HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers

Abstract : In Linux device drivers, use-after-free (UAF) bugs can cause system crashes and serious security problems. According to our study of Linux kernel commits, 42% of the driver commits fixing use-after-free bugs involve driver concurrency. We refer to these use-after-free bugs as concurrency use-after-free bugs. Due to the non-determinism of concurrent execution, concurrency use-after-free bugs are often more difficult to reproduce and detect than sequential use-after-free bugs. In this paper, we propose a practical static analysis approach named DCUAF, to effectively detect concurrency use-after-free bugs in Linux device drivers. DCUAF combines a local analysis analyzing the source code of each driver with a global analysis statistically analyzing the local results of all drivers, forming a local-global analysis, to extract the pairs of driver interface functions that may be concurrently executed. Then, with these pairs, DCUAF performs a summary-based lockset analysis to detect concurrency use-after-free bugs. We have evaluated DCUAF on the driver code of Linux 4.19, and found 640 real concurrency use-after-free bugs. We have randomly selected 130 of the real bugs and reported them to Linux kernel developers, and 95 have been confirmed.
Document type :
Conference papers
Complete list of metadata

Cited literature [46 references]  Display  Hide  Download

https://hal.inria.fr/hal-02182516
Contributor : Julia Lawall Connect in order to contact the contributor
Submitted on : Friday, July 12, 2019 - 6:49:33 PM
Last modification on : Thursday, February 3, 2022 - 11:14:17 AM

File

atc19-bai.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02182516, version 1

Citation

Jia-Ju Bai, Julia Lawall, Qiu-Liang Chen, Shi-Min Hu. Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers. 2019 USENIX Annual Technical Conference, Jul 2019, Renton, Washington, United States. ⟨hal-02182516⟩

Share

Metrics

Record views

63

Files downloads

993