A Scalable, Sound, Eventually-Complete Algorithm for Deadlock Immunity

Jula, Horatiu; Candea, George

doi:10.1007/978-3-540-89247-2_8

Cited by 6 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We focus on non-deadlock bugs since their characteristics are the most similar to concurrency vulnerabilities, and have been shown to lead to memory corruption and even to concurrency vulnerabilities. However, we encourage the reader to refer to existing literature for further information on deadlock detection and mitigation [18], [19]. Since this work is focused on unsafe C and C++ programs, we also do not consider approaches for other languages such as Java [20].…”

Section: B Detection Approachesmentioning

confidence: 99%

When Memory Corruption Met Concurrency: Vulnerabilities in Concurrent Programs

2023

View full text Add to dashboard Cite

Concurrent programs are widespread in modern systems. They make better use of processor resources but inevitably introduce a new set of problems in terms of reliability and security. Concurrency bugs usually lead to program crashes and unexpected behavior, and are an active research topic. From a security perspective, concurrency vulnerabilities are those that exhibit harmful behavior exclusively in concurrent executions. They can take place in a diverse range of environments, such as in operating system kernels, file system operations, or general-purpose multithreaded programs. A particular characteristic of concurrency is that it not only introduces new problems, but also enables traditional vulnerabilities to be triggered in concurrent-specific ways. Those that lead to dangerous security vulnerabilities usually cause memory corruption, a strong and flexible primitive for exploitation, and are known as concurrency memory corruption vulnerabilities. In this paper, we systematically analyze concurrency vulnerabilities in C and C++ programs, their exploitation and their detection, focusing on concurrency memory corruption vulnerabilities. We organize previous work on concurrency bug characteristics and detection, and highlight the differences in relation to vulnerabilities. Then, we examine the existence of concurrency vulnerabilities in real-world programs by searching the CVE database and point out a growing trend. Further, we analyze and compare existing detection approaches towards concurrency memory corruption.

show abstract

Section: B Detection Approachesmentioning

confidence: 99%

When Memory Corruption Met Concurrency: Vulnerabilities in Concurrent Programs

2023

View full text Add to dashboard Cite

show abstract

“…JIT analyses and profiling can consume the information about these deadlock potentials in order to discover deadlock patterns with a lower runtime overhead. Jula et al described a different approach to pattern-based deadlock avoidance [7,8]. Their avoidance strategy was to use monitor wait() to adjust the timing of lock operations that could potentially lead to deadlocks.…”

Section: Related Workmentioning

confidence: 99%

Pattern-driven deadlock avoidance

Zeng

2009

Proceedings of the 7th Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging

View full text Add to dashboard Cite

show abstract

A Scalable, Sound, Eventually-Complete Algorithm for Deadlock Immunity

Jula

Candea

2008

Runtime Verification

View full text Add to dashboard Cite

Abstract. We introduce the concept of deadlock immunity-a program's ability to avoid all deadlocks that match patterns of deadlocks experienced in the past. We present here an algorithm for enabling large software systems to automatically acquire such immunity without any programmer assistance. We prove that the algorithm is sound and complete with respect to the immunity property. We implemented the algorithm as a tool for Java programs, and measurements show it introduces only modest performance overhead in real, large applications like JBoss. Deadlock immunity is as useful as complete freedom from deadlocks in many practical cases, so we see the present algorithm as a pragmatic step toward ridding complex concurrent programs of their deadlocks.

show abstract

A Scalable, Sound, Eventually-Complete Algorithm for Deadlock Immunity

Cited by 6 publications

References 12 publications

When Memory Corruption Met Concurrency: Vulnerabilities in Concurrent Programs

When Memory Corruption Met Concurrency: Vulnerabilities in Concurrent Programs

Pattern-driven deadlock avoidance

A Scalable, Sound, Eventually-Complete Algorithm for Deadlock Immunity

Contact Info

Product

Resources

About