1 \section{Dynamic Analysis Tools}
3 Data races and invalid memory accesses are some of the most common and
4 difficult to debug errors that may occur in concurrent C code.
5 We developed dynamic analysis tools that run on top of the QEMU
6 system emulator~\cite{Bellard2005QEMU} to help detect these mistakes.
7 Since these tools do not require additional support from the Pintos kernel;
8 students can use them without complicating their code.
10 Data races are found by using a semaphore-aware modification of the RaceTrack algorithm~\cite{RaceTrack}.
11 Calls to Pintos's synchronization primitives are instrumented at runtime to track every thread's data
12 sharing pattern. Meanwhile, every memory access records synchronization information to shadow memory
13 maintained by the analysis tool. When the synchronization information for a memory address
14 indicates that a data race occurred, a report including heap information for the data location and the
15 call stacks for the racing threads is generated.
17 Invalid memory accesses, such as a read from newly allocated but uninitialized data, are detected by
18 tracking all memory accesses. Heap allocation calls are instrumented to map a range of addresses as
19 uninitialized. When data is written to a memory address, it is marked as initialized. If a address
20 marked as uninitialized is read from, the error is reported and the address is marked as
21 uninitialized to mask spurious reports.
22 % More sophisticated analysis may be implemented in the future.
projects / pintos-anon / blob