pervasive detection of thread process races in deployed
play

Pervasive Detection of Thread Process Races In Deployed Systems - PowerPoint PPT Presentation

Aug 30, 2022 •107 likes •768 views

Pervasive Detection of Thread Process Races In Deployed Systems Columbia University Oren Laadan Nicolas Viennot Chia-Che Tsai Chris Blinn Junfeng Yang Jason Nieh ps aux | grep pizza ps aux | grep pizza outputs how many lines: A) 0 B)

  1. Pervasive Detection of Thread Process Races In Deployed Systems Columbia University Oren Laadan Nicolas Viennot Chia-Che Tsai Chris Blinn Junfeng Yang Jason Nieh

  2. ps aux | grep pizza

  3. ps aux | grep pizza outputs how many lines: A) 0 B) 1 C) it depends D) I can't think, you made me hungry with the pizza thing

  4. ps aux | grep pizza outputs how many lines: A) 0 B) 1 C) it depends D) I can't think, you made me hungry with the pizza thing

  5. ps aux | grep pizza shell $

  6. ps aux | grep pizza shell $ ps aux | grep pizza

  7. ps aux | grep pizza fork shell ps $ ps aux | grep pizza

  8. ps aux | grep pizza fork fork shell ps grep $ ps aux | grep pizza

  9. ps aux | grep pizza fork fork shell read(/proc/3/cmdline) ps execve(grep) grep $ ps aux | grep pizza

  10. ps aux | grep pizza fork fork shell read(/proc/3/cmdline) ps execve(grep) grep $ ps aux | grep pizza nviennot 3 ... S+ 13:30 0:00 grep pizza $

  11. ps aux | grep pizza fork fork shell read(/proc/3/cmdline) ps execve(grep) grep $ ps aux | grep pizza $

  12. That's a process race

  13. Process Races ● Process races occur when multiple processes access shared resources (such as files) without proper synchronization ● Examples: ● parallel make ( make -j ) failure ● ps aux | grep pizza

  14. ps aux | grep xxx

  15. Process Races Are Numerous ● Searched for “race” in the distro bug trackers (Ubuntu, Redhat/Fedora, Gentoo, Debian, CentOS ) ● 9000+ results ● Sampled 500+ of them ● 109 unique bugs due to process races

  16. Process Races Are Dangerous Source: samples from Ubuntu, Redhat, Fedora, Gentoo, Debian, CentOS bug trackers

  17. Process Races Are Hard To Detect Thread Races Process Races 27% 73% TOCTTOU Races 23% Thread races may be underrepresented in linux distributions bug trackers

  18. General process races cannot be detected using existing race detectors

  19. Not so surprising ● Different programs, written in different languages ● Access many different resources ● Syscalls semantics are a bit obscure ● Depends on user configuration, specific environment

  20. Racepro The first generic process race detection framework “It's Amazing” Nicolas Viennot

  21. Racepro ● Detect generic process races ● Check deployed systems in-vivo ● Low overhead ● Transparent to applications ● Detected previously known and unknown bugs

  22. Racepro Workflow

  23. Racepro Workflow

  24. Racepro Workflow

  25. Racepro Workflow

  26. Recorder ● Builds on Scribe (Sigmetrics 2010) ● Lightweight kernel-level recorder ● Rendez-vous points: ● Partial ordering of system calls ● Sync points: ● Convert asynchronous events to synchronous events to track signals and shared memory

  27. Benefits ● Tracks kernel object accesses ● Allows deterministic replay ● Enables transition to live execution ● Runs on commodity hardware, SMP friendly ● Low overhead ● Transparent to applications

  28. ps aux | grep pizza fork fork shell read(/proc/3/cmdline) ps execve(grep) grep

  29. Log File Content [2] read() = 11 [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [2] read pid, id = 40, serial = 17 [3] execve() = 0 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0

  30. Log File Content [2] read() = 11 [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [2] read pid, id = 40, serial = 17 [3] execve() = 0 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0

  31. Log File Content [2] read() = 11 [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [2] read pid, id = 40, serial = 17 [3] execve() = 0 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0

  32. Log File Content [2] read() = 11 [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [2] read pid, id = 40, serial = 17 [3] execve() = 0 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0

  33. Log File Content [2] read() = 11 [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [2] read pid, id = 40, serial = 17 [3] execve() = 0 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0

  34. Step 2: Detection Log file Races

  35. Model System calls are translated to load/store micro-operations

  36. Micro-operations [2] read() = 11 [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [2] read pid, id = 40, serial = 17 [3] execve() = 0 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0

  37. Micro-operations [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [2] read pid, id = 40, serial = 17 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0

  38. Micro-operations [2] read files_struct, id = 41, serial = 157 [2] write file, id = 152, serial = 0 [3] write pid, id = 40, serial = 8 [3] read inode, id = 1, serial = 0 [3] read inode, id = 11, serial = 0 [3] read inode, id = 1, serial = 0 [3] read inode, id = 6, serial = 0 [3] read inode, id = 13, serial = 0 [3] read inode, id = 6, serial = 0 [3] write futex, id = 51, serial = 0 [2] read pid, id = 40, serial = 17

  39. Micro-operations [2] load 41 [2] store 152 [3] store 40 [3] load 1 [3] load 11 [3] load 1 [3] load 6 [3] load 13 [3] load 6 [3] store 51 [2] load 40

  40. Micro-operations [2] load 41 [2] store 152 [3] store 40 [3] load 1 [3] load 11 [3] load 1 [3] load 6 [3] load 13 [3] load 6 [3] store 51 [2] load 40 You can now run your favorite thread race algorithm !

  41. Micro-operations [2] load 41 [2] store 152 [3] store 40 [3] load 1 [3] load 11 Racy Instructions ! [3] load 1 [3] load 6 [3] load 13 [3] load 6 [3] store 51 [2] load 40 You can now run your favorite thread race algorithm !

  42. Other kinds of races...

  43. Wait-Wakeups Race ● A waiting syscall can be woken up by many matching wakeup syscalls ● Only Racepro detect such races ● Example: ● read() on pipe can be woken by any writers ● waitpid() can be woken by any children

  44. Wait-Wakeups Race Example fork fork wait wait wait shell read(/proc/3/cmdline) ps exit execve(grep) grep exit

  45. Wait-Wakeups Race Example fork fork wait wait wait shell read(/proc/3/cmdline) ps exit execve(grep) grep exit

  46. Step 3: Validation Races Harmful Races

  47. Validation Overview ● Create execution branch: Modified version of the original execution that makes the race occur by changing the order of system calls ● Problem: change in the middle of the recording can make the replay diverge ● Solution: truncate the log file after the modification and transition to live execution

  48. Validation Steps ● Deterministic replay until race occurs, including replaying internal kernel state ● Replay the reordered racy system calls ● Transition to live execution ● Run built-in or custom checkers

  49. Validation fork fork wait wait wait shell read(/proc/3/cmdline) ps exit execve(grep) grep exit Is this race harmful or not ?

  50. Validation fork fork wait wait wait shell read(/proc/3/cmdline) ps exit execve(grep) grep exit

  51. Validation fork fork wait wait wait shell read(/proc/3/cmdline) ps exit execve(grep) grep exit

Recommend

Exploiting Kernel Races Through Taming Thread Interleaving Yoochan Lee, Byoungyoung Lee, Chanwoo

Exploiting Kernel Races Through Taming Thread Interleaving Yoochan Lee, Byoungyoung Lee, Chanwoo

Exploiting Kernel Races Through Taming Thread Interleaving Yoochan Lee, Byoungyoung Lee, Chanwoo Min Seoul National University, Virginia Tech #BHUSA @BLACKHATEVENTS Summary New technique turning Background on races

530 views • 37 slides
What is a Thread? A thread lives within a process; A process can have several threads.

What is a Thread? A thread lives within a process; A process can have several threads.

What is a Thread? A thread lives within a process; A process can have several threads. A thread possesses an independent flow of control, Threads and can be scheduled to run separately from other threads, because it maintains its

330 views • 4 slides
Java Threads 2020/5/16 What is Thread? Process vs. Thread Process: Any computer

Java Threads 2020/5/16 What is Thread? Process vs. Thread Process: Any computer

Poly- mor- phism Abstra ction Class OOP Inheri -tance En- capsu- lation Kuan-Ting Lai Java Threads 2020/5/16 What is Thread? Process vs. Thread Process: Any computer program in execution Has independent resources such

715 views • 38 slides
Roadmap for Section 4.3. Windows Process and Thread Internals Thread Block, Process Block Flow

Roadmap for Section 4.3. Windows Process and Thread Internals Thread Block, Process Block Flow

Unit OS4: Scheduling and Dispatch 4.3. Windows Process and Thread Internals Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 4.3. Windows Process and Thread Internals Thread

438 views • 15 slides
Chapter 2 Process, Thread and Chapter 2 Process, Thread and Scheduling Scheduling

Chapter 2 Process, Thread and Chapter 2 Process, Thread and Scheduling Scheduling

Chapter 2 Process, Thread and Chapter 2 Process, Thread and Scheduling Scheduling Soloris IPC 1 Outline Generic System V IPC Support Shared Memory Shared Memory System V Semaphores System V Message Queues POSIX

830 views • 43 slides
Data-Race Detection for Interrupt-Driven Data-Races and Happens- Kernels Before Analyzing

Data-Race Detection for Interrupt-Driven Data-Races and Happens- Kernels Before Analyzing

Overview Problem Definition Interrupt- Driven Programs Data-Race Detection for Interrupt-Driven Data-Races and Happens- Kernels Before Analyzing FreeRTOS Kernel Library Nikita Chopra, Deepak DSouza and Rekha Pai Conclusion Indian

512 views • 21 slides
Chapter 2 Process, Thread and Process, Thread and Chapter 2 Scheduling Scheduling

Chapter 2 Process, Thread and Process, Thread and Chapter 2 Scheduling Scheduling

Chapter 2 Process, Thread and Process, Thread and Chapter 2 Scheduling Scheduling Scheduler Class and Priority XIANG Yong xyong@tsinghua.edu.cn Outline Scheduling Class and Priority Scheduling Class and Priority Dispatch

663 views • 34 slides
Threads Thread: an execution within a process A multithreaded process consists of many

Threads Thread: an execution within a process A multithreaded process consists of many

Threads Thread: an execution within a process A multithreaded process consists of many Pthreads co-existing executions Separate: CPU state, stack Operating Systems Shared: Hebrew University of Jerusalem Everything

416 views • 4 slides
IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating

IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating

4/18/2016 IPC, Threads, Races, Critical Sections 7A. Threads 7B. Inter-Process Communication Operating Systems Principles 7C. Critical Sections IPC, Threads, Races, Critical Sections 7D. Asynchronous Event Completions Mark Kampe

245 views • 8 slides
IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

4/14/2017 IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process Communication the exchange of data between processes 3T. Threads Goals simplicity 7B. The Critical Section Problem convenience

205 views • 8 slides
IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process

4/23/2018 IPC, Threads, Races, Critical Sections Inter-Process Communication 7A. Inter-Process Communication the exchange of data between processes 3T. Threads Goals simplicity 7B. The Critical Section Problem convenience

355 views • 8 slides
Chapter 2 Process, thread, and Process, thread, and Chapter 2 scheduling scheduling

Chapter 2 Process, thread, and Process, thread, and Chapter 2 scheduling scheduling

Chapter 2 Process, thread, and Process, thread, and Chapter 2 scheduling scheduling Solaris Multithreaded Process Zhao Xia zhaoxia@os.pku.edu.cn Outline Introduction to Solaris Processes Introduction to Solaris Processes

530 views • 24 slides
Global Network Interference Detection over the RIPE Atlas Network Adventures in Pervasive

Global Network Interference Detection over the RIPE Atlas Network Adventures in Pervasive

Global Network Interference Detection over the RIPE Atlas Network Adventures in Pervasive Measurement Collin Anderson, Philipp Winter and Roya USENIX FOCI, August 2014 Once Upon a Time Starting from the Dark Ages For Now We See Through

488 views • 31 slides
Processes and Threads What is a process? What is a thread? What types? A program has one

Processes and Threads What is a process? What is a thread? What types? A program has one

Processes and Threads What is a process? What is a thread? What types? A program has one or more locus of execution. Each execution is called a thread of execution. The set of threads comprise a process . Not an object or executable

607 views • 13 slides
Looking Inside a Race Detector kavya @kavya719 data race detection data races when two+

Looking Inside a Race Detector kavya @kavya719 data race detection data races when two+

Looking Inside a Race Detector kavya @kavya719 data race detection data races when two+ threads concurrently access a shared memory location, at least one access is a write. data race // Shared variable R R R var count = 0 W R

695 views • 57 slides
Beta Presentation ERP Air Force: Conservation Thread Detection The Capstone Experience Team

Beta Presentation ERP Air Force: Conservation Thread Detection The Capstone Experience Team

Beta Presentation ERP Air Force: Conservation Thread Detection The Capstone Experience Team Evolutio Maddie Jones Jason Kirsch Qingyang Li Logan McDonald Drew Schnieller Department of Computer Science and Engineering Michigan State

266 views • 9 slides
Quiz 1 Quiz 1 Question 1 Compare the differences between a thread and a process. What do both

Quiz 1 Quiz 1 Question 1 Compare the differences between a thread and a process. What do both

Quiz 1 Quiz 1 Question 1 Compare the differences between a thread and a process. What do both contain and how do they relate to one another? Why is a thread considered "lightweight"? And if so, assess the need for a process.

635 views • 39 slides
Data Races are Bad Race: two threads access memory without synchronization and at least one is a

Data Races are Bad Race: two threads access memory without synchronization and at least one is a

C ONTEXT - SENSITIVE C ORRELATION A NALYSIS FOR D ETECTING R ACES Polyvios Pratikakis Jeff Foster Michael Hicks University of Maryland, College Park Context-sensitive Correlation Analysis for Detecting Races p.1/ ?? Data Races are Bad

1.28k views • 76 slides
POSIX Threads In the UNIX environment a thread: Exists within a process and uses the process

POSIX Threads In the UNIX environment a thread: Exists within a process and uses the process

POSIX Threads In the UNIX environment a thread: Exists within a process and uses the process POSIX Threads resources. Has its own independent flow of control as long as its parent process exists or the OS supports it. HUJI May

311 views • 8 slides
A Deployed Analyst A Deployed Analyst in in The Vietnam War The Vietnam War E. B. Vandiver

A Deployed Analyst A Deployed Analyst in in The Vietnam War The Vietnam War E. B. Vandiver

A Deployed Analyst A Deployed Analyst in in The Vietnam War The Vietnam War E. B. Vandiver III 24 August 2007 1 Purpose Relate the experiences of a deployed analyst during the Vietnam War in the late 1960s. Compare the experience

643 views • 42 slides
Design of Thread-Safe Classes 1 Topic Outline Thread-Safe Classes Principles Confinement

Design of Thread-Safe Classes 1 Topic Outline Thread-Safe Classes Principles Confinement

Design of Thread-Safe Classes 1 Topic Outline Thread-Safe Classes Principles Confinement Delegation Synchronization policy documentation 2 Thread-safe Class Design Process Identify the objects state (variables)

601 views • 20 slides
Pervasive and ubiquitous computing and MazeMap Paper 4, 9 and 15 Sergi Orra Gener Pervasive

Pervasive and ubiquitous computing and MazeMap Paper 4, 9 and 15 Sergi Orra Gener Pervasive

Pervasive and ubiquitous computing and MazeMap Paper 4, 9 and 15 Sergi Orra Gener Pervasive Computing Vs Ubiquitous Computing Main goal and challenges The knowledge of human behaviour. Challenges: Too much data to process. Too

432 views • 4 slides
Security for Pervasive Computing CS239 Kevin Eustice V. Ramakrishna 4/24/06 What is Pervasive

Security for Pervasive Computing CS239 Kevin Eustice V. Ramakrishna 4/24/06 What is Pervasive

Security for Pervasive Computing CS239 Kevin Eustice V. Ramakrishna 4/24/06 What is Pervasive Computing? One Vision of Pervasive Computing PHYSICAL INTEGRATION Coffee Shop Personal Network Change route! My location? L o c a t i

318 views • 20 slides
Pervasive Devices Pervasive Devices: Low memory, few gates Low power, no clock, little

Pervasive Devices Pervasive Devices: Low memory, few gates Low power, no clock, little

Authenticating Pervasive Devices with Human Protocols Ari Juels Stephen A. Weis RSA Laboratories MIT CSAIL Pervasive Devices Pervasive Devices: Low memory, few gates Low power, no clock, little state Low computational power

611 views • 20 slides

More recommend