Article

LOCKSMITH: context-sensitive correlation analysis for race detection

Authors:

Polyvios Pratikakis,

Jeffrey S. Foster,

Michael HicksAuthors Info & Claims

PLDI '06: Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation

Pages 320 - 331

https://doi.org/10.1145/1133981.1134019

Published: 11 June 2006 Publication History

Abstract

One common technique for preventing data races in multi-threaded programs is to ensure that all accesses to shared locations are consistently protected by a lock. We present a tool called LOCKSMITH for detecting data races in C programs by looking for violations of this pattern. We call the relationship between locks and the locations they protect consistent correlation, and the core of our technique is a novel constraint-based analysis that infers consistent correlation context-sensitively, using the results to check that locations are properly guarded by locks. We present the core of our algorithm for a simple formal language λ_> which we have proven sound, and discuss how we scale it up to an algorithm that aims to be sound for all of C. We develop several techniques to improve the precision and performance of the analysis, including a sharing analysis for inferring thread locality; existential quantification for modeling locks in data structures; and heuristics for modeling unsafe features of C such as type casts. When applied to several benchmarks, including multi-threaded servers and Linux device drivers, LOCKSMITH found several races while producing a modest number of false alarm.

References

[1]

R. Agarwal, A. Sasturkar, L.Wang, and S. D. Stoller. Optimized runtime race detection and atomicity checking using partial discovered types. In ASE, 2005.]]

Digital Library

[2]

R. Agarwal and S. D. Stoller. Type Inference for Parameterized Race-Free Java. In VMCAI, 2004.]]

[3]

A. Aiken, J. S. Foster, J. Kodumal, and T. Terauchi. Checking and Inferring Local Non-Aliasing. In PLDI, 2003.]]

Digital Library

[4]

A. Alexandrescu, H. Boehm, K. Henney, B. Hutchings, D. Lea, and B. Pugh. Memory model for multithreaded C++: Issues, 2005. http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2005/n1777.pdf.]]

[5]

C. Boyapati, R. Lee, and M. Rinard. Ownership Types for Safe Programming: Preventing Data Races and Deadlocks. In OOPSLA, 2002.]]

Digital Library

[6]

C. Boyapati and M. Rinard. A Parameterized Type System for Race-Free Java Programs. In OOPSLA, 2001.]]

Digital Library

[7]

J.-D. Choi, K. Lee, A. Loginov, R. O'Callahan, V. Sarkar, and M. Sridharan. Efficient and Precise Datarace Detection for Multithreaded Object-Oriented Programs. In PLDI, 2002.]]

Digital Library

[8]

K. Crary, D. Walker, and G. Morrisett. Typed Memory Management in a Calculus of Capabilities. In POPL, 1999.]]

Digital Library

[9]

M. Das, B. Liblit, M. Fähndrich, and J. Rehof. Estimating the Impact of Scalable Pointer Analysis on Optimization. In SAS, 2001.]]

Digital Library

[10]

D. Engler and K. Ashcraft. RacerX: effective, static detection of race conditions and deadlocks. In SOSP, 2003.]]

Digital Library

[11]

M. Fähndrich and R. DeLine. Adoption and Focus: Practical Linear Types for Imperative Programming. In PLDI, 2002.]]

Digital Library

[12]

M. Fähndrich, J. Rehof, and M. Das. From Polymorphic Subtyping to CFL Reachability: Context-Sensitive Flow Analysis Using Instantiation Constraints. Technical Report MSR-TR-99-84, Microsoft Research, 1999.]]

[13]

C. Flanagan and M. Abadi. Types for Safe Locking. In ESOP, 1999.]]

Digital Library

[14]

C. Flanagan and S. N. Freund. Type-Based Race Detection for Java. In PLDI, 2000.]]

Digital Library

[15]

C. Flanagan and S. N. Freund. Detecting race conditions in large programs. In PASTE, 2001.]]

Digital Library

[16]

C. Flanagan and S. N. Freund. Atomizer: A Dynamic Atomicity Checker for Multithreaded Programs. In POPL, 2004.]]

Digital Library

[17]

C. Flanagan and S. N. Freund. Type Inference Against Races. In SAS, 2004.]]

[18]

C. Flanagan, S. N. Freund, and M. Lifshin. Type Inference for Atomicity. In TLDI, 2005.]]

Digital Library

[19]

C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended Static Checking for Java. In PLDI, 2002.]]

Digital Library

[20]

C. Flanagan and S. Qadeer. A Type and Effect System for Atomicity. In PLDI, 2003.]]

Digital Library

[21]

J. S. Foster, T. Terauchi, and A. Aiken. Flow-Sensitive Type Qualifiers. In PLDI, 2002.]]

Digital Library

[22]

D. Grossman. Type-Safe Multithreading in Cyclone. In TLDI, 2003.]]

Digital Library

[23]

D. Grossman, G. Morrisett, T. Jim, M. Hicks, Y.Wang, and J. Cheney. Region-based memory management in Cyclone. In PLDI, 2002.]]

Digital Library

[24]

F. Henglein. Type Inference with Polymorphic Recursion. TOPLAS, 15(2), 1993.]]

Digital Library

[25]

F. Henglein, H. Makholm, and H. Niss. A Direct Approach to Control-Flow Sensitive Region-Based Memory Management. In PPDP, 2001.]]

Digital Library

[26]

T. A. Henzinger, R. Jhala, and R. Majumdar. Race checking by context inference. In PLDI, 2004.]]

Digital Library

[27]

C. Hote. Run-Time Error Detection Through Semantic Analysis, 2004. http://www.polyspace.com/pdf/Semantics_Analysis.pdf.]]

[28]

D. Hovemeyer and W. Pugh. Finding bugs is easy. In OOPSLA Companion, 2004.]]

Digital Library

[29]

R. Johnson and D. Wagner. Finding User/Kernel Bugs With Type Inference. In USENIX Security, 2004.]]

Digital Library

[30]

J. Kodumal and A. Aiken. Banshee: A scalable constraint-based analysis toolkit. In SAS. London, United Kingdom, 2005.]]

Digital Library

[31]

N. Leveson and C. S. Turner. An investigation of the therac-25 accidents, July 1993.]]

Digital Library

[32]

Y. Minamide, G. Morrisett, and R. Harper. Typed closure conversion. In POPL, 1996.]]

Digital Library

[33]

C. Mossin. Flow Analysis of Typed Higher-Order Programs. PhD thesis, DIKU, Department of Computer Science, University of Copenhagen, 1996.]]

[34]

M. Naik, A. Aiken, and J. Whaley. Effective Static Race Detection for Java. In PLDI, 2006. To appear.]]

Digital Library

[35]

G. C. Necula, S. McPeak, S. P. Rahul, and W. Weimer. CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs. In ICCC, 2002.]]

Digital Library

[36]

R. O'Callahan and J.-D. Choi. Hybrid dynamic data race detection. In PPoPP, 2003.]]

Digital Library

[37]

K. Poulsen. Tracking the blackout bug. http://www.securityfocus.com/news/8412, 2004.]]

[38]

P. Pratikakis, M. Hicks, and J. S. Foster. Existential Label Flow Inference via CFL Reachability. Technical Report CS-TR-4700, Department of Computer Science, UMD, 2005. Forthcoming.]]

[39]

S. Qadeer and D. Wu. KISS: keep it simple and sequential. In PLDI, 2004.]]

Digital Library

[40]

J. Rehof and M. Fähndrich. Type-Based Flow Analysis: From Polymorphic Subtyping to CFL-Reachability. In POPL, 2001.]]

Digital Library

[41]

T. Reps, S. Horwitz, and M. Sagiv. Precise Interprocedural Dataflow Analysis via Graph Reachability. In POPL, 1995.]]

Digital Library

[42]

J. C. Reynolds. Towards a Grainless Semantics for Shared Variable Concurrency. In POPL, 2004.]]

Digital Library

[43]

J. Rose, N. Swamy, and M. Hicks. Dynamic inference of polymorphic lock types. Science of Computer Programming, 2005.]]

Digital Library

[44]

S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A Dynamic Data Race Detector for Multi-Threaded Programs. In SOSP, 1997.]]

Digital Library

[45]

H. Seidl, V. Vene, and M. Müller-Olm. Global Invariants for Analyzing Multi-threaded Applications. In Proc. of Estonian Academy of Sciences: Phys., Math., volume 52, pages 413--436, 2003.]]

[46]

F. Smith, D. Walker, and G. Morrisett. Alias Types. In ESOP, 2000.]]

Digital Library

[47]

M. Tofte and L. Birkedal. A Region Inference Algorithm. TOPLAS, 20(4), 1998.]]

Digital Library

[48]

R. von Behren, J. Condit, F. Zhou, G. C. Necula, and E. Brewer. Capriccio: Scalable threads for internet services. In SOSP, 2003.]]

Digital Library

[49]

H. Xi and F. Pfenning. Dependent Types in Practical Programming. In POPL, 1999.]]

Digital Library

Cited By

Chen SLin ZZhang YCalandrino JTroncoso C(2023)Controlled data races in enclavesProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620465(4069-4086)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620465
Cai YYao PYe CZhang CCalandrino JTroncoso C(2023)Place your locks wellProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620446(3727-3744)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620446
Hong JRyu S(2023)Concrat: An Automatic C-to-Rust Lock API Translator for Concurrent Programs2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)10.1109/ICSE48619.2023.00069(716-728)Online publication date: May-2023
https://doi.org/10.1109/ICSE48619.2023.00069
Show More Cited By

Index Terms

LOCKSMITH: context-sensitive correlation analysis for race detection

Recommendations

LOCKSMITH: Practical static race detection for C

Locksmith is a static analysis tool for automatically detecting data races in C programs. In this article, we describe each of Locksmith's component analyses precisely, and present systematic measurements that isolate interesting trade-offs between ...
LOCKSMITH: context-sensitive correlation analysis for race detection
Proceedings of the 2006 PLDI Conference

One common technique for preventing data races in multi-threaded programs is to ensure that all accesses to shared locations are consistently protected by a lock. We present a tool called LOCKSMITH for detecting data races in C programs by looking for ...
On-the-fly race detection in multi-threaded programs
PADTAD '08: Proceedings of the 6th workshop on Parallel and distributed systems: testing, analysis, and debugging

Multi-core chips enable parallel processing for general purpose applications. Unfortunately, parallel programs may contain synchronization defects. Such defects are difficult to detect due to nondeterministic interleavings of parallel threads. Current ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PLDI '06: Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation

June 2006

438 pages

ISBN:1595933204

DOI:10.1145/1133981

General Chair:
Michael Schwartzbach
University of Aarhus, Denmark
,
Program Chair:
Thomas Ball
Microsoft Research

ACM SIGPLAN Notices Volume 41, Issue 6
Proceedings of the 2006 PLDI Conference
June 2006
426 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1133255
Issue’s Table of Contents

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

In-Cooperation

SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

PLDI06

Sponsor:

PLDI06: ACM SIGPLAN Conference on Programming Language Design and Implementation 2006

June 11 - 14, 2006

Ontario, Ottawa, Canada

Acceptance Rates

Overall Acceptance Rate 406 of 2,067 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

206
Total Citations
View Citations
1,109
Total Downloads

Downloads (Last 12 months)36
Downloads (Last 6 weeks)7

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chen SLin ZZhang YCalandrino JTroncoso C(2023)Controlled data races in enclavesProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620465(4069-4086)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620465
Cai YYao PYe CZhang CCalandrino JTroncoso C(2023)Place your locks wellProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620446(3727-3744)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620446
Hong JRyu S(2023)Concrat: An Automatic C-to-Rust Lock API Translator for Concurrent Programs2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE)10.1109/ICSE48619.2023.00069(716-728)Online publication date: May-2023
https://doi.org/10.1109/ICSE48619.2023.00069
Llorente-Vazquez OSantos-Grueiro IBringas P(2023)When Memory Corruption Met Concurrency: Vulnerabilities in Concurrent ProgramsIEEE Access10.1109/ACCESS.2023.327283311(44725-44740)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3272833
Bai JChen QJiang ZLawall JHu S(2022)Hybrid Static-Dynamic Analysis of Data Races Caused by Inconsistent Locking Discipline in Device DriversIEEE Transactions on Software Engineering10.1109/TSE.2021.3138735(1-1)Online publication date: 2022
https://doi.org/10.1109/TSE.2021.3138735
Hoshino SArahori YGondow K(2021)Postmortem accurate IR-level state recovery for deployed concurrent programsACM SIGAPP Applied Computing Review10.1145/3493499.349350221:3(33-48)Online publication date: 20-Oct-2021
https://dl.acm.org/doi/10.1145/3493499.3493502
Liu BLiu PLi YTsai CDa Silva DHuang JFreund SYahav E(2021)When threads meet events: efficient and precise static race detection with originsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454073(725-739)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454073
Liu ZZhu SQin BChen HSong LSherwood TBerger EKozyrakis C(2021)Automatically detecting and fixing concurrency bugs in go software systemsProceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3445814.3446756(616-629)Online publication date: 19-Apr-2021
https://dl.acm.org/doi/10.1145/3445814.3446756
Hoshino SArahori YGondow KHung CHong JBechini ASong E(2021)STRABProceedings of the 36th Annual ACM Symposium on Applied Computing10.1145/3412841.3442028(1532-1541)Online publication date: 22-Mar-2021
https://dl.acm.org/doi/10.1145/3412841.3442028
Barbar MSui Y(2021)Hash Consed Points-To SetsStatic Analysis10.1007/978-3-030-88806-0_2(25-48)Online publication date: 13-Oct-2021
https://doi.org/10.1007/978-3-030-88806-0_2
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents