Adversarial memory for detecting destructive races

C Flanagan, SN Freund - Proceedings of the 31st ACM SIGPLAN …, 2010 - dl.acm.org
Proceedings of the 31st ACM SIGPLAN Conference on Programming Language …, 2010dl.acm.org
Multithreaded programs are notoriously prone to race conditions, a problem exacerbated by
the widespread adoption of multi-core processors with complex memory models and cache
coherence protocols. Much prior work has focused on static and dynamic analyses for race
detection, but these algorithms typically are unable to distinguish destructive races that
cause erroneous behavior from benign races that do not. Performing this classification
manually is difficult, time consuming, and error prone. This paper presents a new dynamic …
Multithreaded programs are notoriously prone to race conditions, a problem exacerbated by the widespread adoption of multi-core processors with complex memory models and cache coherence protocols. Much prior work has focused on static and dynamic analyses for race detection, but these algorithms typically are unable to distinguish destructive races that cause erroneous behavior from benign races that do not. Performing this classification manually is difficult, time consuming, and error prone.
This paper presents a new dynamic analysis technique that uses adversarial memory to classify race conditions as destructive or benign on systems with relaxed memory models. Unlike a typical language implementation, which may only infrequently exhibit non-sequentially consistent behavior, our adversarial memory implementation exploits the full freedom of the memory model to return older, unexpected, or stale values for memory reads whenever possible, in an attempt to crash the target program (that is, to force the program to behave erroneously). A crashing execution provides concrete evidence of a destructive bug, and this bug can be strongly correlated with a specific race condition in the target program.
Experimental results with our Jumble prototype for Java demonstrate that adversarial memory is highly effective at identifying destructive race conditions, and in distinguishing them from race conditions that are real but benign. Adversarial memory can also reveal destructive races that would not be detected by traditional testing (even after thousands of runs) or by model checkers that assume sequential consistency.
ACM Digital Library