Zu-Ming Jiang scite author profile

Zu-Ming Jiang

4Publications

21Citation Statements Received

62Citation Statements Given

How they've been cited

How they cite others

134

Affiliations

ETH Zurich, Tsinghua University

Publications

Order By: Most citations

Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection

Jiang

Bai

Lawall

et al. 2019

View full text Add to dashboard Cite

Device drivers remain a main source of runtime failures in operating systems. To detect bugs in device drivers, fuzzing has been commonly used in practice. However, a main limitation of existing fuzzing approaches is that they cannot effectively test error handling code. Indeed, these fuzzing approaches require effective inputs to cover target code, but much error handling code in drivers is triggered by occasional errors (such as insufficient memory and hardware malfunctions) that are not related to inputs. In this paper, based on software fault injection, we propose a new fuzzing approach named FIZZER, to test error handling code in device drivers. At compile time, FIZZER uses static analysis to recommend possible error sites that can trigger error handling code. During driver execution, by analyzing runtime information, it automatically fuzzes error-site sequences for fault injection to improve code coverage. We evaluate FIZZER on 18 device drivers in Linux 4.19, and in total find 22 real bugs. The code coverage is increased by over 15% compared to normal execution without fuzzing.

show abstract

Detecting Data Races Caused by Inconsistent Lock Protection in Device Drivers

Chen

Bai

Jiang

et al. 2019

View full text Add to dashboard Cite

Data races are often hard to detect in device drivers, due to the non-determinism of concurrent execution. According to our study of Linux driver patches that fix data races, more than 38% of patches involve a pattern that we call inconsistent lock protection. Specifically, if a variable is accessed within two concurrently executed functions, the sets of locks held around each access are disjoint, at least one of the locksets is non-empty, and at least one of the involved accesses is a write, then a data race may occur. In this paper, we present a runtime analysis approach, named DILP, to detect data races caused by inconsistent lock protection in device drivers. By monitoring driver execution, DILP collects the information about runtime variable accesses and executed functions. Then after driver execution, DILP analyzes the collected information to detect and report data races caused by inconsistent lock protection. We evaluate DILP on 12 device drivers in Linux 4.16.9, and find 25 real data races.

show abstract

Hybrid Static-Dynamic Analysis of Data Races Caused by Inconsistent Locking Discipline in Device Drivers

Bai

Chen

Jiang

et al. 2022

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Testing Error Handling Code With Software Fault Injection and Error-Coverage-Guided Fuzzing

Bai

Fu²,

Xie³

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Zu-Ming Jiang

Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection

Detecting Data Races Caused by Inconsistent Lock Protection in Device Drivers

Hybrid Static-Dynamic Analysis of Data Races Caused by Inconsistent Locking Discipline in Device Drivers

Testing Error Handling Code With Software Fault Injection and Error-Coverage-Guided Fuzzing

Contact Info

Product

Resources

About