Detecting uninitialized memory references
US-2016232074-A1 · Aug 11, 2016 · US
Detecting race condition vulnerabilities in computer software applications
US9529695B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9529695-B2 |
| Application number | US-201615073810-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 18, 2016 |
| Priority date | Sep 30, 2013 |
| Publication date | Dec 27, 2016 |
| Grant date | Dec 27, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Testing computer software applications is performed by identifying first and second executable portions of the computer software application, where the portions are configured to access a data resource, and where at least one of the portions is configured to write to the data resource, instrumenting the computer software application by inserting one or more instrumentation instructions into one or both of the portions, where the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time, and testing the computer software application in multiple iterations, where the computer software application is executed in multiple parallel execution threads, where the portions are independently executed at least partially in parallel in different threads, and where the computer software application is differently instrumented in each of the iterations.
First claim
Opening claim text (preview).
What is claimed is: 1. A system for testing computer software web applications, the system comprising: a non-transitory computer readable medium, a static analyzer configured to identify a first executable portion of a computer software web application and a second executable portion of the computer software web application, wherein the first and second executable portions are identified as being data interdependent and the first and second executable portions are configured to access a data resource, wherein at least one of the first and second executable portions is configured to write to the data resource; an instrumentation manager configured to instrument the computer software application by inserting at least one instrumentation instruction into at least one of the first and second executable portions, and configured to insert the at least one instrumentation instruction proximate to a location where the data resource is accessed, wherein the instrumentation instruction is configured to cause execution of the portion being instrumented to be extended by a randomly-determined amount of time; a software tester configured to test the computer software web application in each of a plurality of iterations, wherein the computer software web application is differently instrumented in each of the iterations; wherein the computer software web application is executed in multiple parallel execution threads, wherein the first and second executable portions are independently executed at least partially in parallel in different ones of the threads; wherein the software tester is configured to identify a race condition vulnerability associated with the computer software web application if during one of the iterations the first executable portion writes to the data resource before the second executable portion accesses the data resource, and during a different one of the iterations the second executable portion accesses the data resource before the first executable portion writes to the data resource; and wherein the static analyzer, instrumentation manager, and software tester are in implemented in a computer hardware.
Assignees
Inventors
Classifications
Test or assess software · CPC title
of specific synchronisation aspects · CPC title
Testing of software · CPC title
Program synchronisation; Mutual exclusion, e.g. by means of semaphores · CPC title
for test execution, e.g. scheduling of test suites · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9529695B2 cover?
- Testing computer software applications is performed by identifying first and second executable portions of the computer software application, where the portions are configured to access a data resource, and where at least one of the portions is configured to write to the data resource, instrumenting the computer software application by inserting one or more instrumentation instructions into one…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F11/3612. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Dec 27 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).