locks: L full ◮ associate each site s in the program with the set of mutex-locks l act ( s ) ⊆ L full that are active ◮ use monotonic analysis framework over ( 2 L full , ⊆ ) ◮ initial value ∅ at function entry, L full for all other basic blocks ◮ at confluence points use intersection as meet operator ◮ distinguish different caller locksets at call sites Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 11 / 20

  18. Introduction Static State Versioning Version Computation Conclusion Interference Data Flow Interference flow for conflict reads ◮ determine shared objects ◮ use locksets to determine conflict reads ◮ place ψ -node in front of every conflict read Example (Insertion of ψ -nodes for conflict reads) s m 1 = 0 ; s = 0; s m 2 = ψ ( s m 1 , s t 1 , . . . , s tn ) ; ⇒ s m 3 = ψ ( s m 1 , s t 1 , . . . , s tn ) ; s = s + s; s m 4 = s m 2 + s m 3 ; So far . . . ◮ Synchronization is ignored Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 12 / 20

  19. Introduction Static State Versioning Version Computation Conclusion Interference Data Flow Interference flow for protected regions ◮ identify protected regions ◮ regions protected by a common lock are mutually exclusive ◮ data flow can only occur from end to beginning of mutually exclusive regions ⇒ Add Link-out and ψ nodes ◮ interference flow for multiple objects is stored into a single ψ -node A = { ( l old , l new ) ∈ 2 L full × 2 L full : l old ∩ L out ( bb ) � = ∅ ∧ l new ∩ L out ( bb ) = ∅ ∧ l old ∩ L act ( bb ) = ∅ ∧ l new ∩ L act ( bb ) = ∅ } Steffen Keul (University of Stuttgart) Static Versioning of Global State for Race Condition Detection AE 2010 13 / 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Versioning Versioning Versioning Versioning Terms Configuration item (CI) Version

Versioning Versioning Versioning Versioning Terms Configuration item (CI) Version

Versioning Versioning Versioning Versioning Terms Configuration item (CI) Version Configuration Management aggregate Configuration Baseline 1 Versioning No history Different names Tool capable of keeping track

509 views • 23 slides
D7: Front-running Race conditions #7: Front ont-running running A form of a race condition

D7: Front-running Race conditions #7: Front ont-running running A form of a race condition

D7: Front-running Race conditions #7: Front ont-running running A form of a race condition time-of-check vs time-of-use (TOCTOU) race conditions and transaction ordering dependence (TOD) A classic problem in operating systems 15.8%

467 views • 31 slides
CSCI 350 Ch. 5 Synchronization Mark Redekopp Michael Shindler & Ramesh Govindan 2 RACE

CSCI 350 Ch. 5 Synchronization Mark Redekopp Michael Shindler & Ramesh Govindan 2 RACE

1 CSCI 350 Ch. 5 Synchronization Mark Redekopp Michael Shindler & Ramesh Govindan 2 RACE CONDITIONS AND ATOMIC OPERATIONS 3 Race Condition A race condition occurs when the behavior of the program depends on the interleaving of

781 views • 49 slides
VERSIONING, VERSIONING, PROVENANCE, AND PROVENANCE, AND REPRODUCABILITY REPRODUCABILITY

VERSIONING, VERSIONING, PROVENANCE, AND PROVENANCE, AND REPRODUCABILITY REPRODUCABILITY

VERSIONING, VERSIONING, PROVENANCE, AND PROVENANCE, AND REPRODUCABILITY REPRODUCABILITY Christian Kaestner Required reading: Halevy, Alon, Flip Korn, Natalya F. Noy, Christopher Olston, Neoklis Polyzotis, Sudip Roy, and Steven Euijong

755 views • 46 slides
A True Positives Theorem for a Static Race Detector Presentation by Julia Belyakova and Artem

A True Positives Theorem for a Static Race Detector Presentation by Julia Belyakova and Artem

A True Positives Theorem for a Static Race Detector Presentation by Julia Belyakova and Artem Pelenitsyn For CS 7580 (instructor: Jan Vitek), 10/30/2019 A subset of slides is taken from Ilya Sergeys web page Static Analyses for Program

1.11k views • 75 slides
Compositional Static Race Detection at Scale, without False Positives Ilya Sergey Joint work

Compositional Static Race Detection at Scale, without False Positives Ilya Sergey Joint work

Compositional Static Race Detection at Scale, without False Positives Ilya Sergey Joint work with Sam Blackshear, Peter OHearn, Nikos Gorogiannis Key Messages Static analyses for concurrency can be made scalable and precise . Unsound

827 views • 80 slides
A True Positives Theorem for a Static Race Detector Nikos Gorogiannis Peter OHearn Ilya

A True Positives Theorem for a Static Race Detector Nikos Gorogiannis Peter OHearn Ilya

A True Positives Theorem for a Static Race Detector Nikos Gorogiannis Peter OHearn Ilya Sergey Key Messages Unsound (and incomplete) static analyses can be principled , satisfying meaningful theorems that help to understand their

688 views • 44 slides
RACE equality in NHS Dr Habib Naqvi @DrHNaqvi 1 1 | | Race inequality: a global challenge

RACE equality in NHS Dr Habib Naqvi @DrHNaqvi 1 1 | | Race inequality: a global challenge

RACE equality in NHS Dr Habib Naqvi @DrHNaqvi 1 1 | | Race inequality: a global challenge There is irrefutable evidence globally that people from black and minority ethnic backgrounds (BME) that live in white majority countries like the

4.15k views • 20 slides
Dirty COW Race Condition Attack Outline Dirty COW vulnerability Memory Mapping using

Dirty COW Race Condition Attack Outline Dirty COW vulnerability Memory Mapping using

Dirty COW Race Condition Attack Outline Dirty COW vulnerability Memory Mapping using mmap() Map_shared, Map_Private Mapping Read-Only Files How to exploit? Dirty COW vulnerability Interesting case of the race

667 views • 24 slides
Versioning of Topic Map Templates Structuring Versioning and Scalability Scalability Proc.

Versioning of Topic Map Templates Structuring Versioning and Scalability Scalability Proc.

Versioning of TM Templates and Scalability M. Ueberall, O. Drobnik Introduction Versioning of Topic Map Templates Structuring Versioning and Scalability Scalability Proc. Model Ongoing Work M. Ueberall, O. Drobnik Telematics Group,

550 views • 28 slides
Race Condition Shared Data: 4 5 6 1 8 5 6 20 9 ? Synchronization and Deadlocks tail

Race Condition Shared Data: 4 5 6 1 8 5 6 20 9 ? Synchronization and Deadlocks tail

Race Condition Shared Data: 4 5 6 1 8 5 6 20 9 ? Synchronization and Deadlocks tail A[] (or The Dangers of Threading) Enqueue(): A[tail] = 20; A[tail] = 9; Jonathan Misurda tail++; tail++; thread jmisurda@cs.pitt.edu switch

282 views • 3 slides
Static Data Race Detection for SPMD Programs via an Extended Polyhedral Representation Prasanth

Static Data Race Detection for SPMD Programs via an Extended Polyhedral Representation Prasanth

Static Data Race Detection for SPMD Programs via an Extended Polyhedral Representation Prasanth Chatarasi, Jun Shirako, Vivek Sarkar Habanero Extreme Scale Software Research Group Department of Computer Science Rice University 6th

657 views • 37 slides
Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer

Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer

Data Flow Analysis Concurrent Programs Race-Free Programs Sync-CFG Analysis Analysis Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer Science and Automation Indian Institute of Science,

981 views • 47 slides
Race Condition Shared Data: 5 6 4 1 8 5 6 20 9 ? InterProcess Communication tail A[]

Race Condition Shared Data: 5 6 4 1 8 5 6 20 9 ? InterProcess Communication tail A[]

Race Condition Shared Data: 5 6 4 1 8 5 6 20 9 ? InterProcess Communication tail A[] Enqueue(): A[tail] = 20; A[tail] = 9; tail++; tail++; process switch Process A Process B Critical Regions Goals No two processes (threads)

265 views • 4 slides
Causality-Based Versioning Causality-Based Versioning Kiran-Kumar Muniswamy-Reddy and David A.

Causality-Based Versioning Causality-Based Versioning Kiran-Kumar Muniswamy-Reddy and David A.

Causality-Based Versioning Causality-Based Versioning Kiran-Kumar Muniswamy-Reddy and David A. Holland Harvard School of Engineering and Applied Sciences Consider this scenario Consider this scenario I installed a piece of software I

947 views • 61 slides
LLOV : A Fast Static Data-Race Checker for OpenMP Programs Utpal Bora PhD Student Computer

LLOV : A Fast Static Data-Race Checker for OpenMP Programs Utpal Bora PhD Student Computer

LLOV : A Fast Static Data-Race Checker for OpenMP Programs Utpal Bora PhD Student Computer Science and Engineering IIT Hyderabad, India February 23, 2020 Bora, Utpal (IITH) LLVM-Performance@CGO20 1 / 29 Table of Contents Motivation for

888 views • 60 slides
Introduction to multi-threading and vectorization Matti Kortelainen LArSoft Workshop 2019 25

Introduction to multi-threading and vectorization Matti Kortelainen LArSoft Workshop 2019 25

Introduction to multi-threading and vectorization Matti Kortelainen LArSoft Workshop 2019 25 June 2019 Outline Broad introductory overview: Why multithread? What is a thread? Some threading models std::thread OpenMP

898 views • 47 slides
Lecture 10 Midterm review Announcements The midterm is on Tue Feb 9 th in class 4 Bring photo

Lecture 10 Midterm review Announcements The midterm is on Tue Feb 9 th in class 4 Bring photo

Lecture 10 Midterm review Announcements The midterm is on Tue Feb 9 th in class 4 Bring photo ID 4 You may bring a single sheet of notebook sized paper 8x10 inches with notes on both sides (A4 OK) 4 You may not bring a magnifying

491 views • 32 slides
CS5460: Operating Systems Lecture 7: Synchronization (Chapter 6) CS 5460: Operating Systems

CS5460: Operating Systems Lecture 7: Synchronization (Chapter 6) CS 5460: Operating Systems

CS5460: Operating Systems Lecture 7: Synchronization (Chapter 6) CS 5460: Operating Systems Lecture 7 Multi-level Feedback Queues Multiple queues with different priorities Alternative: single priority queue Round robin schedule

454 views • 24 slides
through Fuzzing Dae R. Jeong Kyungtae Kim Basavesh Shivakumar Byoungyoung Lee

through Fuzzing Dae R. Jeong Kyungtae Kim Basavesh Shivakumar Byoungyoung Lee

Razzer: Finding Kernel Race Bugs through Fuzzing Dae R. Jeong Kyungtae Kim Basavesh Shivakumar Byoungyoung Lee Insik Shin Korea Advanced Institute of Science and Technology Seoul National University Purdue

1.17k views • 47 slides
Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to

Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to

Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to Computer Security Intermission: gdb demo Day 3: Low-level vulnerabilities Basic memory-safety problems Stephen McCamant Where overflows come from

401 views • 8 slides
Chapter 7: Process Synchronization Background The Critical-Section Problem

Chapter 7: Process Synchronization Background The Critical-Section Problem

Chapter 7: Process Synchronization Background The Critical-Section Problem Synchronization Hardware Semaphores Classical Problems of Synchronization Critical Regions Monitors Synchronization in Solaris 2 &

492 views • 31 slides
Secure Programming Laboratory 3: Race Condition SP Demonstrators: Arthur Chan / Henry Clausen /

Secure Programming Laboratory 3: Race Condition SP Demonstrators: Arthur Chan / Henry Clausen /

Secure Programming Laboratory 3: Race Condition SP Demonstrators: Arthur Chan / Henry Clausen / David Aspinall 1st November 2019 Orientation This is the third Laboratory Session for Secure Programming It is convened by Arthur (in abstentia),

536 views • 8 slides
Types Against Races Atomicity Analysis of Concurrent Software Cormac Flanagan Stephen N. Freund

Types Against Races Atomicity Analysis of Concurrent Software Cormac Flanagan Stephen N. Freund

Types Against Races Atomicity Analysis of Concurrent Software Cormac Flanagan Stephen N. Freund UC Santa Cruz Williams College Shaz Qadeer Microsoft Research Moore s Law Moore s Law is Over Transistors per chip doubles every 18

133 views • 9 slides

More recommend