How do I detect memory access violation and/or memory race conditions?

Question

I have a target platform reporting when memory is read from or written to as well as when locks(think mutex for example) are taken/freed. It reports the program counter, data address and read/write flag. I am writing a program to use this information on a separate host machine where the reports are received so it does not interfere with the target. The target already reports this data so I am not changing the target code at all.

Are there any references or already available algorithms that do this kind of detection? For example, some way of detecting race conditions when multiple threads try to write to a global variable without protecting it first.

I am currently brewing my own but I convince myself there is definitely some code out there that does this already. Or at least some proven algorithm of how to go about it.

Note This is not to detect memory leaks.

Note Implementation language is C++

I am trying to make the detection code I write platform agnostic so I am using STL and just Standard C++ with libraries like boost, poco, loki.

Any leads will help

thanks.

Answer 1

There is no standard way, since the C/C++ standards do not deal with OS specific concepts like memory protection. Have a look at Breakpad, the crash reporting library used by Mozilla on various platforms like OS X, Win32 or Linux.

Answer 2

It is probably too late to talk you out of this, but this does not work. Threading races are caused by subtle timing issues between threads. You can never diagnose timing related problems with logging. Heisenbergian, just logging alters the timing of a thread. Especially the kind you are contemplating. Infamously, there's plenty of software that shipped with logging kept turned on because it would nosedive with it turned off.

Flushing out threading bugs is hard. The kind of tool that works is one that intentionally injects random delays in code. Microsoft CHESS is an example, works on native code too.

Answer 3

Check out this article by Andrei Alexandrescu: http://www.drdobbs.com/184403766;jsessionid=LKUUBKFR00O0VQE1GHRSKH4ATMY32JVN

It advocates using the volatile keyword on your data that is accessed by more than one thread. If you cast away that volatility with your locking mechanism, you will know via compiler error where you need to lock that data.

I have used this method and found it extremely helpful.

Hope that helps.

Answer 4

To address only part of your question, race conditions are extremely nasty precisely because there is no good way to test for them. By definition they're unpredictable sequences of events that are quite difficult to diagnose. Detection code depends on the fact that the race condition is actually happening, and in that case it's likely that you'll see errant behavior anyway. Any test code you add may make them more or less likely to appear, or possibly even change the timing such that they never appear at all.

Instead of trying to detect race conditions, what about attempting program design that helps make you more resilient to having them in the first place?

For example if your global variable were simply encapsulated in an object that knows all the proper protection that needs to happen on access, then it's impossible for threads to concurrently write to it, because such a interface doesn't exist. Programmatically preventing race conditions is going to be easier than trying to detect them algorithmically (chances are you'll still catch some during unit/subsystem testing).