Top

International Journal on Software Tools for Technology Transfer

Published in:

01-08-2013 | TACAS 2009

Static analysis for concurrent programs with applications to data race detection

Authors: Vineet Kahlon, Sriram Sankaranarayanan, Aarti Gupta

Published in: International Journal on Software Tools for Technology Transfer | Issue 4/2013

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

We propose a general framework for static analysis of concurrent multi-threaded programs in the presence of various types of synchronization primitives such as locks and pairwise rendezvous. In order to capture interference between threads, we use the notion of a transaction, i.e., a sequence of statements in a thread that can be executed atomically, without sacrificing the soundness of the analysis while yielding precise results. These transactions are delineated automatically, and are captured in the form of a transaction graph over the global control state space of the program. Starting from a coarse transaction graph, constructed by exploiting scheduling constraints related to synchronizations and partial order reduction, we iteratively refine the graph by removing statically unreachable nodes using the results of various analyses. Specifically, we use abstract interpretation to automatically derive program invariants, based on abstract domains of increasing precision. Progressive refinement of the transaction graph enhances scalability of the static analyses, yielding more precise invariants. We demonstrate the benefits of this framework in an application to find data race bugs in concurrent programs, where our static analyses serve to reduce the number of false warnings captured by an initial lockset analysis. This framework also facilitates use of model checking on the remaining warnings to generate concrete error traces, where we leverage the preceding static analyses to generate small program slices and the derived invariants to improve performance. We describe our experimental results on a suite of Linux device drivers.

previous article Falsification of LTL safety properties in hybrid systems

next article Selected dynamic issues in software model checking

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

In the presence of rendezvous and broadcast actions on the edges, the definition may be updated to necessitate synchronous rendezvous to happen in two consecutive moves.

In creating our model checking problem, we kept the parameters to API-functions of drivers unconstrained, since driver test harnesses were unavailable. These parameters are likely to be constrained in a real setting. Nevertheless, the witnesses we generated provide interesting scenarios.

Alur, R., Benedikt, M., Etessami, K., Godefroid, P., Reps, T.W., Yannakakis, M.: Analysis of recursive state machines. In: ACM TOPLAS (2005)

Atig, M.F., Bouajjani, A., Touili, T.: On the reachability analysis of acyclic networks of pushdown systems. In: CONCUR, Lecture Notes in Computer Science, vol. 5201, pp. 356–371. Springer, Heidelberg (2008)

Blanchet, B., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: Design and implementation of a special-purpose static program analyzer for safety-critical real-time embedded software (invited chapter). In: In the Essence of Computation: Complexity, Analysis, Transformation. Essays Dedicated to Neil D. Jones. LNCS, vol. 2566, pp. 85–108. Springer, Heidelberg (2005)

Bouajjani, A., Esparza, J., Maler, O.: Reachability analysis of pushdown automata: Application to model-checking. In: CONCUR. LNCS, vol. 1243, pp. 135–150 (1997)

Bouajjani, A., Fratani, S., Qadeer, S.: Context-bounded analysis of multithreaded programs with dynamic linked structures. In: CAV. Lecture Notes in Computer Science, vol. 4590, pp. 207– 220. Springer, Heidelberg (2007)

Brat, G., Havelund, K., Park, S., Visser, W.: Model checking programs. In: ASE (2000)

Chugh, R., Voung, J.W., Jhala, R., Lerner, S.: Dataflow analysis for concurrent programs using datarace detection. In: PLDI, pp. 316–326 (2008)

Clarke, E., Emerson, E.A.: Design and synthesis of synchronization skeletons using branching time temporal logic. In: Workshop on Logics of Programs, pp. 52–71 (1981)

Corbett, J., Dwyer, M., Hatcliff, J., Laubach, S., Pasareanu, Robby, C., Zheng, H.: Bandera: Extracting finite-state models from java source code. In: ICSE (2000)

10.

Cousot, P., Cousot, R.: Static determination of dynamic properties of programs. In: Proceedings of the Second International Symposium on Programming (1976)

11.

Cousot, P., Cousot, R.: Abstract Interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL (1977)

12.

Cousot, P., Cousot, R.: Comparing the Galois connection and widening/narrowing approaches to Abstract interpretation, invited paper. In: PLILP’92. LNCS, vol. 631, pp. 269–295. Springer, Heidelberg (1992)

13.

Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among the variables of a program. In: ACM POPL, pp. 84–97 (1978)

14.

Engler, D., Ashcraft, K.: RacerX: Effective. Static Detection of Race Conditions and Deadlocks, In: SOSP (2003)

15.

Farzan, A., Madhusudan, P.: Causal dataflow analysis for concurrent programs. In: TACAS. Lecture Notes in Computer Science, vol. 4424, pp. 102–116. Springer, Heidelberg (2007)

16.

Godefroid, P.: Partial-order methods for the verification of concurrent systems: an approach to the state-explosion problem. LNCS, vol. 1032. Springer-Verlag, Heidelberg (1996)

17.

Gotsman, A., Berdine, J., Cook, B., Sagiv, M.: Thread-modular shape analysis. In; PLDI, pp. 266–277 (2007)

18.

Hecht, M.S.: Flow analysis for computer programs. Elsevier, North-Holland (1977)

19.

Ivančić, F., Yang, Z., Ganai, M.K., Gupta, A., Ashar, P.: F-Soft: Software verification platform. In: CAV. LNCS, vol. 3576, pp. 301–306. Springer, Heidelberg (2005)

20.

Corbett, J., Lee, K., Loginov, A., O’Callahan, R., Sarkar, V., Sridharan, M.: Efficient and precise datarace detection for multithreaded object-oriented programs. In: PLDI (2002)

21.

Kahlon, V.: Bootstrapping: A Technique for Scalable Flow and Context- Sensitive Pointer Alias Analysis. In: PLDI (2008)

22.

Kahlon, V.: Exploiting Program Structure for Tractable Dataflow Analysis of Concurrent Programs, draft, available upon request (kahlon@nec-labs.com)(2008)

23.

Kahlon, V.: Boundedness vs Unboundedness of Lock Chains: Characterizing Decidability of CFL-Reachability for Threads Interacting via Locks. In: LICS (2009)

24.

Kahlon, V., Gupta, A.: An Automata-Theoretic Approach for Model Checking Threads for LTL Properties. In: LICS (2006)

25.

Kahlon, V., Gupta, A., Sinha, N.: Symbolic model checking of concurrent programs using partial orders and on-the-fly transactions. In: CAV. Lecture Notes in Computer Science, vol. 4144, pp. 286–299. Springer, Heidelberg (2006)

26.

Kahlon, V., Ivančić, F., Gupta, A.: Reasoning about threads communicating via locks. In: CAV (2005)

27.

Kahlon, V., Sankaranarayanan, S., Gupta, A.: Semantic reduction of thread interleavings in concurrent programs. In: TACAS. Lecture Notes in Computer Science, vol. 5505, pp. 124–138 (2009)

28.

Kahlon, V., Yang, Y., Sankaranarayan, S., Gupta, A.: Fast and Accurate Static Data-Race Detection for Concurrent Programs. In: CAV (2007)

29.

Lal, A., Reps, T.W.: Reducing concurrent analysis under a context bound to sequential analysis. In: CAV. Lecture Notes in Computer Science,vol. 5123, pp. 37–51. Springer, Heidelberg (2008)

30.

Lal, A., Touili, T., Kidd, N., Reps, T.W.: Interprocedural analysis of concurrent programs under a context bound. In: TACAS. Lecture Notes in Computer Science, vol. 4963, pp. 282–298. Springer, Heidelberg (2008)

31.

Landi, W.: Undecidability of static analysis. ACM Lett. Program. Lang. Syst. 1 4, 323–337 (1992)CrossRef

32.

Miné, A.: A new numerical abstract domain based on difference-bound matrices. In: PADO II. LNCS, vol. 2053, pp. 155–172. Springer, Heidelberg (2001)

33.

Musuvathi, M., Qadeer, S.: Fair stateless model checking. In: PLDI, pp. 362–371. ACM, New York (2008)

34.

Naik, M., Aiken, A.: Conditional must not aliasing for static race detection. In: POPL (2007)

35.

Naik, M., Aiken, A., Whaley, J.: Effective static race detection for java. In: PLDI (2006)

36.

Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, Heidelberg (1999)

37.

Pratikakis, P., Foster, J.S., Hicks, M.: LOCKSMITH: Context-Sensitive Correlation Analysis for Race Detection. In: PLDI (2006)

38.

Qadeer, S., Rehof, J.: Context-bounded model checking of concurrent software. In: TACAS (2005)

39.

Ramalingam, G.: Context-sensitive synchronization-sensitive analysis is undecidable. ACM Trans. Program. Lang. Syst. 22(2), 416–430 (2000)CrossRef

40.

Reps, T. W., Horwitz, S., Sagiv, S.: Precise interprocedural dataflow analysis via graph reachability. In: POPL, pp. 49–61 (1985)

41.

Sankaranarayanan, S., Ivančić, F., Gupta, A.: Program analysis using symbolic ranges. In: SAS. LNCS, vol. 4634, pp. 366–383 (2007)

42.

Savage, S., Burrows, M., Nelson, G., Sobalvarro, P., Anderson, T.: Eraser: A dynamic data race detector for multithreaded programming. In: ACM TCS, vol. 15(4) (1997)

43.

Sterling, N.: Warlock: A static data race analysis tool. In: USENIX Winter Technical Conference (1993)

Title: Static analysis for concurrent programs with applications to data race detection
Authors: Vineet Kahlon
Sriram Sankaranarayanan
Aarti Gupta
Publication date: 01-08-2013
Publisher: Springer Berlin Heidelberg
Published in: International Journal on Software Tools for Technology Transfer / Issue 4/2013
Print ISSN: 1433-2779
Electronic ISSN: 1433-2787
DOI: https://doi.org/10.1007/s10009-013-0274-1

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 4/2013

Selected dynamic issues in software model checking

Model checking and abstract interpretation as building blocks of advanced program analysis techniques

An integrated framework for checking the behaviour of fUML models using CSP

Falsification of LTL safety properties in hybrid systems

From tests to proofs

A model-driven co-simulation environment for heterogeneous systems

Premium Partner