Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
Thorough testing of software systems requires ways to productively employ fault injection. We describe a technique for automatically identifying the errors exposed by shared libraries, finding good injection targets in program binaries, and producing corresponding injection scenarios. We present a framework for writing precise custom triggers that inject the desired faults--in the form of error return codes and corresponding side effects--at the boundary between shared libraries and applications. We incorporated these ideas in the LFI tool chain. With no developer assistance and no access to source code, this new version of LFI found 11 serious, previously unreported bugs in the BIND name server, the Git version control system, the MySQL database server, and the PBFT replication system. LFI achieved entirely automatically 35%-60% improvement in recovery-code coverage, without requiring any new tests. LFI can be downloaded from http://lfi.epfl.ch.
Mathias Josef Payer, Sirus Shahini
Katrin Beyer, Igor Tomic, Andrea Penna
Pavlos Nikolopoulos, Christina Fragouli, Suhas Diggavi, Sundara Rajan Srinivasavaradhan