Results 1 - 10
of
16
Race detection for event-driven mobile applications.
- In Proceedings of the Conference on Programming Language Design and Implementation,
, 2014
"... Abstract Mobile systems commonly support an event-based model of concurrent programming. This model, used in popular platforms such as Android, naturally supports mobile devices that have a rich array of sensors and user input modalities. Unfortunately, most existing tools for detecting concurrency ..."
Abstract
-
Cited by 11 (0 self)
- Add to MetaCart
(Show Context)
Abstract Mobile systems commonly support an event-based model of concurrent programming. This model, used in popular platforms such as Android, naturally supports mobile devices that have a rich array of sensors and user input modalities. Unfortunately, most existing tools for detecting concurrency errors of parallel programs focus on a thread-based model of concurrency. If one applies such tools directly to an event-based program, they work poorly because they infer false dependencies between unrelated events handled sequentially by the same thread. In this paper we present a race detection tool named CAFA for event-driven mobile systems. CAFA uses the causality model that we have developed for the Android event-driven system. A novel contribution of our model is that it accounts for the causal order due to the event queues, which are not accounted for in past data race detectors. Detecting races based on low-level races between memory accesses leads to a large number of false positives. CAFA overcomes this problem by checking for races between high-level operations. We discuss our experience in using CAFA for finding and understanding a number of known and unknown harmful races in open-source Android applications.
Retrofitting concurrency for Android applications through refactoring
- in FSE, 2014
"... Running compute-intensive or blocking I/O operations in the UI event thread of smartphone apps can severely degrade re-sponsiveness. Despite the fact that Android supports writing concurrent code via AsyncTask, we know little about how developers use AsyncTask to improve responsiveness. To understan ..."
Abstract
-
Cited by 4 (0 self)
- Add to MetaCart
(Show Context)
Running compute-intensive or blocking I/O operations in the UI event thread of smartphone apps can severely degrade re-sponsiveness. Despite the fact that Android supports writing concurrent code via AsyncTask, we know little about how developers use AsyncTask to improve responsiveness. To understand how AsyncTask is used/underused/misused in practice, we first conduct a formative study using a corpus of 104 open-source Android apps comprising 1.34M SLOC. Our study shows that even though half of the apps use AsyncTask, there are hundreds of places where they missed opportunities to encapsulate long-running operations in AsyncTask. Sec-ond, 46 % of the usages are manually refactored. However, the refactored code contains concurrency bugs (such as data races) and performance bugs (concurrent code still executes sequentially). Inspired by these findings, we designed, developed, and evaluated Asynchronizer, an automated refactoring tool that enables developers to extract long-running operations into AsyncTask. Asynchronizer uses a points-to static analysis to determine the safety of the transformation. Our empirical evaluation shows that Asynchronizer is (i) highly applicable, (ii) accurate, (iii) safer than manual refactoring (iv) it saves development effort, (v) its results have been accepted by the open-source developers. This shows that Asynchronizer is useful. 1.
DLint: Dynamically Checking Bad Coding Practices in JavaScript
, 2015
"... Copyright © 2015, by the author(s). ..."
(Show Context)
I know it when I see it: Observable races in JavaScript applications
, 2014
"... ABSTRACT Despite JavaScript runtime's lack of conventional threads, the presence of asynchrony creates a real potential for concurrency errors. These concerns have lead to investigations of race conditions in the Web context. However, focusing on races does not produce actionable error reports ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
(Show Context)
ABSTRACT Despite JavaScript runtime's lack of conventional threads, the presence of asynchrony creates a real potential for concurrency errors. These concerns have lead to investigations of race conditions in the Web context. However, focusing on races does not produce actionable error reports that would at the end of the day appeal to developers and cause them to fix possible underlying problems. In this paper, we advocate for the notion of observable races, focusing on concurrency conditions that lead to visually apparent glitches caused by non-determinism within the runtime scheduler on the network. We propose and investigate ways to find observable races via systematically exploring possible network schedules and shepherding the scheduler towards correct executions. We propose crowd-sourcing both to spot when different schedules lead to visually broken sites and also to determine under what environment conditions (OS, browser, network speed) these schedules may in fact happen in practice for some fraction of the users.
Detecting Concurrency Errors in Client-side JavaScript Web Applications
"... Abstract—As web technologies have evolved, the complexity of dynamic web applications has increased significantly and web applications suffer concurrency errors due to unexpected orders of interactions among web browsers, users, the network, and so forth. In this paper, we present WAVE (Web Applicat ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract—As web technologies have evolved, the complexity of dynamic web applications has increased significantly and web applications suffer concurrency errors due to unexpected orders of interactions among web browsers, users, the network, and so forth. In this paper, we present WAVE (Web Application’s Virtual Environment), a testing framework to detect concurrency errors in client-side web applications written in JavaScript. WAVE generates various sequences of operations as test cases for a web application and executes a sequence of operations by dynamically controlling interactions of a target web application with the execution environment. We demonstrate that WAVE is effective and efficient for detecting concurrency errors through experiments on eight examples and five non-trivial real-world web applications. I.
Sdnracer: Detecting concurrency violations in software-defined networks
- In Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research, SOSR ’15
"... Software-Defined Networking (SDN) control software executes in highly asynchronous environments where unexpected concurrency errors can lead to performance or, worse, reachability errors. Un-fortunately, detecting such errors is notoriously challenging, and SDN is no exception. Fundamentally, two in ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Software-Defined Networking (SDN) control software executes in highly asynchronous environments where unexpected concurrency errors can lead to performance or, worse, reachability errors. Un-fortunately, detecting such errors is notoriously challenging, and SDN is no exception. Fundamentally, two ingredients are needed to build a concur-rency analyzer: (i) a model of how different events are ordered, and (ii) the memory locations on which event accesses can interfere. In this paper we formulate the first happens-before (HB) model for SDNs enabling one to reason about ordering between events. We also present a commutativity specification of the network switch, allowing us to elegantly capture interference between concurrent events. Based on the above, we present the first dynamic concurrency analyzer for SDNs, called SDNRACER. SDNRACER uses the HB model and the commutativity rules to identify concurrency viola-tions. Preliminary results indicate that the detector is practically effective—it can detect harmful violations quickly.
Static Analysis of Event-Driven Node.js JavaScript Applications
"... Many JavaScript programs are written in an event-driven style. In particular, in server-side Node.js applications, op-erations involving sockets, streams, and files are typically performed in an asynchronous manner, where the execution of listeners is triggered by events. Several types of program-mi ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Many JavaScript programs are written in an event-driven style. In particular, in server-side Node.js applications, op-erations involving sockets, streams, and files are typically performed in an asynchronous manner, where the execution of listeners is triggered by events. Several types of program-ming errors are specific to such event-based programs (e.g., unhandled events, and listeners that are registered too late). We present the event-based call graph, a program represen-tation that can be used to detect bugs related to event han-dling. We have designed and implemented three analyses for constructing event-based call graphs. Our results show that these analyses are capable of detecting problems reported on StackOverflow. Moreover, we show that the number of false positives reported by the analysis on a suite of small Node.js applications is manageable.
Detecting event anomalies in event-based systems
- In Proceedings of the 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE
, 2015
"... Event-based interaction is an attractive paradigm because its use can lead to highly flexible and adaptable systems. One problem in this paradigm is that events are sent, received, and processed nondeterministically, due to the systems ’ reliance on implicit in-vocation and implicit concurrency. Thi ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Event-based interaction is an attractive paradigm because its use can lead to highly flexible and adaptable systems. One problem in this paradigm is that events are sent, received, and processed nondeterministically, due to the systems ’ reliance on implicit in-vocation and implicit concurrency. This nondeterminism can lead to event anomalies, which occur when an event-based system re-ceives multiple events that lead to the write of a shared field or memory location. Event anomalies can lead to unreliable, error-prone, and hard to debug behavior in an event-based system. To de-tect these anomalies, this paper presents a new static analysis tech-nique, DEvA, for automatically detecting event anomalies. DEvA has been evaluated on a set of open-source event-based systems against a state-of-the-art technique for detecting data races in multi-threaded systems, and a recent technique for solving a similar prob-lem with event processing in Android applications. DEvA exhibited high precision with respect to manually constructed ground truths, and was able to locate event anomalies that had not been detected by the existing solutions.
Guardrail: A High Fidelity Approach to Protecting Hardware Devices from Buggy Drivers
"... Device drivers are an Achilles ’ heel of modern commod-ity operating systems, accounting for far too many system failures. Previous work on driver reliability has focused on protecting the kernel from unsafe driver side-effects by in-terposing an invariant-checking layer at the driver interface, but ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Device drivers are an Achilles ’ heel of modern commod-ity operating systems, accounting for far too many system failures. Previous work on driver reliability has focused on protecting the kernel from unsafe driver side-effects by in-terposing an invariant-checking layer at the driver interface, but otherwise treating the driver as a black box. In this paper, we propose and evaluate Guardrail, which is a more pow-erful framework for run-time driver analysis that performs decoupled, instruction-grain dynamic correctness checking on arbitrary kernel-mode drivers as they execute, thereby enabling the system to detect and mitigate more challeng-ing correctness bugs (e.g., data races, uninitialized mem-ory accesses) that cannot be detected by today’s fault iso-lation techniques. Our evaluation of Guardrail shows that it can find serious data races, memory faults, and DMA faults in native Linux drivers that required fixes, including previ-ously unknown bugs. Also, with hardware logging support, Guardrail can be used for online protection of persistent de-vice state from driver bugs with at most 10 % overhead on the end-to-end performance of most standard I/O workloads.
Static Analysis of Dynamic Languages
, 2015
"... Dynamic programming languages are highly popular and widely used. Java-Script is often called the lingua franca of the web and it is the de facto standard for client-side web programming. On the server-side the PHP, Python and Ruby languages are prevalent. What these languages have in common is an e ..."
Abstract
- Add to MetaCart
Dynamic programming languages are highly popular and widely used. Java-Script is often called the lingua franca of the web and it is the de facto standard for client-side web programming. On the server-side the PHP, Python and Ruby languages are prevalent. What these languages have in common is an expressive power which is not easily captured by any static type system. These, and similar dynamic languages, are often praised for their ease-of-use and flexibility. Unfortunately, this dynamism comes at a great cost: The lack of a type system implies that most errors are not discovered until run-time. Thus, in the worst-case, these bugs are not uncovered before they are encountered by real users of the system. A further cost is limited tool support: For instance, integrated development environments with code completion, code navigation and automatic refactorings are widely available for languages with static type systems, such as Java and C], but the same features are rarely available for dynamic languages such as JavaScript.
