A Certified Data Race Analysis for a Java-like Language

  • Frédéric Dabrowski
  • David Pichardie
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5674)


A fundamental issue in multithreaded programming is detecting data races. A program is said to be well synchronised if it does not contain data races w.r.t. an interleaving semantics. Formally ensuring this property is central, because the java Memory Model then guarantees that one can safely reason on the interleaved semantics of the program. In this work we formalise in the coq proof assistant a java bytecode data race analyser based on the conditional must-not alias analysis of Naik and Aiken. The formalisation includes a context-sensitive points-to analysis and an instrumented semantics that counts method calls and loop iterations. Our java-like language handles objects, virtual method calls, thread spawning and lock and unlock operations for threads synchronisation.


Memory Location Program Point Data Race Method Context Alias Analysis 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    AMD. Amd64 architecture programmer’s manual volume 2: System programming. Technical Report 24593 (2007)Google Scholar
  2. 2.
    Aspinall, D., Sevcík, J.: Formalising java’s data race free guarantee. In: Schneider, K., Brandt, J. (eds.) TPHOLs 2007. LNCS, vol. 4732, pp. 22–37. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  3. 3.
    Boyapati, C., Lee, R., Rinard, M.: Ownership types for safe programming: preventing data races and deadlocks. In: ACM Press (ed.) Proc. of OOPSLA 2002, New York, NY, USA, pp. 211–230 (2002)Google Scholar
  4. 4.
    Boyapati, C., Rinard, M.: A parameterized type system for race-free Java programs. In: ACM Press (ed.) Proc. of OOPSLA 2001, New York, NY, USA, pp. 56–69 (2001)Google Scholar
  5. 5.
    Flanagan, C., Abadi, M.: Types for safe locking. In: Swierstra, S.D. (ed.) ESOP 1999. LNCS, vol. 1576, pp. 91–108. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  6. 6.
    Cachera, D., Jensen, T., Pichardie, D., Rusu, V.: Extracting a Data Flow Analyser in Constructive Logic. Theoretical Computer Science 342(1), 56–78 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Flanagan, C., Freund, S.N.: Type-based race detection for java. In: Proc. of PLDI 2000, pp. 219–232. ACM Press, New York (2000)Google Scholar
  8. 8.
    Hobor, A., Appel, A.W., Zappa Nardelli, F.: Oracle semantics for concurrent separation logic. In: Drossopoulou, S. (ed.) ESOP 2008. LNCS, vol. 4960, pp. 353–367. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  9. 9.
    Huisman, M., Petri, G.: The Java memory model: a formal explanation. In: Verification and Analysis of Multi-threaded Java-like Programs, VAMP (2007) (to appear)Google Scholar
  10. 10.
    Intel. Intel 64 architecture memory ordering white paper. Technical Report SKU 318147-001 (2007)Google Scholar
  11. 11.
    Klein, G., Nipkow, T.: A machine-checked model for a Java-like language, virtual machine and compiler. ACM Transactions on Programming Languages and Systems 28(4), 619–695 (2006)CrossRefGoogle Scholar
  12. 12.
    Lammich, P., Müller-Olm, M.: Formalization of conflict analysis of programs with procedures, thread creation, and monitors. In: The Archive of Formal Proofs (2007)Google Scholar
  13. 13.
    Leroy, X.: Formal certification of a compiler back-end, or: programming a compiler with a proof assistant. In: Proc. of POPL 2006, pp. 42–54. ACM Press, New York (2006)Google Scholar
  14. 14.
    Leveson, N.G.: Safeware: system safety and computers. ACM, NY (1995)Google Scholar
  15. 15.
    Manson, J., Pugh, W., Adve, S.V.: The Java Memory Model. In: Proc. of POPL 2005, pp. 378–391. ACM Press, New York (2005)Google Scholar
  16. 16.
    Naik, M.: Effective Static Data Race Detection For Java. PhD thesis, Standford University (2008)Google Scholar
  17. 17.
    Naik, M., Aiken, A.: Conditional must not aliasing for static race detection. In: Proc. of POPL 2007, pp. 327–338. ACM Press, New York (2007)Google Scholar
  18. 18.
    Naik, M., Aiken, A., Whaley, J.: Effective static race detection for java. In: Proc. of PLDI 2006, pp. 308–319. ACM Press, New York (2006)Google Scholar
  19. 19.
    Petri, G., Huisman, M.: BicolanoMT: a formalization of multi-threaded Java at bytecode level. In: Bytecode 2008. Electronic Notes in Theoretical Computer Science (2008)Google Scholar
  20. 20.
    Poulsen, K.: Tracking the blackout bug (2004)Google Scholar
  21. 21.
    Sun Microsystems, Inc. JSR 133 Expert Group, Java Memory Model and Thread Specification Revision (2004)Google Scholar
  22. 22.
    Whaley, J., Lam, M.S.: Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In: Proc. of PLDI 2004, pp. 131–144. ACM, New York (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Frédéric Dabrowski
    • 1
  • David Pichardie
    • 1
  1. 1.INRIA, Centre Rennes - Bretagne Atlantique, RennesFrance

Personalised recommendations