CN103365774A - Transient error detection method based on function call relationship - Google Patents
Transient error detection method based on function call relationship Download PDFInfo
- Publication number
- CN103365774A CN103365774A CN2013101941737A CN201310194173A CN103365774A CN 103365774 A CN103365774 A CN 103365774A CN 2013101941737 A CN2013101941737 A CN 2013101941737A CN 201310194173 A CN201310194173 A CN 201310194173A CN 103365774 A CN103365774 A CN 103365774A
- Authority
- CN
- China
- Prior art keywords
- function
- node
- plug
- file
- detection method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The invention designs a transient error detection method based on a function call relationship. The transient error detection method is characterized in that a C language is compiled by a compiling technique to form an auxiliary file comprising the function call relationship, the auxiliary file analyzed to form a function call relationship graph, static instrumentation of a C language file is realized by an instrumentation tool, and finally the effectiveness of an instrumentation algorithm is verified by dynamic running. The transient error detection method mainly comprises the steps of compiling the C language with the compiling technique based on design of the instrumentation algorithm of the function call relationship to obtain the auxiliary analysis file comprising the function call relationship which comprises the function call relationship and the C language file where a function definition is located, designing the instrumentation tool, analyzing the auxiliary analysis file to obtain the function call relationship graph, performing instrumentation on the C language at an entry and an exit of a function respectively with the instrumentation algorithm based on the function call relationship, and dynamically running a program comprising an instrumentation signature algorithm to verify the effectiveness of the algorithm.
Description
Technical field:
The present invention relates to a kind of transient error detection method based on call relation between function, belong to the computer science and technology field.
Background technology:
Along with the development of China's Aerospace Technology, the use of artificial satellite is also more and more extensive, and increasing satellite application is in different field such as communication, resource detection, investigation, meteorology, navigation.But satellite also is subject to the requirement restriction of the aspects such as space environment, volume, weight, power consumption, the enhancing of the various systemic-functions of satellite relies on more more complicated microelectronic devices to a great extent, and this has also relatively increased the complexity of spaceborne computer integrated circuit.In space environment, the raising of integrated circuit (IC) design complexity has also correspondingly increased the transient error odds.This phenomenon is particularly evident for the impact of Satellite operating system, and Satellite operating system easily is subject to the impact of radiation phenomenon, causes system's operation to get muddled thereby transient error occurs, and finally brings great disaster.
Add up according to interrelated data, 39 geostationary satellites to external emission are analyzed discovery, the fault statistics that causes because of a variety of causes totally 1589 times, wherein the fault relevant with space radiation environment has 1129 times, account for 71% of fault sum, this shows, the fault of satellite and spacecraft is mainly derived from space radiation.In the fault that radiation causes, the fault that is caused by single particle effect SEE (Single Event Effect) has 621 times, accounts for 55% of radiation total failare.The spacecraft of China also has similar fault to occur in this respect.Since single particle effect was found, the expert was devoted to study the radiation proof method to transient errors such as anti-single particle overturns of some comparative maturities always both at home and abroad, and has obtained reasonable achievement.
Transient error is to be subject to the impact of space environment peripheral factor and the transience mistake that occurs, and these factors comprise electromagnetic interference (EMI), power fail and other high energy particle collisions etc.Single-particle inversion is exactly a kind of transient error, and the impact that is subject to this mistake may cause systemic-function disorderly, causes the state of program fleet, and catastrophic failure occurs when serious.What single-particle inversion the most easily occured is as this device that utilizes bistable state to store of RAM, secondly is CPU, secondly is other interface circuit again.Along with the increase of chip integration, the possibility that single-particle inversion occurs is also increasing, and therefore, the research of transient error has become the problem that can not ignore.
Operating system is introduced board computer system, can effectively application software be separated with the hardware system of complexity, operating system offers the Application developer with functions such as task scheduling, intertask communication, memory management, equipment controles in the mode of function call, and the Application developer is placed on energy in the exploitation of different application.The module that some are general or task can be inherited and use in different model, thereby the reusability that improves software shortens software development cycle, can the unified management hardware resource, improve resource utilization and system reliability.Error detection mechanism is applied in the operating system, and the mistake of capture systems generation helps further to improve Security of the system in time, avoids unnecessary loss.
Summary of the invention:
The technical problem to be solved in the present invention is: propose a kind of transient error detection method based on function calling relationship, make on the basis that does not change the computer hardware environment, can allow real time operating system carry out Runtime error checking, ensure the normal operation of operating system by the mistake of finding being analyzed the fault recovering mechanism of binding operation system self then.
The technical solution used in the present invention is: based on the transient error detection method of function calling relationship, it is characterized in that: propose a kind of transient error detection scheme based on function calling relationship, utilize technique of compiling that C linguistic source program is compiled, generate the assistant analysis file of inclusion function call relation, with the assistant analysis file as policy paper, the generating function call graph, then utilize the code instrumentation instrument to insert respectively signing messages in outlet and the porch of function, come at last the validity of dynamic authentication transient error detection method by the program of operation plug-in mounting signing messages.
Whole function call figure mainly divides following several part:
(1) based on the design of the signature algorithm of function calling relationship, this module is according to the call relation between the function, for each function node distributes a property value and a relation value, whether correct by the redirect between the relation on attributes determine procedures between the function node;
(2) assistant analysis file module, the task of this module is to utilize technique of compiling in the process that the C language file is compiled, call relation between can output function, record simultaneously the source file location at each function definition place, this module mainly instructs the plug-in mounting module to finish plug-in mounting work to the C language file;
(3) plug-in mounting module, this module is according to assistant analysis file generated funtcional relationship calling graph, find the particular location of function definition part place C language file, find porch and the exit of function, the plug-in mounting that utilizes simultaneously the plug-in mounting algorithm based on function calling relationship to carry out signing messages in porch and the exit of function is verified plug-in mounting algorithm complexity based on function calling relationship by the mode of dynamic operation.
Description of drawings:
Fig. 1 is the structure diagram that the inventive method is implemented;
Fig. 2 is the function model behind the plug-in mounting
Fig. 3 is the function calling relationship main algorithm
Fig. 4 is the assistant analysis file that source program generates
Fig. 5 is the main algorithm that the function outlet is searched
Fig. 6 is the structural drawing of plug-in mounting module
Fig. 7 is the main algorithm of assistant analysis Piece file mergence
Embodiment:
The present invention has designed the transient error detection method based on function calling relationship, the call relation of function in compilation phase generation C language file, utilize the code instrumentation instrument according to function call relationship graph to the function plug-in mounting of signing, by the validity of dynamic operation authentication error detection method, the one-piece construction of this detection method as shown in Figure 1 at last.
1, based on the signature algorithm of function calling relationship
Define 1 root node: the function node in the assistant analysis file is judged, is that zero function node is called root node with in-degree, and the in-degree of function is that zero this function that refers to is zero by the number of times of every other function call.
Define 2 leaf nodes: in the assistant analysis file, be zero with out-degree, and the function node definition of definition is arranged in source file is leaf node, out-degree is that zero implication is that the number of times that this function node calls other functions is zero.
Define 3 tail node: with out-degree be zero and the function node definition that in source program, do not define be tail node, such as some built-in functions, as printf, memcpy etc.
The present invention utilizes call relation between the function take each function node as the most basic unit, is that each non-tail function node distributes the unique signature attribute value Li with binary representation.This paper is the bit of each function node corresponding to a binary number, and for example, for j function node, corresponding binary number j position is 1, and all the other positions are 0, wherein j ∈ (1, n).The functional relationships set occurrence of an interim storage of variables Sin storage father node, the signature attribute value of a temporary variable Lin storage father node.Simultaneously, for root node and each ordinary node, all distribute a relation value Si, Si is used for the call relation between the record function, usually the value of Si is the result of logical OR computing of the attribute signature value of all the non-tail node that can directly call through this function node, the redirect that signature S carries out between function during with an overall situation operation is upgraded, and global signature L is moving
The node attribute values that the attitude storage is current.Entrance and exit place at the generic function node adds respectively the instruction rule:
Lin=L;L=Li;Sin=S;if(Li&Sin==0)error;S=Si; (1)
if(Li!=L)error;S=Sin;L=Lin; (2)
Rule (1) is added on the porch of function, be used for judging whether the function calling relationship that redirect is come occurs correctly, rule (2) is added on the exit of function, be used for judging whether the wrong redirect of function inside, simultaneously upgrade in time the global signature value, the initial value of global signature value S is the relation value S1 of root node.Because being program, root node carries out starting function, therefore, entrance at root node only need to carry out the global signature value assignment renewal operation, be S=S1, L=L1, in the exit of root node, carry out the differentiation of global signature value and relation value S1 relatively, i.e. if ((S unequal to S1) ﹠amp simultaneously; ﹠amp; (L unequal to L1)) error.
For leaf node, because the singularity of this category node, it does not call other function node, so leaf node does not have relations of distribution value Si, the entrance of leaf node checking instruction also can be reduced to:
Lin=L;L=Li;Sin=S;if(Li&Sin==0)error;S=0; (3)
If (Li unequal to L) error; S=Sin; L=Lin; (4) function model behind the plug-in mounting as shown in Figure 2.
2. assistant analysis file module
The GCC compiler is a compiler of increasing income, by analyzing the GCC abstract syntax tree, can understand the form of expression of function node in abstract syntax tree, the GCC intermediate code has three kinds of forms of expression, respectively Generic, gimple and register transfer languages progressively change the relevant form of expression of machine into by higher level lanquage is relevant, and the syntax tree structure are also through the whole intermediate code stages.GCC calling graph part syntax tree in the represented function information of TREE node convert node in the calling graph to, the while is carried out analytical work take function as unit, constructs calling graph.Calling graph is the digraph that is used for representing call relation between subroutine in the computer program, and wherein each node in the calling graph represents a function, and every limit (f, g) representation program f is to the call relation of program g.Calling graph among the GCC is a multiple digraph, compiler is to the analysis of function node, and comprise two important structures in the structure to limit in the calling graph, the structure of representative function node is struct cgraph_node in the calling graph, the structure on expression limit is struct cgraph_edge, and each structure has defined the pointer of a plurality of other structures of sensing.Utilize this structure just can determine easily calling node and being conditioned a little of this limit, simultaneously, also can find the limit of calling of other relevant with the calling graph node.
GCC is at the complete function of every analysis of syntactic analysis phase, GCC just can call a function f inish_function the most at last function be compiled into assembly language.In the calling graph single function node analysis complete after, also finished in the calling graph structure that calls the limit about this function node.For each function node node, the first function call limit that can utilize struct cgraph_node structure to find the node node to call, then obtain all call relations of beginning from some function nodes in the calling graph according to struct cgraph_edge, concrete lookup method as shown in Figure 3.Because GCC itself provides a lot of macro definition operations for the TREE node, for function node to be analyzed among each function call figure, can directly filename and line number in the source file of this function place be exported by the tree type node among the struct cgraph_node.Based on above-described two kinds of methods, can finally obtain including the assistant analysis file of function definition and function calling relationship, wherein the assistant analysis file comprises a function definition def file and a function calling relationship call file, in the def file mark definition information of each function, the file name that has wherein comprised the function definition place, and the initial line number of function definition place file, the call file is the file of record function calling relationship, the inside has comprised the call relation of every a pair of function, also have simultaneously the filename at call function place and the definite line number positional information that call function calls called function, have supplementary that source file generates as shown in Figure 4.
3. plug-in mounting module
The function of the main completion code plug-in mounting of plug-in mounting module.The fundamental purpose of this module is based on function calling relationship, module take function as base unit is carried out the code instrumentation of entrance and exit, by means of assistant analysis file def file, can low weight loose ground find the entry position of function, i.e. the line number that in source file, defines of function.For the exit position of function, still need the code instrumentation instrument to realize the scanning of function outlet, determine the end point position of function, this also is an important component part of code instrumentation algorithm, specifically describes shown in Figure 5.The processing of this module comprises two parts, and the structural drawing of plug-in mounting module as shown in Figure 6.At first be the assistant analysis file the processing stage, in some large projects, often exist a lot of system source files, in the process that the system source file is compiled, the front end compiler can be exported corresponding assistant analysis file to each source program, simultaneously, in the single function body, also exist the situation that a function repeatedly calls other functions, in this case, must process secondary file, a large amount of assistant analysis files is merged, eliminate simultaneously the call relation that repeats, merging phase at file, the merging process of assistant analysis file def file only need to be incorporated into the def file content of each dispersion in the single def file, merging for the call file, at first will be take each call function caller as benchmark, successively the called function callee of this function searched, if the callee function that finds does not have processed, and this is organized call relation add in the new call relation call file, if the callee function that finds is processed, skip so current processing, continue to seek the next one, as shown in Figure 7; Second portion mainly is that the assistant analysis file after processing is analyzed, and the constructed fuction call graph utilizes plug-in mounting algorithm described above that each function module is carried out plug-in mounting, thereby the assurance system can in time detect mistake when operation.
Claims (5)
1. based on the transient error detection method of function calling relationship, it is characterized in that: the program execution flow Problem-Error that causes for extraneous factor in the program process, utilize technique of compiling that the C language file is carried out compiling work, concern calling graph according to call relation and generating function between the supplementary determination module inner function of output, then utilize the plug-in mounting algorithm based on function calling relationship that source program is carried out static plug-in mounting, the dynamic operation by program judges whether wrong generation at last.
2. according to claim 1 based on modularity function call relation map generalization in the transient error detection method of function calling relationship, it is characterized in that: the feature of utilizing the compiler GCC that increases income, determine the call relation of function take function as unit, generating function concerns calling graph, records simultaneously the C language file at each function place.
According to claim 1 with 2 described based in the transient error detection method of function calling relationship based on the plug-in mounting algorithm of function calling relationship, it is characterized in that: for each function node distributes unique property value and a relation value with binary representation, property value represents the attribute information of current function node, and relation value represents the attribute of a relation of other function nodes that present node and it call.According to the call relation attribute of function and the nodal information of each function, insert respectively signing messages in porch and the exit of function.Whenever program is carried out new function entrance node, judge the legitimacy of this function call in the porch of current function by signing messages; Simultaneously, when function is carried out the function exit, whether correctly in this function body, carry out by the signing messages determining program.
4. according to claim 1 based on plug-in mounting process in the transient error detection method of function calling relationship, it is characterized in that: according to the call relation between the function, determine that (he is defined in the C language file root node, itself called other function, and do not called by other functions), (it is a function that is defined in certain C language file in the detected C language module to leaf node, it is called by other functions in the module to be detected, but itself also never calls other functions in any module to be detected), (it is by certain function call in the C language module for tail node, but function definition itself does not appear in the C language file) and ordinary node (the function node beyond the above-mentioned type), and utilize the plug-in mounting algorithm based on function calling relationship to carry out static plug-in mounting.
5. according to claim 1 based on the dynamically verifying information in the transient error detection method of function calling relationship, it is characterized in that: the C language file that plug-in mounting is good compiles, operation phase in program is injected the artificially execution flow process of reprogramming by mistake, thereby produce function redirect mistake, finally judge by the plug-in mounting signing messages in the claim 1, thereby can find timely and effectively mistake.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101941737A CN103365774A (en) | 2013-08-22 | 2013-08-22 | Transient error detection method based on function call relationship |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101941737A CN103365774A (en) | 2013-08-22 | 2013-08-22 | Transient error detection method based on function call relationship |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103365774A true CN103365774A (en) | 2013-10-23 |
Family
ID=49367179
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013101941737A Pending CN103365774A (en) | 2013-08-22 | 2013-08-22 | Transient error detection method based on function call relationship |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103365774A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103761089A (en) * | 2014-01-14 | 2014-04-30 | 清华大学 | Method for determining dynamic function call relation based on register transfer languages |
| CN106155893A (en) * | 2015-04-03 | 2016-11-23 | 腾讯科技(深圳)有限公司 | Judge method and the program test equipment of Application testing coverage |
| CN109783353A (en) * | 2018-12-14 | 2019-05-21 | 平安普惠企业管理有限公司 | A kind of program analysis method and terminal device |
| CN110032394A (en) * | 2019-04-12 | 2019-07-19 | 深圳市腾讯信息技术有限公司 | A kind of analysis method, device and the storage medium of passive coding file |
| CN111274699A (en) * | 2020-01-19 | 2020-06-12 | 北京航空航天大学 | SmartIflow-based AADL (architecture analysis and design language) model security analysis method |
| CN112585547A (en) * | 2019-03-13 | 2021-03-30 | 欧姆龙株式会社 | Analysis device, analysis method, and analysis program |
| CN114328168A (en) * | 2020-10-09 | 2022-04-12 | 腾讯科技(深圳)有限公司 | Anomaly detection method and device, computer equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101944064A (en) * | 2010-10-12 | 2011-01-12 | 中国人民解放军国防科学技术大学 | Control flow error detection optimizing method based on reconstructed control flow graph |
| CN102567200A (en) * | 2011-12-14 | 2012-07-11 | 北京航空航天大学 | Parallelization security hole detecting method based on function call graph |
-
2013
- 2013-08-22 CN CN2013101941737A patent/CN103365774A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101944064A (en) * | 2010-10-12 | 2011-01-12 | 中国人民解放军国防科学技术大学 | Control flow error detection optimizing method based on reconstructed control flow graph |
| CN102567200A (en) * | 2011-12-14 | 2012-07-11 | 北京航空航天大学 | Parallelization security hole detecting method based on function call graph |
Non-Patent Citations (1)
| Title |
|---|
| 李建立等: "一种辐射环境下瞬时故障的软件检测方法", 《计算机工程与科学》, vol. 32, no. 3, 15 March 2010 (2010-03-15), pages 115 - 118 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103761089A (en) * | 2014-01-14 | 2014-04-30 | 清华大学 | Method for determining dynamic function call relation based on register transfer languages |
| CN103761089B (en) * | 2014-01-14 | 2017-09-15 | 清华大学 | The method that kinematic function call relation is determined based on register transfer language |
| CN106155893A (en) * | 2015-04-03 | 2016-11-23 | 腾讯科技(深圳)有限公司 | Judge method and the program test equipment of Application testing coverage |
| CN109783353A (en) * | 2018-12-14 | 2019-05-21 | 平安普惠企业管理有限公司 | A kind of program analysis method and terminal device |
| CN112585547A (en) * | 2019-03-13 | 2021-03-30 | 欧姆龙株式会社 | Analysis device, analysis method, and analysis program |
| CN112585547B (en) * | 2019-03-13 | 2024-02-06 | 欧姆龙株式会社 | Analysis device, analysis method, and recording medium |
| CN110032394A (en) * | 2019-04-12 | 2019-07-19 | 深圳市腾讯信息技术有限公司 | A kind of analysis method, device and the storage medium of passive coding file |
| CN110032394B (en) * | 2019-04-12 | 2022-05-31 | 深圳市腾讯信息技术有限公司 | Analysis method and device for passive code file and storage medium |
| CN111274699A (en) * | 2020-01-19 | 2020-06-12 | 北京航空航天大学 | SmartIflow-based AADL (architecture analysis and design language) model security analysis method |
| CN114328168A (en) * | 2020-10-09 | 2022-04-12 | 腾讯科技(深圳)有限公司 | Anomaly detection method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Feist et al. | Slither: a static analysis framework for smart contracts | |
| CN103365774A (en) | Transient error detection method based on function call relationship | |
| Shao | Certified software | |
| Wolf | Behavioral intervals in embedded software: timing and power analysis of embedded real-time software processes | |
| CN103778061A (en) | Automatic detection and correction method for array out-of-bound errors | |
| Arcaini et al. | AsmetaSMV: a way to link high-level ASM models to low-level NuSMV specifications | |
| IL97177A (en) | Method for creating a sequential circuit | |
| CN109634600B (en) | Code generation method based on security extension SysML and AADL models | |
| US20120233584A1 (en) | Analysis of Interactions of C and C++ Strings | |
| Cachera et al. | Certified memory usage analysis | |
| Oh et al. | Global sparse analysis framework | |
| Wesley et al. | Verifying Solidity smart contracts via communication abstraction in SmartACE | |
| Whalen et al. | An approach to automatic code generation for safety-critical systems | |
| Cambronero et al. | Active learning for software engineering | |
| Mian et al. | Model transformation for analyzing dependability of AADL model by using HiP-HOPS | |
| Liuying et al. | Test selection from UML statecharts | |
| US8327311B1 (en) | Generating a simulation model of a circuit design | |
| Yi et al. | Incorporating resource safety verification to executable model-based development for embedded systems | |
| Elmqvist et al. | Safety-oriented design of component assemblies using safety interfaces | |
| Iyer et al. | Toward application-aware security and reliability | |
| Dubslaff et al. | Iterative variable reordering: Taming huge system families | |
| CN115310095A (en) | Block chain intelligent contract mixed formal verification method and system | |
| CN101882190B (en) | Method for formally verifying bytecode intermediate representation program module by module | |
| Nguyen et al. | A test data generation method for c/c++ projects | |
| CN112559359A (en) | Based on S2ML safety critical system analysis and verification method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20131023 |