Abstract
Error handling is essential for operating systems, thus, there are many bugs in error-handling code, which could result in serious consequences. In this paper, we revisit the problem of error miss-handling bugs and analyze the root cause of the most common ones in the Linux kernel. Based on the analysis, we propose a systematic static taint-analysis-based approach, ErrHunter, to detect multiple kinds of error miss-handling bugs in the Linux kernel. An automated critical variable identification approach is proposed to identify critical variables in the error-handling paths. A static cross-control-flow taint analysis approach is proposed to construct critical-variable control flow graphs (CCFGs), which describe the processing of critical variables in separate control flows. Based on the CCFGs, ErrHunter can target the root cause of the most common error miss-handling bugs and detect the bugs in a systematic way. ErrHunter is designed for kernel bug detection, so it can handle many specific features of the Linux kernel, such as memory management mechanisms, etc.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
