İçindekiler: :: Library Catalog

Kaydedildi:

Detaylı Bibliyografya
Yazar:	Anonymouse
Materyal Türü:	Recurso digital
Dil:
Baskı/Yayın Bilgisi:	Zenodo 2026
Online Erişim:	https://doi.org/10.5281/zenodo.19447608
Etiketler:	Etiketle Etiket eklenmemiş, İlk siz ekleyin!

İçindekiler:

<div> <div># System-Level Concurrency Bug Reproduction & Localization</div> <br> <div>In this project, we provide a systematic approach to reproduce and localize concurrency bugs in system-level software. The project includes:</div> <br> <div>- Detailed reproduction steps</div> <div>- PIN tool for monitoring system calls</div> <div>- Analysis of available information</div> <div>- Code references for affected components</div> <br> <div>## Repository Structure</div> <br> <div>```</div> <div>.</div> <div>├── bugs/</div> <div>│   ├── bugzilla/         # Red Hat Bugzilla bug reproductions (27 bugs)</div> <div>│   ├── debian/           # Debian BTS bug reproductions (15+ bugs)</div> <div>│   ├── gnu/</div> <div>│   └── gnu-savannah/</div> <div>├── components/           # Source archives of affected software</div> <div>├── misc/</div> <div>│   ├── pintool.cpp</div> <div>│   └── REPORT.md</div> <div>```</div> <br> <div>Each bug entry follows:</div> <br> <div>```</div> <div>bugs/<source>/<bug-id>/</div> <div>├── README.md</div> <div>├── Dockerfile</div> <div>├── repro.sh</div> <div>├── trace.sh</div> <div>└── pintool.cpp</div> <div>```</div> </div> <div> </div> <div> <h2>Redhat Bugzilla</h2> <table> <thead> <tr> <th>SN</th> <th>Bug ID</th> <th>Target</th> <th>Pair</th> <th>System Call</th> <th>File</th> <th>Buggy Loc.</th> </tr> </thead> <tbody> <tr> <td>1, 2</td> <td>155758, 155760</td> <td>mkdir -m 400 foo</td> <td>rm -rf foo; ln -s bar foo</td> <td>mkdir(83); chmod(90)</td> <td>mkdir.c</td> <td>main; 161:189</td> </tr> <tr> <td>3</td> <td>438076</td> <td>mv bar foo</td> <td>cat foo</td> <td>unlink(87); rename(82)</td> <td>copy.c</td> <td>copy_internal: 1295; 1426</td> </tr> <tr> <td>4, 5</td> <td>1141368, 1166570</td> <td>mv a b</td> <td>mv b a</td> <td>lstat(6); unlink(87)</td> <td>copy.c</td> <td>copy_internal: 1807; 1887</td> </tr> <tr> <td>6</td> <td>1182024</td> <td>pxz foo</td> <td>ls -l foo.xz</td> <td>openat(257); chmod(90)</td> <td>pxz.c</td> <td>main: 300, 442</td> </tr> <tr> <td>7</td> <td>1211300</td> <td>rm -rf foo</td> <td>cd foo; mv bar/ bar.bak; ln -s ../qux bar</td> <td>newfstatat(262); openat(257)</td> <td>fts.c</td> <td>fts_build; 306, 309</td> </tr> <tr> <td>8, 9</td> <td>155742, 155744</td> <td>bzip2 -d foo.txt.bz2</td> <td>rm foo.txt; ln bar.txt foo.txt</td> <td>openat(257); chmod(90)</td> <td>bzip2.c</td> <td>fopen_output_safely; 1043, applySavedMetaInfoTo...; 1137</td> </tr> <tr> <td>10, 11, 12</td> <td>155745, 155746, 157696</td> <td>gzip -d foo.gz</td> <td>rm foo; ln -s bar foo</td> <td>openat(257); chmod(90)</td> <td>gzip.c</td> <td>create_outfile: 879; copy_stat: 1627</td> </tr> <tr> <td>13</td> <td>680798</td> <td>logrotate -f config.conf</td> <td>cat /var/log/testapp/app.log</td> <td>openat(257); fchmod(91)</td> <td>logrotate.c</td> <td>createOutputFile: 192; 198</td> </tr> <tr> <td>14</td> <td>847339</td> <td>logrotate -f config.conf</td> <td>cat /var/log/testapp/app.log</td> <td>openat(257); fchmod(91)</td> <td>logrotate.c</td> <td>createOutputFile: 192; 198</td> </tr> <tr> <td>15, 16</td> <td>1532284, 1532285</td> <td>chown -R -L user:user foo</td> <td>ln -s -f bar foo/baz/qux</td> <td>stat(4); fchownat(260)</td> <td>chown-core.c</td> <td>84; 98</td> </tr> <tr> <td>17, 18</td> <td>680789, 680790</td> <td>logrotate -f config.conf</td> <td>ln -sf target /path/to/log</td> <td>openat(257); fchmod(91)/fchown</td> <td>logrotate.c</td> <td>createOutputFile: 192; 198</td> </tr> <tr> <td>19, 20</td> <td>157498, 157499</td> <td>wget /url/to/foo</td> <td>ln -sf bar foo</td> <td>openat(257); write(1)</td> <td> </td> <td> </td> </tr> <tr> <td>21</td> <td>45647</td> <td>logrotate -f config.conf</td> <td>logrotate -f config.conf</td> <td>openat(257); rename(82)</td> <td>logrotate.c</td> <td>prerotateSingleLog: 950</td> </tr> <tr> <td>22</td> <td>680787</td> <td>logrotate -f config.conf</td> <td>cat /var/log/testapp/app.log</td> <td> </td> <td>logrotate.c</td> <td> </td> </tr> <tr> <td>23, 24</td> <td>2232278, 2232514</td> <td>find f -ignore_readdir_race -type d</td> <td>rmdir f/dir</td> <td>newfstatat(262); openat(257)</td> <td>fts.c, openat-safer.c</td> <td>fts_stat: 1819; openat_safer: 45</td> </tr> <tr> <td>25</td> <td>884685</td> <td>luserdel -r username</td> <td>rm -rf foo/sub; ln -s bar foo/sub</td> <td>lstat(6); openat(257)</td> <td>apputil.c</td> <td>lu_homedir_remove: 383; 357</td> </tr> <tr> <td>26, 27</td> <td>2222604, 2223893</td> <td>curl -c foo /url/to/foo</td> <td>rm -f foo; ln -s bar foo</td> <td>stat(4); openat(257)</td> <td> </td> <td> </td> </tr> <tr> <td>28</td> <td>711642</td> <td>bash touch file{1..10000}.txt</td> <td>keyboard interrupt</td> <td>-</td> <td>-</td> <td>-</td> </tr> <tr> <td>29</td> <td>517321</td> <td>logrotate -f logrotate.conf</td> <td>anacron -s -d</td> <td>-</td> <td>-</td> <td>-</td> </tr> </tbody> </table> <h2>GNU</h2> <table style="width: 99.946%;"> <thead> <tr> <th style="width: 4.29061%;">SN</th> <th style="width: 8.95871%;">Bug ID</th> <th style="width: 22.5899%;">Target</th> <th style="width: 13.3766%;">Pair</th> <th style="width: 21.8316%;">System Call</th> <th style="width: 12.367%;">File</th> <th style="width: 16.5315%;">Buggy Loc.</th> </tr> </thead> <tbody> <tr> <td style="width: 4.29061%;">1</td> <td style="width: 8.95871%;">18499</td> <td style="width: 22.5899%;">ln foo bar; mv a b</td> <td style="width: 13.3766%;">mv b a</td> <td style="width: 21.8316%;">lstat(6); unlink(87)</td> <td style="width: 12.367%;">copy.c</td> <td style="width: 16.5315%;">copy_internal; 1807, 1887</td> </tr> <tr> <td style="width: 4.29061%;">2</td> <td style="width: 8.95871%;">23539</td> <td style="width: 22.5899%;">tail -F foo</td> <td style="width: 13.3766%;">mv bar foo</td> <td style="width: 21.8316%;">inotify_add_watch(254); read(0)</td> <td style="width: 12.367%;">tail.c</td> <td style="width: 16.5315%;">1208; 1222</td> </tr> <tr> <td style="width: 4.29061%;">3</td> <td style="width: 8.95871%;">25342</td> <td style="width: 22.5899%;">ln -f src dest</td> <td style="width: 13.3766%;">cat dest</td> <td style="width: 21.8316%;">linkat(265); unlinkat(87)</td> <td style="width: 12.367%;">ln.c</td> <td style="width: 16.5315%;">305; 330</td> </tr> <tr> <td style="width: 4.29061%;">4</td> <td style="width: 8.95871%;">13352</td> <td style="width: 22.5899%;">cp -pPR foo bar</td> <td style="width: 13.3766%;">seq 4 | cp -pPR foo bar</td> <td style="width: 21.8316%;">mkdir; write</td> <td style="width: 12.367%;">copy.c</td> <td style="width: 16.5315%;">2156; 2158</td> </tr> <tr> <td style="width: 4.29061%;">5</td> <td style="width: 8.95871%;">45371</td> <td style="width: 22.5899%;">rm -rf --preserve-root=all --one-file-system dfoo</td> <td style="width: 13.3766%;">bindfs --no-allow-other dbar dfoo</td> <td style="width: 21.8316%;">stat(4); unlinkat(263)</td> <td style="width: 12.367%;">fts.c, remove.c</td> <td style="width: 16.5315%;">310 (fts.c); 370 (remove.c)</td> </tr> <tr> <td style="width: 4.29061%;">6, 7, 8</td> <td style="width: 8.95871%;">32772, 11108, 18280</td> <td style="width: 22.5899%;">chmod -R u=u /tmp/a</td> <td style="width: 13.3766%;">mv /tmp/a/b/c noc; ln -s bar /tmp/a/b/c</td> <td style="width: 21.8316%;">fchmodat(268); openat(257)</td> <td style="width: 12.367%;">chmod.c</td> <td style="width: 16.5315%;">main: 273; 373</td> </tr> <tr> <td style="width: 4.29061%;">9, 10</td> <td style="width: 8.95871%;">11100, 11074</td> <td style="width: 22.5899%;">cp source dest</td> <td style="width: 13.3766%;">rm dest</td> <td style="width: 21.8316%;">stat(6); openat(257)</td> <td style="width: 12.367%;">copy.c, open_safer.c</td> <td style="width: 16.5315%;">copy_internal: 1661; open_safer: 45</td> </tr> <tr> <td style="width: 4.29061%;">11</td> <td style="width: 8.95871%;">25680</td> <td style="width: 22.5899%;">cp -afl a b</td> <td style="width: 13.3766%;">seq 2 | cp -afl a b</td> <td style="width: 21.8316%;">lstat(6); linkat(265)</td> <td style="width: 12.367%;">copy.c</td> <td style="width: 16.5315%;">1789; 1795</td> </tr> <tr> <td style="width: 4.29061%;">12, 13</td> <td style="width: 8.95871%;">45930(s), 26349(s)</td> <td style="width: 22.5899%;">find f -ignore_readdir_race -type d</td> <td style="width: 13.3766%;">rmdir f/dir</td> <td style="width: 21.8316%;">newfstatat(262); openat(257)</td> <td style="width: 12.367%;">fts.c, openat-safer.c</td> <td style="width: 16.5315%;">fts_stat: 1819; openat_safer: 45</td> </tr> <tr> <td style="width: 4.29061%;">14</td> <td style="width: 8.95871%;">33096</td> <td style="width: 22.5899%;">ln foo bar</td> <td style="width: 13.3766%;">touch bar</td> <td style="width: 21.8316%;">lstat(6); linkat(265)</td> <td style="width: 12.367%;">ln.c</td> <td style="width: 16.5315%;">do_link: 196; 328</td> </tr> <tr> <td style="width: 4.29061%;">15, 16</td> <td style="width: 8.95871%;">29961, 30907</td> <td style="width: 22.5899%;">mv -n foo bar</td> <td style="width: 13.3766%;">chmod 000 bar</td> <td style="width: 21.8316%;">lstat(6); rename(82)</td> <td style="width: 12.367%;">copy.c</td> <td style="width: 16.5315%;">copy_internal: 1921; 2329</td> </tr> <tr> <td style="width: 4.29061%;">17</td> <td style="width: 8.95871%;">61105</td> <td style="width: 22.5899%;">cp -n foo bar</td> <td style="width: 13.3766%;">chmod 777 bar</td> <td style="width: 21.8316%;">openat(257); copy_file_range(326)</td> <td style="width: 12.367%;">copy.c</td> <td style="width: 16.5315%;">copy_internal: 1443; 1585</td> </tr> <tr> <td style="width: 4.29061%;">18</td> <td style="width: 8.95871%;">12947</td> <td style="width: 22.5899%;">install -m 0600 foo bar</td> <td style="width: 13.3766%;">cat bar</td> <td style="width: 21.8316%;">openat(257); chmod(90)</td> <td style="width: 12.367%;">install.c</td> <td style="width: 16.5315%;">install_file_in_file: 740; 807</td> </tr> <tr> <td style="width: 4.29061%;">19</td> <td style="width: 8.95871%;">47380</td> <td style="width: 22.5899%;">install -c -m 0755 foo bar</td> <td style="width: 13.3766%;">chmod 000 bar</td> <td style="width: 21.8316%;">openat(257); write(1)</td> <td style="width: 12.367%;">copy.c</td> <td style="width: 16.5315%;">copy_internal: 1120; 1294</td> </tr> <tr> <td style="width: 4.29061%;">20</td> <td style="width: 8.95871%;">22057(s)</td> <td style="width: 22.5899%;">updatedb --output=/path/to/db</td> <td style="width: 13.3766%;">locate -d /path/to/db</td> <td style="width: 21.8316%;">unlink(87); rename(82)</td> <td style="width: 12.367%;">updatedb.sh</td> <td style="width: 16.5315%;"> </td> </tr> <tr> <td style="width: 4.29061%;">21</td> <td style="width: 8.95871%;">10679</td> <td style="width: 22.5899%;">mv --backup=t bar foo</td> <td style="width: 13.3766%;">cat foo</td> <td style="width: 21.8316%;">rename(82); rename(82)</td> <td style="width: 12.367%;">copy.c</td> <td style="width: 16.5315%;">copy_internal: 1512; 1713</td> </tr> <tr> <td style="width: 4.29061%;">22</td> <td style="width: 8.95871%;">51793</td> <td style="width: 22.5899%;">env timeout --verbose --kill-after=.1 --signal=INT .1 env --ignore-signal sleep 10</td> <td style="width: 13.3766%;">no need</td> <td style="width: 21.8316%;">-</td> <td style="width: 12.367%;">-</td> <td style="width: 16.5315%;">-</td> </tr> <tr> <td style="width: 4.29061%;">23</td> <td style="width: 8.95871%;">34713</td> <td style="width: 22.5899%;">mv a /t/ae</td> <td style="width: 13.3766%;">mv b/* a</td> <td style="width: 21.8316%;">-</td> <td style="width: 12.367%;">-</td> <td style="width: 16.5315%;">-</td> </tr> <tr> <td style="width: 4.29061%;">24</td> <td style="width: 8.95871%;">21460</td> <td style="width: 22.5899%;">tail --follow=foo</td> <td style="width: 13.3766%;">cat foo</td> <td style="width: 21.8316%;">-</td> <td style="width: 12.367%;">-</td> <td style="width: 16.5315%;">-</td> </tr> </tbody> </table> <p>(s) means collected from GNU Savannah*</p> <h2>Debian</h2> <table> <thead> <tr> <th>SN</th> <th>Bug ID</th> <th>Target</th> <th>Pair</th> <th>System Call</th> <th>File</th> <th>Buggy Loc.</th> </tr> </thead> <tbody> <tr> <td>1</td> <td>775306</td> <td>pxz foo</td> <td>ls -l foo.xz</td> <td>openat(257); chmod(90)</td> <td>pxz.c</td> <td>main: 300, 443</td> </tr> <tr> <td>2</td> <td>304556</td> <td>mkdir -m 400 foo</td> <td>ls -l foo.xz</td> <td>mkdir(83); chmod(90)</td> <td>mkdir.c</td> <td>main; 162, 190</td> </tr> <tr> <td>3</td> <td>841371</td> <td>install -o myuser -m 0777 foo bar</td> <td>ln -s bar victim</td> <td>openat(257); lchown(94)/chmod(90)</td> <td>install.c</td> <td>install_file_in_file; 690; 484/486</td> </tr> <tr> <td>4</td> <td>303300</td> <td>bzip2 -d foo.txt.bz2</td> <td>rm foo; ln bar foo</td> <td>openat(257); chmod(90)</td> <td>bzip2.c</td> <td>fopen_output_safely; 1043, applySavedMetaInfoToOutputFile; 1137</td> </tr> <tr> <td>5</td> <td>56386</td> <td>bzip2 foo</td> <td>rm foo.bz2; ln bar foo.bz2</td> <td>openat(257); chmod(90)</td> <td>bzip2.c</td> <td>compress; 998, copyDatePermissionsAndOwner; 837</td> </tr> <tr> <td>6</td> <td>303927</td> <td>gzip foo; gzip -d foo.gz</td> <td>rm -f foo; ln bar.txt foo</td> <td>openat(257); chmod(90)</td> <td>gzip.c</td> <td>create_outfile: 930; copy_stat: 1728</td> </tr> <tr> <td>7</td> <td>548439</td> <td>tail -F foo</td> <td>mv bar foo</td> <td>inotify_add_watch(254); read(0)</td> <td>tail.c</td> <td>1208; 1222</td> </tr> <tr> <td>8</td> <td>283702</td> <td>seq 3 | bash -i</td> <td>no need</td> <td>openat(257); write(1)</td> <td>histfile.c</td> <td> </td> </tr> <tr> <td>9</td> <td>461585</td> <td>updatedb --output=/path/to/db</td> <td>locate -d /path/to/db</td> <td>unlink(87); rename(82)</td> <td>updatedb.sh</td> <td> </td> </tr> <tr> <td>10</td> <td>357140</td> <td>ln -sf foo bar</td> <td>rm -f bar</td> <td>symlink(88); unlink(87)</td> <td>ln.c</td> <td>do_link: 287; 310</td> </tr> <tr> <td>11</td> <td>500395</td> <td>wget -nc /url/to/file</td> <td>wget -nc /url/to/file; wget -nc /url/to/file</td> <td>stat(4); openat(257)</td> <td>utils.c, http.c</td> <td>main</td> </tr> <tr> <td>12</td> <td>836503</td> <td>wget -r -nH -A '*.jpg' /url/to/malicious.php</td> <td>cat malicious.php</td> <td>openat(257); unlink(87)</td> <td>http.c, recur.c</td> <td>2927; 436</td> </tr> <tr> <td>13</td> <td>67782</td> <td>find dfoo -ls</td> <td>rm -f dfoo/bar</td> <td>getdents64(217); newfstatat(262)</td> <td> </td> <td> </td> </tr> <tr> <td>14</td> <td>308622</td> <td>wget -P /path/to/dir /url/to/file</td> <td>ln -sf target_file</td> <td>newfstatat(262); openat(257)</td> <td>http.c</td> <td>utils.c: 567; http.c: 2582</td> </tr> <tr> <td>15</td> <td>388608</td> <td>logrotate -f config.conf</td> <td>cat /var/log/testapp/app.log</td> <td>openat(257); fchmod(90)</td> <td>logrotate.c</td> <td>createOutputFile: 192; 198</td> </tr> <tr> <td>16</td> <td>400198</td> <td>logrotate -f config.conf</td> <td>ls -la /var/log/testapp/app.log</td> <td>openat(257); fchown(93)</td> <td>logrotate.c</td> <td>createOutputFile: 192; 203</td> </tr> <tr> <td>17</td> <td>639302</td> <td>logrotate -f config.conf</td> <td>cat /var/log/testapp/app.log</td> <td>openat(257); fchmod(90)</td> <td>logrotate.c</td> <td>createOutputFile: 192; 198</td> </tr> <tr> <td>18</td> <td>321927</td> <td>unzip -o target.zip -d output</td> <td>ln target /exploit/output/secret.txt</td> <td>close(3); chmod(90)</td> <td>unix.c</td> <td>close_outfile: 1249; 1268</td> </tr> <tr> <td>19</td> <td>624219</td> <td> </td> <td> </td> <td>-</td> <td>-</td> <td>-</td> </tr> </tbody> </table> </div> <div><br><br> <div>## References</div> <br> <div>- [Red Hat Bugzilla](https://bugzilla.redhat.com)</div> <div>- [Debian Bug Tracker](https://bugs.debian.org)</div> <div>- [GNU Savannah](https://savannah.gnu.org/bugs)</div> <div>- [Intel PIN](https://www.intel.com/content/www/us/en/developer/articles/tool/pin-a-dynamic-binary-instrumentation-tool.html)</div> </div>

Benzer Materyaller