EHCtor: Detecting Resource-Release Omission Faults in Error-Handling Code for Systems Software
نویسندگان
چکیده
Adequate error-handling code is essential to the reliability of any system. On an error, such code is responsible for releasing acquired resources to restore the system to a viable state. Missing resource-release operations can lead to system crashes, memory leaks and deadlocks. A number of approaches have been proposed to detect such problems, but they mainly target frequently occurring resource-release operations. In this paper, we propose a novel approach to finding resource-release omission faults, focusing on error-handling code. Our approach achieves precision and scalability by exploiting information available within each function definition itself. Using a tool, EHCtor, that we have developed based on this approach, we have found over 370 faults in six different C infrastructure software projects, with a false positive rate well below the 30% that has been reported to be acceptable to developers. Some of these faults are exploitable by an unprivileged malicious user, making it possible to crash the entire system.
منابع مشابه
Improving Error-Handling Code in Systems Software
Reliability is essential in systems software. A key element of ensuring reliability is proper handling of error conditions [26]. In general, the role of error handling code is to return the system to a coherent state, typically by undoing recent operations and releasing recently allocated resources. If some of these resource-releasing operations are omitted, the result can be deadlocks and memo...
متن کاملTesting Error Handling Code in Device Drivers Using Characteristic Fault Injection
Device drivers may encounter errors when communicating with OS kernel and hardware. However, error handling code often gets insufficient attention in driver development and testing, because these errors rarely occur in real execution. For this reason, many bugs are hidden in error handling code. Previous approaches for testing error handling code often neglect the characteristics of device driv...
متن کاملAn approach to fault detection and correction in design of systems using of Turbo codes
We present an approach to design of fault tolerant computing systems. In this paper, a technique is employed that enable the combination of several codes, in order to obtain flexibility in the design of error correcting codes. Code combining techniques are very effective, which one of these codes are turbo codes. The Algorithm-based fault tolerance techniques that to detect errors rely on the c...
متن کاملSoftware Testing Resource Allocation and Release Time Problem: A Review
Software testing Resource allocation and release time decisions are vital for the software systems. The objective behind such critical decisions may differ from firm to firm. The motive of the firm may be maximization of software reliability or maximization of number of faults to be removed from each module or it may be minimization of number of faults remaining in the software or minimization ...
متن کاملEvolution of Functional Safety & Security in AUTOSAR
AUTOSAR (AUTomotive Open System Architecture) is an open, international standard for the software architecture of automotive ECUs, which is commonly developed in an international consortium of several OEMs, tier1s, and software tool providers. Today, numerous series vehicles with AUTOSAR technology inside are on the road. Within the AUTOSAR standard, several concepts and mechanisms to support s...
متن کامل