Zhen Yang,Zhen Yu,Xiaohong Su,Peijun Ma

DOI: https://doi.org/10.1109/SNPD.2016.7515908

2016-01-01

Abstract:Data races are common concurrency bugs in multi-threaded programs and many of them can cause server failures. They are difficult to be detected or verified due to some non deterministic interleavings. Numerous static and dynamic program analysis techniques have been proposed to detect data races. However, some of detectors may report large amount of false races and some of them may miss lots of true races. This paper proposes RaceTracker that combines static and dynamic techniques to detect data races effectively and efficiently. First, we use current static detectors to produce potential races and identify ad-hoc synchronizations. Second, we instrument code locations corresponding to potential races to try best to expose them in controlled thread interleavings. Meanwhile, we apply the hybrid dynamic detection techniques to detect races in case they are exposed. Finally, we also apply the hybrid dynamic detection techniques to prune benign and false races mainly caused by ad hoc synchronization. In order to increase the chances to trigger real race conditions in dynamic analysis, we use some strategies to control the schedule of threads. We have implemented our tool RaceTracker in the dynamic binary instrumentation framework PIN and evaluated with nearly 100 small data race programs from google data-race-test suit and some real-world concurrent applications from SPLASH-2 and Maple. Evaluations show that RaceTracker can identify more data races effectively compared with prior pure dynamic race verifiers and detectors. Meanwhile, compared with grouping verifier, RaceTracker only executes the program twice and reduces the average runtime overhead by 64%.

Zhiyuan Shao,Jian Peng,Hai Jin

DOI: https://doi.org/10.1109/PDP.2017.49

2017-01-01

Abstract:Detecting data races among the threads of a concurrent program is one of the most important debugging issues. However, the data races are never be easily detected due to the inherent concurrency and indeterministic execution of the participating threads. The widely employed dynamic data race detecting methods generally scrutinize one of sampled execution paths of the program, and may thus miss some data races. With improved coverage, static methods detect the data races by analyzing the source code. However, such static methods result in lots of false alarming, and are not of practical use. In this paper, we propose a method that detects the data races by understanding the synchronization relationships among the segments of participating threads. This method can improve the coverage by enumerating all the possible execution paths of the thread phases, and at the same time, reserve the existing merits of dynamic data race detecting methods. The experiment data shows that our prototype detector is comparable in accuracy with the commercial detector Intel Inspector, and other open source detector, such as ThreadSanitizer. At the same time, our detector has less memory consumption for memory intensive benchmarks in NPB suite, which other software tools fail to analyze.

WANG Xu,CHEN Yu-ting

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.15.010

2012-01-01

Abstract:A multi threaded program can contain a data race when two or more threads access the same memory location under no ordering constraints and at least one access is a write operation.The existence of data races can lead to many kinds of harmful program behaviors,including determinism violations,corrupted memory,and so on.It proposes a new algorithm for static detection of data races in X10 parallel programs,which contains four steps: pairs of sources accesses computation,pairs of reachable accesses computation,pairs of clockwise accesses computation,and escape analysis of accessing pairs computation.The essential idea of this approach is to construct the call graph of the program on the basis of the WALA,and then to compute pairs of sources accesses for detecting potential data races.Experimental results show that the algorithm performs well and can find and report potential data races in a cost effective manner.

Yang Zhang,Huan Liu,Liu Qiao

DOI: https://doi.org/10.1109/access.2021.3055831

IF: 3.9

2021-01-01

IEEE Access

Abstract:Data races have become one of the severe issues affecting the correctness of concurrent programs. Existing detection tools for data races have many false positives and false negatives. To improve the correctness, this paper proposes a context-sensitive approach to detect data races in concurrent programs. Several program analysis techniques are conducted to reduce false positives and false negatives. First, control-flow analysis is used to construct call graphs, in which escape analysis is employed to find escaped objects among threads. Second, context-sensitive alias analysis is employed to find alias objects. Finally, happens-before analysis is conducted to reduce false positives and false negatives. We develop a prototype tool ConRacer based on WALA and evaluate it on several benchmarks. We also compare ConRacer with existing static and dynamic tools. The experimental results show that ConRacer can effectively detect data races and reduce false positives and false negatives.

computer science, information systems,telecommunications,engineering, electrical & electronic

Long Zheng,Hai Jin,Bingsheng He,Jingling Xue,Haikun Liu

DOI: https://doi.org/10.1145/3243176.3243206

2018-01-01

Abstract:Existing data race detectors can witness race conditions for their occurrence but few can also identify the fundamental reasons for their understanding. In this paper, we present a new debugging framework for providing a concise schedule that can help not only witness but also understand data race. The key innovation of this work is to integrate dynamic slicing into constraint solving technique. We propose to use race manifestation (a fraction of memory accesses) to characterize buggy behaviors arising from data races. By encoding race manifestation constraints, existing constraint solving system is enabled to generate the buggy-behavior-exposing schedule, which is further simplified to a minimum as root cause via a tailored data race slicing technique further proposed.

ZHAO Jing-wen,FU Yan,WU Yan-xia,CHEN Jun-wen,FENG Yun,DONG Ji-bin,LIU Jia-qi

DOI: https://doi.org/10.11896/jsjkx.210700187

2022-01-01

Computer Science

Abstract:Nowadays the multi-core processors and threaded parallel programs are increasingly more used.However,the uncertainty of multi-threaded program leads to concurrency problems such as data race,atomicity violation,order violation and deadlock in the process of program running.Recent researches show that data race accounts for the largest proportion of concurrency bug,and most atomicity violation and order violation are caused by data race.This paper summarizes the related detection techniques in recent years.Firstly,the related concepts,causes,and the main ideas of data race detection are introduced.Then,the existing data race detection techniques in multi-threaded program are classified into three types:static analysis,dynamic analysis and hybrid detection techniques,and their characteristics are summarized comprehensively and compared in detail.Next,the limitations of exis-ting data race detection tools are discussed.Finally,future research directions and challenges in this field are discussed.

Kai Lu,Zhendong Wu,Xiaoping Wang,Chen Chen,Xu Zhou

DOI: https://doi.org/10.1109/PDP.2015.19

2015-01-01

Abstract:Data races hidden in concurrent programs have caused severe failures. To improve the reliability, many race detectors are proposed. However, most of the reported races are not harmful, which consumes manual effort to identify the harmful races. This paper proposes RaceChecker that can detect the potential races and identify the harmful races effectively and efficiently. Unlike previous detectors, RaceChecker combines happens-before relation and ad-hoc synchronization to prune the infeasible races so that fewer potential races are required to be verified. Before verification, RaceChecker groups the remaining potential races, guaranteeing the potential races in one group do not interfere with each other. Therefore, multiple potential races in one group can be verified together in one execution. To our knowledge, this is the first effective technique that groups the potential races to improve the efficiency. Unlike previous detectors that verify one potential race in one execution, RaceChecker dynamically controls thread scheduler to create real race conditions to verify multiple potential races in one execution, identifying the harmful races that cause program failures. We have implemented RaceChecker as a prototype tool and have experimented on a number of real-world concurrent programs. Results show that 66% of the potential races are infeasible and nearly 48% of the executions are reduced by the grouping strategy. The known harmful races are also identified effectively. By pruning and grouping, RaceChecker identifies the harmful races more efficiently. Comparing with RaceMob and RaceFuzzer, the time is reduced significantly, with an average of 45% and 81% respectively.

Xiaofei Liao,Minhao Lin,Long Zheng,Hai Jin,Zhiyuan Shao

DOI: https://doi.org/10.1109/TPDS.2018.2836899

IF: 5.3

2018-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Most of dynamic data race detection essentially relies on the underlying happens-before orders to yield the precise reports. They are notoriously prone to a prohibitively basic overhead. Although there exist a wealth of research advances that succeed in significantly reducing the analysis overhead on memory accesses, there remains an open problem in handling a great deal of fundamentally unscalabl...

Jian Cao,Xin Yang,Yu Jiang,Han Liu,Weiliang Ying,Xian Zhang

DOI: https://doi.org/10.1145/3196398.3196451

2018-01-01

Abstract:Race detection is increasingly popular, both in the academic research and in industrial practice. However, there is no specialized and comprehensive dataset of the data race, making it difficult to achieve the purpose of effectively evaluating race detectors or developing efficient race detection algorithms. In this paper, we presented JBench, a dataset with a total number of 985 data races from real-world applications and academic artifacts. We pointed out the locations of data races, provided source code, provided running commands and standardized storage structure. We also analyzed all the data races and classified them from four aspects: variable type, code structure, method span and cause. Furthermore, we discussed usages of the dataset in two scenarios: optimize race detection techniques and extract concurrency patterns.

Yuanjun CHEN,Junjing SHI,Linzhang WANG,Xuandong LI

DOI: https://doi.org/10.3778/j.issn.1673-9418.1411052

2015-01-01

Abstract:Interrupt-driven embedded systems are widely used in very high reliable and stable fields. However, due to the design complexity and the running environment diversity, uncertain interrupt faults often happen, which cause serious consequence. Data race is one of these complex problems. Lots of work has been done to detect such races, but there is still no easy solution. To solve such problems, this paper introduces a static detection method based on control flow graph. Firstly this method detects the shared resources and interrupts in the source code by preprocessing, and then constructs the corresponding simple control flow graphs according to the preprocessing result. Secondly the method points out the potential data races and their execution paths by analyzing the preemption relationship on these control flow graphs. The experimental results show that this method can not only detect the data race problems in the code, but also trace and show their execution paths, which is quite helpful for the bug verification and fix.

ZHANG Yang,LIU Huan,ZHANG Dongwen

DOI: https://doi.org/10.7535/hbkd.2020yx05005

2020-01-01

Abstract:To improve the correctness of data race detection, an approach to the data race detection based on the context-sensitive analysis in multithreaded programs was proposed. Firstly, control flow analysis was used to construct context-sensitive call graphs, and then escape analysis was employed to find thread-escaped objects that may cause data race. Secondly, context-sensitive alias analysis was conducted to reduce false positives and false negatives. Finally, the happens-before analysis was performed to remove false positives caused by ignoring thread interactions. A data race detection tool ConRacer was implemented in WALA framework based on this approach and was compared with the existing tools SRD and RVPredict. The experimental results show that ConRacer is the most precise tool compared with SRD and RVPredict and it can not only detect data races, but also reduce false positives and false negatives effectively. ConRacer improves the detection accuracy by combining context-sensitive with static detection methods, which has certain reference value for discovering concurrent errors and optimizing software performance.

Xudong Sun,Zhuo Chen,Jingyang Shi,Yiyu Zhang,Peng Di,Xuandong Li,Zhiqiang Zuo

2024-10-24

Abstract:Data races are critical issues in multithreaded program, leading to unpredictable, catastrophic and difficult-to-diagnose problems. Despite the extensive in-house testing, data races often escape to deployed software and manifest in production runs. Existing approaches suffer from either prohibitively high runtime overhead or incomplete detection capability. In this paper, we introduce HardRace, a data race monitor to detect races on-the-fly while with sufficiently low runtime overhead and high detection capability. HardRace firstly employs sound static analysis to determine a minimal set of essential memory accesses relevant to data races. It then leverages hardware trace instruction, i.e., Intel PTWRITE, to selectively record only these memory accesses and thread synchronization events during execution with negligible runtime overhead. Given the tracing data, HardRace performs standard data race detection algorithms to timely report potential races occurred in production runs. The experimental evaluations show that HardRace outperforms state-of-the-art tools like ProRace and Kard in terms of both runtime overhead and detection capability -- HardRace can detect all kinds of data races in read-world applications while maintaining a negligible overhead, less than 2% on average.

Software Engineering

Jingwen Zhao,Yanxia Wu,Jibin Dong

DOI: https://doi.org/10.1007/s11227-024-06189-4

IF: 3.3

2024-01-01

The Journal of Supercomputing

Abstract:Interrupt-driven programs are widely used in embedded systems with high security requirements. However, uncertain interleaving execution of tasks and interrupts may cause concurrency bugs, with data races being a significant factor in threatening security. Most of the previous research has focused on detecting data races in multi-threaded programs. And existing static analysis methods for interrupt-related data race detection often produce many false positives. This paper presents IntRace, an accurate and efficient static detection technique for interrupt data race. IntRace eliminates false data race by analyzing potential concurrency relationships and path reachability. It first identifies all race candidate pairs using access interleaving pattern matching. Then for each pair of operational accesses, IntRace analyzes potential concurrency relationships, including the special case of interrupt nesting, and uses this information to filter out access pairs that cannot concurrently access the same location. Finally, it checks the feasibility of events in the access pairs by constructing path constraints, which effectively eliminating infeasible paths in concurrent contexts. In addition, IntRace was evaluated on benchmark tests and 9 real embedded programs. The experimental results show that IntRace reduces the false positive rate by 73.2

Zhendong Wu,Kai Lu,Xiaoping Wang,Xu Zhou,Chen Chen

DOI: https://doi.org/10.1007/s11227-015-1418-8

IF: 3.3

2015-01-01

The Journal of Supercomputing

Abstract:Data races widely exist in concurrent programs and the harmful races have caused severe failures. To detect the harmful races, previous tools verify all the races, identifying the harmful ones. However, efficiency is affected when there are a large number of races needed to be verified. The multicore technology trend worsens this problem. Unlike previous work, to detect the harmful races, we try to improve the efficiency through parallel verification. We use imprecise race detection to find the races, including benign races and harmful races. The races are divided into many parts, and each part is sent to one machine for verification. On each machine, the races are verified dynamically, identifying the harmful races that would lead to program failures. To our knowledge, this is the first work that parallelizes race verification to improve the efficiency. We have experimented on a number of real-world concurrent programs and all the known harmful races in known benchmarks are detected. Additionally, our tool could scale well as the number of machines increases, and the speedup can also be increased linearly with the number of machines. Comparing with many previous tools, our work imposes lower runtime overhead.

Tianwei Sheng,Neil Vachharajani,Stephane Eranian,Robert Hundt,Wenguang Chen,Weimin Zheng

DOI: https://doi.org/10.1145/1985793.1985848

2011-01-01

Abstract:Concurrency bugs, particularly data races, are notoriously difficult to debug and are a significant source of unreliability in multithreaded applications. Many tools to catch data races rely on program instrumentation to obtain memory instruction traces. Unfortunately, this instrumentation introduces significant runtime overhead, is extremely invasive, or has a limited domain of applicability making these tools unsuitable for many production systems. Consequently, these tools are typically used during application testing where many data races go undetected.This paper proposes RACEZ, a novel race detection mechanism which uses a sampled memory trace collected by the hardware performance monitoring unit rather than invasive instrumentation. The approach introduces only a modest overhead making it usable in production environments. We validate RACEZ using two open source server applications and the PARSEC benchmarks. Our experiments show that RACEZ catches a set of known bugs with reasonable probability while introducing only 2.8% runtime slow down on average.

Zu-Ming Jiang,Jia-Ju Bai,Kangjie Lu,Shi-Min Hu

DOI: https://doi.org/10.14722/ndss.2022.24296

2022-01-01

Abstract:Fuzzing is popular for bug detection and vulnerability discovery nowadays.To adopt fuzzing for concurrency problems like data races, several recent concurrency fuzzing approaches consider concurrency information of program execution, and explore thread interleavings by affecting thread scheduling at runtime.However, these approaches are still limited in data-race detection.On the one hand, they fail to consider the execution contexts of thread interleavings, which can miss real data races in specific runtime contexts.On the other hand, they perform random thread-interleaving exploration, which frequently repeats already covered thread interleavings and misses many infrequent thread interleavings.In this paper, we develop a novel concurrency fuzzing framework named CONZZER, to effectively explore thread interleavings and detect hard-to-find data races.The core of CONZZER is a context-sensitive and directional concurrency fuzzing approach for thread-interleaving exploration, with two new techniques.First, to ensure context sensitivity, we propose a new concurrencycoverage metric, concurrent call pair, to describe thread interleavings with runtime calling contexts.Second, to directionally explore thread interleavings, we propose an adjacency-directed mutation to generate new possible thread interleavings with already covered thread interleavings and then use a breakpointcontrol method to attempt to actually cover them at runtime.With these two techniques, this concurrency fuzzing approach can effectively cover infrequent thread interleavings with concrete context information, to help discover hard-to-find data races.We have evaluated CONZZER on 8 user-level applications and 4 kernel-level filesystems, and found 95 real data races.We identify 75 of these data races to be harmful and send them to related developers, and 44 have been confirmed.We also compare CONZZER to existing fuzzing tools, and CONZZER continuously explores more thread interleavings and finds many real data races missed by these tools.

Yu Wang,Junjing Shi,Linzhang Wang,Jianhua Zhao,Xuandong Li

DOI: https://doi.org/10.1145/2875913.2875943

2015-01-01

Abstract:Interrupt-driven programs are often embedded in safety-critical systems to perform hardware/resource dependent data operation tasks, such as data acquisition, processing, and transformation. The interrupt programs and tasks may happen in parallel which in a result causes indeterminist concurrent problems at runtime. Data race is one of the most popular problems challenging researchers and practitioners. Various static analysis, software testing approaches have been proposed to detect data races in source code, testing, and even production run. However, static analysis may report too many false positives due to the lack of execution information. Dynamic testing may miss some important races since it could not generate adequate test cases to test all possible execution scenarios. In this paper, we propose a hybrid approach to detect data races in interrupt-driven programs based on static analysis and dynamic simulation. We implemented a prototype tool and conducted a controlled experiment to demonstrate the applicability of our approach.

Peng Luo,Deqing Zou,Hai Jin,Yajuan Du,Jinan Shen

DOI: https://doi.org/10.1007/s11227-017-1996-8

2017-01-01

Abstract:Concurrent techniques have been widely adopted in software systems, and data race has become a great threat to stability and security of concurrent systems. Previous precise race detection techniques either may miss many races, or are only suitable for some specific programs, such as the programs executed in a virtual machine rather than in actual hardware. To solves these problems, this paper introduces a dynamic predictive race detector, called LayDetect, which detects predictable races in C/C++ programs. LayDetect applies an innovative layering technique, which can detect more races than other detectors, such as FastTrack. We have implemented and evaluated LayDetect with well-known benchmarks and real-world applications. LayDetect has detected 3.7 M races at run-time which is more than that of FastTrack by two orders of magnitude, while the average slowdown (3.0\(\times \)) and space overhead (34.1 MB) of LayDetect are similar to that of FastTrack.

Andreea Costea,Abhishek Tiwari,Sigmund Chianasta,Kishore R,Abhik Roychoudhury,Ilya Sergey

DOI: https://doi.org/10.48550/arXiv.2108.02490

2021-08-06

Abstract:Implementing bug-free concurrent programs is a challenging task in modern software development. State-of-the-art static analyses find hundreds of concurrency bugs in production code, scaling to large codebases. Yet, fixing these bugs in constantly changing codebases represents a daunting effort for programmers, particularly because a fix in the concurrent code can introduce other bugs in a subtle way. In this work, we show how to harness compositional static analysis for concurrency bug detection, to enable a new Automated Program Repair (APR) technique for data races in large concurrent Java codebases. The key innovation of our work is an algorithm that translates procedure summaries inferred by the analysis tool for the purpose of bug reporting, into small local patches that fix concurrency bugs (without introducing new ones). This synergy makes it possible to extend the virtues of compositional static concurrency analysis to APR, making our approach effective (it can detect and fix many more bugs than existing tools for data race repair), scalable (it takes seconds to analyse and suggest fixes for sizeable codebases), and usable (generally, it does not require annotations from the users and can perform continuous automated repair). Our study conducted on popular open-source projects has confirmed that our tool automatically produces concurrency fixes similar to those proposed by the developers in the past.

Software Engineering,Programming Languages

Zheng Shi,Umang Mathur,Andreas Pavlogiannis

2024-01-11

Abstract:Dynamic data race detection has emerged as a key technique for ensuring reliability of concurrent software in practice. However, dynamic approaches can often miss data races owing to nondeterminism in the thread scheduler. Predictive race detection techniques cater to this shortcoming by inferring alternate executions that may expose data races without re-executing the underlying program. More formally, the dynamic data race prediction problem asks, given a trace \sigma of an execution of a concurrent program, can \sigma be correctly reordered to expose a data race? Existing state-of-the art techniques for data race prediction either do not scale to executions arising from real world concurrent software, or only expose a limited class of data races, such as those that can be exposed without reversing the order of synchronization operations.

Software Engineering