J. Bai, Linux kernel commit 2ff33d663739: fix some concurrency double-free bugs in the isdn_tty driver

J. Bai, Linux kernel commit 4f68ef64cd7f: fix some concurrency use-after-free bugs in the cw1200 driver

J. Bai, Linux kernel commit 7418e6520f22: fix a concurrency use-after-free bug in the hfc_pci driver

J. Bai, Y. Wang, J. Lawall, and S. Hu, DSAC: effective static analysis of sleep-in-atomiccontext bugs in kernel modules, Proceedings of the 2018 USENIX Annual Technical Conference, pp.587-600, 2018.

J. Bai, Y. Wang, H. Liu, and S. Hu, Mining and checking paired functions in device drivers using characteristic fault injection, Information and Software Technology, vol.73, pp.122-133, 2016.

J. Caballero, G. Grieco, M. Marron, and A. Nappa, Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities, Proceedings of the 2012 International Symposium on Software Testing and Analysis (ISSTA), pp.133-143, 2012.

H. Chen, Y. Mao, X. Wang, D. Zhou, N. Zel-dovich et al., Linux kernel vulnerabilities: state-of-the-art defenses and open problems, Proceedings of the 2nd Asia-Pacific Workshop on Systems (APSys), pp.1-5, 2011.

Q. Chen, J. Bai, Z. Jiang, J. Lawall, and S. Hu, Detecting data races caused by inconsistent lock protection in device drivers, Proceedings of the 26th International Conference on Software Analysis, pp.366-376, 2019.
URL : https://hal.archives-ouvertes.fr/hal-02014196

J. Corbet, Atomic context and kernel api design, 2008.

. Coverity,

P. Deligiannis, A. F. Donaldson, and Z. Raka-maric, Fast and precise symbolic analysis of concurrency bugs in device drivers, Proceedings of the 30th International Conference on Automated Software Engineering (ASE, pp.166-177, 2015.

D. Engler and K. Ashcraft, RacerX: effective, static detection of race conditions and deadlocks, Proceedings of the 19th International Symposium on Operating Systems Principles (SOSP, pp.237-252, 2003.

D. Engler, D. Y. Chen, S. Hallem, A. Chou, and B. Chelf, Bugs as deviant behavior: a general approach to inferring errors in systems code, Proceedings of the 18th International Symposium on Operating Systems Principles (SOSP, pp.57-72, 2001.

J. Erickson, M. Musuvathi, S. Burckhardt, and K. Olynyk, Effective data-race detection for the kernel, Proceedings of the 9th International Conference on Operating Systems Design and Implementation (OSDI) (2010), pp.151-162

N. Heintze and O. Tardieu, Ultra-fast aliasing analysis using CLA: a million lines of C code in a second, Proceedings of the 2001 International Conference on Programming Language Design and Implementation (PLDI, pp.254-263, 2001.

S. Hong and M. Kim, Effective pattern-driven concurrency bug detection for operating systems, Journal of Systems and Software, vol.86, pp.377-388, 2013.

Y. Jiang, Y. Yang, T. Xiao, T. Sheng, and W. Chen, DRDDR: a lightweight method to detect data races in Linux kernel, The Journal of Supercomputing, vol.72, pp.1645-1659, 2016.

, The Kernel Address Sanitizer

, KernelStrider: Detecting data races in Linux kernel modules by collecting runtime information

A. Lal, S. Qadeer, and S. K. Lahiri, A solver for reachability modulo theories, Proceedings of the 2012 International Conference on Computer Aided Verification (CAV, pp.427-443, 2012.

C. Larosa, L. Xiong, and K. Mandelberg, Frequent pattern mining for kernel trace data, Proceedings of the 2008 ACM symposium on Applied computing, pp.880-885, 2008.

J. L. Lawall, J. Brunel, N. Palix, R. R. Hansen, H. Stuart et al., WYSIWIB: a declarative approach to finding API protocols and bugs in Linux code, Proceedings of the 39th International Conference on Dependable Systems and Networks (DSN, pp.43-52, 2009.
URL : https://hal.archives-ouvertes.fr/hal-00941142

L. Verification,

B. Lee, C. Song, Y. Jang, T. Wang, T. Kim et al., Preventing use-after-free with dangling pointers nullification, Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS), 2015.

Z. Li and Y. Zhou, PR-Miner: automatically extracting implicit programming rules and detecting violations in large software code, Proceedings of the 13th International Symposium on Foundations of Software Engineering (FSE) (2005), pp.306-315

, Linux kernel source tree

A. Lochmann, H. Schirmeier, H. Borghorst, and O. Spinczyk, LockDoc: trace-based analysis of locking in the Linux kernel, Proceedings of the 14th European Conference on Computer Systems (EuroSys) (2019), vol.11, p.15

S. Lu, S. Park, C. Hu, X. Ma, W. Jiang et al., MUVI: automatically inferring multi-variable access correlations and detecting related semantic and concurrency bugs, Proceedings of 21st International Symposium on Operating Systems Principles (SOSP, pp.103-116, 2007.

Y. Padioleau, J. Lawall, R. R. Hansen, and G. Muller, Documenting and automating collateral evolutions in linux device drivers, Proceedings of the 3rd European Conference on Computer Systems (EuroSys), pp.247-260, 2008.
URL : https://hal.archives-ouvertes.fr/inria-00123142

S. Saha, J. Lozi, G. Thomas, J. L. Lawall, G. Muller et al., Detecting resource-release omission faults in error-handling code for systems software, Proceedings of the 43rd International Conference on Dependable Systems and Networks (DSN, pp.1-12, 2013.
URL : https://hal.archives-ouvertes.fr/hal-01302679

S. Savage, M. Burrows, G. Nelson, P. Sobal-varro, and T. Anderson, Eraser: a dynamic data race detector for multithreaded programs, ACM Transactions on Computer Systems (TOCS), vol.15, pp.391-411, 1997.

K. Serebryany, D. Bruening, A. Potapenko, and D. Vyukov, AddressSanitizer: a fast address sanity checker, Proceedings of the 2012 USENIX Annual Technical Conference, pp.309-318, 2012.

, Syzkaller: an unsupervised, coverage-guided kernel fuzzer

, The USB related documentations in the Linux kernel

E. Van-der-kouwe, V. Nigade, and C. Giuffrida, DangSan: scalable use-after-free detection, Proceedings of the 12th European Conference on Computer Systems (EuroSys, pp.405-419, 2017.

V. Vojdani, K. Apinis, V. Rõtov, H. Seidl, V. Vene et al., Static race detection for device drivers: the Goblint approach, Proceedings of the 31st International Conference on Automated Software Engineering (ASE, pp.391-402, 2016.

J. W. Voung, R. Jhala, and S. Lerner, RE-LAY: static race detection on millions of lines of code, Proceedings of the 2007 International Symposium on Foundations of Software Engineering (FSE), pp.205-214, 2007.

N. Weichbrodt, A. Kurmus, P. Pietzuch, and R. Kapitza, AsyncShock: exploiting synchronisation bugs in Intel SGX enclaves, Proceedings of the, 2016.

, European Symposium on Research in Computer Security (ESORICS) (2016), pp.440-457

W. Xu, J. Li, J. Shu, W. Yang, T. Xie et al., From collision to exploitation: unleashing use-after-free vulnerabilities in Linux kernel, Proceedings of the 22nd International Conference on Computer and Communications Security (CCS, pp.414-425, 2015.

H. Yan, Y. Sui, S. Chen, and J. Xue, Machinelearning-guided typestate analysis for static use-afterfree detection, Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC, pp.42-54, 2017.

H. Yan, Y. Sui, S. Chen, and J. Xue, Spatiotemporal context reduction: a pointer-analysis-based static approach for detecting use-after-free vulnerabilities, Proceedings of the 40th International Conference on Software Engineering (ICSE, pp.327-337, 2018.

J. Yang, D. Evans, D. Bhardwaj, T. Bhat, and M. Das, Perracotta: mining temporal API rules from imperfect traces, Proceedings of 28th International Conference on Software Engineering (ICSE, pp.282-291, 2006.

J. Ye, C. Zhang, and X. Han, UAFChecker: scalable static detection of use-after-free vulnerabilities, Proceedings of the 21st International Conference on Computer and Communications Security (CCS, pp.1529-1531, 2014.

Y. Younan, FreeSentry: protecting against use-afterfree vulnerabilities due to dangling pointers, Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS, 2015.

I. Yun, C. Min, X. Si, Y. Jang, T. Kim et al., APISan: sanitizing API usages through semantic cross-checking, Proceedings of the 2016 USENIX Security Symposium, pp.363-378, 2016.