Title | ||
---|---|---|
Hector: Detecting Resource-Release Omission Faults in error-handling code for systems software |
Abstract | ||
---|---|---|
Omitting resource-release operations in systems error handling code can lead to memory leaks, crashes, and deadlocks. Finding omission faults is challenging due to the difficulty of reproducing system errors, the diversity of system resources, and the lack of appropriate abstractions in the C language. To address these issues, numerous approaches have been proposed that globally scan a code base for common resource-release operations. Such macroscopic approaches are notorious for their many false positives, while also leaving many faults undetected. We propose a novel microscopic approach to finding resource-release omission faults in systems software. Rather than generalizing from the entire source code, our approach focuses on the error-handling code of each function. Using our tool, Hector, we have found over 370 faults in six systems software projects, including Linux, with a 23% false positive rate. Some of these faults allow an unprivileged malicious user to crash the entire system. |
Year | DOI | Venue |
---|---|---|
2013 | 10.1109/DSN.2013.6575307 | DSN |
Keywords | Field | DocType |
software management,reproducing system error,systems software,error-handling code,program testing,common resource-release operation,c language,code base,resource allocation,memory leaks,linux,source coding,authorisation,resource-release omission fault,system software,systems error handling code,hector tool,macroscopic approaches,resource-release operation,software fault tolerance,entire source code,resource-release omission fault detection,source code,microscopic approach,software projects,system resource,detecting resource-release omission faults,resource-release operations,system error handling code,entire system,kernel,protocols | Handling Code,Source code,Computer science,Deadlock,Software fault tolerance,Real-time computing,Software,Memory leak,Code (cryptography),Distributed computing,False positive paradox | Conference |
ISSN | ISBN | Citations |
1530-0889 | 978-1-4673-6471-3 | 26 |
PageRank | References | Authors |
0.95 | 24 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Suman Saha | 1 | 257 | 16.30 |
Jean-Pierre Lozi | 2 | 111 | 7.13 |
Gael Thomas | 3 | 34 | 2.14 |
Julia L. Lawall | 4 | 958 | 60.03 |
Gilles Muller | 5 | 852 | 55.95 |