views:

201

answers:

1

I am hoping that someone can point me toward Linux software similar to the Microsoft tools Application Verifier and Driver Verifier. (They are stress testers for Windows applications and drivers, respectively.)

Do such things exist for Linux?

+2  A: 

I'm not familiar with Application Verifier and Driver Verifier at all...

For applications, Valgrind is very useful as a tool to check for leaks, use-after-free, double free, buffer overflow, use of unitialized data, unsafe concurrent data access, and much more.

There also exist many fuzzers (zzuf, fusil, etc.) which test a program's resiliance to invalid input.

GCC itself has -fstackprotector, which enables SSP (stack-smashing protector, aka ProPolice); -fmudflap, which detecs some other bad memory usage; and (in conjunction with glibc) -D_FORTIFY_SOURCE=n, which puts extra checking on various string and memory functions.

In the Linux kernel, there are many configuration switches under the "Kernel hacking" menu:

  • CONFIG_DEBUG_SLAB, CONFIG_DEBUG_PAGEALLOC, etc., which ensure that memory is allocated, used, and freed sanely
  • CONFIG_DEBUG_OBJECTS, which checks that objects are used and freed orderly
  • kmemcheck, "Valgrind for the kernel"
  • CONFIG_PROVE_LOCKING, which analyzes for all possible deadlocks
  • CONFIG_DEBUG_PREEMPT, CONFIG_DEBUG_MUTEXES, CONFIG_DEBUG_SPINLOCK, CONFIG_DEBUG_SPINLOCK_SLEEP, etc., which warn on improper use of locking
  • CONFIG_FAULT_INJECTION & co., which probabilistically cause failures of memory allocation and I/O
ephemient