# Technical Reports

Emmanuel Sifakis Laurent Mounier
Offline taint prediction for multi-threaded applications (2012)

TR-2012-8.pdf

Abstract: Dynamic analysis of multi-threaded applications running on parallel architectures is a challenging issue. In this work we consider taint analysis as a typical information flow property. The approach we propose extends properties collected at runtime on a {\em single} parallel execution $\sigma_\parallel$ to {\em a set of} execution sequences corresponding to plausible serializations of $\sigma_\parallel$. Taint values are inferred using a sliding-window based static analysis, performed on a fragment of an execution trace. We provide sufficient conditions to reduce some of the false positives produced by the over-approximation of serializations. Only explicit taint propagation is captured but special care has been taken to handle lock-based critical sections correctly. A proof-of-concept implementation has been developed using the CETUS framework, and some experimental results are given. Finally, the framework could be extended to perform other types of information flow analysis.