Abstract
Concurrent testing is of great importance to web security. This paper presents a new automated edge-labeled communication graph based locating technique, called LUCON, to find buggy memory access pair and to present buggy pattern and to build bug triggering scenario. In LUCON, the buggy pattern gives the essence of the bug and the bug triggering scenario shows how the bug happens. LUCON can discover significant types of concurrency bugs, including order violations and both single-variable and multi-variable atomicity violations. Experimental results prove that LUCON can locate concurrency bugs in real client/server applications such as Mysql and Apache accurately and provide bug reports to help programmer understand the bug.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
McDowell, C.E., Helmbold, D.P.: Debugging concurrent programs. ACM Computing Surveys (CSUR) 21(4), 593–622 (1989)
Flanagan, C., Freund, S.N.: Fasttrack: efficient and precise dynamic race detection. ACM Sigplan Notices 44, 121–133 (2009)
Savage, S., Burrows, M., Nelson, G., Sobalvarro, P., Anderson, T.: Eraser: A dynamic data race detector for multithreaded programs. ACM Transactions on Computer Systems (TOCS) 15(4), 391–411 (1997)
Park, S., Vuduc, R.W., Harrold, M.J.: Falcon: fault localization in concurrent programs. In: Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering, vol. 1, pp. 245–254. ACM (2010)
Lu, S., Tucek, J., Qin, F., Zhou, Y.: Avio: detecting atomicity violations via access interleaving invariants. In: ACM SIGOPS Operating Systems Review, vol. 40, pp. 37–48. ACM (2006)
Park, S., Lu, S., Zhou, Y.: Ctrigger: exposing atomicity violation bugs from their hiding places. ACM Sigplan Notices 44(3), 25–36 (2009)
Lucia, B., Ceze, L., Strauss, K.: Colorsafe: architectural support for debugging and dynamically avoiding multi-variable atomicity violations. In: ACM SIGARCH Computer Architecture News, vol. 38, pp. 222–233. ACM (2010)
Vaziri, M., Tip, F., Dolby, J.: Associating synchronization constraints with data in an object-oriented language. ACM SIGPLAN Notices 41, 334–345 (2006)
Lucia, B., Ceze, L.: Finding concurrency bugs with context-aware communication graphs. In: Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture, pp. 553–563 (2009)
Shi, Y., Park, S., Yin, Z., Lu, S., Zhou, Y., Chen, W., Zheng, W.: Do i use the wrong definition?: Defuse: definition-use invariants for detecting concurrency and sequential bugs. ACM Sigplan Notices 45, 160–174 (2010)
Lucia, B., Wood, B.P., Ceze, L.: Isolating and understanding concurrency errors using reconstructed execution fragments. ACM SIGPLAN Notices 46, 378–388 (2011)
Pintool, http://www.pintool.org/
Lu, S., Park, S., Seo, E., Zhou, Y.: Learning from mistakes: a comprehensive study on real world concurrency bug characteristics. ACM Sigplan Notices 43, 329–339 (2008)
Park, S., Vuduc, R., Harrold, M.J.: A unified approach for localizing non-deadlock concurrency bugs. In: 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation (ICST), pp. 51–60. IEEE (2012)
Edelstein, O., Farchi, E., Nir, Y., Ratsaby, G., Ur, S.: Multithreaded java program test generation. IBM Systems Journal 41(1), 111–125 (2002)
Sen, K.: Race directed random testing of concurrent programs. ACM SIGPLAN Notices 43, 11–21 (2008)
Park, C.S., Sen, K.: Randomized active atomicity violation detection in concurrent programs. In: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 135–145. ACM (2008)
Sorrentino, F., Farzan, A., Madhusudan, P.: Penelope: weaving threads to expose atomicity violations. In: Proceedings of the Eighteenth ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 37–46. ACM (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Jiang, Z. (2014). Fault Localization of Concurrency Bugs and Its Application in Web Security. In: Sun, Xh., et al. Algorithms and Architectures for Parallel Processing. ICA3PP 2014. Lecture Notes in Computer Science, vol 8631. Springer, Cham. https://doi.org/10.1007/978-3-319-11194-0_55
Download citation
DOI: https://doi.org/10.1007/978-3-319-11194-0_55
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11193-3
Online ISBN: 978-3-319-11194-0
eBook Packages: Computer ScienceComputer Science (R0)