Re: Finding race conditions/deadlock using Stanford Checker
Aaron Bannert wrote: Who are the developers who could answer my is this a race condition questions? Anyone on this list (or on the [EMAIL PROTECTED] list). If you think you've found a race condition, please just post it to the appropriate list so that we can all discuss it. Any help you can provide would be appreciated. Note that if it is a security issue (which race conditions often are), you should post to [EMAIL PROTECTED], not an open list. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff
Re: Finding race conditions/deadlock using Stanford Checker
On Friday, June 27, 2003, at 11:08 AM, Ken Ashcraft wrote:
Have race conditions and deadlock been a problem in the past? How
likely is it that there are race condition and deadlock bugs hiding in
the current source?
Race Conditions and Deadlocks are an issue both in the server and
in modules. It's still possible that some exist in the server, but
if we've done our job the big ones are gone.
Who are the developers who could answer my is this a race condition
questions?
Anyone on this list (or on the [EMAIL PROTECTED] list). If you think
you've found a race condition, please just post it to the appropriate
list so that we can all discuss it. Any help you can provide would
be appreciated.
Is there any documentation about locks in the server? Where they are
used? How they are used? What do they protect?
They are implemented in APR. There are different types, depending on
what you want to protect and how you want to protect them. Take a
look at the locks/ subdirectory (srclib/apr/locks in the httpd tarball)
and in the
srclib/apr/include/apr_{thread,process,global}_{mutex,rwlock,cond}.h
header files for the best documentation. (I gave a talk on this at
ApacheCon last year, but I haven't put up the materials yet. One of
these days I'll get around to it though...)
What files should I be looking at? Which use locks? Which contain the
locking functions?
Many files in the httpd source tree call the various APR locking
functions.
Just run grep over the whole tree.
Are there any absolute rules about locks (i.e. all global variables
must
be protected by locks, orderings of lock acquisition)?
In general there aren't rules like that. We try to architect the system
in such a way to avoid locks at all (for example, we have a shared
memory
scoreboard that contains the status of each child process, but because
of the way that shmem segment is accessed we don't need locks.) The
times
when they are necessary are when data will be lost or corrupted if some
form of mutual exclusion weren't used.
-aaron
Finding race conditions/deadlock using Stanford Checker
I'm a member of the metacompilation research group at Stanford (http://www.stanford.edu/~engler). We have a suite of checkers that find bugs at compile time, and we've had quite a bit of success checking the Linux kernel code for errors. Since our checkers can emit false alarms, we filter the reports before we give them to the kernel developers. While some false alarms slip past us to the developers, our limited knowledge of the kernel allows us to recognize most of them. We're currently trying to find race conditions and deadlock (here's an example report to the kernel mailing list: http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/1733.html), but these reports seem to require an intimate knowledge of the code to verify-- knowledge that we don't have. Since the kernel is so large, it is difficult to find the various developers who know the code involving the reports. As a result, many of these bug reports go unconfirmed even though we think they are valid bugs. I'm hoping to find another project to supplement our race condition and deadlock work on the Linux kernel, and I think that Apache might be such a project. So I have some questions for you all to determine if this is a worthwhile venture: Have race conditions and deadlock been a problem in the past? How likely is it that there are race condition and deadlock bugs hiding in the current source? Who are the developers who could answer my is this a race condition questions? Is there any documentation about locks in the server? Where they are used? How they are used? What do they protect? What files should I be looking at? Which use locks? Which contain the locking functions? Are there any absolute rules about locks (i.e. all global variables must be protected by locks, orderings of lock acquisition)? Thanks for your time, Ken Ashcraft [EMAIL PROTECTED]
