Emmanuel Sifakis
Laurent Mounier
Offline taint prediction for multi-threaded applications (2012)
Offline taint prediction for multi-threaded applications (2012)
TR-2012-8.pdf
Keywords: taint,dynamic/static analysis,multi-thread,mutex,lock
Abstract: Dynamic analysis of multi-threaded applications running on parallel architectures is a challenging issue. In this work we consider taint analysis as a typical information flow property. The approach we propose extends properties collected at runtime on a {em single} parallel execution $sigma_parallel$ to {em a set of} execution sequences corresponding to plausible serializations of $sigma_parallel$. Taint values are inferred using a sliding-window based static analysis, performed on a fragment of an execution trace. We provide sufficient conditions to reduce some of the false positives produced by the over-approximation of serializations. Only explicit taint propagation is captured but special care has been taken to handle lock-based critical sections correctly. A proof-of-concept implementation has been developed using the CETUS framework, and some experimental results are given. Finally, the framework could be extended to perform other types of information flow analysis. /BOUCLE_trep>