An Extensible Technique for High-Precision Testing of Recovery Code

Thorough testing of software systems requires ways to productively employ fault injection. We describe a technique for automatically identifying the errors exposed by shared libraries, finding good injection targets in program binaries, and producing corresponding injection scenarios. We present a framework for writing precise custom triggers that inject the desired faults--in the form of error return codes and corresponding side effects--at the boundary between shared libraries and applications. We incorporated these ideas in the LFI tool chain. With no developer assistance and no access to source code, this new version of LFI found 11 serious, previously unreported bugs in the BIND name server, the Git version control system, the MySQL database server, and the PBFT replication system. LFI achieved entirely automatically 35%-60% improvement in recovery-code coverage, without requiring any new tests. LFI can be downloaded from

Published in:
Proceedings of the USENIX Annual Technical Conference
Presented at:
USENIX Annual Technical Conference, Boston, MA, June 2010

 Record created 2010-03-15, last modified 2018-03-17

Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)