From d0530690152064207cb6b70199b870f7876637d9 Mon Sep 17 00:00:00 2001 From: florenzio pizza Date: Tue, 20 Jun 2023 19:38:09 +0000 Subject: [PATCH] Finalized README --- README.md | 122 +++++++++++++++++++++++++++++++++++++++++++++++++++++- env.sh | 1 - 2 files changed, 121 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 89931eb..ee26de2 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ git clone https://github.com/vusec/floatzone.git --recurse-submodules Edit `env.sh` and update `FLOATZONE_TOP` with the full path where you cloned this repository. -(OPTIONAL) To run SPEC benchmarks, update also the variable `FLOATZONE_SPEC06` and `FLOATZONE_SPEC17` with the full path of your SPEC instllation. +(OPTIONAL) To run SPEC benchmarks, update also the variable `FLOATZONE_SPEC06` with the full path of your SPEC instllation. Then, load the environment in your current shell: ``` @@ -39,4 +39,124 @@ Finally, let's install everything. This will take a while since LLVM is quite a ./install.sh ``` +## How to test FloatZone is working +Compile the example `buggy.c` and `uaf.c` + +``` +cd examples +make clean +make +make uaf +``` + +This is the expected output: + +``` +./buggy_floatzone_run_base 15 +A +``` + +``` +./buggy_floatzone_run_base 16 + +!!!! [FLOATZONE] Fault addr = 0x7fffffffdc10 !!!! +0x7fffffffdbd0: e0 11 40 00 +0x7fffffffdbd4: 00 00 00 00 +0x7fffffffdbd8: 00 dc ff ff +0x7fffffffdbdc: ff 7f 00 00 +0x7fffffffdbe0: 40 d0 ff f7 +0x7fffffffdbe4: ff 7f 00 00 +0x7fffffffdbe8: 2e 12 40 00 +0x7fffffffdbec: 00 00 00 00 +0x7fffffffdbf0: 89 8b 8b 8b +0x7fffffffdbf4: 8b 8b 8b 8b +0x7fffffffdbf8: 8b 8b 8b 8b +0x7fffffffdbfc: 8b 8b 8b 8b +0x7fffffffdc00: 41 41 41 41 +0x7fffffffdc04: 41 41 41 41 +0x7fffffffdc08: 41 41 41 41 +0x7fffffffdc0c: 41 41 41 41 +0x7fffffffdc10: 89 8b 8b 8b <----- +0x7fffffffdc14: 8b 8b 8b 8b +0x7fffffffdc18: 8b 8b 8b 8b +0x7fffffffdc1c: 8b 8b 8b 8b +0x7fffffffdc20: 00 00 00 00 +0x7fffffffdc24: 00 00 00 00 +0x7fffffffdc28: 00 00 00 00 +0x7fffffffdc2c: 00 00 00 00 +0x7fffffffdc30: a0 3d 40 00 +0x7fffffffdc34: 00 00 00 00 +0x7fffffffdc38: 90 7d 74 f1 +0x7fffffffdc3c: ff 7f 00 00 +0x7fffffffdc40: 00 00 00 00 +0x7fffffffdc44: 00 00 00 00 +0x7fffffffdc48: e0 11 40 00 +0x7fffffffdc4c: 00 00 00 00 + +Fault RIP = 0x40123d +Backtrace: + - [0] ./buggy_floatzone_run_base() [0x40123d] + - [1] /lib/x86_64-linux-gnu/libc.so.6(+0x29d90) [0x7ffff1747d90] + - [2] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80) [0x7ffff1747e40] + - [3] /home/sec23_ae/floatzone/runtime/libwrap.so(__libc_start_main+0x1fa) [0x7ffff19502fa] + - [4] ./buggy_floatzone_run_base() [0x401095] +``` + +## Benchmarks + +To run SPEC06 benchmarks simply run the following command: + +``` +python3 run.py run spec2006 default_O2 asan_O2 floatzone_O2 --build --parallel=proc --parallelmax=1 +``` + +This will run baseline, ASan and FloatZone all together. + +To compute the respective time and memory overhead do: (substitute `run.2023-06-20.15-37-32/` with your result folder) + +``` +python3 run.py report spec2006 results/run.2023-06-20.15-37-32/ --aggregate geomean --field runtime:median maxrss:median +``` + +This is an expected output: + +``` ++ spec2006 aggregated data ----------------------------------------------+ +| asan_O2 default_O2 floatzone_O2 | +| runtime maxrss runtime maxrss runtime maxrss | +|benchmark median median median median median median | ++------------------------------------------------------------------------+ +|400.perlbench 427 5517864 107 1235732 154 2893056 | +|401.bzip2 301 3581624 196 3448396 254 3550160 | +|403.gcc 237 13467288 83.9 4259380 163 8043360 | +|429.mcf 145 1935800 110 1718588 118 1718428 | +|433.milc 156 982764 130 697832 144 1020312 | +|444.namd 188 61280 121 49808 142 49892 | +|445.gobmk 285 1368400 182 152456 217 1062460 | +|447.dealII 214 1764156 99.8 816224 132 1664564 | +|450.soplex 120 1271488 76.5 564236 93.5 1231012 | +|453.povray 101 236780 44.5 7408 73.6 217624 | +|456.hmmer 236 814480 104 34004 164 607576 | +|458.sjeng 342 184764 196 180744 226 181428 | +|462.libquantum 135 366912 118 100732 123 334072 | +|464.h264ref 368 726084 156 117508 354 659368 | +|470.lbm 96.0 476048 78.5 421032 79.9 421040 | +|471.omnetpp 230 776404 121 175944 190 647448 | +|473.astar 224 1489504 157 473900 184 1118144 | +|482.sphinx3 282 413280 174 45752 229 446512 | +|483.xalancbmk 159 1472808 61.9 430504 129 831000 | ++------------------------------------------------------------------------+ +|geomean 205 939084 114 278538 155 782220 | ++------------------------------------------------------------------------+ +``` + +We can see that the ASan time overhead is `205/114=79%` while FloatZone is `155/114=36%` + + +## Troubleshooting + +* Ensure `source env.sh` was executed in your terminal (with correct paths) +* Ensure evyerhting is up-to-date via `./install.sh` +* For FloatZone binaries, `run_base` must be present in the binary file name. +* Edit `wrap.c` depending on your needs (e.g. `SURVIVE_EXCEPTIONS=1`) diff --git a/env.sh b/env.sh index 6550210..869b62b 100755 --- a/env.sh +++ b/env.sh @@ -16,7 +16,6 @@ export FLOATZONE_TOP=/home/sec23_ae/floatzone #CHANGME depending on where you installed SPEC export FLOATZONE_SPEC06=/home/sec23_ae/spec06 -export FLOATZONE_SPEC17=/home/sec23_ae/spec17 export FLOATZONE_LLVM=$FLOATZONE_TOP/floatzone-llvm-project/llvm/