A testcase generation tool for Persistent Memory Programs.

Overview

PMFuzz

PMFuzz

PMFuzz is a testcase generation tool to generate high-value tests cases for PM testing tools (XFDetector, PMDebugger, PMTest and Pmemcheck)

If you find PMFuzz useful in your research, please cite:

Sihang Liu, Suyash Mahar, Baishakhi Ray, and Samira Khan
PMFuzz: Test Case Generation for Persistent Memory Programs
The International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2021

BibTex

@inproceedings{liu2021pmfuzz,
  title={PMFuzz: Test Case Generation for Persistent Memory Programs},
  author={Liu, Sihang and Mahar, Suyash and Ray, Baishakhi and Khan, Samira},
  booktitle={Proceedings of the Twenty-sixth International Conference on Architectural Support for Programming Languages and Operating Systems},
  year={2021}
}

Dependencies

PMFuzz was tested using the following environment configuration, other versions may work:

  1. Ubuntu 18.04
  2. NDCTL v64 or higher
  3. libunwind (libunwind-dev)
  4. libini-config (libini-config-dev)
  5. Python 3.8
  6. GNUMake >= 3.82
  7. Kernel version 5.4
  8. Anaconda or virtualenv (recommended)

For compiling documentation:

  1. doxygen
  2. pdflatex
  3. doxypypy

Compiling PMFuzz

Build PMFuzz and AFL

make -j $(nproc --all)

Install PMFuzz

sudo make install

Now, pmfuzz-fuzz should be available as an executable:

pmfuzz-fuzz --help

The following man pages are also installed:

man 1 pmfuzz-fuzz
man 7 libpmfuzz
man 7 libfakepmfuzz

To uninstall PMFuzz, run the following command:

sudo make uninstall

Compiling PMFuzz Docker image

PMFuzz also comes with a docker file to automatically configure and install pmfuzz. To build the image, run the following command from the root of the repository:

docker build -t pmfuzz-v0.9 .

The raw dockerfile is also available here: /Dockerfile.

Using PMFuzz

After installing PMFuzz, use annotations by including the PMFuzz header file:

#include "pmfuzz/pmfuzz.h"

int main() {
	printf("PMFuzz version: %s\n", pmfuzz_version_str);
}

The program would then have to be linked with either libpmfuzz or libfakepmfuzz. e.g.,

example: example.o
	$(CXX) -o $@ $< -lfakepmfuzz # or -lpmfuzz

To compile a program linked with libpmfuzz, you'd need to use PMFuzz's AFL++ version of gcc/clang. Check build/bin after building PMFuzz.

For debugging, libfakepmfuzz exports the same interface but no actual tracking mechanism, allowing it to compile with any C/C++ compiler.

An example program is available in src/example. The original ASPLOS 2021 artifact is available at https://github.com/Systems-ShiftLab/pmfuzz_asplos21_ae.

libpmfuzz API is available at docs/libpmfuzz.7.md

Compiling Documentation

Run make docs from the root, and all the documentation will be linked in the docs/ directory.

Some man pages are available as markdown formatted files:

  1. docs/libpmfuzz.7.md
  2. docs/pmfuzz-fuzz.1.md

Running custom configuration

PMFuzz uses a YML based configuration to set different parameters for fuzzing, to write a custom configuration, please follow one of the existing examples in src/pmfuzz/configs/examples/ directory.

More information on PMFuzz's syntax is here.

Modifying PMFuzz

PMFuzz was written in a modular way allowing part of PMFuzz's components to be swapped with something that has the same interface. If you have a question please open a new issue or a discussion.

Other useful information

Env variables

NOTE: If a variable doesn't have a possible value next to it, that variable would be enabled by setting it to any non-empty value (including 0).

  1. USE_FAKE_MMAP=(0,1): Enables fake mmap which mounts an image in the volaile memory.
  2. PMEM_MMAP_HINT=<addr>: Address of the mount point of the pool.
  3. ENABLE_CNST_IMG=(0,1): Disables default PMDK's behaviour that generates non-identical images for same input.
  4. FI_MODE=(<empty or unset>|IMG_GEN|IMG_REP): See libpmfuzz.c
  5. FAILURE_LIST=<path-to-output-file>: See libpmfuzz.c
  6. PMFUZZ_DEBUG=(0,1): Enables debug output from libpmfuzz
  7. ENABLE_PM_PATH: Enables deep paths in PMFuzz
  8. GEN_ALL_CS: Partially disables the probabilistic generation of crash sites and more of them are generated from libpmfuzz.c
  9. IMG_CREAT_FINJ: Disables the probabilistic generation of crash sites and all of them are generated from libpmfuzz.c
  10. PMFUZZ_SKIP_TC_CHECK: Disable testcase size check in AFL++
  11. PRIMITIVE_BASELINE_MODE: Makes workload delete image on start if the pool exists

Adding git hook for development

Following command adds a pre-commit hook to check if the tests pass:

git config --local core.hooksPath .githooks/

Reasons for Common errors

1. FileNotFoundError for instance's pid file

Raised when AFL cannot bind to a free core or no core is free.

2. Random tar command failed

Check if no free disk space is left on the device

3. shmget (2): No space left on device

Run:

ipcrm -a

Warning: This removes all user owned shared memory segments, don't run with superuser privilege or on a machine with other critical applications running.

Licensing

PMFuzz is licensed under BSD-3-clause except noted otherwise.

PMFuzz uses of the following open-source software:

  1. Preeny (license)
    Preeny was modified to fix a bug in desock. All changes are contained in vendor/pathes/preeny_path
  2. AFL++ (license)
    AFL++ was modified to include support for persistent memory tracking for PMFuzz.
You might also like...
Composable transformations of Python+NumPy programs: differentiate, vectorize, JIT to GPU/TPU, and more
Composable transformations of Python+NumPy programs: differentiate, vectorize, JIT to GPU/TPU, and more

JAX: Autograd and XLA Quickstart | Transformations | Install guide | Neural net libraries | Change logs | Reference docs | Code search News: JAX tops

A static analysis library for computing graph representations of Python programs suitable for use with graph neural networks.

python_graphs This package is for computing graph representations of Python programs for machine learning applications. It includes the following modu

Code for ICML 2021 paper: How could Neural Networks understand Programs?
Code for ICML 2021 paper: How could Neural Networks understand Programs?

OSCAR This repository contains the source code of our ICML 2021 paper How could Neural Networks understand Programs?. Environment Run following comman

[ICML 2021] Break-It-Fix-It: Learning to Repair Programs from Unlabeled Data
[ICML 2021] Break-It-Fix-It: Learning to Repair Programs from Unlabeled Data

Break-It-Fix-It: Learning to Repair Programs from Unlabeled Data This repo provides the source code & data of our paper: Break-It-Fix-It: Unsupervised

This repository contains the code for the paper
This repository contains the code for the paper "Hierarchical Motion Understanding via Motion Programs"

Hierarchical Motion Understanding via Motion Programs (CVPR 2021) This repository contains the official implementation of: Hierarchical Motion Underst

TensorFlowOnSpark brings TensorFlow programs to Apache Spark clusters.

TensorFlowOnSpark TensorFlowOnSpark brings scalable deep learning to Apache Hadoop and Apache Spark clusters. By combining salient features from the T

PerfFuzz: Automatically Generate Pathological Inputs for C/C++ programs
PerfFuzz: Automatically Generate Pathological Inputs for C/C++ programs

PerfFuzz Performance problems in software can arise unexpectedly when programs are provided with inputs that exhibit pathological behavior. But how ca

Composable transformations of Python+NumPy programsComposable transformations of Python+NumPy programs

Chex Chex is a library of utilities for helping to write reliable JAX code. This includes utils to help: Instrument your code (e.g. assertions) Debug

Prototypical python implementation of the trust-region algorithm presented in Sequential Linearization Method for Bound-Constrained Mathematical Programs with Complementarity Constraints by Larson, Leyffer, Kirches, and Manns.

Prototypical python implementation of the trust-region algorithm presented in Sequential Linearization Method for Bound-Constrained Mathematical Programs with Complementarity Constraints by Larson, Leyffer, Kirches, and Manns.

Comments
  • Compiling for PMFuzz using clang

    Compiling for PMFuzz using clang

    I'm trying to compile a program for pmfuzz using clang, as the readme says you'd need to use PMFuzz's AFL++ version of gcc/clang. However, it appears that the included AFL++ version of afl-clang simply links to the afl-gcc binary. Is the afl-clang-fast binary modified for PMFuzz, or is using afl-gcc necessary?

    opened by musahaydar 0
Owner
Systems Research at ShiftLab
Systems Research at ShiftLab
This repo is a C++ version of yolov5_deepsort_tensorrt. Packing all C++ programs into .so files, using Python script to call C++ programs further.

yolov5_deepsort_tensorrt_cpp Introduction This repo is a C++ version of yolov5_deepsort_tensorrt. And packing all C++ programs into .so files, using P

null 41 Dec 27, 2022
Segcache: a memory-efficient and scalable in-memory key-value cache for small objects

Segcache: a memory-efficient and scalable in-memory key-value cache for small objects This repo contains the code of Segcache described in the followi

TheSys Group @ CMU CS 78 Jan 7, 2023
PyTorch Code of "Memory In Memory: A Predictive Neural Network for Learning Higher-Order Non-Stationarity from Spatiotemporal Dynamics"

Memory In Memory Networks It is based on the paper Memory In Memory: A Predictive Neural Network for Learning Higher-Order Non-Stationarity from Spati

Yang Li 12 May 30, 2022
Episodic-memory - Ego4D Episodic Memory Benchmark

Ego4D Episodic Memory Benchmark EGO4D is the world's largest egocentric (first p

null 3 Feb 18, 2022
Implementation of a memory efficient multi-head attention as proposed in the paper, "Self-attention Does Not Need O(n²) Memory"

Memory Efficient Attention Pytorch Implementation of a memory efficient multi-head attention as proposed in the paper, Self-attention Does Not Need O(

Phil Wang 180 Jan 5, 2023
Implementation of Memory-Efficient Neural Networks with Multi-Level Generation, ICCV 2021

Memory-Efficient Multi-Level In-Situ Generation (MLG) By Jiaqi Gu, Hanqing Zhu, Chenghao Feng, Mingjie Liu, Zixuan Jiang, Ray T. Chen and David Z. Pan

Jiaqi Gu 2 Jan 4, 2022
Source code for the GPT-2 story generation models in the EMNLP 2020 paper "STORIUM: A Dataset and Evaluation Platform for Human-in-the-Loop Story Generation"

Storium GPT-2 Models This is the official repository for the GPT-2 models described in the EMNLP 2020 paper [STORIUM: A Dataset and Evaluation Platfor

Nader Akoury 27 Dec 20, 2022
A weakly-supervised scene graph generation codebase. The implementation of our CVPR2021 paper ``Linguistic Structures as Weak Supervision for Visual Scene Graph Generation''

README.md shall be finished soon. WSSGG 0 Overview 1 Installation 1.1 Faster-RCNN 1.2 Language Parser 1.3 GloVe Embeddings 2 Settings 2.1 VG-GT-Graph

Keren Ye 35 Nov 20, 2022
Image-generation-baseline - MUGE Text To Image Generation Baseline

MUGE Text To Image Generation Baseline Requirements and Installation More detail

null 23 Oct 17, 2022
Composable transformations of Python+NumPy programs: differentiate, vectorize, JIT to GPU/TPU, and more

JAX: Autograd and XLA Quickstart | Transformations | Install guide | Neural net libraries | Change logs | Reference docs | Code search News: JAX tops

Google 21.3k Jan 1, 2023