Detect and Correct Concurrency Issues
Delivering full-featured applications requires developers to take advantage of multi-core processor capabilities. This added complexity brings additional security/quality challenges that developers must understand and mitigate early in the development lifecycle. GrammaTech provides advanced analyses for finding defects in multi-core development.
Advanced Multi-Core Development
The defects that are unique to multi-threaded and multi-core code are notoriously difficult to find, let alone replicate in a testing environment. CodeSonar detects these complex concurrency-related defects, discovering and reporting problems such as deadlocks, livelocks, resource starvation, and race conditions.
Developers responsible for building sophisticated multi-threaded code consistently choose GrammaTech to help identify and eliminate complex concurrency defects early in the development lifecycle when they are most cost effective to fix.
CodeSonar checks many different scenarios for misusing concurrency APIs. Deadlocks and data races are particularly time-consuming and expensive to fix when left undetected throughout development because they cause a disproportionate number of concurrency-related bugs throughout a program.
The GrammaTech Advantage
Manual testing is not very effective at detecting and debugging data races, for example, because it is infeasible to test every interleaving in real-world systems. This is where CodeSonar’s data race detection is extremely effective. CodeSonar detects data races by focusing on the causes of the data race, not the symptoms. CodeSonar examines the code and creates an abstract model of what locks are held by what threads. It considers possible interleavings in an automated way, examining patterns of access to shared memory locations, and finds situations in which code is susceptible to problematic interleavings.
CodeSonar’s advanced concurrency checks for C/C++ were developed and commercialized through a GrammaTech Research project funded by DARPA. In addition to multi-threaded software, CodeSonar also finds bugs in signal handlers.
Concurrency checks for Java are available through ThreadSafe™, the most advanced concurrency bug finder available for Java, which finds problems that are missed by other tools.
In addition to identifying race conditions and deadlocks, ThreadSafe can pinpoint unpredictable results caused by incorrect use of the concurrent collection libraries provided by java.util.concurrent, bad error handling, or incorrect synchronization when coordinating access to shared non-concurrent collections. It can also help diagnose performance bottlenecks caused by incorrect API usage, redundant synchronization, and unnecessary use of a shared mutable state.
Common Concurrency Bugs
Data races occur when multiple threads access a shared piece of data. If one of them changes its value without an explicit synchronization operation to coordinate, the system can by left in an inconsistent state.
The diagram below shows the combinatorial explosion of possible interleavings that need to be tested to prevent data races:
In order to protect shared resources and eliminate race conditions, developers can synchronize via locks.
But locks can introduce deadlocks, when two or more threads prevent each other from making progress by holding a lock needed by the other:
In a deadlock, both threads are completely stuck, unable to operate or release their lock.
Finding Concurrency Errors
with GrammaTech Static Analysis
Although decades of advances in miniaturization have yielded enormous performance gains for single processors, it now appears that this era is coming to a close. The industry has placed a big bet on future single-chip performance gains coming from increasing core counts, but this will only be a winning wager if software can be programmed to take advantage of parallel processors.
This paper describes common concurrency pitfalls and explains how static analysis with CodeSonar can help find such defects without executing the program.