| Coverity Uncovers Software Flaw that Lead to 2003 Blackout | | Print | |
| Sunday, 09 December 2007 | |
|
December 10, 2007 Coverity, which uses a patent-pending adaptation of electronic circuit testing to static analysis of software code, has added support for pinpointing defects affecting multithreaded applications. The defects, known by the politically incorrect name of race conditions, occur when concurrent threads of a multithreaded application compete for processing the same data. The problem: when one thread locks data that is supposed to be shared – and doesn't relinquish the lock when it is done – the software could crash or the data could be corrupted.
This condition can be extremely difficult to detect because if you conduct static analysis (e.g., inspect) of each individual thread of an application separately, you wouldn’t be able to find points where other threads are going to contend for the same data unless you have a photographic memory, or you have a tool that compares alternate paths. Yet, even that approach isn't foolproof because when you use multithreading, the OS controls when and in what sequence different threads actually execute. So catching race conditions requires approaches that rely heavily on probability of what combinations of threads are likely to execute when. In other words, you have to leave things to chance. This problem is hardly theoretical. Back in 2003, a race condition afflicted the energy management system used by Ohio’s FirstEnergy Corp. when alarms for three sagging power lines tripped at the same time, thereby delaying alerts to neighboring utilities. The resulting power surge blacked out much of the northeast for up to 24 hours. Coverity’s approach attempts to narrow the odds by its patent pending “Software DNA” mapping technique of mapping software threads and predicting their execution patterns. It checks for concurrency conditions in multithreaded applications by identifying instances where race conditions are likely to occur. And it looks for problems that occur as a result of race conditions, such as “deadlocks,” where two or more threads wait indefinitely for a software lock that won't become available, and for “thread blocks” where long-running operations cause bottlenecks that prevent other threads from accessing shared resources. The new race condition detection capabilities are now available in Prevent SQS, Coverity’s tool for C, C++, and Java static analysis.             |
| < Prev | Next > |
|---|