Re: Finding race conditions/deadlock using Stanford Checker
Aaron Bannert wrote: Who are the developers who could answer my is this a race condition questions? Anyone on this list (or on the [EMAIL PROTECTED] list). If you think you've found a race condition, please just post it to the appropriate list so that we can all discuss it. Any help you can provide would be appreciated. Note that if it is a security issue (which race conditions often are), you should post to [EMAIL PROTECTED], not an open list. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff
Re: Finding race conditions/deadlock using Stanford Checker
On Friday, June 27, 2003, at 11:08 AM, Ken Ashcraft wrote: Have race conditions and deadlock been a problem in the past? How likely is it that there are race condition and deadlock bugs hiding in the current source? Race Conditions and Deadlocks are an issue both in the server and in modules. It's still possible that some exist in the server, but if we've done our job the big ones are gone. Who are the developers who could answer my is this a race condition questions? Anyone on this list (or on the [EMAIL PROTECTED] list). If you think you've found a race condition, please just post it to the appropriate list so that we can all discuss it. Any help you can provide would be appreciated. Is there any documentation about locks in the server? Where they are used? How they are used? What do they protect? They are implemented in APR. There are different types, depending on what you want to protect and how you want to protect them. Take a look at the locks/ subdirectory (srclib/apr/locks in the httpd tarball) and in the srclib/apr/include/apr_{thread,process,global}_{mutex,rwlock,cond}.h header files for the best documentation. (I gave a talk on this at ApacheCon last year, but I haven't put up the materials yet. One of these days I'll get around to it though...) What files should I be looking at? Which use locks? Which contain the locking functions? Many files in the httpd source tree call the various APR locking functions. Just run grep over the whole tree. Are there any absolute rules about locks (i.e. all global variables must be protected by locks, orderings of lock acquisition)? In general there aren't rules like that. We try to architect the system in such a way to avoid locks at all (for example, we have a shared memory scoreboard that contains the status of each child process, but because of the way that shmem segment is accessed we don't need locks.) The times when they are necessary are when data will be lost or corrupted if some form of mutual exclusion weren't used. -aaron
Finding race conditions/deadlock using Stanford Checker
I'm a member of the metacompilation research group at Stanford (http://www.stanford.edu/~engler). We have a suite of checkers that find bugs at compile time, and we've had quite a bit of success checking the Linux kernel code for errors. Since our checkers can emit false alarms, we filter the reports before we give them to the kernel developers. While some false alarms slip past us to the developers, our limited knowledge of the kernel allows us to recognize most of them. We're currently trying to find race conditions and deadlock (here's an example report to the kernel mailing list: http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/1733.html), but these reports seem to require an intimate knowledge of the code to verify-- knowledge that we don't have. Since the kernel is so large, it is difficult to find the various developers who know the code involving the reports. As a result, many of these bug reports go unconfirmed even though we think they are valid bugs. I'm hoping to find another project to supplement our race condition and deadlock work on the Linux kernel, and I think that Apache might be such a project. So I have some questions for you all to determine if this is a worthwhile venture: Have race conditions and deadlock been a problem in the past? How likely is it that there are race condition and deadlock bugs hiding in the current source? Who are the developers who could answer my is this a race condition questions? Is there any documentation about locks in the server? Where they are used? How they are used? What do they protect? What files should I be looking at? Which use locks? Which contain the locking functions? Are there any absolute rules about locks (i.e. all global variables must be protected by locks, orderings of lock acquisition)? Thanks for your time, Ken Ashcraft [EMAIL PROTECTED]