Efficient Scalable Thread-Safety-Violation Detection

Ref: Efficient Scalable Thread-Safety-Violation Detection

• Existing solutions
  • Static or dynamic analysis to identify the potential buggy locations to inject delays.
    • Injects small number of delays but large analysis time
  • Inject probabilistic random delays
    • Inject large number of delays but small analysis time
  • TSVD tries to find the middle ground
• TSVD employs two techniques to select the points to inject delays
  • Near miss tracking
  • Happens before relationship identification
• Near miss tracking
  • Identify two operations on a thread-unsafe object, one of which is write and happens close to each other on different threads
  • If the time difference falls within the threshold, mark it as dangerous pair
• Happens Before relationship identification
  • If adding a delay at location 1 delays the execution of the location 2.
• Delay is injected on all such pairs
  • Delay is decayed if a pair does not trigger error
  • Once the probability of delay drops to 0, the pair is removed from dangerous pair list
• Built to support .NET projects
  • Instrumentation and Runtime library
• Evaluation
  • Why some bugs were missed?
    • Two operations are close to each other only on some rare executions
    • False positive happens before prediction
    • Delay injection was not sufficient to capture the bugs