CN118051421A - Injection method and device for IO time delay fault, electronic equipment and storage medium - Google Patents
Injection method and device for IO time delay fault, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN118051421A CN118051421A CN202211436130.0A CN202211436130A CN118051421A CN 118051421 A CN118051421 A CN 118051421A CN 202211436130 A CN202211436130 A CN 202211436130A CN 118051421 A CN118051421 A CN 118051421A
- Authority
- CN
- China
- Prior art keywords
- target
- preset
- target process
- virtual address
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 267
- 238000002347 injection Methods 0.000 title claims abstract description 57
- 239000007924 injection Substances 0.000 title claims abstract description 57
- 238000003860 storage Methods 0.000 title claims abstract description 46
- 230000008569 process Effects 0.000 claims abstract description 220
- 230000006870 function Effects 0.000 claims description 99
- 238000004590 computer program Methods 0.000 claims description 24
- 238000002513 implantation Methods 0.000 claims description 8
- 238000012360 testing method Methods 0.000 abstract description 12
- 238000005516 engineering process Methods 0.000 description 15
- 238000012545 processing Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 10
- 239000000243 solution Substances 0.000 description 8
- 239000011800 void material Substances 0.000 description 6
- 238000004891 communication Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 238000013507 mapping Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 3
- 230000000739 chaotic effect Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- 241000700605 Viruses Species 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000012384 transportation and delivery Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000012098 association analyses Methods 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000001343 mnemonic effect Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 231100000957 no side effect Toxicity 0.000 description 1
- 238000013404 process transfer Methods 0.000 description 1
- 238000012954 risk control Methods 0.000 description 1
- 239000000523 sample Substances 0.000 description 1
- 239000000725 suspension Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The embodiment of the application provides an injection method and device for IO delay faults, electronic equipment and a computer readable storage medium, and relates to the technical field of clouds. The method comprises the following steps: creating a target source code, wherein the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing a target process after a preset time delay when a preset request is obtained, and the preset request is used for requesting to access a target table item related to IO in a target global offset GOT table; obtaining a relocatable file of the target source code, wherein the relocatable file comprises a target function related to a preset instruction; obtaining the execution authority of a target process, adding a target function into a virtual address space of the target process, and determining an offset address of the target function in the virtual address space; and modifying the virtual address of the target table entry into an offset address in the target GOT table, and returning the execution authority of the target process. The embodiment of the application can realize the IO delay fault injection of the process level in the chaos test of the cloud service.
Description
Technical Field
The application relates to the technical field of clouds, in particular to an injection method, an injection device, electronic equipment, a computer readable storage medium and a computer program product for IO delay faults.
Background
In a production environment, input and output (input output) delay is often caused by disk faults, flow sudden increases and the like, because the insufficient flow of a developer and a test cluster is difficult to reproduce, the situation is often ignored by the developer, code loopholes are caused, programs are crashed when the large flow is encountered after the system is on line, and huge losses are caused to business.
The existing injection scheme of the open source IO delay fault is based on the granularity of a file system, is generally applied to the injection of the IO delay fault in a container, but has a thicker granularity, and is difficult to use in the scenes of local unit test and the like; the other is IO fault injection based on busy etc. of the kernel module, which not only causes the CPU load to rise, requiring the machine to introduce debuginfo dependence, but also causes the system to tamper in extreme cases.
Disclosure of Invention
The embodiment of the application provides an injection method, an injection device, electronic equipment, a computer readable storage medium and a computer program product for IO delay faults, which can solve the problems in the prior art. The technical proposal is as follows:
according to an aspect of the embodiment of the present application, there is provided an injection method of an IO delay fault, including:
Creating a target source code, wherein the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing a target process after a preset time delay when a preset request is obtained, the preset request is used for requesting to access a target table entry related to IO in a target global offset GOT table, and the target GOT table is a GOT table of the target process;
Obtaining a relocatable file of the target source code, wherein the relocatable file comprises a target function related to a preset instruction;
obtaining the execution authority of a target process, adding a target function into a virtual address space of the target process, and determining an offset address of the target function in the virtual address space;
And determining the virtual address of the target table item in the target GOT table, modifying the virtual address into an offset address in the target GOT table, and returning the execution authority of the target process.
As an alternative embodiment, the object source code includes a plurality of sub-source codes, different sub-source codes are used for executing preset instructions under different running environments, and different sub-source codes are distinguished based on macros.
As an alternative embodiment, obtaining the execution authority of the target process includes:
Obtaining thread identifications of threads of a target process;
for each thread, requesting to acquire the execution authority of the thread through a first preset system call, and if the acquisition of the execution authority is successful, continuing requesting to acquire the execution authority of the next thread;
And determining the execution authority of the obtained target process when the execution authorities of all threads are successfully obtained.
As an alternative embodiment, adding the objective function to the virtual address space of the target process includes:
executing a second preset system call in the target process, and expanding the virtual address space of the target process to obtain a newly expanded space in the virtual address space;
an objective function is added to the newly expanded space.
As an optional implementation manner, executing a second preset system call in the target process, and expanding the virtual address space of the target process includes:
acquiring information stored in each register of a target process before the target process is acquired of an execution authority;
writing a system call number of a second preset system call into a Rax register of the target process;
Writing a memory address of a calling instruction for calling the second preset system into an instruction pointer register of the target process;
executing a calling instruction in an instruction pointer register in a target process to obtain a return value in a Rax register, wherein the return value is a newly expanded space;
and backfilling the information into each register of the target process.
As an alternative embodiment, determining the virtual address of the target entry in the target GOT table includes:
obtaining segment offset addresses of all table items in a target GOT table;
When the closed position irrelevant executable file PIE is determined, determining the segment offset address of the target table item from the segment offset addresses of the table items, and taking the segment offset address as the virtual address of the target table item;
When the PIE is determined to be started, a segment base address is obtained, a segment offset address of a target table item is determined from the segment offset addresses of all table items, and a virtual address of the target table item is obtained according to the segment base address and the segment offset address.
According to another aspect of the embodiment of the present application, there is provided an injection device for IO delay faults, the device including:
The source code creation module is used for creating a target source code, the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing a target process after a preset time delay when a preset request is obtained, the preset request is used for requesting to access a target table entry related to IO in a target global offset GOT table, and the target GOT table is a GOT table of the target process;
The repositioning compiling module is used for obtaining a repositionable file of the target source code, wherein the repositioning file comprises a target function related to a preset instruction;
the function implantation module is used for obtaining the execution authority of the target process, adding the target function to the virtual address space of the target process, and determining the offset address of the target function in the virtual address space;
and the address replacement module is used for determining the virtual address of the target table item in the target GOT table, modifying the virtual address into an offset address in the target GOT table and returning the execution authority of the target process.
As an alternative embodiment, the object source code includes a plurality of sub-source codes, different sub-source codes are used for executing preset instructions under different running environments, and different sub-source codes are distinguished based on macros.
As an alternative embodiment, the function implantation module includes:
the thread identification obtaining module is used for obtaining the thread identification of each thread of the target process;
The thread permission obtaining module is used for requesting to obtain the execution permission of the thread through a first preset system call for each thread, and if the execution permission is successfully obtained, continuing to request to obtain the execution permission of the next thread;
And the process permission determining module is used for determining the execution permission of the obtained target process according to the success of obtaining the execution permission of all threads.
As an alternative embodiment, the function implantation module includes:
The control expansion module is used for executing a second preset system call in the target process, expanding the virtual address space of the target process and obtaining a newly expanded space in the virtual address space;
and the function adding module is used for adding the target function to the newly expanded space.
As an alternative embodiment, the control extension module includes:
the information acquisition module is used for acquiring information stored in each register of the target process before the execution permission of the target process is acquired;
The calling number writing module is used for writing a system calling number of the second preset system call into a Rax register of the target process;
the address writing module is used for writing the memory address of the calling instruction for calling the second preset system call into the instruction pointer register of the target process;
The return value obtaining module is used for executing the calling instruction in the instruction pointer register in the target process to obtain a return value in the Rax register, wherein the return value is a newly expanded space;
and the backfilling module is used for backfilling the information into each register of the target process.
As an alternative embodiment, the address replacement module includes:
The segment offset address obtaining module is used for obtaining segment offset addresses of all table items in the target GOT table;
The first address obtaining module is used for determining the segment offset address of the target table item from the segment offset addresses of all the table items when the closed position irrelevant executable file PIE is determined, and taking the segment offset address as the virtual address of the target table item;
and the second address obtaining module is used for obtaining the segment base address when the PIE is determined to be started, determining the segment offset address of the target table item from the segment offset addresses of the table items, and obtaining the virtual address of the target table item according to the segment base address and the segment offset address.
According to another aspect of an embodiment of the present application, there is provided an electronic device including a memory, a processor, and a computer program stored on the memory, the processor executing the computer program to implement the steps of the IO delay fault injection method of the above aspect.
According to a further aspect of an embodiment of the present application, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method of injection of IO delay faults of the above aspect.
According to an aspect of an embodiment of the present application, there is provided a computer program product comprising a computer program which, when executed by a processor, implements the steps of the method for injecting an IO delay fault of the above aspect.
The technical scheme provided by the embodiment of the application has the beneficial effects that:
By creating a target source code, the target source code can execute system call of a target process after preset delay is performed when obtaining target table items related to IO in a GOT table of an access target process, IO delay injection of a process level is realized, in order to directly call the system call, the target function related to a preset instruction is obtained from the returnable file by compiling the source code into a returnable file, the returnable file is utilized to compile the assembly code, the characteristic of the system call can be directly called, access to the GOT table is bypassed, by adding the target function into a virtual address space of the target process, the target function can be quickly deleted after test is finished, no side effect is caused on the system, the offset address of the target function in a virtual address control is determined, the virtual address of the target table item in the target GOT table is further modified to the offset address of the target function in the virtual address control, and subsequently when the target table item in the access target process is obtained, the virtual address of the target table item in the target GOT table is modified to the offset address of the target function, and the system call of the target function is executed after the preset offset address of the target process is performed, and the IO delay level of the system call is realized.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings that are required to be used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is a system architecture of an injection method for implementing an IO delay fault according to an embodiment of the present application;
fig. 2 is a schematic flow chart of the inventive concept provided in the embodiment of the present application;
Fig. 3 is a schematic flow chart of an injection method of an IO delay fault according to an embodiment of the present application;
FIG. 4 is a diagram of a relocatable file according to an embodiment of the present application;
FIG. 5 is a schematic diagram of a virtual address space of a target process after injection of a second preset system call according to an embodiment of the present application;
FIG. 6 is a schematic diagram illustrating a change in virtual address space of a target process according to an embodiment of the present application;
fig. 7 is a flow chart of an injection method of an IO delay fault according to another embodiment of the present application;
Fig. 8 is a schematic diagram of a scenario embodiment of an injection method of an IO delay fault according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of an injection device for IO delay faults according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Embodiments of the present application are described below with reference to the drawings in the present application. It should be understood that the embodiments described below with reference to the drawings are exemplary descriptions for explaining the technical solutions of the embodiments of the present application, and the technical solutions of the embodiments of the present application are not limited.
As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It will be further understood that the terms "comprises" and "comprising," when used in this specification, specify the presence of stated features, information, data, steps, operations, elements, and/or components, but do not preclude the presence or addition of other features, information, data, steps, operations, elements, components, and/or groups thereof, all of which may be included in the present specification. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. The term "and/or" as used herein indicates that at least one of the items defined by the term, e.g., "a and/or B" may be implemented as "a", or as "B", or as "a and B".
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the embodiments of the present application will be described in further detail with reference to the accompanying drawings.
First, several terms related to the present application are described and explained:
1) Cloud technology (Cloud technology) refers to a hosting technology for integrating hardware, software, network and other series resources in a wide area network or a local area network to realize calculation, storage, processing and sharing of data.
Cloud technology (Cloud technology) is based on the general terms of network technology, information technology, integration technology, management platform technology, application technology and the like applied by Cloud computing business models, and can form a resource pool, so that the Cloud computing business model is flexible and convenient as required. Cloud computing technology will become an important support. Background services of technical networking systems require a large amount of computing, storage resources, such as video websites, picture-like websites, and more portals. Along with the high development and application of the internet industry, each article possibly has an own identification mark in the future, the identification mark needs to be transmitted to a background system for logic processing, data with different levels can be processed separately, and various industry data needs strong system rear shield support and can be realized only through cloud computing.
2) Cloud storage (cloud storage) is a new concept that extends and develops in the concept of cloud computing, and a distributed cloud storage system (hereinafter referred to as a storage system for short) refers to a storage system that integrates a large number of storage devices (storage devices are also referred to as storage nodes) of various types in a network to work cooperatively through application software or application interfaces through functions such as cluster application, grid technology, and a distributed storage file system, so as to provide data storage and service access functions for the outside.
At present, the storage method of the storage system is as follows: when creating logical volumes, each logical volume is allocated a physical storage space, which may be a disk composition of a certain storage device or of several storage devices. The client stores data on a certain logical volume, that is, the data is stored on a file system, the file system divides the data into a plurality of parts, each part is an object, the object not only contains the data but also contains additional information such as a data Identification (ID) and the like, the file system writes each object into a physical storage space of the logical volume, and the file system records storage position information of each object, so that when the client requests to access the data, the file system can enable the client to access the data according to the storage position information of each object.
The process of allocating physical storage space for the logical volume by the storage system specifically includes: physical storage space is divided into stripes in advance according to the set of capacity measures for objects stored on a logical volume (which measures tend to have a large margin with respect to the capacity of the object actually to be stored) and redundant array of independent disks (RAID, redundant Array of INDEPENDENT DISK), and a logical volume can be understood as a stripe, whereby physical storage space is allocated for the logical volume.
3) Cloud Security (Cloud Security) refers to a generic term for Security software, hardware, users, institutions, secure Cloud platforms based on Cloud computing business model applications. Cloud security fuses emerging technologies and concepts such as parallel processing, grid computing, unknown virus behavior judgment and the like, acquires the latest information of Trojan horse and malicious programs in the Internet through abnormal monitoring of a large number of network clients on software behaviors, sends the latest information to a server for automatic analysis and processing, and distributes solutions of viruses and Trojan horse to each client.
The main research directions of cloud security include: 1. cloud computing security, namely, how to guarantee security of cloud and various applications on the cloud, including cloud computer system security, security storage and isolation of user data, user access authentication, information transmission security, network attack protection, compliance audit and the like; 2. clouding of a safety infrastructure, mainly researching how to build and integrate safety infrastructure resources by adopting cloud computing, and optimizing a safety protection mechanism, wherein the cloud computing technology is used for constructing a super-large-scale safety event and an information acquisition and processing platform, realizing acquisition and association analysis of mass information, and improving the control capability and risk control capability of the whole-network safety event; 3. cloud security services, mainly research on various security services provided for users based on cloud computing platforms, such as anti-virus services and the like.
4) The global offset table (Global Offset Table, GOT) is a table for storing external library functions, in order to improve the utilization efficiency of the CPU, the program is assisted by two tables, namely, the GOT table and the program link table (Procedure Link Table, PLT), when the program is run for the first time, the program will enter the dynamic link library which has been transferred into the memory to find the corresponding function and address, and place the address of the function into the GOT table, map the address data of the GOT table into the table entry of the PLT table, and when the program is run for the second time, the address of the function is found directly through the PLT table without re-finding the address of the function, thereby executing the function.
5) A location independent executable file (Position Independent Executables, PIE), a location independent code and a location independent data. The location-independent code, i.e., the code segment, operates correctly no matter where in memory it is placed. The reason for this is that absolute addresses are not used in the code, and are relative addresses. The location independent code may be used in the following situations: 1. dynamically loading the program into the memory during the running period; 2. the program is combined with different programs in different occasions and then is loaded into a memory (shared dynamic link library); 3. the different addresses are mapped to each other during run-time (e.g., bootloader).
6) Source code, i.e., program code, extends the name ". C" of source code in the C language. The source code files are written in a high-level language, typically with respect to the target files and the executable files.
7) Assembly code (Assembly Language) is a low-level language, also known as a symbolic language, for an electronic computer, microprocessor, microcontroller, or other programmable device. In assembly language, mnemonics are used to replace the operation code of machine instructions, and address symbols or labels are used to replace the addresses of instructions or operands. In different devices, the assembly language corresponds to different sets of machine language instructions, which are converted to machine instructions by the assembly process. The specific assembly language and the specific machine language instruction set are in one-to-one correspondence, and different platforms cannot be directly transplanted.
8) The relocatable file, in the compiling process from the C file to the executable file, the file format before compiling is an assembly file (a file composed of assembly code), and the compiled file is the relocatable file. The assembly file is a simple text file and the relocatable file is a binary file in the form of an ELF.
9) Chaos engineering: chaotic engineering is a complex technical means for improving the robustness of a technical architecture, and by actively manufacturing faults and testing the behavior of a system under various pressures, the fault problem is identified and repaired, so that serious consequences are avoided.
10 Several techniques related to embodiments of the present application
The chaosmesh comprises the basic steps of invading a target process name space through setns, mounting an original file system to other paths through mount-move, mounting ChaosFS on the original path, invading all processes applied for fd in the file system through Ptrace by taking the new path of the original file system as a storage back section, dynamically replacing inter-process transfer file descriptors fd of all existing processes by using dup2, and returning the execution rights of all processes. The basic principle of the scheme is to introduce a fuse file system, mount the mount point mount-move of the container, and then replace the fd existing in the container, and the experimental range of the method is a file system. The scheme belongs to an IO fault injection scheme with file system granularity, and has larger granularity.
SysTemTap, a diagnostic tool for Linux kernel, calls the systimap. Function. Udelay, which inserts a busy latency in the probe handler, requiring guru modes. This scheme may be based on core delay injection of busy, etc., may result in increased CPU load, introducing debuginfo dependencies and extreme cases may tamper with the core.
3. The extended berkeley packet filter (Extended Berkeley PACKET FILTER, EBPF), eBPF bytecode has hard restrictions on loading into the kernel, up to one million eBPF bytecodes, and we can perform analog delays such as null instruction busy. The current eBPF byte codes supporting loading are limited to one million at most, and any IO delay injection cannot be achieved.
4. Based on the hook scheme of dlsym family functions, dummy symbols are loaded with symbol loading priority at program start, and the dummy symbols are injected with delay and call the actual system call. The scheme can not be dynamically mounted and dismounted, and can only be mounted when the program is started.
The application provides an injection method, an injection device, electronic equipment, a computer readable storage medium and a computer program product for IO delay faults, and aims to solve the technical problems in the prior art. Specifically, the embodiment of the application will be described from the perspective of an injection device of an IO delay fault, where the injection device of the IO delay fault may be integrated in a computer device, and the computer device may be a server or a terminal. The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs, basic cloud computing services such as big data and artificial intelligence platforms. The terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, a vehicle-mounted terminal, a smart voice interaction device, an aircraft, etc. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the present application is not limited herein.
The technical solutions of the embodiments of the present application and technical effects produced by the technical solutions of the present application are described below by describing several exemplary embodiments. It should be noted that the following embodiments may be referred to, or combined with each other, and the description will not be repeated for the same terms, similar features, similar implementation steps, and the like in different embodiments.
Fig. 1 is a schematic diagram of a system architecture of an injection method for implementing an IO delay fault according to an embodiment of the present application, which may include, but is not limited to, a server 110 and a terminal 120, where interaction between the server 110 and the terminal 120 may be performed through a network. The terminal 120 creates a target source code, where the target source code is used to execute a preset instruction, where the preset instruction includes a system call for executing a target process after a preset time delay when the preset request is obtained, adds a target function related to the preset instruction to a virtual address control of the target process in the server 110 by obtaining a returnable file of the target source code, and determines a virtual address of a target table entry (i.e., a table entry related to IO) in a target GOT table of the target process from the server 110, and modifies the virtual address to an offset address. Subsequently, when the terminal 120 invokes the target process, since the address of the entry related to the IO in the GOT table of the target process is the offset address of the target function, the running target function realizes the system invocation of executing the target process after the preset delay.
It will be appreciated that the above is only an example, and the present embodiment is not limited thereto.
The terminal 120 may be a smart phone (such as an Android phone, an iOS phone, etc.), a phone simulator, a tablet computer, a notebook computer, a digital broadcast receiver, a MID (Mobile INTERNET DEVICES, mobile internet device), a PDA (personal digital assistant), a desktop computer, a vehicle-mounted terminal (such as a vehicle-mounted navigation terminal), a smart speaker, a smart watch, etc. The server 110 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server or a server cluster for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs (Content Delivery Network, content delivery networks), basic cloud computing services such as big data and artificial intelligence platforms, and the like.
The network may include, but is not limited to: a wired network, a wireless network, wherein the wired network comprises: local area networks, metropolitan area networks, and wide area networks, the wireless network comprising: bluetooth, wi-Fi, and other networks implementing wireless communications. And in particular, the method can be determined based on actual application scene requirements, and is not limited herein.
Fig. 2 is a schematic flow chart of the inventive concept of the embodiment of the present application, using the premise that a process needs to use a GOT table to jump when calling an external function, by creating a target source code, where the target source code is used to execute an actual system call based on a preset delay without accessing a GOT entry, to replace a target entry related to a target process IO, so that a request for accessing the GOT entry is made, instead, we custom logic is accessed, the target source code is compiled into a returnable file, a code segment of the target function going from a symbol table of the returnable file is copied to a virtual address space of the target process, and can be deleted quickly after testing is completed, without side effects on the system, an offset address of the code segment in the virtual address space is recorded, and in the GOT table of the target process, the virtual address of the target entry is replaced with an offset address of the code segment in the virtual address space, so as to implement injection of an IO delay fault. When the target process is executed later and the target table item related to IO in the GOT accessing the target process is obtained, the virtual function is executed and the system call of the target process is executed after the preset delay because the virtual address of the target table item in the GOT table is replaced with the offset address of the dummy function in the target process, so that the expected IO delay is realized.
The embodiment of the application provides an injection method of IO delay faults, as shown in fig. 3, comprising the following steps S101 to S104, wherein the method comprises the following steps:
S101, creating a target source code, wherein the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing a target process after a preset time delay when a preset request is obtained, the preset request is used for requesting to access a target table entry related to IO in a target global offset GOT table, and the target GOT table is a GOT table of the target process.
The embodiment of the application needs to create the target source code aiming at the target process, and it can be understood that the target process is the process needing IO delay fault injection. The embodiment of the application can be applied to hybrid engineering and is suitable for any process running on a single node during chaos test. Namely, the IO delay injection realized by the embodiment of the application is at a process level, and compared with the related art, the granularity is smaller.
The target source code is used for adjusting the running logic of the target process, and is specifically used for executing a preset instruction, wherein the preset instruction can execute an actual system call under the condition of not accessing the GOT table item, and is used for replacing the GOT table item of the target process, so that the request for accessing the GOT table item is made, and the custom logic (because we still want to continuously access the original system call after the injection delay fault) of the embodiment of the application is accessed, and the custom logic is used for executing the system call of the target process after a preset delay, and the duration of the preset delay is customized by a tester. It should be understood that, in the embodiment of the present application, the preset request is used to request to access the target entry related to the IO in the target GOT table of the target process.
S102, obtaining a relocatable file of the target source code, wherein the relocatable file comprises target functions related to preset instructions.
After the target source code is obtained, the embodiment of the application obtains the compiling file which is compiled into human readable by a compiler, and then the compiling file is compiled into the machine readable relocatable file which is in ELF format. The relocatable file includes symbol tables (symbol tables) containing symbol information in the program, which symbols represent perhaps definitions (e.g., variable names used when defining global variables or function names used when defining functions), and perhaps references (e.g., symbol names used when using keywords declaration variables or functions). When representative is a definition, the linker needs to be relocated for them in the linking phase; when reference is made, the linker needs to be positioned to the definition of the symbol at the other compilation module at the link stage. The symbol table is simply a collective term for all symbol information, i.e., the symbol table is an array of all symbol information together, so a symbol table index (symbol table index) corresponds to one (symbol table) entry in the array. The embodiment of the application can determine the symbol information of the objective function related to the preset instruction from the symbol table in the repositioning file.
Referring to FIG. 4, a diagram of a relocatable file is illustratively shown, illustrating symbolic information for various object functions in the relocatable file, such as assembly call write, assembly call read, etc., in accordance with an embodiment of the present application. The assembly calls the write/read function with a header file of #include < unistd.h >
ssize_t read(int fd,void*buf,size_t count)
Fd: file descriptor
Buf: buffer for storing data
Count: buffer size
Return value:
Success: number of bytes read
Failure: -1, set errno
0: Indicating reading to the end of the file
ssize_t write(int fd,const void*buf,size_t count)
Fd: file descriptor
Buf: buffer for data to be written
Count: size of data to be actually written
Return value:
Success: number of bytes actually written
Failure: -1, set errno
When there is a file descriptor connected to an open file descriptor, a read () system call can be used to read bytes from the file as long as the file is open with the o_ RDONLY or o_ RDWD flags.
ssize_t read(int fd,void*buf,size_t count);
Fd, to read file descriptor; buf, a pointer pointing to a memory block, into which bytes read from the file are placed; count, the number of bytes read from the file into buf.
Return value: if the error occurs, returning to-1; reading the file, and returning to 0; otherwise, the number of bytes copied from the file into the prescribed buffer is returned.
ssize_t write(int fd,const void*buf,size_t count);
Fd: a descriptor of the file is to be written. buf is a pointer to a memory block. count number of bytes to be written to File
Return value: if an error occurs, returning to-1; if the write is successful, the number of bytes written to the file is returned.
S103, obtaining the execution authority of the target process, adding the target function to a virtual address space of the target process, and determining the offset address of the target function in the virtual address space;
The method and the device for obtaining the execution permission of the target process mean that the execution permission of all threads in the target process is obtained, and the processing logic of the target process can be modified only after the execution permission of the target process is obtained. The offset address is the offset of an address in a segment relative to the segment head address (segment address) after the memory segment in the computer. By obtaining the offset address of the objective function in the virtual address space of the objective process, a foundation is laid for the subsequent replacement of the virtual address of the objective table entry in the GOT table.
S104, determining the virtual address of the target table item in the target GOT table, modifying the virtual address into an offset address in the target GOT table, and returning the execution authority of the target process.
The virtual address of each table item is recorded in the target GOT table, the table item related to IO, namely the virtual address of the target table item, is required to be determined from the target GOT table, after the virtual address of the target table item is determined, the virtual address of the target table item is changed into the offset address of the target function in the virtual address space of the target process in the GOT table, and when the target process is operated, and then when the target table item in the target GOT table of the access target process is obtained, the virtual address of the target table item in the GOT table is modified into the offset address of the target function, so that the target function executing the offset address executes the system call of the target thread after the preset time delay, thereby realizing IO delay fault.
According to the IO delay fault injection method, when the target source code is created and the target table item related to IO in the GOT table of the access target process is obtained, system call of the target process is executed after the preset time delay, IO delay injection of a process level is achieved, in order to directly call the system call, the target function related to the preset instruction is obtained from the returnable file by compiling the source code into the returnable file, the characteristic of the system call can be directly called by compiling the returnable file, access to the GOT table is bypassed, the virtual address space of the target process is added to the target function, the offset address of the target function in the virtual address control is determined, the virtual address of the target table item in the target GOT table is further modified to the offset address of the target function in the virtual address, and subsequently when the target process is operated, when the target table item in the target GOT table of the access target process is obtained, the virtual address of the target table item in the target GOT table is modified to the offset address of the target function, the target function is executed, and therefore the IO delay fault level of the system call after the preset target process is executed is achieved.
On the basis of the above embodiments, as an alternative embodiment, in order to adapt the solution to different running environments (such as Windows, linux, etc.), the object source code of the embodiment of the present application includes a plurality of sub-source codes, where the different sub-source codes are used to execute preset instructions in different running environments, and the different sub-source codes are differentiated based on macros (Macro).
It should be noted that macros are a name of batch processing. A macro is an Abstraction that replaces a certain text pattern according to a series of predefined rules. The interpreter or compiler will automatically make this mode replacement when a macro is encountered. According to the embodiment of the application, different sub-source codes are stored in different macro objects, and when the node of a certain running environment on the chaotic engineering carries out IO time delay fault injection, the sub-source code corresponding to the current running environment in the target source code can be run.
On the basis of the above embodiments, as an optional embodiment, obtaining the execution authority of the target process to be subjected to the IO delay fault injection includes:
S201, obtaining thread identifications of threads of a target process;
s202, requesting to acquire the execution authority of each thread through a first preset system call, and if the acquisition of the execution authority is successful, continuing to request to acquire the execution authority of the next thread;
and S203, determining to obtain the execution authority of the target process according to the success of obtaining the execution authority of all threads.
Specifically, in the embodiment of the application, all threads of the target process can be obtained through the/proc/PID/task directory, and a file named status exists in each/proc/PID directory, and table 1 shows file section selection under the/proc/PID directory:
table 1/proc/File selection Table under PID directory
For each thread of process instructions, the kernel provides a subdirectory named per proc/PID/task/TID, where the thread ID of the thread at TID. Each of the/proc/PID/task/TID subdirectories has a set of files and directories similar to the contents of the/proc/PID directory. Because threads share multiple attributes, many of the heap processes in these files are identical for each thread.
After obtaining the thread identification of each thread, the embodiment of the application tries to obtain the execution right of each thread by calling Ptrace a system call. The ptrace system call provides the ability for a parent process to observe and control its child process execution and allows the parent process to check and replace the value of the kernel image (including registers) of the child process. The basic principle is that after using the ptrace call, all signals (except SIGKILL) sent to the observed child process are forwarded to the parent process, the child process is blocked, and the state of the child process is marked as task_ TRACED by the system. After the parent process receives the signal, it can check and modify the stopped child process, and then let the child process continue to run. The embodiment of the application obtains the execution authority based on Ptrace system call, can realize dynamic mounting and unloading of IO delay faults, and can realize multi-line Cheng Zhuru IO delay faults.
Because Ptrace temporary failures are caused by other reasons such as signals and Trace, the embodiment of the application sets a retry mechanism, when the execution authority of one thread is failed, the failure times of the thread are determined, if the failure times do not reach a preset threshold, the execution authority of the thread is requested to be acquired again, and if the failure times reach the preset threshold, the execution authority of the target thread is regarded as failed, and the subsequent flow is not executed.
On the basis of the above embodiments, as an alternative embodiment, adding the objective function to the virtual address space of the target process includes:
executing a second preset system call in the target process, and expanding the virtual address space of the target process to obtain a newly expanded space in the virtual address space;
an objective function is added to the newly expanded space.
Referring to fig. 5, a schematic diagram of a virtual address space of a target process after injection of a second preset system call according to an embodiment of the present application is shown, where the virtual address space of the target process includes an original space before execution of the second preset system call and a newly expanded space after injection of the second preset system call. According to the embodiment of the application, the space size expanded through the second preset system call is the preset size.
The second preset system of the embodiment of the application can be mmap system call, which is used for applying corresponding user space to the kernel, the kernel can judge whether to apply new VMA to manage the newly applied user space according to the system running state, and the mmap system call function interface is as follows:
#include<sys/mman.h>
void*mmap(void*addr,size_t length,int prot,int flags,int fd,off_toffset)
The parameters involved in the above function interfaces include:
Addr: designating the virtual address where the map is placed, if addr is designated as NULL, the kernel assigns an appropriate address to the map. If addr is a non-NULL value, the kernel may treat the parameter value as a hint when selecting the address map. Regardless of the manner, the kernel selects an address that does not conflict with any existing mappings. During processing, the kernel rounds the specified address to the nearest page boundary;
Length: the parameter specifies the number of bytes mapped. Although length need not be a multiple of the system page size, the kernel will create a map in page size units, so length will actually be lifted up to the next multiple of page size;
Prot: a parameter mask for specifying protection information on the map;
flags: for specifying the mapping type.
On the basis of the foregoing embodiments, as an optional embodiment, executing a second preset system call in the target process, and expanding the virtual address space of the target process includes:
S301, obtaining information stored in each register of a target process before the target process is acquired of an execution authority;
S302, writing a system call number of a second preset system call into a Rax register of a target process;
S303, writing a memory address of a calling instruction for calling a second preset system call into an instruction pointer register of the target process;
s304, executing a calling instruction in an instruction pointer register in a target process to obtain a return value in a Rax register, wherein the return value is a newly expanded space;
s305, backfilling the information into each register of the target process.
The embodiment of the application can acquire all register information of the target process before the execution right is acquired through calling PTRACEGETREGS, acquire the information of the register of the observed process by Ptrace, and acquire the type of request by PTRACEGETREGS. Because Ptrace is a call at the system level, the state of the current process is at the kernel state level, the value of the register of the CPU at this time is the value in the kernel state (single CPU), if the value of the register of the process to be observed is required to be fetched through the structure of task_struct, when the process system calls or interrupts the clock, the system will push all the registers in the user state into the stack (task_struct) to save, and after the processing is completed, the value of the register is restored. Under the x86 architecture, the value of the register can be fetched by static unsigned long getreg (struct task_struct task, unsigned long offset) method.
Each system call has a unique system call number, and the Rax register can be used as a function return value, so that a foundation is laid for subsequent call of a second preset system call by writing the system call of the second preset system call into the Rax register of the target process.
An instruction pointer register (Instruction Pointer, IP) for controlling the order of execution of instructions in a program. In normal operation, the IP contains the offset address of the next instruction (byte) to be fetched by the bus interface component (Bus Interface Unit), the internal of the IP is placed with a memory address, the memory address points to another instruction from one instruction, when the computer works, the CPU obtains the relevant memory address of the instruction from the IP, then reads the instruction according to a correct mode, places the instruction in the original instruction register, and after the work is finished, the IP performs an adding operation, namely the work points to the next operation, and the effect of the pointer of the CPU is finished.
The embodiment of the application is described as a PTRACE (PTRACE_KILL, PID,0, sign) in the form of a PTRACESINGLESTEP by PTRACESINGLESTEP calling instructions in a target process single-step execution IP; setting a single step execution flag, single step executing an instruction. The PID represents the sub-process being observed. If signal is 0, the signal causing the suspension of the debugging process is ignored, and if signal is not 0, the signal processing is continued. When the observed process steps through an instruction, the observed process is suspended and the parent process is notified.
The return value in the Rax register, namely the newly expanded space in the virtual address control of the target process, can be obtained by executing the call instruction in the IP, and after the return value is obtained, the information stored in each register of the target process before the execution permission is obtained can be backfilled, so that the on-site information is restored.
On the basis of the foregoing embodiments, as an alternative embodiment, determining the virtual address of the target entry in the target GOT table includes:
s401, obtaining segment offset addresses of all table items in a target GOT table;
s402, when the closed position irrelevant executable file PIE is determined, determining the segment offset address of the target table item from the segment offset addresses of all the table items, and taking the segment offset address as the virtual address of the target table item;
S403, when the PIE is determined to be started, a segment base address is obtained, a segment offset address of the target table entry is determined from the segment offset addresses of the table entries, and a virtual address of the target table entry is obtained according to the segment base address and the segment offset address.
The embodiment of the application can obtain the segment offset address of each table item in the target GOT table by calling the obj dump. The obj dump command is a gcc tool for viewing the composition of a target file or executable target file. Objdump has a "- -dynamic-reloc" function option for displaying a dynamic relocation entry of a target file, and in the embodiment of the application, the segment offset address of each item in the target GOT table is obtained by using the target GOT table as the target file and through "- -dynamic-reloc".
The embodiment of the application can be implemented in two cases of closing PIE and opening PIE when the PIE is obtained, when the PIE is closed, the base address of the ELF in the memory is fixed, so that the segment base address is not required to be obtained, the segment offset address can be directly used as the virtual address of the target table entry after the segment offset address of the target table entry is obtained from each table entry, when the PIE is opened, the segment base address is obtained first, the embodiment of the application can obtain the segment base address in/proc/PID/maps, and/proc// PID/maps is a virtual memory mapping file when the process runs, each process has a file directory named as/PID (process number) under/proc/directory, the process itself can also collect related information of memory mapping by looking up/proc/sel/maps, and the first column of the file content of maps is the virtual memory address (Virtual Memory Area, VMA) where the process is located.
Referring to fig. 6, a schematic diagram of a virtual address space change of a target process according to an embodiment of the present application is shown, where before obtaining an execution authority of the target process, the size of the virtual address space of the target process is the size of an original space, after obtaining the execution authority of the target process, a second preset system call is executed in the target process to expand the virtual address space of the target process, so that a new expanded space is added in the virtual address space of the target process based on the original space, and further, an objective function is added to the new expanded space, so that the virtual address space of the target process includes an objective function related to executing a preset instruction, such as assembly call write, assembly call read, etc., so that when the target table entry in the target GOT table is subsequently called, a jump is made to call the objective function in the target process, thereby realizing an IO delay fault.
Referring to fig. 7, a flow chart of an injection method of an IO delay fault according to another embodiment of the present application is shown, including:
S501, creating a target source code, wherein the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing a target process after a preset time delay when a preset request is obtained, the preset request is used for requesting to access a target table entry related to IO in a target global offset GOT table, and the target GOT table is a GOT table of the target process;
s502, obtaining a relocatable file of the target source code, wherein the relocatable file comprises a target function related to a preset instruction;
S503, obtaining thread identifications of each thread of a target process through a/proc/pid/task directory;
S504, for each thread, requesting to acquire the execution authority of the thread through Ptrace system call, and if the acquisition of the execution authority is successful, continuing to request to acquire the execution authority of the next thread;
S505, determining to obtain the execution authority of the target process according to the success of obtaining the execution authority of all threads;
S506, executing Mmap system call in the target process, expanding the virtual address space of the target process, and obtaining a newly expanded space in the virtual address space;
s507, adding the objective function into the newly expanded space;
s508, obtaining the segment offset address of each item in the target GOT table through the obj dump-dynamic-reloc;
S509, when the closed position irrelevant executable file PIE is determined, determining the segment offset address of the target table item from the segment offset addresses of the table items, and taking the segment offset address as the virtual address of the target table item;
S509', when the PIE is determined to be started, a segment base address is obtained, a segment offset address of a target table item is determined from the segment offset addresses of all table items, and a virtual address of the target table item is obtained according to the segment base address and the segment offset address;
S510, modifying the virtual address into an offset address in the target GOT table, and returning the execution authority of the target process.
Referring to fig. 8, an embodiment of a scenario of an injection method of an IO delay fault according to an embodiment of the present application is shown schematically, where the scenario includes an X-stor system for storing a table, a fault injection terminal, and a verification platform, and the X-stor system is an elastic storage system supporting a hybrid cloud environment, supporting autonomous management, and multiple targets. The X-stor system of the embodiment of the application adopts distributed storage, namely the system comprises a plurality of distributed storage nodes, and each storage node can store a table. The embodiment of the application tests the X-stor system through chaotic engineering so as to ensure that the system can bear other interrupts. The fault injection terminal tests by selecting a target process of a target node, and generates a target source code aiming at the target process, wherein the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing the target process after a preset time delay when a preset request (namely, a request for accessing a target table item related to IO in a GOT table) is obtained, and the preset time delay is autonomously configured by a tester, namely, the application can realize IO time delay fault injection with any time length. Compiling the target source code into assembly code, compiling the assembly code to obtain a returnable file, determining the offset address of the target function in the returnable file, and laying a foundation for storing the target function in a virtual address space of the target process subsequently.
According to the embodiment of the application, fault injection is not needed when the process is not running, dynamic mounting and unloading are realized, whether the target process is running or not is required, the running authority of the target process is required to be obtained, then the virtual address space of the target process is expanded, then the target function is stored into the newly expanded space of the virtual address space, the virtual address of the target table entry in the target GOT table is determined, the virtual address is modified into the offset address of the target function in the virtual address space of the target process in the target GOT table, and then the execution authority of the target process is returned.
When the test platform initiates IO test on a target process in a target node and invokes a target table item related to IO in a target GOT table of the target process, the original virtual address is replaced by an offset address of a target function, so that the target function is executed, and the target function is used for starting system call after preset time delay, so that IO time delay is realized. The test platform can evaluate the target process according to the effect of the time delay.
The embodiment of the application provides an injection device for IO delay faults, as shown in fig. 9, the injection device for IO delay faults can comprise: a source code creation module 101, a relocation compilation module 102, a function implantation module 103, and an address replacement module 104, wherein,
The source code creating module 101 is configured to create a target source code, where the target source code is configured to execute a preset instruction, where the preset instruction includes a system call for executing a target process after a preset delay when a preset request is obtained, where the preset request is used to request access to a target table entry related to an IO in a target global offset GOT table, and the target GOT table is a GOT table of the target process;
a relocation compiling module 102, configured to obtain a relocatable file of the target source code, where the relocating file includes a target function related to a preset instruction;
the function implantation module 103 is configured to obtain an execution authority of the target process, add the target function to a virtual address space of the target process, and determine an offset address of the target function in the virtual address space;
the address replacement module 104 is configured to determine a virtual address of a target entry in the target GOT table, modify the virtual address into an offset address in the target GOT table, and return the execution authority of the target process.
On the basis of the above embodiments, as an alternative embodiment, the object source code includes a plurality of sub source codes, different sub source codes are used for executing preset instructions in different running environments, and different sub source codes are distinguished based on macros.
On the basis of the above embodiments, as an alternative embodiment, the function implantation module includes:
the thread identification obtaining module is used for obtaining the thread identification of each thread of the target process;
The thread permission obtaining module is used for requesting to obtain the execution permission of the thread through a first preset system call for each thread, and if the execution permission is successfully obtained, continuing to request to obtain the execution permission of the next thread;
And the process permission determining module is used for determining the execution permission of the obtained target process according to the success of obtaining the execution permission of all threads.
On the basis of the above embodiments, as an alternative embodiment, the function implantation module includes:
The control expansion module is used for executing a second preset system call in the target process, expanding the virtual address space of the target process and obtaining a newly expanded space in the virtual address space;
and the function adding module is used for adding the target function to the newly expanded space.
On the basis of the above embodiments, as an optional embodiment, the control expansion module includes:
the information acquisition module is used for acquiring information stored in each register of the target process before the execution permission of the target process is acquired;
The calling number writing module is used for writing a system calling number of the second preset system call into a Rax register of the target process;
the address writing module is used for writing the memory address of the calling instruction for calling the second preset system call into the instruction pointer register of the target process;
The return value obtaining module is used for executing the calling instruction in the instruction pointer register in the target process to obtain a return value in the Rax register, wherein the return value is a newly expanded space;
and the backfilling module is used for backfilling the information into each register of the target process.
On the basis of the above embodiments, as an alternative embodiment, the address replacement module includes:
The segment offset address obtaining module is used for obtaining segment offset addresses of all table items in the target GOT table;
The first address obtaining module is used for determining the segment offset address of the target table item from the segment offset addresses of all the table items when the closed position irrelevant executable file PIE is determined, and taking the segment offset address as the virtual address of the target table item;
and the second address obtaining module is used for obtaining the segment base address when the PIE is determined to be started, determining the segment offset address of the target table item from the segment offset addresses of the table items, and obtaining the virtual address of the target table item according to the segment base address and the segment offset address.
The device of the embodiment of the present application may perform the method provided by the embodiment of the present application, and its implementation principle is similar, and actions performed by each module in the device of the embodiment of the present application correspond to steps in the method of the embodiment of the present application, and detailed functional descriptions of each module of the device may be referred to the descriptions in the corresponding methods shown in the foregoing, which are not repeated herein.
The embodiment of the application provides electronic equipment, which comprises a memory, a processor and a computer program stored on the memory, wherein the processor executes the computer program to realize the steps of the injection method of IO delay faults, and compared with the related technology, the steps of the injection method of IO delay faults can be realized: by creating a target source code, the target source code can execute system call of a target process after a preset delay is performed when a target table item related to IO in a GOT table accessing the target process is obtained, IO delay injection of a process level is realized, in order to directly call the system call, the target function related to a preset instruction is obtained from the returnable file by compiling the source code into the returnable file, the returnable file is utilized to compile the assembly code, the characteristic of the system call can be directly called, access to the GOT table is bypassed, the virtual address space of the target process is added by adding the target function, the offset address of the target function in the virtual address is determined, the virtual address of the target table item in the target GOT table is further modified into the offset address of the target function in the virtual address control, and when the target table item in the target GOT table accessing the target process is obtained, the virtual address of the target table item in the target GOT table is modified into the offset address of the target function, and therefore, the system call of the target thread executing the offset address can be performed after the preset delay, and the IO delay level of the system call of the target process is realized.
In an alternative embodiment, there is provided an electronic device, as shown in fig. 10, the electronic device 4000 shown in fig. 10 includes: a processor 4001 and a memory 4003. Wherein the processor 4001 is coupled to the memory 4003, such as via a bus 4002. Optionally, the electronic device 4000 may further comprise a transceiver 4004, the transceiver 4004 may be used for data interaction between the electronic device and other electronic devices, such as transmission of data and/or reception of data, etc. It should be noted that, in practical applications, the transceiver 4004 is not limited to one, and the structure of the electronic device 4000 is not limited to the embodiment of the present application.
The Processor 4001 may be a CPU (Central Processing Unit ), general purpose Processor, DSP (DIGITAL SIGNAL Processor, data signal Processor), ASIC (Application SPECIFIC INTEGRATED Circuit), FPGA (Field Programmable GATE ARRAY ) or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules and circuits described in connection with this disclosure. The processor 4001 may also be a combination that implements computing functionality, e.g., comprising one or more microprocessor combinations, a combination of a DSP and a microprocessor, etc.
Bus 4002 may include a path to transfer information between the aforementioned components. Bus 4002 may be a PCI (PERIPHERAL COMPONENT INTERCONNECT, peripheral component interconnect standard) bus or an EISA (Extended Industry Standard Architecture ) bus, or the like. The bus 4002 can be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in fig. 10, but not only one bus or one type of bus.
Memory 4003 may be, but is not limited to, ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, RAM (Random Access Memory ) or other type of dynamic storage device that can store information and instructions, EEPROM (ELECTRICALLY ERASABLE PROGRAMMABLE READ ONLY MEMORY ), CD-ROM (Compact Disc Read Only Memory, compact disc Read Only Memory) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media, other magnetic storage devices, or any other medium that can be used to carry or store a computer program and that can be Read by a computer.
The memory 4003 is used for storing a computer program for executing an embodiment of the present application, and is controlled to be executed by the processor 4001. The processor 4001 is configured to execute a computer program stored in the memory 4003 to realize the steps shown in the foregoing method embodiment.
Embodiments of the present application provide a computer readable storage medium having a computer program stored thereon, which when executed by a processor, implements the steps of the foregoing method embodiments and corresponding content.
The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program can realize the steps and corresponding contents of the embodiment of the method when being executed by a processor.
The terms "first," "second," "third," "fourth," "1," "2," and the like in the description and in the claims and in the above figures, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate, such that the embodiments of the application described herein may be implemented in other sequences than those illustrated or otherwise described.
It should be understood that, although various operation steps are indicated by arrows in the flowcharts of the embodiments of the present application, the order in which these steps are implemented is not limited to the order indicated by the arrows. In some implementations of embodiments of the application, the implementation steps in the flowcharts may be performed in other orders as desired, unless explicitly stated herein. Furthermore, some or all of the steps in the flowcharts may include multiple sub-steps or multiple stages based on the actual implementation scenario. Some or all of these sub-steps or phases may be performed at the same time, or each of these sub-steps or phases may be performed at different times, respectively. In the case of different execution time, the execution sequence of the sub-steps or stages can be flexibly configured according to the requirement, which is not limited by the embodiment of the present application.
The foregoing is only an optional implementation manner of some implementation scenarios of the present application, and it should be noted that, for those skilled in the art, other similar implementation manners based on the technical ideas of the present application are adopted without departing from the technical ideas of the scheme of the present application, which also belongs to the protection scope of the embodiments of the present application.
Claims (10)
1. An injection method of an input/output (IO) delay fault is characterized by comprising the following steps:
Creating a target source code, wherein the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing a target process after a preset time delay when a preset request is obtained, the preset request is used for requesting to access a target table entry related to IO in a target global offset GOT table, and the target GOT table is a GOT table of the target process;
Obtaining a relocatable file of the target source code, wherein the relocatable file comprises a target function related to the preset instruction;
Obtaining the execution authority of the target process, adding the target function to a virtual address space of the target process, and determining an offset address of the target function in the virtual address space;
And determining a virtual address of the target table item in the target GOT table, modifying the virtual address into the offset address in the target GOT table, and returning the execution authority of the target process.
2. The method of claim 1, wherein the object source code comprises a plurality of sub-source codes, different sub-source codes being used to execute the preset instructions under different operating environments, different sub-source codes being distinguished based on macros.
3. The method of claim 1, wherein the obtaining the execution rights of the target process comprises:
Obtaining thread identifications of threads of the target process;
For each thread, requesting to acquire the execution authority of the thread through a first preset system call, and if the acquisition of the execution authority is successful, continuing requesting to acquire the execution authority of the next thread;
And determining to obtain the execution authority of the target process when the execution authorities of all threads are successfully obtained.
4. The method of claim 1, wherein the adding the objective function to the virtual address space of the target process comprises:
executing a second preset system call in a target process, and expanding a virtual address space of the target process to obtain a newly expanded space in the virtual address space;
The objective function is added to the newly expanded space.
5. The method of claim 4, wherein executing a second preset system call within the target process expands a virtual address space of the target process, comprising:
acquiring information stored in each register of the target process before the target process is acquired of the execution permission;
Writing the system call number of the second preset system call into a Rax register of the target process;
writing a memory address of a calling instruction for calling the second preset system call into an instruction pointer register of the target process;
Executing a calling instruction in the instruction pointer register in a target process to obtain a return value in a Rax register, wherein the return value is the newly expanded space;
backfilling the information into each register of the target process.
6. The method of claim 1, wherein the determining the virtual address of the target entry in the target GOT table comprises:
Obtaining segment offset addresses of all table items in the target GOT table;
when the closed position irrelevant executable file PIE is determined, determining the segment offset address of the target table item from the segment offset addresses of all the table items, and taking the segment offset address as the virtual address of the target table item;
When the PIE is determined to be started, a segment base address is obtained, a segment offset address of the target table item is determined from the segment offset addresses of the table items, and a virtual address of the target table item is obtained according to the segment base address and the segment offset address.
7. An injection device for an IO delay fault, comprising:
The source code creating module is used for creating a target source code, the target source code is used for executing a preset instruction, the preset instruction comprises a system call for executing a target process after a preset time delay when a preset request is obtained, the preset request is used for requesting to access a target table entry related to IO in a target global offset GOT table, and the target GOT table is a GOT table of the target process;
The relocation compiling module is used for obtaining a relocatable file of the target source code, and the relocating file comprises a target function related to the preset instruction;
the function implantation module is used for obtaining the execution authority of the target process, adding the target function into a virtual address space of the target process, and determining an offset address of the target function in the virtual address space;
And the address replacement module is used for determining the virtual address of the target table item in the target GOT table, modifying the virtual address into the offset address in the target GOT table, and returning the execution authority of the target process.
8. An electronic device comprising a memory, a processor and a computer program stored on the memory, characterized in that the processor executes the computer program to carry out the steps of the method of injection of IO delay faults according to any of claims 1-6.
9. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program, when executed by a processor, implements the steps of the method of injection of IO delay faults according to any of claims 1-6.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method of injection of IO delay faults according to any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211436130.0A CN118051421A (en) | 2022-11-16 | 2022-11-16 | Injection method and device for IO time delay fault, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211436130.0A CN118051421A (en) | 2022-11-16 | 2022-11-16 | Injection method and device for IO time delay fault, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118051421A true CN118051421A (en) | 2024-05-17 |
Family
ID=91050650
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211436130.0A Pending CN118051421A (en) | 2022-11-16 | 2022-11-16 | Injection method and device for IO time delay fault, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118051421A (en) |
-
2022
- 2022-11-16 CN CN202211436130.0A patent/CN118051421A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6912583B2 (en) | Service processing method and equipment | |
| CN108027722B (en) | Dynamically updating applications in compilation and deployment | |
| JP5985631B2 (en) | Activate trust level | |
| US11556348B2 (en) | Bootstrapping profile-guided compilation and verification | |
| CN109032825B (en) | Fault injection method, device and equipment | |
| KR20140124774A (en) | Generating and caching software code | |
| CN101297280B (en) | Configuration of isolated extensions and device drivers | |
| CN102760068B (en) | Loading method of Active X plugin and device | |
| JP2017146966A (en) | Method and system for extending function to package file | |
| CN103177210A (en) | Method of implanting dynamic stain analysis module in Android | |
| RU2580016C1 (en) | Method for transfer of control between memory areas | |
| US10803166B1 (en) | Automated determination of application privileges | |
| CN108595214A (en) | Android user versions obtain the method and system of root privileges under SELinux compulsory modes | |
| US8959485B2 (en) | Security protection domain-based testing framework | |
| US8813258B2 (en) | Selectively exposing base class libraries based on application execution context | |
| Ki et al. | Reptor: Enabling api virtualization on android for platform openness | |
| CN109446754A (en) | The guard method of algorithm, device, equipment and storage medium in intelligent contract | |
| CN113296891B (en) | Platform-based multi-scene knowledge graph processing method and device | |
| CN103198244A (en) | Method for protecting dynamic linking library (DLL) | |
| CN112486863A (en) | Software virtual simulation method and device and electronic equipment | |
| CN113792299B (en) | Method for protecting Linux system based on ftrace technology | |
| CN106778270B (en) | Malicious application detection method and system | |
| CN118051421A (en) | Injection method and device for IO time delay fault, electronic equipment and storage medium | |
| CN115760391A (en) | Intelligent contract changing method and device in block chain, electronic equipment and storage medium | |
| CN114996955A (en) | Target range environment construction method and device for cloud-originated chaotic engineering experiment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |