Abstract
We address the problem of testing atomicity of composed concurrent operations. Concurrent libraries help programmers exploit parallel hardware by providing scalable concurrent operations with the illusion that each operation is executed atomically. However, client code often needs to compose atomic operations in such a way that the resulting composite operation is also atomic while preserving scalability. We present a novel technique for testing the atomicity of client code composing scalable concurrent operations. The challenge in testing this kind of client code is that a bug may occur very rarely and only on a particular interleaving with a specific thread configuration. Our technique is based on modular testing of client code in the presence of an adversarial environment; we use commutativity specifications to drastically reduce the number of executions explored to detect a bug. We implemented our approach in a tool called COLT, and evaluated its effectiveness on a range of 51 real-world concurrent Java programs. Using COLT, we found 56 atomicity violations in Apache Tomcat, Cassandra, MyFaces Trinidad, and other applications.
- Amino concurrent building blocks. \\http://amino-cbbs.sourceforge.net/.Google Scholar
- Apache tomcat. http://tomcat.apache.org/.Google Scholar
- Intel thread building blocks. http://www.threadingbuildingblocks.org/.Google Scholar
- openjdk. http://hg.openjdk.java.net/jdk7/jaxp/jdk.Google Scholar
- Amit, D., Rinetzky, N., Reps, T. W., Sagiv, M., and Yahav, E. Comparison under abstraction for verifying linearizability. In CAV (2007), pp. 477--490. Google Scholar
Digital Library
- Ball, T., Burckhardt, S., Coons, K. E., Musuvathi, M., and Qadeer, S. Preemption sealing for efficient concurrency testing. In TACAS (2010), pp. 420--434. Google Scholar
Digital Library
- Bernstein, P. A., Hadzilacos, V., and Goodman, N. Concurrency Control and Recovery in Database Systems. 1987. Google Scholar
Digital Library
- Burckhardt, S., Dern, C., Musuvathi, M., and Tan, R. Line-up: a complete and automatic linearizability checker. In PLDI (2010), pp. 330--340. Google Scholar
Digital Library
- Clarke, Jr., E. Synthesis of resource invariants for concurrent programs. TOPLAS 2, 3 (1980), 338--358. Google Scholar
Digital Library
- Coons, K. E., Burckhardt, S., and Musuvathi, M. GAMBIT: effective unit testing for concurrency libraries. In PPOPP (2010), pp. 15--24. Google Scholar
Digital Library
- Doherty, S., Detlefs, D. L., Groves, L., Flood, C. H., Luchangco, V., Martin, P. A., Moir, M., Shavit, N., and Guy L. Steele, J. DCAS is not a silver bullet for nonblocking algorithm design. In SPAA (2004), pp. 216--224. Google Scholar
Digital Library
- Elmas, T., Tasiran, S., and Qadeer, S. Vyrd: verifying concurrent programs by runtime refinement-violation detection. In PLDI (2005), pp. 27--37. Google Scholar
Digital Library
- Filipović, I., O'Hearn, P., Rinetzky, N., and Yang, H. Abstraction for concurrent objects. In ESOP (2009), pp. 252--266. Google Scholar
Digital Library
- Flanagan, C., and Freund, S. N. Atomizer: A dynamic atomicity checker for multithreaded programs. In POPL (2004), pp. 256--267. Google Scholar
Digital Library
- Flanagan, C., Freund, S. N., and Yi, J. Velodrome: a sound and complete dynamic atomicity checker for multithreaded programs. In PLDI (2008), pp. 293--303. Google Scholar
Digital Library
- Flanagan, C., and Qadeer, S. Thread-modular model checking. In SPIN (2003), pp. 213--224. Google Scholar
Digital Library
- Flanagan, C., and Qadeer, S. A type and effect systrm for atomicity. In PLDI (2003), pp. 338--349. Google Scholar
Digital Library
- Godefroid, P. Partial-Order Methods for the Verification of Concurrent Systems: An Approach to the State-Explosion Problem. Springer-Verlag New York, Inc., Secaucus, NJ, USA, 1996. Google Scholar
Digital Library
- Goetz, B., Peierls, T., Bloch, J., Bowbeer, J., Holmes, D., and Lea, D. Java Concurrency in Practice. Addison Wesley, 2006. Google Scholar
Digital Library
- Gotsman, A., Berdine, J., Cook, B., and Sagiv, M. Thread-modular shape analysis. In PLDI (2007), pp. 266--277. Google Scholar
Digital Library
- Herlihy, M. P., and Wing, J. M. Linearizability: a correctness condition for concurrent objects. TOPLAS 12, 3 (1990). Google Scholar
Digital Library
- Hoare, C. A. R. Towards a theory of parallel programming. 1972.Google Scholar
- Jones, C. B. Specification and design of (parallel) programs. 1983.Google Scholar
- Musuvathi, M., and Qadeer, S. Iterative context bounding for systematic testing of multithreaded programs. In PLDI (2007), pp. 446--455. Google Scholar
Digital Library
- Musuvathi, M., Qadeer, S., Ball, T., Basler, G., Nainar, P. A., and Neamtiu, I. Finding and reproducing heisenbugs in concurrent programs. In OSDI (2008), pp. 267--280. Google Scholar
Digital Library
- Park, C.-S., and Sen, K. Randomized active atomicity violation detection in concurrent programs. In SIGSOFT (2008), pp. 135--145. Google Scholar
Digital Library
- Shavit, N. Data structures in the multicore age. Commun. ACM 54 (March 2011), 76--84. Google Scholar
Digital Library
- Vechev, M., Yahav, E., and Yorsh, G. Experience with model checking linearizability. In SPIN (2009), pp. 261--278. Google Scholar
Digital Library
- Weihl, W. E. Commutativity-based concurrency control for abstract data types. IEEE Trans. Computers 37, 12 (1988), 1488--1505. Google Scholar
Digital Library
Index Terms
Testing atomicity of composed concurrent operations
Recommendations
Testing atomicity of composed concurrent operations
OOPSLA '11: Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applicationsWe address the problem of testing atomicity of composed concurrent operations. Concurrent libraries help programmers exploit parallel hardware by providing scalable concurrent operations with the illusion that each operation is executed atomically. ...
Verifying atomicity via data independence
ISSTA 2014: Proceedings of the 2014 International Symposium on Software Testing and AnalysisWe present a technique for automatically verifying atomicity of composed concurrent operations. The main observation behind our approach is that many composed concurrent operations which occur in practice are data-independent. That is, the control-flow ...
Specifying and checking semantic atomicity for multithreaded programs
ASPLOS '11In practice, it is quite difficult to write correct multithreaded programs due to the potential for unintended and nondeterministic interference between parallel threads. A fundamental correctness property for such programs is atomicity---a block of ...







Comments