Skip to main content
SpringerLink
Log in

Fault Localization of Concurrency Bugs and Its Application in Web Security

  • Conference paper
Algorithms and Architectures for Parallel Processing (ICA3PP 2014)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 8631))

  • 2628 Accesses

Abstract

Concurrent testing is of great importance to web security. This paper presents a new automated edge-labeled communication graph based locating technique, called LUCON, to find buggy memory access pair and to present buggy pattern and to build bug triggering scenario. In LUCON, the buggy pattern gives the essence of the bug and the bug triggering scenario shows how the bug happens. LUCON can discover significant types of concurrency bugs, including order violations and both single-variable and multi-variable atomicity violations. Experimental results prove that LUCON can locate concurrency bugs in real client/server applications such as Mysql and Apache accurately and provide bug reports to help programmer understand the bug.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. McDowell, C.E., Helmbold, D.P.: Debugging concurrent programs. ACM Computing Surveys (CSUR) 21(4), 593–622 (1989)

    Article  Google Scholar 

  2. Flanagan, C., Freund, S.N.: Fasttrack: efficient and precise dynamic race detection. ACM Sigplan Notices 44, 121–133 (2009)

    Article  Google Scholar 

  3. Savage, S., Burrows, M., Nelson, G., Sobalvarro, P., Anderson, T.: Eraser: A dynamic data race detector for multithreaded programs. ACM Transactions on Computer Systems (TOCS) 15(4), 391–411 (1997)

    Article  Google Scholar 

  4. Park, S., Vuduc, R.W., Harrold, M.J.: Falcon: fault localization in concurrent programs. In: Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering, vol. 1, pp. 245–254. ACM (2010)

    Google Scholar 

  5. Lu, S., Tucek, J., Qin, F., Zhou, Y.: Avio: detecting atomicity violations via access interleaving invariants. In: ACM SIGOPS Operating Systems Review, vol. 40, pp. 37–48. ACM (2006)

    Google Scholar 

  6. Park, S., Lu, S., Zhou, Y.: Ctrigger: exposing atomicity violation bugs from their hiding places. ACM Sigplan Notices 44(3), 25–36 (2009)

    Article  Google Scholar 

  7. Lucia, B., Ceze, L., Strauss, K.: Colorsafe: architectural support for debugging and dynamically avoiding multi-variable atomicity violations. In: ACM SIGARCH Computer Architecture News, vol. 38, pp. 222–233. ACM (2010)

    Google Scholar 

  8. Vaziri, M., Tip, F., Dolby, J.: Associating synchronization constraints with data in an object-oriented language. ACM SIGPLAN Notices 41, 334–345 (2006)

    Article  Google Scholar 

  9. Lucia, B., Ceze, L.: Finding concurrency bugs with context-aware communication graphs. In: Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture, pp. 553–563 (2009)

    Google Scholar 

  10. Shi, Y., Park, S., Yin, Z., Lu, S., Zhou, Y., Chen, W., Zheng, W.: Do i use the wrong definition?: Defuse: definition-use invariants for detecting concurrency and sequential bugs. ACM Sigplan Notices 45, 160–174 (2010)

    Article  Google Scholar 

  11. Lucia, B., Wood, B.P., Ceze, L.: Isolating and understanding concurrency errors using reconstructed execution fragments. ACM SIGPLAN Notices 46, 378–388 (2011)

    Article  Google Scholar 

  12. Pintool, http://www.pintool.org/

  13. Lu, S., Park, S., Seo, E., Zhou, Y.: Learning from mistakes: a comprehensive study on real world concurrency bug characteristics. ACM Sigplan Notices 43, 329–339 (2008)

    Article  Google Scholar 

  14. Park, S., Vuduc, R., Harrold, M.J.: A unified approach for localizing non-deadlock concurrency bugs. In: 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation (ICST), pp. 51–60. IEEE (2012)

    Google Scholar 

  15. Edelstein, O., Farchi, E., Nir, Y., Ratsaby, G., Ur, S.: Multithreaded java program test generation. IBM Systems Journal 41(1), 111–125 (2002)

    Article  Google Scholar 

  16. Sen, K.: Race directed random testing of concurrent programs. ACM SIGPLAN Notices 43, 11–21 (2008)

    Article  Google Scholar 

  17. Park, C.S., Sen, K.: Randomized active atomicity violation detection in concurrent programs. In: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 135–145. ACM (2008)

    Google Scholar 

  18. Sorrentino, F., Farzan, A., Madhusudan, P.: Penelope: weaving threads to expose atomicity violations. In: Proceedings of the Eighteenth ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 37–46. ACM (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Software Development Environment, Beihang University, Beijing, China

    Zhenyuan Jiang

  2. School of Computer Science and Engineering, Beihang University, Beijing, China

    Zhenyuan Jiang

Authors
  1. Zhenyuan Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Illinois Institute of Technology, 60616-3793, Chicago, IL, USA

    Xian-he Sun

  2. School of Computer Science and Technology, Dalian Maritime University, 1 Linghai Road, 116026, Dalian, China

    Wenyu Qu

  3. SEECS, University of Ottawa, 8, King Edward Ave, K1N 6N5, Ottawa, ON, Canada

    Ivan Stojmenovic

  4. Deakin University, 221 Burwood Highway, 3125, Burwood, VIC, Australia

    Wanlei Zhou

  5. Dalian Maritime University, NO.1 Linhai Road Dailian, 116026, China

    Zhiyang Li

  6. BeiHang University, XueYuan Road No.37, HaiDian District, Beijing, China

    Hua Guo

  7. University of Bradford, BD7 1DP, Bradford, West Yorkshire, United Kingdom

    Geyong Min

  8. Dalian Maritime University, NO.1 Linhai Road Dailian, China, 116026

    Tingting Yang

  9. Computer Network Information Center, Chinese Academy of Sciences, 100190, Beijing, China

    Yulei Wu

  10. Shandong University, 27 Shanda Nanlu, 250100, Jinan City, Shandong Province, China

    Lei Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Jiang, Z. (2014). Fault Localization of Concurrency Bugs and Its Application in Web Security. In: Sun, Xh., et al. Algorithms and Architectures for Parallel Processing. ICA3PP 2014. Lecture Notes in Computer Science, vol 8631. Springer, Cham. https://doi.org/10.1007/978-3-319-11194-0_55

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-11194-0_55

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-11193-3

  • Online ISBN: 978-3-319-11194-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation