This research was conducted by Zach Miller, Todd Tannenbaum, and Ben Liblit. The paper appeared in the 2012 USENIX Annual Technical Conference (USENIX ATC 2012).
Applications do not typically view the kernel as a source of bad
input. However, the kernel can behave in unusual (yet
permissible) ways for which applications are badly unprepared. We
present Murphy, a language-agnostic tool that helps
developers discover and isolate run-time failures in their
programs by simulating difficult-to-reproduce but
completely-legitimate interactions between the application and the
kernel. Murphy makes it easy to enable or disable sets of kernel
interactions, called gremlins, so developers can focus on
the failure scenarios that are important to them. Gremlins are
implemented using the
ptrace interface, intercepting
and potentially modifying an application’s system call invocation
while requiring no invasive changes to the host machine.
We show how to use Murphy in a variety of modes to find different classes of errors, present examples of the kernel interactions that are tested, and explain how to apply delta debugging techniques to isolate the code causing the failure. While our primary goal was the development of a tool to assist in new software development, we successfully demonstrate that Murphy also has the capability to find bugs in hardened, widely-deployed software.
The full paper is available as a single PDF document. A suggested BibTeX citation record is also available.
See also the related technical report.
Visit the Murphy repository on GitHub to work with Murphy source code. Start by reading the instructions for building and running Murphy. You may also download zip or tar archives of source code for the latest version or any official Murphy release. Note: currently, Murphy is only implemented for 64-bit Linux.