Bounding Thread Switches in Dynamic Analysis of Multithreaded Programs

For detecting race conditions in multithreaded programs, dynamic analysis methods can be used. Dynamic methods are based on observing program behavior on real program executions. Since analyzing all possible execution paths is generally infeasible (due to the combinatorial explosion of possible thread interleavings), dynamic methods can overlook certain bugs that manifest only within the specific conditions or thread interleavings. This limitation applies, for instance, to the approach implemented in the previous version of RaceHunter tool, which demonstrates the ability to effectively detect race conditions, but may still miss certain cases. To address the combinatorial explosion problem, context bounding analysis can be used. Context bounding is a dynamic analysis technique that limits the number of thread switches in each explored execution path, enabling more scalable exploration. This method is able to detect bugs missed by other techniques with the bound of only two preemptive thread switches.

In this work, we present an implementation of context bounding within the RaceHunter tool, which provides a unified framework for describing various dynamic analysis techniques. The evaluation shows that the proposed approach is able to detect race conditions that other methods missed, though at the cost of significantly increased analysis time. As expected, this increase in analysis time is caused by repeated executions. Still, the implementation is an important foundation for future integration with other race detection techniques, specifically with the approach already implemented in the RaceHunter tool.

1. R. H. B. Netzer and B. P. Miller, “What are race conditions? Some issues and formalizations”, LOPLAS, vol. 1, pp. 74–88, 1992.

2. M. Musuvathi and S. Qadeer, “Iterative context bounding for systematic testing of multithreaded programs”, vol. 42, p. 446–455, jun 2007.

3. M. Musuvathi, S. Qadeer, and T. Ball, “Chess: A systematic testing tool for concurrent software”, Tech. Rep. MSR-TR-2007-149, November 2007.

4. E. A. Gerlits, “Racehunter dynamic data race detector”, Programming and Computer Software, vol. 50, pp. 467–481, Dec 2024.

5. L. Lamport, “Time, clocks, and the ordering of events in a distributed system”, Commun. ACM, vol. 21, p. 558–565, jul 1978.

6. S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson, “Eraser: A dynamic data race detector for multi-threaded programs”, SIGOPS Oper. Syst. Rev., vol. 31, pp. 27–37, Oct. 1997.

7. R. O’Callahan and J.-D. Choi, “Hybrid dynamic data race detection”, inProceedings of the Ninth ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming, PPoPP ’03, (New York, NY, USA), p. 167–178, Association for Computing Machinery, 2003.

8. K. Serebryany and T. Iskhodzhanov, “Threadsanitizer – data race detection in practice”, in Proceedings of the Workshop on Binary Instrumentation and Applications, (NYC, NY, U.S.A.), pp. 62–71, 2009.

9. Kernel Concurrency Sanitizer (KCSAN) google.github.io”, https://google.github.io/kernel-sanitizers/KCSAN.html. Accessed 05-05-2025.

10. J. Erickson, M. Musuvathi, S. Burckhardt, and K. Olynyk, “Effective data-race detection for the kernel”, pp. 151–162, jan 2010.

11. T. Elmas, S. Qadeer, and S. Tasiran, “Goldilocks: Efficiently computing the happens-before relation using locksets”, pp. 193–208, 01 2006.

12. https://github.com/mc-imperial/sctbench.git. Accessed 05-05-2025.

13. https://gitee.com/openharmony/arkcompiler_runtime_core.git. Accessed 05-05-2025.