Automatic verification of active device drivers

Amani, Sidney; Chubb, Peter; Donaldson, Alastair F.; Legg, Alexander; Ong, Keng Chai; Ryzhyk, Leonid; Zhu, Yanjin

doi:10.1145/2626401.2626424

Cited by 5 publications

(3 citation statements)

References 28 publications

(37 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To prevent concurrency bugs in the OS kernel, several improved kernel module architectures have been proposed, typically for device drivers. The active driver architecture [2,48] runs each driver in a separate kernel thread, and all communication between the driver and kernel is performed using message passing. This architecture can serialize the concurrent accesses to the driver and eliminate the possibility of concurrency bugs.…”

Section: Improving the Kernel Module Architecturementioning

confidence: 99%

Effective Detection of Sleep-in-atomic-context Bugs in the Linux Kernel

Bai

Lawall

2018

ACM Trans. Comput. Syst.

View full text Add to dashboard Cite

Atomic context is an execution state of the Linux kernel in which kernel code monopolizes a CPU core. In this state, the Linux kernel may only perform operations that cannot sleep, as otherwise a system hang or crash may occur. We refer to this kind of concurrency bug as a sleep-in-atomic-context (SAC) bug. In practice, SAC bugs are hard to find, as they do not cause problems in all executions. In this article, we propose a practical static approach named DSAC to effectively detect SAC bugs in the Linux kernel. DSAC uses three key techniques: (1) a summary-based analysis to identify the code that may be executed in atomic context, (2) a connection-based alias analysis to identify the set of functions referenced by a function pointer, and (3) a path-check method to filter out repeated reports and false bugs. We evaluate DSAC on Linux 4.17 and find 1,159 SAC bugs. We manually check all the bugs and find that 1,068 bugs are real. We have randomly selected 300 of the real bugs and sent them to kernel developers. 220 of these bugs have been confirmed, and 51 of our patches fixing 115 bugs have been applied.

show abstract

Section: Improving the Kernel Module Architecturementioning

confidence: 99%

Effective Detection of Sleep-in-atomic-context Bugs in the Linux Kernel

Bai

Lawall

2018

ACM Trans. Comput. Syst.

View full text Add to dashboard Cite

show abstract

“…On the other hand, semi-formal verification techniques through the use of formalisms applied in conjunction with simulation have proved to be reasonably efficient in this respect. Several approaches have dealt with failure in device drivers by performing formal or semi-formal verification during the development phase [12][13][14][15][16][17][18][19][20].…”

Section: Related Workmentioning

confidence: 99%

“…1, pp. [11][12][13][14][15][16][17][18][19][20][21][22][23] This is an open access article published by the IET under the Creative Commons Attribution-NonCommercial-NoDerivs License (http://creativecommons.org/licenses/by-nc-nd/3.0/) further challenge is revealed, since it is necessary to verify the two domains together.…”

Section: Introductionmentioning

confidence: 99%