Abstract:Context: Device drivers often call specific kernel interface functions in pairs to allocate and release resources, and these functions can be called as paired functions. But due to poor documentation and carelessness, developers sometimes misuse paired functions in drivers, which causes resource-usage violations.Objective: Many dynamic approaches have been proposed to mine API rules and check resource usage for user-mode applications, but they are rarely applied to kernel-mode device drivers due to their designs. Meanwhile, most existing dynamic approaches lack systematic mechanisms to cover error handling code, which limits their availability and scalability. Our goal is to improve dynamic analysis to solve these problems.Method: In this paper, we propose PairCheck, a novel approach for mining and checking paired functions in device drivers, using three techniques. Firstly, we design a characteristic fault injection framework to generate test cases, which simulates occasional errors and covers most error handling code with little effort. Secondly, complete runtime information is recorded through call interception during test-case execution. Thirdly, we mine and check paired functions based on collected runtime information, name patterns and statistical analysis.Result: To validate the availability of PairCheck, we evaluate it on 11 Linux Ethernet card drivers. PairCheck mines 37 and 43 real paired functions in Linux 3.1.1 and 3.17.2, respectively. With these mined paired functions, it finds 10 violations in Linux 3.1.1 which have been fixed in 3.17.2, and 35 new violations in 3.17.2. The replies from developers indicate the false positive rate is low. Compared to normal execution, code coverage increases by 8.3% on average.Conclusion: Our work shows that it is possible to precisely mine API rules of resource usage by using characteristic fault injection. The mined rules are useful for improving the reliability of device drivers. (C) 2016 Elsevier B.V. All rights reserved.

Mining and Checking Paired Functions in Device Drivers Using Characteristic Fault Injection.

Mining and checking paired functions in device drivers using characteristic fault injection

Pairminer: mining for paired functions in Kernel extensions

Runtime Checking for Paired Functions in Device Drivers

BP-Miner: Mining Paired Functions from the Binary Code of Drivers for Error Handling

Testing Error Handling Code In Device Drivers Using Characteristic Fault Injection

Pf-Miner: A New Paired Functions Mining Method for Android Kernel in Error Paths

Automated Resource Release in Device Drivers

Automated and Reliable Resource Release in Device Drivers Based on Dynamic Analysis.

A Model Driven Approach for Device Driver Development.

Adaptive Error Injection for Robustness Verification of Decision-Making Systems for Autonomous Vehicles

Fault Injection Scheme for Embedded Systems at Machine Code Level and Verification

Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers

Hardware/Software Co-monitoring

Complete Runtime Tracing for Device Drivers Based on LLVM

AutoPA: Automatically Generating Active Driver from Original Passive Driver Code.

RID: Finding Reference Count Bugs with Inconsistent Path Pair Checking.

Mining Android API Usage to Generate Unit Test Cases for Pinpointing Compatibility Issues

Detecting Data Races Caused by Inconsistent Lock Protection in Device Drivers

Hybrid Static-Dynamic Analysis of Data Races Caused by Inconsistent Locking Discipline in Device Drivers

Automatic Verification of Message-Based Device Drivers