LFI: A practical and general library-level fault injector

Marinescu, Paul Dan; Candea, George

doi:10.1109/dsn.2009.5270313

Cited by 65 publications

(49 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, if we derive constraints on library functions from documentation, there might be false negatives due to the inconsistency between the documentation and the actual implementation. We can use LFI to check such consistency [17]. Similarly, SecTAC will generate a false positive if (1) the theorem prover returns a solution when PC ∧¬ SC is not satisfiable or (2) the program and security constraints are extracted incorrectly.…”

Section: False Negatives and Positivesmentioning

confidence: 99%

Detecting vulnerabilities in C programs using trace-based testing

Zhang

Liu

Lei

et al. 2010

2010 IEEE/IFIP International Conference on Dependable Systems &Amp; Networks (DSN)

View full text Add to dashboard Cite

show abstract

Section: False Negatives and Positivesmentioning

confidence: 99%

Detecting vulnerabilities in C programs using trace-based testing

Zhang

Liu

Lei

et al. 2010

2010 IEEE/IFIP International Conference on Dependable Systems &Amp; Networks (DSN)

View full text Add to dashboard Cite

show abstract

“…Figure 1. Part of the fault space created by LFI [16] for the ls utility. The horizontal axis represents functions in the C standard library that fail, and the vertical axis represents the tests in the default test suite for this utility.…”

Section: Fault Space Structurementioning

confidence: 99%

“…In our evaluation we use LFI [16], a library fault injection tool that allows the developer to fine-tune the definition of an injection point according to their own needs. Since we aim to maximize the accuracy of our evaluation, we define an injection point as the tuple testID, functionName, callNumber .…”

Section: Injection Point Precisionmentioning

confidence: 99%

“…Such ad-hoc approaches are typically based on a poor understanding of the space of possible faults and lead to poor-coverage testing. Recent tools, like LFI [16], improve the state of the art by offering the ability to simulate a wide variety of fine-grained faults that occur in a program's environment and become visible to applications through the application-library interface. Such tools offer developers better control over fault injection.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Fast black-box testing of system recovery code

Banabic

Candea

2012

Proceedings of the 7th ACM European Conference on Computer Systems

Self Cite

View full text Add to dashboard Cite

Fault injection-a key technique for testing the robustness of software systems-ends up rarely being used in practice, because it is labor-intensive and one needs to choose between performing random injections (which leads to poor coverage and low representativeness) or systematic testing (which takes a long time to wade through large fault spaces). As a result, testers of systems with high reliability requirements, such as MySQL, perform fault injection in an ad-hoc manner, using explicitly-coded injection statements in the base source code and manual triggering of failures.This paper introduces AFEX, a technique and tool for automating the entire fault injection process, from choosing the faults to inject, to setting up the environment, performing the injections, and finally characterizing the results of the tests (e.g., in terms of impact, coverage, and redundancy). The AFEX approach uses a metric-driven search algorithm that aims to maximize the number of bugs discovered in a fixed amount of time. We applied AFEX to real-world systemsMySQL, Apache httpd, UNIX utilities, and MongoDB-and it uncovered new bugs automatically in considerably less time than other black-box approaches.

show abstract

“…In systems that support dynamic loading of shared libraries, a common approach is to use the LD_PRELOAD mechanism to interpose on library calls and introduce faults, e.g., library level fault injection (LFI) [9]. This is a generic approach that does not require source code modifications of the target, and allows for runtime additions via the shared library wrapper routines.…”

Section: Introductionmentioning

confidence: 99%

A Case for Virtual Machine Based Fault Injection in a High-Performance Computing Environment

Naughton

Vallée

Engelmann

et al. 2012

Euro-Par 2011: Parallel Processing Workshops

View full text Add to dashboard Cite

Abstract. Large-scale computing platforms provide tremendous capabilities for scientific discovery. As applications and system software scale up to multipetaflops and beyond to exascale platforms, the occurrence of failure will be much more common. This has given rise to a push in fault-tolerance and resilience research for high-performance computing (HPC) systems. This includes work on log analysis to identify types of failures, enhancements to the Message Passing Interface (MPI) to incorporate fault awareness, and a variety of fault tolerance mechanisms that span redundant computation, algorithm based fault tolerance, and advanced checkpoint/restart techniques.While there is much work to be done on the FT/Resilience mechanisms for such large-scale systems, there is also a profound gap in the tools for experimentation. This gap is compounded by the fact that HPC environments have stringent performance requirements and are often highly customized. The tool chain for these systems are often tailored for the platform and the operating environments typically contain many site/machine specific enhancements. Therefore, it is desirable to maintain a consistent execution environment to minimize end-user (scientist) interruption. The work on system-level virtualization for HPC system offers a unique opportunity to maintain a consistent execution environment via a virtual machine (VM). Recent work on virtualization for HPC has shown that low-overhead, high performance systems can be realized [7,15]. Virtualization also provides a clean abstraction for building experimental tools for investigation into the effects of failures in HPC and the related research on FT/Resilience mechanisms and policies. In this paper we discuss the motivation for tools to perform fault injection in an HPC context. We also present the design of a new fault injection framework that can leverage virtualization.

show abstract

LFI: A practical and general library-level fault injector

Cited by 65 publications

References 12 publications

Detecting vulnerabilities in C programs using trace-based testing

Detecting vulnerabilities in C programs using trace-based testing

Fast black-box testing of system recovery code

A Case for Virtual Machine Based Fault Injection in a High-Performance Computing Environment

Contact Info

Product

Resources

About