CN113742252B - Method and device for detecting memory disorder - Google Patents
Method and device for detecting memory disorder Download PDFInfo
- Publication number
- CN113742252B CN113742252B CN202010467006.5A CN202010467006A CN113742252B CN 113742252 B CN113742252 B CN 113742252B CN 202010467006 A CN202010467006 A CN 202010467006A CN 113742252 B CN113742252 B CN 113742252B
- Authority
- CN
- China
- Prior art keywords
- code
- memory address
- memory
- conflicting
- computing device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 77
- 208000026139 Memory disease Diseases 0.000 title claims abstract description 43
- 230000003068 static effect Effects 0.000 claims abstract description 44
- 238000004458 analytical method Methods 0.000 claims abstract description 29
- 238000012545 processing Methods 0.000 claims description 45
- 230000004888 barrier function Effects 0.000 claims description 32
- 238000012544 monitoring process Methods 0.000 claims description 20
- 230000008569 process Effects 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 9
- 238000012795 verification Methods 0.000 description 16
- 238000001514 detection method Methods 0.000 description 13
- 238000006243 chemical reaction Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 9
- 238000013459 approach Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 150000001875 compounds Chemical class 0.000 description 2
- 230000005012 migration Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 239000002131 composite material Substances 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/0223—User address space allocation, e.g. contiguous or non contiguous base addressing
- G06F12/023—Free address space management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5046—Resolving address allocation conflicts; Testing of addresses
Abstract
The invention discloses a method and a device for detecting memory disorder, wherein the method comprises the following steps: acquiring a first code, and identifying a first memory address in memory addresses corresponding to the first code, wherein the first memory address is a memory address with collision possibility identified through static analysis; generating executable binary codes according to the first codes, executing the binary codes and determining whether conflicting memory addresses exist in the first memory addresses; and when the conflicting memory address exists in the first memory address, acquiring a second code corresponding to the conflicting memory address. In the method provided by the application, a first memory address is identified by adopting a static analysis method. When the binary code is executed, dynamically verifying whether a conflicting memory address exists in the first memory address. Therefore, the method can reduce the operand, save the storage space and reduce the time complexity, and can be applied to large programs.
Description
Technical Field
The invention relates to the field of information, in particular to a method and a device for detecting memory disorder.
Background
With weak memory order model based chips such as advanced reduced instruction set processors (advanced risc machines, ARM) have gained increasing importance in the marketplace, a large number of vendors migrate server side software from strong memory order model based platforms (e.g., X86) to weak memory order model based platforms (e.g., ARM). Because of the tremendous differences in memory models between the strong memory order model-based platform and the weak memory order model-based platform, there are some multithreading programs that are not properly programmed or well-defined in terms of standards that do not run in error on the strong memory order model-based platform, but when these multithreading programs migrate to the weak memory order model-based platform, the multithreading programs will experience errors or crashes due to memory disorder.
Thus, a multithreaded program may be detected by a static memory order detection tool before it is migrated from a strong memory order model-based platform to a weak memory order model-based platform. Such static detection tools run and analyze multi-threaded programs down-line using symbolic execution (symbolic execution) or static analysis (static analysis). Each path that a simulation program may execute by simulating a write buffer (buffer) and a read queue (queue) of a chip through a weak memory execution model (e.g., power) detects execution paths of non-sequential consistency (sequential consistency, SC) and verifies whether assertion (assertion) failure is caused. If it fails, there is a problem with at least one path allowed by the weak memory model. When failed, problematic code may be found by looking at the relevant execution path (trace). The problematic code is then corrected manually.
However, such state space (state space) exploration by the static memory order detection tool requires a significant amount of time and memory space. Because of the high time complexity, this static detection scheme is only applicable to smaller programs with hundreds of lines to thousands of lines of source code. If the code amount of the multithreaded program is increased, the static detection scheme consumes a great deal of time and memory space. Therefore, such a static detection scheme cannot be applied to large-scale programs.
Disclosure of Invention
The first aspect of the present application provides a method for detecting memory disorder, the method comprising: acquiring a first code, and identifying a first memory address in memory addresses corresponding to the first code, wherein the first memory address is a memory address with collision possibility identified through static analysis; generating executable binary codes according to the first codes, executing the binary codes and determining whether conflicting memory addresses exist in the first memory addresses; and when the conflicting memory address exists in the first memory address, acquiring a second code corresponding to the conflicting memory address. In the method provided in the first aspect of the present application, a static analysis method is adopted to identify a first memory address in memory addresses corresponding to the first code, where the first memory address is a memory address with possibility of collision. It is not an exhaustive search to employ the commonly used static symbolic execution or static analysis approach. During the execution of the binary code, dynamically verifying whether a conflicting memory address exists in the first memory address. And the method has the advantages that most of memory addresses without conflict do not need to be verified, so that the operand can be reduced, the storage space can be saved, the time complexity can be reduced, and the method can be applied to large programs.
Optionally, after identifying the first memory address in the memory addresses corresponding to the first code, the method further includes: generating a barrier check code corresponding to the first memory address; determining whether there is a conflicting memory address in the first memory address includes: a barrier check code is used to determine whether a conflicting memory address exists in the first memory address, wherein the conflicting memory address is a memory address with data contention. When the binary code is executed, whether the first memory address has the conflicted memory address is determined only through the barrier check code, and verification of all memory addresses corresponding to the first code is not needed, so that the operation amount can be reduced, and the operation cost is saved.
Optionally, determining, by the barrier check code, whether there is a conflicting memory address in the first memory address includes: a determination is made by the barrier check code as to whether there is a memory address in the first memory address that is being written by at least two processes simultaneously. The memory address where the two processes execute the write operation simultaneously causes the memory to be out of order, so that the program is in error or crashed, and after the barrier check code determines the memory address where the at least two processes execute the write operation simultaneously, the code corresponding to the memory address where the at least two processes execute the write operation simultaneously can be replaced, so that the risk of the program error or crashing can be reduced.
Optionally, if the barrier check code determines that there is a conflicting memory address, a portion of the bitmap corresponding to the conflicting memory address is set to 1. And backing the function corresponding to the memory address with conflict, and re-executing the binary code. Therefore, whether the memory address has conflict is judged by whether the bitmap is 1, and the flexibility of the scheme can be improved.
Optionally, after the second code corresponding to the memory address where the conflict exists is acquired, the method further includes: acquiring a third code corresponding to a second code, wherein the second code is a code based on a strong memory order model, the third code is a code based on a weak memory order model, and the third code corresponds to a memory address with conflict; the second code in the first code is converted into a third code. After the second code corresponding to the conflicting memory address is obtained, the second code may be automatically converted into a third code. Without the need to manually modify the code. Therefore, labor can be saved, and the scheme can be applied to large-scale programs.
Optionally, the first code is a code running on the X86 architecture, and the third code is a code running on the ARM architecture. After converting the second code in the first code to the third code, the converted first code may be enabled to run on an ARM architecture.
Optionally, after identifying the first memory address in the memory addresses corresponding to the first code, the method further includes: acquiring a fourth code from the first code, wherein the fourth code corresponds to the first memory address, the fourth code comprises a second code, and the fourth code is a code based on a strong memory order model; generating a fifth code according to the fourth code, generating a conversion instruction for converting the fourth code into the fifth code, wherein the fifth code is a code based on a weak memory order model, and the fifth code comprises a third code; acquiring a third code corresponding to the second code includes: acquiring a third code corresponding to the second code from the fifth code; the converting the second code in the first code into the third code is specifically: and converting the second code in the first code into a third code according to the conversion instruction. The third code may be obtained from the pre-generated fifth code and then converted into the third code. Without requiring manual modification of the code. Therefore, labor can be saved, and the scheme can be applied to large-scale programs.
Optionally, after identifying the first memory address in the memory addresses corresponding to the first code, the method further includes: generating a memory monitoring instruction corresponding to the first memory address; verifying whether there is a conflicting memory address in the first memory address further comprises: and monitoring the first memory address through the memory monitoring instruction and judging whether a conflict memory address exists in the first memory address. The first memory address may be monitored by a memory monitoring instruction, so that it may be verified whether there is a conflicting memory address in the first memory address. The memory monitoring instruction is used for monitoring whether the first address has the conflicted memory address or not, and all the memory addresses corresponding to the first code do not need to be monitored, so that the operation amount can be reduced, and the operation cost can be saved.
A second aspect of the present application provides a computing device for detecting memory disorder, the computing device comprising: the first processing unit is used for acquiring a first code, and identifying a first memory address in memory addresses corresponding to the first code, wherein the first memory address is a memory address which is identified through static analysis and is likely to collide; a second processing unit for generating executable binary codes according to the first codes, executing the binary codes and determining whether conflicting memory addresses exist in the first memory addresses; and the third processing unit is used for acquiring a second code corresponding to the conflicted memory address when the conflicted memory address exists in the first memory address. In the computing device according to the second aspect of the present application, the first processing unit may first identify a first memory address among memory addresses corresponding to the first code, where the first memory address is a memory address where there is a possibility of collision. The device is not an exhaustive search using the commonly used static symbolic execution or static analysis approach. During the execution of the binary code, the second processing unit dynamically verifies whether there is a conflicting memory address in the first memory address. And most of memory addresses without conflict do not need to be verified, so that the operand can be reduced, the storage space can be saved, and the time complexity can be reduced.
Optionally, the computing device further includes: a fourth processing unit, configured to generate a barrier check code corresponding to the first memory address; the second processing unit is specifically configured to determine, through the barrier check code, whether a conflicting memory address exists in the first memory address, where the conflicting memory address is a memory address where data contention exists. When the binary code is executed, whether the first memory address has the conflicted memory address is determined only through the barrier check code, and verification of all memory addresses corresponding to the first code is not needed, so that the operation amount can be reduced, and the operation cost is saved.
Optionally, the second processing unit is specifically configured to determine, by using the barrier check code, whether a memory address in the first memory address is a memory address where the write operation is performed by at least two processes simultaneously. The memory address where the two processes execute the write operation simultaneously causes the memory to be out of order, so that the program is in error or crashed, and after the barrier check code determines the memory address where the at least two processes execute the write operation simultaneously, the code corresponding to the memory address where the at least two processes execute the write operation simultaneously can be replaced, so that the risk of the program error or crashing can be reduced.
Optionally, the computing device further includes: the fifth processing unit is used for acquiring a third code corresponding to a second code, wherein the second code is a code based on a strong memory sequence model, the third code is a code based on a weak memory sequence model, and the third code corresponds to a memory address with conflict; and a sixth processing unit for converting the second code in the first code into a third code. After the second code corresponding to the conflicting memory address is obtained, the second code may be converted into a third code by the sixth processing unit. Without the need to manually modify the code. Therefore, labor can be saved, and the scheme can be applied to large-scale programs.
Optionally, the first code is code running on an X86 architecture and the third code is code running on an advanced reduced instruction set processor ARM architecture. After converting the second code in the first code to the third code, the converted first code may be enabled to run on an ARM architecture.
Optionally, the computing device further includes: the eighth processing unit is used for acquiring a fourth code from the first code, the fourth code corresponds to the first memory address, the fourth code comprises a second code, and the fourth code is a code based on a strong memory order model; a ninth processing unit, configured to generate a fifth code according to the fourth code, and generate a conversion instruction for converting the fourth code into the fifth code, where the fifth code is a code based on the weak memory order model, and the fifth code includes a third code; the fifth processing unit is specifically configured to obtain a third code corresponding to the second code from the fifth code; the sixth processing unit is specifically configured to convert the second code in the first code into the third code according to the conversion instruction. The third code is acquired from the fifth code generated in advance, and then the second code is converted into the third code. Without requiring manual modification of the code. Therefore, labor can be saved, and the scheme can be applied to large-scale programs.
Optionally, the computing device further includes: a seventh processing unit, configured to generate a memory monitoring instruction corresponding to the first memory address; the second processing unit is specifically configured to monitor the first memory address through the memory monitoring instruction and determine whether there is a conflicting memory address in the first memory address. The second processing unit can monitor the first memory address through a memory monitoring instruction, so that whether the first memory address has a conflicted memory address can be verified. The memory monitoring instruction is used for monitoring whether the first address has the conflicted memory address or not, and all the memory addresses corresponding to the first code do not need to be monitored, so that the operation amount can be reduced, and the operation cost can be saved.
A third aspect of the present application provides a computing device for detecting memory disorder, the computing device for detecting memory disorder comprising a processor and a memory, the memory for storing a computer program, the processor for executing the computer program in the memory to implement the method for detecting memory disorder provided in the first aspect of the present application.
A fourth aspect of the present application provides a computer program product for, when run on a computer device, causing the computer device to perform a method of detecting memory disorder as provided in the first aspect of the present application.
A fifth aspect of the present application provides a computer readable storage medium comprising a computer program or instructions which, when run on a computer device, cause the computer device to perform a method of detecting memory disorder as provided in the first aspect of the present application.
The application provides a method and a computing device for detecting memory disorder, wherein the method comprises the following steps: acquiring a first code, and identifying a first memory address in memory addresses corresponding to the first code, wherein the first memory address is a memory address with collision possibility identified through static analysis; generating executable binary codes according to the first codes, executing the binary codes and determining whether conflicting memory addresses exist in the first memory addresses; and when the conflicting memory address exists in the first memory address, acquiring a second code corresponding to the conflicting memory address. In the method provided by the application, a first memory address in the memory addresses corresponding to the first codes is identified by adopting a static analysis method, wherein the first memory address is a memory address with possibility of collision. It is not an exhaustive search to employ the commonly used static symbolic execution or static analysis approach. During the execution of the binary code, dynamically verifying whether a conflicting memory address exists in the first memory address. And the method has the advantages that most of memory addresses without conflict do not need to be verified, so that the operand can be reduced, the storage space can be saved, the time complexity can be reduced, and the method can be applied to large programs.
Drawings
FIG. 1 is a scene graph of a program migration provided herein;
FIG. 2 is a schematic diagram of a method for detecting memory disorder in the prior art provided by the present application;
FIG. 3 is a diagram of a computing device for detecting memory disorder provided herein;
FIG. 4 is a schematic diagram of a method for detecting memory disorder provided in the present application;
FIG. 5 is a schematic diagram of a code generation module generating a code in a method for detecting memory disorder provided in the present application;
FIG. 6 is a schematic diagram of a computing device for detecting memory disorder provided in the present application;
fig. 7 is a schematic structural diagram of a computing device for detecting memory disorder provided in the present application.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The terms first, second and the like in the description and in the claims of the present application and in the above-described figures, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments described herein may be implemented in other sequences than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or modules is not necessarily limited to those steps or modules that are expressly listed or inherent to such process, method, article, or apparatus.
The strong memory order model (total store ordering, TSO) is a memory model with a strong memory order. The order in which the program performs the write operations is consistent with the order specified by the program. In a multiprocessor system, the individual memory storage actions of each processor must be queued to complete in the program-specific order.
The strong memory model is more friendly to the encoder but less friendly to the chip designer. In a multiprocessor system, in order to follow a strong memory sequence model, a plurality of processors may not immediately use execution resources, which may affect the overall execution efficiency of the multiprocessor system.
In the weak memory model (weak memory ordering, WMO), the system gives the encoder a request directly as to whether a forced ordering is required. In multiprocessor systems, except for the case where there is a dependency on the program execution order on one processor, the processor does not impose a requirement for order consistency, but the order may be enforced by inserting a barrier instruction (barrier).
Server-side software is trending from a strong memory order model-based platform (e.g., X86) to a weak memory order model-based platform (e.g., ARM). Referring to fig. 1, a scenario diagram of program migration is provided. The scene graph includes a platform 101 based on a strong memory order model and a platform 102 based on a weak memory order model. Because of the differences in memory models between the strong memory order model based platform 101 and the weak memory order model based platform 102, there are some multithreading programs that do not run in error on the strong memory order model based platform 101 due to incorrect programming or unclear standards, but when migrated to the weak memory order model based platform 102, the multithreading programs may be subject to errors or crashes due to memory disorder.
Specifically, when a multithreaded program is migrated to the platform 102 based on the weak memory order model, since the weak memory order model does not force order consistency, two or more threads may write to one memory address at the same time, which may generate data race (data race), resulting in breaking the meaning (semanics) of the relevant order specified by the program, thereby causing program crash or error.
Thus, the multithreading program may be detected by the static memory order detection tool before it is migrated from the strong memory order model-based platform to the weak memory order model-based platform. Such static detection tools use symbolic execution or static analysis to run and analyze the multithreaded program down-line. Each path that the simulation program may execute by simulating the write cache and read queue of the chip through a weak memory execution model (e.g., power) detects execution paths that are non-sequential consistency and verifies whether an assertion failure would result. If the path fails, at least one path allowed by the weak memory model exists. When failed, problematic codes can be found by looking at the relevant trace. The problematic code is then corrected manually.
Specifically, referring to fig. 2, the method for detecting the multithreaded program by using the static memory order detection tool includes:
201. and driving the source program.
The source program is driven (driver), which is code based on a strong memory order model.
202. And compiling the source program.
And circularly expanding the source program and compiling according to the normal program.
203. And constructing a memory read-write model and finding out a key read-write program.
And constructing a memory read-write model, and finding out a key read-write program in the source program. The critical read-write procedure is code that may cause memory disorder.
204. Simulating a weak memory order model and verifying whether assertion failure occurs.
The weak memory order model allows read latency and the allowed execution order to be simulated. And verifies the key read-write program by means of encoding (encoding) or backtracking (backtracking), and obtains the result of assertion (assertion). Specifically, if the assertion is hold, the verification is successful; if the assertion is a violation (violate), the verification fails.
205. When an assertion fails, the query-dependent execution path finds problematic code.
If the result of the evaluation is a resolution, the relevant execution path (trace) is queried, and problematic code in the source program can be found.
After finding the problematic code, the problematic code in the source program may be manually rewritten to a code that is adapted to the weak memory model.
However, such state space (state space) exploration by the static memory order detection tool requires a significant amount of time and memory space. Because of the high time complexity, this static detection scheme is only applicable to smaller programs with hundreds of lines to thousands of lines of source code. If the code amount of the multithreaded program is increased, the static detection scheme consumes a lot of time and memory space, and after the problematic code is found, a lot of manpower is required to correct the problematic code. Therefore, such a static detection scheme cannot be applied to large-scale programs.
In view of the foregoing, the present application provides a computing device architecture diagram for detecting memory disorder, referring to fig. 3, the computing device 30 may include a compiling module 301, a static analysis module 302, a code generation module 303, and a dynamic verification module 304. The computing device 30 may receive source code, which may be code based on a strong memory order model. The computing device 30 may generate executable binary code from source code via a compilation module 301. The static analysis module 302 can perform static analysis on the source code to identify a memory address with a possibility of collision among memory addresses corresponding to the source code. The code generating module 303 may generate an auxiliary code according to the memory address with the possibility of collision, and the dynamic verification module 304 is configured to execute the executable binary code generated by the compiling module 301, and verify the memory address with the possibility of collision through the auxiliary code generated by the code generating module 303 during the process of executing the binary code, so as to determine whether the memory address with the possibility of collision has data contention.
Specifically, referring to fig. 4, the present application provides a method for detecting memory disorder, where the method is implemented by the apparatus for detecting memory disorder shown in fig. 3, and the method includes:
401. the method comprises the steps of obtaining a first code and identifying a first memory address in memory addresses corresponding to the first code.
The computing device 30 that detects memory disorder obtains a first code, which is an input source code, which may be a strong memory order model-based code. Specifically, the first code is a code running under the X86 architecture. The static analysis module 302 in the computing device 30 that detects memory disorder statically analyzes the first code. The static analysis process is used for identifying whether two or more variables or pointers point to the same memory address or the same type of address range in the first code, and the memory address with the possibility of collision is formed by pointing to the same memory address or the same type of address range by the two or more variables or pointers. Specifically, the variable may be a basic type (private type), a compound type (compound type). The pointer may point to the base type or the conforming type. The basic types may include: int type, long type, char type, bool type, etc. The composite type may include: struct type, class type, etc.
Through static analysis, whether a memory address (first memory address) with collision possibility exists in the memory addresses corresponding to the first code can be identified. The code corresponding to the first memory address in the first code is called a fourth code, namely, the fourth code corresponds to the memory address with the possibility of collision. For example, it may be determined whether there are at least two pointers pointing to the same memory address or the same type of address range by analyzing the pointers. Specifically, an abstract event map (abstract event graph) may be constructed, analyzing pointers in the first code. Such as two pointers, pointer 1 and pointer 2, in the first code. Pointer 1 and pointer 2 are in different threads. If it is known through pointer analysis that the pointer 1 and the pointer 2 point to the same memory address, then the memory addresses pointed to by the pointer 1 and the pointer 2 simultaneously are conflicting memory addresses. However, the accuracy of the method of pointer analysis is not very high, and it cannot be precisely determined whether the memory addresses pointed by the pointer 1 and the pointer 2 are the same memory address, and only the possibility of collision of the pointed memory addresses can be considered.
The above method of analyzing pointers is only an example and is not limiting of the present application. In a specific implementation, it may also be analyzed whether at least two variables located in different threads point to the same memory address or the same type of address range in the first code, and whether at least one variable located in different threads and at least one pointer point to the same memory address or the same type of address range are not described in detail herein.
Referring to fig. 5, after the static analysis module 302 identifies the first memory address, the code generation module 303 may generate the following auxiliary codes according to the first memory address:
4011. the barrier checks the code.
The code generation module 303 may generate a barrier check code (barrier check) corresponding to the first memory address according to the first memory address, and generate a bitmap (bitmap) related to the first memory address access. The barrier check code is used to check whether there is a conflicting memory address in the first memory address. Specifically, the barrier check code is used to check, prior to loading (loading) a memory address, whether the memory address is being written by another thread. It is determined whether there is a conflicting memory address, i.e., a data race (data race) memory address. When the barrier code determines that there is a conflicting memory address in the first memory address, a portion of the bitmap corresponding to the conflicting memory address is set to 1.
4012. And (5) monitoring codes in the memory.
The code generation module 303 may generate a memory monitor code, where the memory monitor code may include a read-write of the first memory address into a monitor, and the memory monitor code may be a memory monitor hardware instruction.
4013. Code based on a weak memory model platform.
The code generation module 303 may generate code based on a weak memory model platform. Specifically, the code generating module 303 may generate a fifth code according to the fourth code, where the fifth code is a code based on a weak memory model. The fifth code has the same meaning as the fourth code.
4014. Converting the instruction.
The code generation module 303 may generate conversion instructions. The translate instruction is to translate the fourth code into a fifth code. The fifth code may be generated by disassembly and the conversion instruction may be generated.
The static analysis module 302 analyzes the first code to obtain a memory address (first memory address) with possibility of collision among memory addresses corresponding to the first code, so that most codes without data competition can be removed. So that only the fourth code corresponding to the first memory address needs to be detected later. Therefore, the additional overhead of program operation can be greatly reduced, the resources can be saved, and the time complexity can be reduced.
402. And generating executable binary codes according to the first codes, executing the binary codes and verifying whether conflicting memory addresses exist in the first memory addresses.
The compiling module 301 generates executable binary code from the first code. Specifically, the compiling module 301 may be a compiler, and may select a "-safe" option before compiling, and generate executable binary code according to the first code.
The dynamic verification module 304 executes the binary code generated by the compiling module 301 and verifies whether there is a conflicting memory address in the first memory address. Specifically, when the dynamic verification module 304 executes the binary code, the first memory address may be checked according to the barrier check code generated by the code generation module 303, to determine whether there is a conflicting memory address in the first memory address. Meanwhile, the code generation module 303 may also be used to monitor the first memory address by using a memory monitoring instruction to determine whether there is a conflicting memory address in the first memory address. The conflicting memory addresses are memory addresses for which write operations are performed by at least two processes simultaneously.
It should be noted that, in one embodiment, the binary code executed by the dynamic verification module 304 may be all binary codes generated by the compiling module 301 according to the first code. In another embodiment, the dynamic verification module 304 may select a binary code corresponding to the fourth code from all binary codes generated by the compiling module 301, and the dynamic verification module 304 may only execute the binary code corresponding to the fourth code and determine whether there is a conflicting memory address in the fourth code.
403. And when the conflicting memory address exists in the first memory address, acquiring a second code corresponding to the conflicting memory address.
If there is a conflicting memory address, the dynamic verification module 304 obtains a second code corresponding to the conflicting memory address.
It should be noted that, in step 401, a fourth code corresponding to the first memory address is acquired. The second code corresponding to the conflicting memory address may be obtained from the fourth code. The code quantity of the fourth code is far smaller than that of the first code, and compared with the second code obtained directly from the first code, the code quantity obtained from the fourth code is small, so that the efficiency can be improved, and the time can be saved.
In another embodiment, the second code may also be obtained directly from the first code.
404. The second code in the first code is converted into a third code.
The dynamic verification module 304 may convert the second code in the first code to a third code.
Since in step 201 the fifth code is generated from the fourth code. The dynamic verification module 304 may extract the third code directly from the fifth code and then replace the second code in the first code with the third code. The third code is a weak memory order model-based code corresponding to the conflicting memory address. The third code has the same meaning as the second code.
In another embodiment, after the dynamic verification module 304 obtains the second code in step 403, the code generating module 303 may generate a third code and a conversion instruction according to the second code, where the third code is a code based on the weak memory order model. The dynamic verification module 304 may then convert the second code of the first code to the third code according to the conversion instruction or directly replace the second code of the first code with the third code. The manner of generating the third code and the conversion instruction according to the second code may be understood with reference to step 201, for example, may be generated by a disassembling manner, which will not be described herein.
It should be noted that, in step 403, when the conflicting memory address exists in the first memory address, the function corresponding to the conflicting memory address may be rolled back, and the second code corresponding to the conflicting memory address may be converted into the third code. The binary code is then re-executed.
In the method for detecting memory disorder provided by the application, after the second code corresponding to the conflicting memory address is acquired, the second code can be converted into the third code; after the static analysis identifies the memory address with the possibility of collision, the fourth code corresponding to the memory address with the possibility of collision may be converted into a fifth code, and then a third code may be extracted from the fifth code, and the second code may be replaced with the third code. And are not limited herein.
The method does not adopt symbolic execution or static analysis mode to perform exhaustive exploration, can avoid the problem of high time complexity caused by the exhaustive exploration, and can be applied to large programs. In the method, the first code is statically analyzed, and a memory address (first memory address) with possibility of collision in the memory addresses corresponding to the first code is identified. Thus, most codes without memory conflict in the first code can be removed, and a fourth code corresponding to a memory address which is possibly in conflict is obtained. The additional overhead of program operation can be reduced, and the time complexity is reduced.
When the binary code is executed, whether conflicting memory instructions exist in the first memory address can be verified according to the barrier check code and the memory monitor instruction. And when the conflicting memory instruction exists, converting the conflicting second code in the first code into a third code. Therefore, correction is not needed in a manual mode, labor can be saved, and the scheme can be applied to a large program.
It should be noted that, the method for detecting memory disorder provided in the above embodiment is applied to a scenario of checking memory disorder performed on a multi-threaded program before the multi-threaded program is migrated from a platform based on a strong memory order model to a platform based on a weak memory order model. In the actual implementation process, the method can be also suitable for other scenes for detecting the memory disorder. The method may also be applied, without limitation, to migrating a multithreaded program from one strong memory order model-based platform to another strong memory order model-based platform, and from one weak memory order model-based platform to another weak memory order model-based platform, for example.
The application also provides a computing device for detecting the memory disorder, please refer to fig. 6. The computing device 60 is configured to perform the method of detecting memory disorder described above. The computing device 60 includes:
the first processing unit 601 is configured to obtain a first code, identify a first memory address in memory addresses corresponding to the first code, where the first memory address is a memory address that is identified by the first processing unit through static analysis and is likely to collide. The details are understood with reference to step 401, and will not be described herein.
The fourth processing unit 604 is configured to generate a barrier check code corresponding to the first memory address. Please refer to step 401 for understanding, and detailed description thereof is omitted herein.
The seventh processing unit 607 is configured to generate a memory monitoring instruction corresponding to the first memory address. Please refer to step 401 for understanding, and detailed description thereof is omitted herein.
The second processing unit 602 is configured to generate an executable binary code according to the first code, execute the binary code, and verify whether there is a conflicting memory address in the first memory address. Specifically, the second processing unit 602 is configured to determine, by using the barrier check code generated by the fourth processing unit 604, whether a conflicting memory address exists in the first memory address, where the conflicting memory address is a memory address where data contention exists. Further, the second processing unit 602 is configured to determine, by using the barrier check code, whether there is a memory address in the first memory address where the write operation is performed by at least two processes simultaneously. The details are understood with reference to step 402, and will not be described herein. The second processing unit 602 is further configured to monitor the first memory address and determine whether there is a conflicting memory address in the first memory address by using the memory monitoring instruction generated by the seventh processing unit 607. Please refer to step 402 for understanding, which is not described herein.
The third processing unit 603 is configured to obtain, when a conflicting memory address exists in the first memory address, a second code corresponding to the conflicting memory address, where the first code includes the second code. Please refer to step 403 for understanding, and detailed description thereof is omitted herein.
The eighth processing unit 608 is configured to obtain a fourth code from the first code, where the fourth code corresponds to the first memory address, the fourth code includes a second code, and the fourth code is a code based on a strong memory order model. Please refer to steps 401, 403 and 404 for understanding, and are not described herein.
The ninth processing unit 609 is configured to generate a fifth code according to the fourth code, and generate a conversion instruction for converting the fourth code into the fifth code, where the fifth code is a code based on the weak memory order model, and the fifth code includes a third code. Please refer to step 401 and step 404 for understanding, which are not described herein.
The fifth processing unit 605 is configured to obtain a third code corresponding to a second code, where the second code is a code based on a strong memory order model, the third code is a code based on a weak memory order model, and the third code corresponds to a memory address where a conflict exists. Specifically, the fifth processing unit 605 is configured to obtain a third code corresponding to the second code from the fifth code. Please refer to step 404 for understanding, and detailed description thereof is omitted.
The sixth processing unit 606 is configured to convert the second code in the first code into a third code. Specifically, the sixth processing unit 606 is configured to convert the second code in the first code into the third code according to the conversion instruction. Please refer to step 404 for understanding, and detailed description thereof is omitted.
The present application provides a computing device 60 for detecting memory disorder, where the computing device 60 can identify a first memory address in memory addresses corresponding to a first code, where the first memory address is a memory address with possibility of collision. The computing device 60 is not an exhaustive search using the commonly used static symbolic execution or static analysis approach. During execution of binary code, the computing device 60 may dynamically verify whether conflicting memory addresses exist in the first memory address. And most of memory addresses without conflict do not need to be verified, so that the operand can be reduced, the storage space can be saved, and the time complexity can be reduced.
Fig. 7 is a schematic diagram of a computing device for detecting memory disorder, and as shown in fig. 7, the computing device 70 includes a processor 701, where the processor 701 is connected to a memory 702 through a connection 703. The processor 701 may be a field programmable gate array (field programmable gate array, FPGA), or a digital signal processor (digital signal processor, DSP) or any combination thereof. Processor 701 may also be a single-core processor or a multi-core processor.
The memory 702 may be random access memory (random access memory, RAM), flash memory, read Only Memory (ROM), erasable programmable read only memory (erasable programmable read only memory, EPROM), charged erasable programmable read only memory (electrically erasable programmable read only memory, EEPROM), registers, or any other form of storage medium known in the art, and the memory may be used to store program instructions 7021 and an operating system 7022, the program instructions 7021 when executed by the processor 701, the processor 701 performs the method of detecting memory disorder described in the above embodiments.
The connection line 703 is used to transfer information between the components of the computer apparatus, and the connection line 703 may be a wired connection or a wireless connection, which is not limited in this application. The connection line 703 is also connected to a network interface 704.
Network interface 704 uses, but is not limited to, a connection device such as a cable or electrical strand to enable communication with other devices or networks, and network interface 704 may also be interconnected with the network in a wireless fashion.
Some features of embodiments of the present application may be implemented/supported by processor 701 executing program instructions or software code in memory 702.
In one embodiment of the present application, when the memory 702 is loaded with program instructions 7021, the processor 701 may implement the function/logic block related transactions as shown in FIG. 6.
Optionally, the computing device 70 may also include a secondary memory 706 and an input/output interface 705, the secondary memory 706 being used for the secondary memory 702 to store program instructions. The input/output interface 705 is used to interact with devices external to the computing apparatus 70 that detect memory disorder, to obtain data input by or output data to external devices.
Moreover, FIG. 7 is merely an example of a computing device 70 that detects memory corruption, and the computing device 70 that detects memory corruption may include more or fewer components than illustrated in FIG. 7, or may have a different arrangement of components. Meanwhile, various components shown in fig. 7 may be implemented in hardware, software, or a combination of hardware and software. For example, the memory and the processor may be implemented in one module, and instructions in the memory may be written into the memory in advance, or may be loaded by a subsequent processor during execution.
The present application also provides a computer program product for causing a computer device to perform a method of detecting memory disorder as provided herein when the computer program product is run on the computer device.
The present application also provides a computer readable storage medium comprising a computer program or instructions which, when run on a computer device, cause the computer device to perform the provided method of detecting memory disorder.
The foregoing has described in detail a method and a computing device for detecting memory disorder provided by the embodiments of the present application, and specific examples have been applied herein to illustrate the principles and embodiments of the present invention, and the above description of the embodiments is only for aiding in understanding the method and core idea of the present invention; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in accordance with the ideas of the present invention, the present description should not be construed as limiting the present invention in view of the above. Although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the corresponding technical solutions.
Claims (13)
1. A method of detecting memory disorder, the method comprising:
acquiring a first code, and identifying a first memory address in memory addresses corresponding to the first code, wherein the first memory address is a memory address with collision possibility identified through static analysis, and the code corresponding to the first memory address in the first code is a fourth code, and the fourth code corresponds to the memory address with collision possibility;
generating executable binary codes according to the first codes, executing the binary codes and determining whether conflicting memory addresses exist in the first memory addresses; wherein the executing the binary code and determining whether there is a conflicting memory address in the first memory address includes: selecting a binary code corresponding to the fourth code from the binary codes, executing the binary code corresponding to the fourth code, and determining whether a conflicting memory address exists in the fourth code;
and when the conflicting memory address exists in the first memory address, acquiring a second code corresponding to the conflicting memory address.
2. The method of claim 1, wherein after identifying the first memory address in the memory addresses corresponding to the first code, the method further comprises:
generating a barrier check code corresponding to the first memory address;
the determining whether there is a conflicting memory address in the first memory address includes:
and determining whether a conflict memory address exists in the first memory address through the barrier check code, wherein the conflict memory address is a memory address with data contention.
3. The method of claim 2, wherein the determining, by the barrier check code, whether there is a conflicting memory address in the first memory address comprises:
determining, by the barrier check code, whether there is a memory address in the first memory address for which a write operation is performed by at least two processes simultaneously.
4. A method according to any one of claims 1 to 3, wherein after the retrieving the second code corresponding to the conflicting memory address, the method further comprises:
acquiring a third code corresponding to the second code, wherein the second code is a code based on a strong memory order model, the third code is a code based on a weak memory order model, and the third code corresponds to the memory address with conflict;
The second code in the first code is converted to the third code.
5. The method of claim 4, wherein the first code is code running on an X86 architecture and the third code is code running on an advanced reduced instruction set processor ARM architecture.
6. The method according to any one of claims 1 to 5, wherein after the identifying the first memory address in the memory addresses corresponding to the first code, the method further comprises:
generating a memory monitoring instruction corresponding to the first memory address;
the determining whether there is a conflicting memory address in the first memory address includes:
monitoring the first memory address through the memory monitoring instruction and determining whether a conflict memory address exists in the first memory address.
7. A computing device that detects memory disorder, the computing device comprising:
the first processing unit is used for acquiring a first code, identifying a first memory address in memory addresses corresponding to the first code, wherein the first memory address is a memory address with collision possibility identified through static analysis, and the code corresponding to the first memory address in the first code is a fourth code, and the fourth code corresponds to the memory address with collision possibility;
A second processing unit, configured to generate an executable binary code according to the first code, execute the binary code, and determine whether there is a conflicting memory address in the first memory address; wherein the executing the binary code and determining whether there is a conflicting memory address in the first memory address includes: selecting a binary code corresponding to the fourth code from the binary codes, executing the binary code corresponding to the fourth code, and determining whether a conflicting memory address exists in the fourth code;
and the third processing unit is used for acquiring a second code corresponding to the conflicted memory address when the conflicted memory address exists in the first memory address.
8. The computing device of claim 7, wherein the computing device further comprises:
a fourth processing unit, configured to generate a barrier check code corresponding to the first memory address;
the second processing unit is specifically configured to determine, through the barrier check code, whether a conflicting memory address exists in the first memory address, where the conflicting memory address is a memory address with data contention.
9. The computing device of claim 8, wherein the computing device is configured to,
the second processing unit is specifically configured to determine, by using the barrier check code, whether a memory address in the first memory address is a memory address in which at least two processes perform a write operation simultaneously.
10. The computing device according to any one of claims 7 to 9, further comprising:
a fifth processing unit, configured to obtain a third code corresponding to the second code, where the second code is a code based on a strong memory order model, the third code is a code based on a weak memory order model, and the third code corresponds to the memory address where the conflict exists;
and a sixth processing unit, configured to convert the second code in the first code into the third code.
11. The computing device of claim 10, wherein the computing device is configured to,
the first code is code running on an X86 architecture and the third code is code running on an advanced reduced instruction set processor ARM architecture.
12. The computing device according to any one of claims 7 to 11, further comprising:
A seventh processing unit, configured to generate a memory monitoring instruction corresponding to the first memory address;
the second processing unit is specifically configured to monitor the first memory address through the memory monitoring instruction and determine whether a conflicting memory address exists in the first memory address.
13. A computing device for detecting memory disorder, the computing device comprising a processor and a memory, the memory for storing a computer program, the processor for executing the computer program in the memory to implement the method for detecting memory disorder as recited in any one of claims 1-6.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010467006.5A CN113742252B (en) | 2020-05-28 | 2020-05-28 | Method and device for detecting memory disorder |
| PCT/CN2021/086743 WO2021238462A1 (en) | 2020-05-28 | 2021-04-12 | Method and device for detecting memory out-of-order |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010467006.5A CN113742252B (en) | 2020-05-28 | 2020-05-28 | Method and device for detecting memory disorder |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113742252A CN113742252A (en) | 2021-12-03 |
| CN113742252B true CN113742252B (en) | 2024-03-29 |
Family
ID=78724120
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010467006.5A Active CN113742252B (en) | 2020-05-28 | 2020-05-28 | Method and device for detecting memory disorder |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN113742252B (en) |
| WO (1) | WO2021238462A1 (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116257173A (en) * | 2021-12-10 | 2023-06-13 | 华为技术有限公司 | Data processing method, device, system, computing equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101963918A (en) * | 2010-10-26 | 2011-02-02 | 上海交通大学 | Method for realizing virtual execution environment of central processing unit (CPU)/graphics processing unit (GPU) heterogeneous platform |
| CN103235745A (en) * | 2013-03-27 | 2013-08-07 | 华为技术有限公司 | Address conflict detection method and device |
| CN108874470A (en) * | 2017-05-11 | 2018-11-23 | 腾讯科技(深圳)有限公司 | A kind of information processing method and server, computer storage medium |
| CN110909358A (en) * | 2019-10-22 | 2020-03-24 | 上海安智信息科技有限公司 | Shaping vulnerability detection method based on dynamic and static analysis |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170192791A1 (en) * | 2015-12-30 | 2017-07-06 | Elmoustapha Ould-Ahmed-Vall | Counter to Monitor Address Conflicts |
-
2020
- 2020-05-28 CN CN202010467006.5A patent/CN113742252B/en active Active
-
2021
- 2021-04-12 WO PCT/CN2021/086743 patent/WO2021238462A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101963918A (en) * | 2010-10-26 | 2011-02-02 | 上海交通大学 | Method for realizing virtual execution environment of central processing unit (CPU)/graphics processing unit (GPU) heterogeneous platform |
| CN103235745A (en) * | 2013-03-27 | 2013-08-07 | 华为技术有限公司 | Address conflict detection method and device |
| CN108874470A (en) * | 2017-05-11 | 2018-11-23 | 腾讯科技(深圳)有限公司 | A kind of information processing method and server, computer storage medium |
| CN110909358A (en) * | 2019-10-22 | 2020-03-24 | 上海安智信息科技有限公司 | Shaping vulnerability detection method based on dynamic and static analysis |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021238462A1 (en) | 2021-12-02 |
| CN113742252A (en) | 2021-12-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20170010957A1 (en) | Method for Multithreaded Program Output Uniqueness Testing and Proof-Generation, Based on Program Constraint Construction | |
| US20110314338A1 (en) | Data collisions in concurrent programs | |
| CN107329889B (en) | Method for automatically testing C compiler | |
| CN112650676A (en) | Software testing method, device, equipment and storage medium | |
| Bai et al. | {DSAC}: Effective Static Analysis of {Sleep-in-Atomic-Context} Bugs in Kernel Modules | |
| CN112925524A (en) | Method and device for detecting unsafe direct memory access in driver | |
| US8972784B2 (en) | Method and device for testing a system comprising at least a plurality of software units that can be executed simultaneously | |
| US8589734B2 (en) | Verifying correctness of processor transactions | |
| CN113742252B (en) | Method and device for detecting memory disorder | |
| CN113918465A (en) | Compatibility testing method and device, electronic equipment and readable storage medium | |
| US11599342B2 (en) | Pathname independent probing of binaries | |
| KR20190054938A (en) | Simulation device, simulation system, simulation method, and simulation program | |
| US9015673B2 (en) | Method for developing software in a parallel computing environment | |
| US9111034B2 (en) | Testing of run-time instrumentation | |
| Wang et al. | Detecting data races in interrupt-driven programs based on static analysis and dynamic simulation | |
| CN112506806B (en) | Method for debugging program, electronic device and storage medium | |
| US7222064B1 (en) | Instruction processor emulation having inter-processor messaging accounting | |
| Bai et al. | {DLOS}: Effective Static Detection of Deadlocks in {OS} Kernels | |
| CN116048887A (en) | Chip verification method, device, system, electronic equipment and storage medium | |
| CN110096888B (en) | Method and system for accelerating verification and analyzing SMM potential safety hazard | |
| CN114153750B (en) | Code checking method and device, code compiling method and electronic equipment | |
| RU2793750C1 (en) | Method to confirm reused software requirements during change management | |
| CN116861829B (en) | Method for locating errors in logic system design and electronic equipment | |
| CN112416666B (en) | Self-checking random test method and random circulating test device | |
| CN111240974B (en) | Log output method and device, electronic equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |