Comments (8)
One piece of clue: On lines around 398 of faults.cpp, the program iterates over a list of function names and does string comparisons.
However C++ compiler would mangle function names, therefore all functions inside Corrupt.c need to be wrapped with "extern C" when compiling with clang++.
This is only a part of the problem... because the injector complains about invalid calling convention. Do you know how to show line numbers in opt's core dump?
from kulfi.
Good observation.
Did you compile both LLVM and KULFI in Debug mode?
I think that might help... Otherwise, you should resort to logging.
from kulfi.
I'm already building LLVM and KULFI in debug+assert mode; it down't show line numbers still.
from kulfi.
I may have found some way to reproduce the bug ----- it actually has nothing to do with C or C++; it may be related to the return type of a CallInst that needs to be injected error!
To reproduce the problem on bubblesort, do the following:
- rm *.bc
- add a function whose return type is neither void or int and call it somewhere, for example
int** fancy() { return (int**)0xBAADCAFE; }
...
(at the beginning of main())
unsigned int asize = (int)fancy();
- python kulfi.py bubblesort 100 99 0 0 1 1
And you will see the exact same error.
The error are generated in faults.cpp, lines 313, 323, 334, 344, when generating pointer errors (the same may happen to data register errors) where a Call Inst is created (if I understand correctly, the return value of some function is passed to corrupt_*() and modified, and LLVM has a strict requirement that all argument types must agree, even if they are convertible to each other. When it's neither int or void LLVM complains arguments of incompatible type.)
So I guess to remove the bug, it may be possible to add 1 instruction before the CallInst() and convert the return value to an int*...
from kulfi.
thanks Sui for the debug data.. I would start working on this issue around Monday...this would be helpful then..
from kulfi.
I've made the following changes to the code to make LLVM happy:
In InjectError_PtrError, case "store instructions" and "load instructions"
I've added code that
- Converts the 1st(2nd) operand of the load(store) instruction to Int64
- Performs bit masking on that Int64
- Converts back to the original pointer type
I suddenly realized I am using LLVM 3.3 and it complains errors (argument of incompatible type) when I am attempting to inject errors into pointers, not sure if using LLVM 3.2 would have the same issue.
After adding these codes I see pointer corruptions working with BubbleSort (core dumps from system or from glibc and segfaults)
Also, the same error is seen on Function Call instructions. Maybe do the same thing to Function Call instructions ?
from kulfi.
You may want to check with LLVM3.2 + the latest changes that I pushed just now. The latest changes fixes all the open issues/enhancement except this one(C++ support). Adding "C++ support" is WIP and will update once fixed.
from kulfi.
I have identified something that may need to be handled to make Dynamic Fault Injection work with more (preferably C++) code:
- Instructions can be of type "int1" (i.e. a Boolean)
- Instructions can be of type Pointer.
- Instructions can be of type Struct. That is, it's not a primitive type.
These should be the cases we have to add to function InjectError_DataReg_Dyn
from kulfi.
Related Issues (11)
- Range of fault probability (-fp flag) restricted to 1-100 HOT 1
- Support selecting functions for error injection from command line HOT 1
- Add support for automatically converting to a valid range if the byte pos entered through -b flag is out-of-bound HOT 1
- Add option to print fault site count and related details
- Add option to enumerate fault site
- Support float data types
- Tweak example python files to accomodate command line options changes - "-fn" "-pfs" "-ef" and "-tf"
- Change the deafult value of "-b" flag from 0 to random value
- What is the purpose of the "clone" here?
- Build for Faults transform fails on Ubuntu HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kulfi.