TY - GEN
T1 - Testing error handling code in device drivers using characteristic fault injection
AU - Bai, Jia Ju
AU - Wang, Yu Ping
AU - Yin, Jie
AU - Hu, Shi Min
N1 - Publisher Copyright:
© 2016 by The USENIX Association. All Rights Reserved.
PY - 2016
Y1 - 2016
N2 - Device drivers may encounter errors when communicating with OS kernel and hardware. However, error handling code often gets insufficient attention in driver development and testing, because these errors rarely occur in real execution. For this reason, many bugs are hidden in error handling code. Previous approaches for testing error handling code often neglect the characteristics of device drivers, so their efficiency and accuracy are limited. In this paper, we first study the source code of Linux drivers to find useful characteristics of error handling code. Then we use these characteristics in fault injection testing, and propose a novel approach named EH-Test, which can efficiently test error handling code in drivers. To improve the representativeness of injected faults, we design a pattern-based extraction strategy to automatically and accurately extract target functions which can actually fail and trigger error handling code. During execution, we use a monitor to record runtime information and pair checkers to check resource usages. We have evaluated EH-Test on 15 real Linux device drivers and found 50 new bugs in Linux 3.17.2. The code coverage is also effectively increased. Comparison experiments to previous related approaches also show the effectiveness of EH-Test.
AB - Device drivers may encounter errors when communicating with OS kernel and hardware. However, error handling code often gets insufficient attention in driver development and testing, because these errors rarely occur in real execution. For this reason, many bugs are hidden in error handling code. Previous approaches for testing error handling code often neglect the characteristics of device drivers, so their efficiency and accuracy are limited. In this paper, we first study the source code of Linux drivers to find useful characteristics of error handling code. Then we use these characteristics in fault injection testing, and propose a novel approach named EH-Test, which can efficiently test error handling code in drivers. To improve the representativeness of injected faults, we design a pattern-based extraction strategy to automatically and accurately extract target functions which can actually fail and trigger error handling code. During execution, we use a monitor to record runtime information and pair checkers to check resource usages. We have evaluated EH-Test on 15 real Linux device drivers and found 50 new bugs in Linux 3.17.2. The code coverage is also effectively increased. Comparison experiments to previous related approaches also show the effectiveness of EH-Test.
UR - http://www.scopus.com/inward/record.url?scp=85020729647&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85020729647
T3 - Proceedings of the 2016 USENIX Annual Technical Conference, USENIX ATC 2016
SP - 635
EP - 647
BT - Proceedings of the 2016 USENIX Annual Technical Conference, USENIX ATC 2016
PB - USENIX Association
T2 - 2016 USENIX Annual Technical Conference, USENIX ATC 2016
Y2 - 22 June 2016 through 24 June 2016
ER -