Usage
A video demonstrating the usage of FITIn for the example below is available on the bottom of this page.
Step 1:
Annotate source code
#include <stdio.h>
#include <unistd.h>
#include <fi_client.h>
int get_weight() {
/* Always OK. */
return 150;
}
#define POWER 4
#define OPERATING 2
#define OVERLOAD 1
int main() {
char state = POWER | OPERATING;FITIN_MONITOR_VARIABLE(state);
while(state & POWER) {
int weight = get_weight();
if(state & OPERATING) {
if(weight < 0) {
state = 0;
} else if (weight <= 750) {
state &= ~OVERLOAD;
} else {
state |= OVERLOAD;
}
if(state & OVERLOAD) {
printf("Elevator overloaded.\n");
} else if(!state) {
printf("Elevator shutting down!\n");
} else {
printf("System operating.\n");
}
}
sleep(1);
}
return 0;
}
Step 2:
Create a Lua file elevator.lua with the following code:
treat_superblock = function(address, fnname, filename, dirname, linenum)
if fnname == "main" then
return true
else
return false
end
endmonitor_address = function(address, annotated)
if annotated then
return true
else
return false
end
endflip_value = function(state, address, counter, size)
if counter == 14
return {1}
else
return {0}
end
end
Now, run the program:
bin/valgrind --tool=fitin --control-script=elevator.lua ./elevator
The variable state is tested for bit-error vulnerability. The tester added the macro FITIN_MONITOR_VARIABLE(state) and counts the number of accesses to state. Under regular circumstances, each iteration of the loop implies five read operations of state. To test for false alarms for overload in the third iteration of loop, the tester specifies to flip the least significant bit (=1), before the 14th access to state.
FITIn was originally designed by Clemens Terasa as part of his Master thesis; version 2 was developed by Marcel Heing-Becker in his Bachelor thesis. The tool is under active development. Of highest priority are robustness tests on additional platforms and support for floating-point types.
An instructional movie on soft errors in general is available here.