Marathon - RV2011
-
Upload
juliandolby -
Category
Documents
-
view
308 -
download
1
description
Transcript of Marathon - RV2011
Marathon: Detecting Atomic-Set Serializability Violations
with Conflict GraphsWilliam Sumner Christian Hammer Julian Dolby Purdue Utah State IBM Watson
RV 2011 - September 2011 - San Francisco, CA1Thursday, September 29, 2011
Outline
Motivation: finding concurrency errors
Approach: atomic sets and serializability
Implementation: conflict graphs
Results
Related work and conclusions
2Thursday, September 29, 2011
Finding Concurrency Errors
Parallel hardware is ubiquitous, even phones
Software must exploit this concurrency
Concurrency allows new kinds of bugs
Multiple threads simultaneously access data
Bugs when simultaneous access is “incorrect”
3Thursday, September 29, 2011
Atomic Setsclass Point { double x; double y;}
Fields x and y make up a logical point
Fields x and y denote an atomic set
Atomic Set Serializability
Concurrent operations see consistent points
4Thursday, September 29, 2011
Units of Workclass Point { double x; double y;}void move(int x, int y) { this.x += x; this.y += y;}
double mag() { return Math.sqrt(x*x+y*y);}
xmove mag
x
yy
x
xyy
Threads
5Thursday, September 29, 2011
Concurrency Errorsclass Point { double x; double y;}void move(int x, int y) { this.x += x; this.y += y;}
double mag() { return Math.sqrt(x*x+y*y);}
xmove mag
x
yy
x
xyy
Threads
6Thursday, September 29, 2011
Concurrency ErrorsLook for concurrency errors per atomic set
Improve accuracy:
Focus on related memory locations
Focus on conceptual units of work on them
Aid implementation:
Short-running units of work, small sets
Enables compact conflict graph structure
7Thursday, September 29, 2011
Inferring Atomic Sets
Must infer atomic sets
Make approach applicable to existing code
Minimize burden on developer or tester
Exploit object structure to infer atomic sets
Assume each object defines an atomic set
Heuristics to include “child” objects
8Thursday, September 29, 2011
“Child” Object Exampleclass Point { double x; double y;}
class Rectangle { Point ll; Point ur;}
double area() { return (ur.x - ll.x) * (ur.y - ll.y);}
heuristic: direct access to field of a field means field is a child
9Thursday, September 29, 2011
Conflict Graph ImplementationA conflict graph records tasks, memory uses
A node in the graph is a unit of work
Edges capture memory dependence
write-read, read-write, write-write
Atomic sets model keep graph manageable
Individual units of work tend to be short
Old tasks can be garbage collected
10Thursday, September 29, 2011
Conflict Graph Examples
x
move mag
x
yy
x
xyy
x
move mag
x
yy
x
xyy
WAR
RAWWAR
11Thursday, September 29, 2011
Evaluation
Assess quality of error reports
how many bugs?
false positives: not real bugs?
false negatives: missed known bugs?
Measure overhead
Suite of standard benchmarks and real codes
12Thursday, September 29, 2011
Evaluationbenchmark size cycles reports FP slowdown
(memory)slowdown
(disk)ConTest 241 141 139 5 1.4 1.1Jigsaw 142K 1 1 0 3.9 3.9Jspider 56K 4 4 0 1.2 1.2Weblech 1874 2 2 0 1.0 1.0ArrayBQ 1576 2 7 0 26.6 14.1ArrayList 2266 79 60 0 48.9 19.6LinkedBQ 1620 1 1 0 20.1 16.9
DelayQueue 1961 43 43 0 23.0 17.5Vector 2636 131 131 0 52.8 10.4
13Thursday, September 29, 2011
Related Work
Low-level data races: do not denote errors
Atomicity: full heap atomicity vs atomic sets
Serializability: relaxed criteria vs atomic sets
Velodrome[]: bug focus, fuller implementation
Prior atomic sets: patterns vs conflict graph
14Thursday, September 29, 2011
ConclusionsEfficient and sound concurrency bug finding
Overhead comparable or better than prior
Sound w.r.t. atomic set model
Atomic sets accurately model intent
Heuristics allow inference
Evaluated w.r.t. programmer intent
Few false positives and negatives
Future work: further refine heuristics15Thursday, September 29, 2011
Evaluation
resultBuf[i] = vector.getFreeBlockIndex();if (resultBuf[i] != -1) { vector.markAsAllocatedBlock(resultBuf[i]);}
False negative example
API of AllocationVector not encapsulated
Requires client to synchronize pair of calls
16Thursday, September 29, 2011