Effective Detection of Sleep-in-Atomic-Context Bugs in the Linux Kernel - Archive ouverte HAL Access content directly
Journal Articles ACM Transactions on Computer Systems Year : 2020

Effective Detection of Sleep-in-Atomic-Context Bugs in the Linux Kernel

(1) , (2) , (1)
1
2

Abstract

Atomic context is an execution state of the Linux kernel, in which kernel code monopolizes a CPU core. In this state, the Linux kernel may only perform operations that cannot sleep, as otherwise a system hang or crash may occur. We refer to this kind of concurrency bug as a sleep-in-atomic-context (SAC) bug. In practice, SAC bugs are hard to find, as they do not cause problems in all executions. In this paper, we propose a practical static approach named DSAC, to effectively detect SAC bugs in the Linux kernel. DSAC uses three key techniques: (1) a summary-based analysis to identify the code that may be executed in atomic context, (2) a connection-based alias analysis to identify the set of functions referenced by a function pointer, and (3) a path-check method to filter out repeated reports and false bugs. We evaluate DSAC on Linux 4.17, and find 1159 SAC bugs. We manually check all the bugs, and find that 1068 bugs are real. We have randomly selected 300 of the real bugs and sent them to kernel developers. 220 of these bugs have been confirmed, and 51 of our patches fixing 115 bugs have been applied.
Fichier principal
Vignette du fichier
paper.pdf (8.54 Mo) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-03032244 , version 1 (30-11-2020)

Identifiers

Cite

Jia-Ju Bai, Julia Lawall, Shi-Min Hu. Effective Detection of Sleep-in-Atomic-Context Bugs in the Linux Kernel. ACM Transactions on Computer Systems, 2020, 36 (4), pp.10. ⟨10.1145/3381990⟩. ⟨hal-03032244⟩
114 View
287 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More