Effective Detection of Sleep-in-Atomic-Context Bugs in the Linux Kernel - INRIA - Institut National de Recherche en Informatique et en Automatique Accéder directement au contenu
Article Dans Une Revue ACM Transactions on Computer Systems Année : 2020

Effective Detection of Sleep-in-Atomic-Context Bugs in the Linux Kernel

Résumé

Atomic context is an execution state of the Linux kernel, in which kernel code monopolizes a CPU core. In this state, the Linux kernel may only perform operations that cannot sleep, as otherwise a system hang or crash may occur. We refer to this kind of concurrency bug as a sleep-in-atomic-context (SAC) bug. In practice, SAC bugs are hard to find, as they do not cause problems in all executions. In this paper, we propose a practical static approach named DSAC, to effectively detect SAC bugs in the Linux kernel. DSAC uses three key techniques: (1) a summary-based analysis to identify the code that may be executed in atomic context, (2) a connection-based alias analysis to identify the set of functions referenced by a function pointer, and (3) a path-check method to filter out repeated reports and false bugs. We evaluate DSAC on Linux 4.17, and find 1159 SAC bugs. We manually check all the bugs, and find that 1068 bugs are real. We have randomly selected 300 of the real bugs and sent them to kernel developers. 220 of these bugs have been confirmed, and 51 of our patches fixing 115 bugs have been applied.
Fichier principal
Vignette du fichier
paper.pdf (8.54 Mo) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-03032244 , version 1 (30-11-2020)

Identifiants

Citer

Jia-Ju Bai, Julia Lawall, Shi-Min Hu. Effective Detection of Sleep-in-Atomic-Context Bugs in the Linux Kernel. ACM Transactions on Computer Systems, 2020, 36 (4), pp.10. ⟨10.1145/3381990⟩. ⟨hal-03032244⟩
135 Consultations
452 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More