SymDrive: Testing drivers without devices

Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2012

Volumn , Issue , 2012, Pages 279-292

  Renzelmann, Matthew J ^a   Kadav, Asim ^a   Swift, Michael M ^a  

^a University of Wisconsin Madison   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

C (PROGRAMMING LANGUAGE); STATIC ANALYSIS; SYSTEMS ANALYSIS;

DEVICE DRIVER; ERROR PRONES; EXECUTION TRACING; LINUX DRIVERS; SOURCE-TO-SOURCE TRANSFORMATIONS; SYMBOLIC EXECUTION; SYSTEM USE; TESTING ERRORS;

LINUX;

EID: 84877705477     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (45)

1. Al Danial. CLOC: Count lines of code. http://cloc.sourceforge.net/, 2010.
2. S. Amani, L. Ryzhyk, A. Donaldson, G. Heiser, A. Legg, and Y. Zhu. Static analysis of device drivers: We can do better! In Proceedings of the 2nd ACM SIGOPS Asia-Pacific Workshop on Systems, 2011.
3. T. Ball, E. Bounimova, B. Cook, V. Levin, J. Lichtenberg, et al. Thorough static analysis of device drivers. In EuroSys, 2006.
4. T. Ball, V. Levin, and S. K. Rajamani. A decade of software model checking with SLAM. In Commun. of the ACM, volume 54, July 2011.
5. T. Ball and S. K. Rajamani. The SLAM project: Debugging system software via static analysis. In POPL, 2002.
6. M. Barnett, M. Fähndrich, K. R. M. Leino, P. Müller, W. Schulte, and H. Venter. Specification and verification: The Spec# experience. In Commun. of the ACM, volume 54, June 2011.
7. F. Bellard. QEMU, a fast and portable dynamic translator. In USENIX ATC, 2005.
8. A. Bessey, K. Block, B. Chelf, A. Chou, B. Fulton, S. Hallem, C. Henri-Gros, A. Kamsky, S. McPeak, and D. Engler. A few billion lines of code later: Using static analysis to find bugs in the real world. Commun. ACM, 53:66-75, February 2010.
9. R. S. Boyer, B. Elspas, and K. N. Levitt. SELECT-A formal system for testing and debugging programs by symbolic execution. In Intl. Conf. on Reliable Software, 1975.
10. C. Cadar, D. Dunbar, and D. Engler. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI, 2008.
11. C. Cadar, V. Ganesh, P. Pawlowski, D. Dill, and D. Engler. EXE: Automatically generating inputs of death. In ACM Transactions on Information and System Security, 2008.
12. H. Chen, Y. Mao, X. Wang, D. Zhou, N. Zeldovich, and M. F. Kaashoek. Linux kernel vulnerabilities: State-of-the-art defenses and open problems. In Proceedings of the 2nd ACM SIGOPS Asia-Pacific Workshop on Systems, 2011.
13. V. Chipounov, V. Georgescu, C. Zamfir, and G. Candea. Selective symbolic execution. In HotDep, 2009.
14. V. Chipounov, V. Kuznetsov, and G. Candea. S2E: A platform for in-vivo multi-path analysis of software systems. In ASPLOS, 2011.
15. V. Chipounov, V. Kuznetsov, and G. Candea. The S2E platform: Design, implementation, and applications. ACM Trans. Comput. Syst., 30(1):2:1-2:49, Feb. 2012.
16. M. Cova, V. Felmetsger, G. Banks, and G. Vigna. Static detection of vulnerabilities in x86 executables. In ACSAC, 2006.
17. Coverity. Analysis of the Linux kernel, 2004. Available at http://www.coverity.com.
18. O. Crameri, R. Bianchini, and W. Zwaenepoel. Striking a new balance between program instrumentation and debugging time. In EuroSys, 2011.
19. D. R. Engler, B. Chelf, A. Chou, and S. Hallem. Checking system rules using system-specific, programmer-written compiler extensions. In OSDI, 2000.
20. P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated random testing. In PLDI, 2005.
21. P. Godefroid, M. Levin, D. Molnar, et al. Automated whitebox fuzz testing. In NDSS, 2008.
22. Greg Kroah-Hartman. The Linux kernel driver interface. http://www.kernel.org/doc/Documentation/stable_api_nonsense.txt, 2011.
23. H. Gunawi, C. Rubio-González, A. Arpaci-Dusseau, R. Arpaci-Dusseau, and B. Liblit. EIO: Error handling is occasionally correct. In 6th USENIX FAST, 2008.
24. IBM. Linux test project. http://ltp.sourceforge.net/, May 2010.
25. A. Kadav, M. J. Renzelmann, and M. M. Swift. Tolerating hardware device failures in software. In SOSP, 2009.
26. V. Kuznetsov, V. Chipounov, and G. Candea. Testing closed-source binary device drivers with DDT. In USENIX ATC, 2010.
27. E. Larson and T. Austin. High coverage detection of input-related security facults. In USENIX Security, 2003.
28. R. Majumdar and K. Sen. Hybrid concolic testing. In ICSE, 2007.
29. Microsoft. Windows device testing framework design guide. http://msdn.microsoft.com/en-us/library/windows/hardware/ff539645%28v=vs.85%29.aspx, 2011.
30. Microsoft Corporation. How to use driver verifier to troubleshoot windows drivers. http://support.microsoft.com/kb/q244617/, Jan. 2005. Knowledge Base Article Q244617.
31. Microsoft Corporation. Static Driver Verifier. http://www.microsoft.com/whdc/devtools/tools/sdv.mspx, May 2010.
32. G. C. Necula, S. Mcpeak, S. P. Rahul, and W. Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. In Intl. Conf. on Compiler Constr., 2002.
33. S. Nelson and P. Waskiewicz. Virtualization: Writing (and testing) device drivers without hardware. www.linuxplumbersconf.org/2011/ocw/sessions/243. In Linux Plumbers Conference, 2011.
34. N. Nethercode and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. In PLDI, 2007.
35. Y. Padioleau, J. Lawall, R. R. Hansen, and G. Muller. Documenting and automating collateral evolutions in Linux device drivers. In EuroSys, 2008.
36. S. Person, G. Yang, N. Rungta, and S. Khurshid. Directed incremental symbolic execution. In PLDI 2011, 2011.
37. C. S. Pǎsǎreanu et al. Combining unit-level symbolic execution and system-level concrete execution for testing NASA software. In ISSTA, 2008.
38. L. Ryzhyk, I. Kuz, and G. Heiser. Formalising device driver interfaces. In Workshop on Programming Languages and Systems, Oct. 2007.
39. K. Sen, D. Marinov, and G. Agha. CUTE: A concolic unit testing engine for C. In ESEC/FSE-13, 2005.
40. D. Song et al. BitBlaze: A new approach to computer security via binary analysis. In ICISS, 2008.
41. M. Susskraut and C. Fetzer. Automatically finding and patching bad error handling. In DSN, 2006.
42. D. Williams, P. Reynolds, K. Walsh, E. G. Sirer, and F. B. Schneider. Device driver safety through a reference validation mechanism. In OSDI, 2008.
43. T. Xie, D. Marinov, W. Schulte, and D. Notkin. Symstra: A framework for generating object-oriented unit tests using symbolic execution. In TACAS, 2005.
44. J. Yang, C. Sar, P. Twohey, C. Cadar, and D. Engler. Automatically generating malicious disks using symbolic execution. In IEEE Symp. on Security and Privacy, 2006. IEEE Computer Society.
45. C. Zamfir and G. Candea. Execution synthesis: A technique for automated software debugging. In EuroSys, 2010.