ROSE-CIRM Detecting C-Style Errors in UPC Code
|
|
- Blake Young
- 5 years ago
- Views:
Transcription
1 ROSE-CIRM Detecting C-Style Errors in UPC Code Peter Pirkelbauer 1 Chunhuah Liao 1 Thomas Panas 2 Daniel Quinlan Microsoft Parallel Data Warehouse This work was funded by the Department of Defense and used elements at the Extreme Scale Systems Center, located at Oak Ridge. This work performed under the auspices of the U.S. Department of Energy by under Contract DE-AC52-07NA27344, P. O. Box 808, Livermore, CA UCRL- LLNL-PRES
2 Motivation Cost of Software Bugs is significant in % of the GDP [NIST02] Error Detection Support RTED Benchmark for Compilers and Runtime- Systems [Lue09a] [Lue09b] [RTED] Bug Detection Tools Static and Dynamic Analysis Source Code and Binary Code 2
3 Outline Unified Parallel C and C-Style Errors Implementation Code Instrumentation and Dynamic Analysis Evaluation Conclusion 3
4 Unified Parallel C (UPC) Extends C99 with: Partitioned Global l Address Space Language constructs for Parallelism e.g., shared pointers, parallel for loop, memory consistency models 4
5 Error Categories C-Style Errors out of bounds accesses, uninitialized iti variables, dangling pointers C-Style Errors in UPC s shared memory space UPC Library Functions upc_memput with wrong length Parallelism Related Errors deadlock, livelock, race conditions 5
6 UPC Bug Example 1 UPC Code int upc_main() { shared [] int *ptr; if (MYTHREAD == 0) { ptr = upc_alloc( ); upc_barrier; if (MYTHREAD == 1) { upc_free(ptr); 6
7 UPC Bug Example 1 (cont d) UPC Code int upc_main() { shared [] int *ptr; if (MYTHREAD == 0) { ptr = upc_alloc( ); upc_barrier; Thread 0 allocates local shared memory. ptr in Thread 1 remains uninitialized. Bug uninitialized pointer access if (MYTHREAD == 1) { Thread 1 accesses upc_free(ptr); uninitialized ptr. 7
8 UPC Bug Example 2 UPC Code int upc_main() { shared [] int *ptr; ptr = upc_all_alloc( ); upc_barrier; ptr[mythread] = ; if (MYTHREAD == 0) { upc_free(ptr); 8
9 UPC Bug Example 2 (cont d) UPC Code int upc_main() { shared [] int *ptr; ptr = upc_all_alloc( ); upc_barrier; ptr[mythread] = ; if (MYTHREAD == 0) { upc_free(ptr); Collective memory allocation Missing barrier: Thread 0 might free the memory early. Bug potential early memory release 9
10 Dynamic Analysis Original Code Thread 0 int upc_main() { allocates shared [] int *ptr; local shared memory. if (MYTHREAD == 0) { ptr = upc_alloc( ); Leaves ptr in Thread 1 uninitialized. upc_barrier; if (MYTHREAD == 1) { upc_free(ptr); Thread 1 accesses uninitialized iti ptr. Instrumented Code int upc_main() { shared [] int *ptr; if (MYTHREAD == 0) { ptr = upc_alloc( ); cirm_createheapptr(ptr, ); cirm_initvariable(&ptr, ); cirm_exitworkzone(); upc_barrier; cirm_enterworkzone(); if (MYTHREAD == 1) { cirm_freemem(&ptr); upc_free(ptr); 10
11 Dynamic Analysis (Scheme) Original Code int upc_main() { shared [] int *ptr; if (MYTHREAD == 0) { ptr = upc_alloc( ); upc_barrier; if (MYTHREAD == 1) { upc_free(ptr); Updates shadow memory and notifies other UPC threads about the heap allocation. Marks the location of the ptr as initialized. Note: ptr in Thread 0!= ptr in Thread 1. Thread 1 accesses uninitialized ptr. Instrumented Code int upc_main() { shared [] int *ptr; if (MYTHREAD == 0) { ptr = upc_alloc( ); cirm_createheapptr(ptr, ); cirm_initvariable(&ptr, ); cirm_exitworkzone(); upc_barrier; cirm_enterworkzone(); if (MYTHREAD == 1) { cirm_freemem(&ptr); upc_free(ptr); 11
12 The ROSE Compiler Infrastructure 12
13 ROSE-CIRM Toolchain ROSE - Code Instrumentation and Runtime Monitor 13
14 Runtime Architecture (1) 14
15 Runtime Architecture (2) Instrumented Code shared[] int *values = upc_all_alloc( ); cirm_createheap(values, ); cirm_initvariable(&values); if (MYTHREAD == 1) { values[1] = 7; cirminitvar(&values[1], ); 15
16 Runtime Monitor Coordination (1) Concurrent Access // shared int val; Instrumented Code if (MYTHREAD==0) { val = comp( ); cirm_initvariable(&val, ); cirm_enterbarrier(); upc_barrier; cirm_exitbarrier(); cirm_accessvar(&val, ); printf( %d\n, val); Sends update on initialization to other runtime managers. Messages are processed after barrier. Test succeeds 16
17 Runtime Monitor Coordination (2) Concurrent Access // shared int val; Instrumented Code if (MYTHREAD==0) { val = comp( ); cirm_initvariable(&val, ); // upc_barrier; cirm_accessvar(&val, ); printf( %d\n, val); If the input program contains race conditions, ROSE-CIRM may spuriously report an error. Sends update on initialization to other runtime managers. Missing barrier. Test fails if messages are not processed in time. 17
18 Coordination Early Release Problem (1) Instrumented Code shared[] int *values = upc_all_alloc( ); cirm_arrayaccess(&values[0], &values[idx]); values[idx] = useful_computation(idx); cirm_initvariable(&values[ ], ); // upc_barrier; if (MYTHREAD == 0) { cirm_exitworkzone(); cirm_freemem(&ptr); upc_free(ptr); cirm_enterworkzone(); Heap-memory access Missing barrier Thread 0 might free the memory early. 18
19 Coordination Early Release Problem (2) Isolate Destructive Updates Instrumented Code shared[] int *values = upc_all_alloc( ); cirm_arrayaccess(&values[0], &values[idx]); values[idx] = useful_computation(idx); cirm_initvariable(&values[ ], ); // upc_barrier; if (MYTHREAD == 0) { cirm_exitworkzone(); cirm_freemem(&ptr); upc_free(ptr); cirm_enterworkzone(); 19
20 Coordination Early Release Problem (3) Isolate Destructive Updates Instrumented Code shared[] int *values = upc_all_alloc( ); cirm_arrayaccess(&values[0], &values[idx]); values[idx] = useful_computation(idx); cirm_initvariable(&values[ ], ); // upc_barrier; if (MYTHREAD == 0) { cirm_exitworkzone(); cirm_freemem(&ptr); upc_free(ptr); cirm_enterworkzone(); 20
21 Coordination Early Release Problem (4) Isolate Destructive Updates Instrumented Code shared[] int *values = upc_all_alloc( ); cirm_arrayaccess(&values[0], &values[idx]); values[idx] = useful_computation(idx); cirm_initvariable(&values[ ], ); // upc_barrier; if (MYTHREAD == 0) { cirm_exitworkzone(); cirm_freemem(&ptr); upc_free(ptr); cirm_enterworkzone(); 21
22 Coordination Early Release Problem (5) Isolate Destructive Updates Instrumented Code shared[] int *values = upc_all_alloc( ); cirm_arrayaccess(&values[0], &values[idx]); values[idx] = useful_computation(idx); cirm_initvariable(&values[ ], ); // upc_barrier; if (MYTHREAD == 0) { cirm_exitworkzone(); cirm_freemem(&ptr); upc_free(ptr); cirm_enterworkzone(); 22
23 Coordination Early Release Problem (6) Isolate Destructive Updates Instrumented Code shared[] int *values = upc_all_alloc( ); cirm_arrayaccess(&values[0], &values[idx]); values[idx] = useful_computation(idx); cirm_initvariable(&values[ ], ); // upc_barrier; if (MYTHREAD == 0) { cirm_exitworkzone(); cirm_freemem(&ptr); upc_free(ptr); cirm_enterworkzone(); 23
24 Address Abstraction Implementation for GCCUPC 24
25 Bounds Checking C/C++ char* ptr = charrarr[1]; Instrumented Code cirm_accessarray(ptr, ptr+2, sizeof(*ptr), cirmwrite,...); ptr[2] = 8; 25
26 Bounds Checking Distributed Array shared[3] char chararr[threads][8]; 26
27 Tests - RTED Benchmark Suite Luecke et al.: RTED Benchmark Suite for UPC [RTED] Category Number of Correctly Identified Tests (in percent) Out of bounds accesses (indices) (94%) Out of bounds accesses (pointers) (94%) Uninitialized memory reads (97%) Dynamic memory handling related (100%) 27
28 Tests - Heat-Conduction Code El-Ghazawi et al.: Distributed Shared Memory Programming [ElG05] 80 elements per dimension 8 Threads Intel X5680, 6x2 3.3Ghz 24GByte Memory, Red Hat Linux Client 5.6 gccupc , g
29 Related Tools UPC Compilers and Runtime Systems GCCUPC, Berkeley UPC, Cray UPC,... Tools for C/C++ Commercial Software Insure++, Purify Open Source Software Valgrind Memory Checkers DMalloc,... 29
30 Conclusion ROSE-CIRM a dynamic analysis tool for UPC code helps programmers find some bugs works in mixed language projects (C/C++, UPC) performs well on a subset of the RTED benchmark implemented for GCCUPC 30
31 Future Work Generality Casts of blocksize Complex array subscript expressions Scope UPC Library, Parallelism related errors Scalability Runtime Monitor Design Performance Elimination of unnecessary checks (ROSE analysis) 31
32 Thank You! This work was funded by the Department of Defense and used elements at the Extreme Scale Systems Center, located at Oak Ridge. This work performed under the auspices of the U.S. Department of Energy by under Contract DE-AC52-07NA
33 References [BUPC] [DMalloc] Berkeley UPC, [ElG05] El-Ghazawi et al: UPC: Distributed Shared-Memory Programming, [GCCUPC] GCCUPC, [Insure] [Lue09a] [Lue09b] [NIST02] [Purify] [Pin] [RTED] Insure++, Luecke et al: Evaluating error detection capabilities of UPC run-time systems. PGAS 09. Luecke et al: The importance of run-time error detection. 3 rd Parallel Tools Workshop 09. National Institute of Standards & Technology: The Economic Impacts of Inadequate Infrastructure for Software Testing, May Purify, Pin - A Dynamic Binary Instrumentation Tool RTED Benchmark Suite, [UPC] UPC Language Specification v1.2, June [Valgrind] Valgrind, g 33
34 Appendix 34
35 Runtime Error Detection (RTED): Introduction Shadow memory stores: Information on memory state Instruments source code: Updates shadow memory when memory is allocated, freed, or initialized. Checks memory operations for consistency. RTED is a tool that detects software flaws and helps pinpoint their origin. RTED consists of a runtime system and a source-to-source transformation system. The runtime system utilizes a shadow memory to keep track of memory state (allocations, initializations, ). The source-to-source transformation adds statements to the original source code that inform the RTED runtime system about memory operations. 35
36 RTED for Unified Parallel C (UPC) Shadow memory: 1x per UPC thread Stores state of UPC process Instrumented Code: Notifies other UPC threads of updates. In addition to local storage, such as Stack and Heap, UPC defines a shared memory region, which can be accessed from any UPC thread. In order to safeguard memory operations, each RTED runtime systems requires access to the memory state. To do so, each UPC thread keeps a local copy. Any update of the memory state is communicated to all other UPC threads. 36
37 RTED for UPC: Address Representation UPC Thread ID Relative position (GCCUPC) base: upc_vm_map _addr relative position for shared pointers: GUPCR_PTS_OFFSET To uniquely identify a memory position, RTED s runtime systems communicate addresses as a tuple containing the thread-id and the relative position to the shared memory base. The thread-id is determined by MYTHREAD for local pointers (they can also point into the shared memory region) and upc_threadof for shared pointers. Finding the relative position is implementation dependent; this slide uses the GCCUPC interface. 37
38 Runtime Monitor - Coordination Issues? Thread 1 Thread 2 // shared int[] values[threads]; // shared int[] values[threads]; W: values[idx] =...; B: cirm_initvariable(&values[ ], ); upc_barrier; upc_barrier; P: cirmaccessarray(&values[ ], ); R: sum += values[ ]; 38
39 RTED: Runtime Error Detection Due to performance and other concerns, programming g languages g / compilers / runtime systems do not (always) guarantee safe execution of code. Undetected software defects are the source for costly problems, such as unstable code, security vulnerabilities, etc. RTED instruments potentially unsafe operations with calls to a runtime checking system, thereby providing a safety envelop for executable code. Supported Languages: C, C++, UPC Comparison with other tools (Valgrind): + type information + Higher level abstractions - Requires whole program 39
40 Tests - Heat-Conduction Code El-Ghazawi et al.: Distributed Shared Memory Programming [ElG05] 80 elements per dimension 8 Threads Intel X5680, 6x2 3.3Ghz 24GByte Memory, Red Hat Linux Client 5.6 gccupc , g
CIRM - Dynamic Error Detection
CIRM - Dynamic Error Detection Peter Pirkelbauer Center for Applied Scientific Computing (CASC) Lawrence Livermore National Laboratory This work was funded by the Department of Defense and used elements
More informationUPC-CHECK: A scalable tool for detecting run-time errors in Unified Parallel C
myjournal manuscript No. (will be inserted by the editor) UPC-CHECK: A scalable tool for detecting run-time errors in Unified Parallel C James Coyle Indranil Roy Marina Kraeva Glenn R. Luecke Received:
More informationUnified Parallel C, UPC
Unified Parallel C, UPC Jarmo Rantakokko Parallel Programming Models MPI Pthreads OpenMP UPC Different w.r.t. Performance/Portability/Productivity 1 Partitioned Global Address Space, PGAS Thread 0 Thread
More informationEfficient Data Race Detection for Unified Parallel C
P A R A L L E L C O M P U T I N G L A B O R A T O R Y Efficient Data Race Detection for Unified Parallel C ParLab Winter Retreat 1/14/2011" Costin Iancu, LBL" Nick Jalbert, UC Berkeley" Chang-Seo Park,
More informationA program execution is memory safe so long as memory access errors never occur:
A program execution is memory safe so long as memory access errors never occur: Buffer overflows, null pointer dereference, use after free, use of uninitialized memory, illegal free Memory safety categories
More informationCS2141 Software Development using C/C++ Debugging
CS2141 Software Development using C/C++ Debugging Debugging Tips Examine the most recent change Error likely in, or exposed by, code most recently added Developing code incrementally and testing along
More informationUnified Parallel C (UPC)
Unified Parallel C (UPC) Vivek Sarkar Department of Computer Science Rice University vsarkar@cs.rice.edu COMP 422 Lecture 21 March 27, 2008 Acknowledgments Supercomputing 2007 tutorial on Programming using
More informationImplementing a Scalable Parallel Reduction in Unified Parallel C
Implementing a Scalable Parallel Reduction in Unified Parallel C Introduction A reduction is the process of combining elements of a vector (or array) to yield a single aggregate element. It is commonly
More informationAbstract. Negative tests: These tests are to determine the error detection capabilities of a UPC compiler implementation.
UPC Compilers Testing Strategy v1.03 pre Tarek El-Ghazawi, Sébastien Chauvi, Onur Filiz, Veysel Baydogan, Proshanta Saha George Washington University 14 March 2003 Abstract The purpose of this effort is
More informationCCured. One-Slide Summary. Lecture Outline. Type-Safe Retrofitting of C Programs
CCured Type-Safe Retrofitting of C Programs [Necula, McPeak,, Weimer, Condit, Harren] #1 One-Slide Summary CCured enforces memory safety and type safety in legacy C programs. CCured analyzes how you use
More informationOracle Developer Studio Code Analyzer
Oracle Developer Studio Code Analyzer The Oracle Developer Studio Code Analyzer ensures application reliability and security by detecting application vulnerabilities, including memory leaks and memory
More informationBootstrap, Memory Management and Troubleshooting. LS 12, TU Dortmund
Bootstrap, Memory Management and Troubleshooting (slides are based on Prof. Dr. Jian-Jia Chen and http://www.freertos.org) Anas Toma LS 12, TU Dortmund February 01, 2018 Anas Toma (LS 12, TU Dortmund)
More informationMulti-Threaded UPC Runtime for GPU to GPU communication over InfiniBand
Multi-Threaded UPC Runtime for GPU to GPU communication over InfiniBand Miao Luo, Hao Wang, & D. K. Panda Network- Based Compu2ng Laboratory Department of Computer Science and Engineering The Ohio State
More informationVerification & Validation of Open Source
Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open
More informationo Code, executable, and process o Main memory vs. virtual memory
Goals for Today s Lecture Memory Allocation Prof. David August COS 217 Behind the scenes of running a program o Code, executable, and process o Main memory vs. virtual memory Memory layout for UNIX processes,
More informationReusable, Generic Compiler Analyses and Transformations
Reusable, Generic Compiler Analyses and Transformations Jeremiah Willcock, Andrew Lumsdaine, and Daniel Quinlan Indiana University and Lawrence Livermore National Laboratory This work performed under the
More informationCall Paths for Pin Tools
, Xu Liu, and John Mellor-Crummey Department of Computer Science Rice University CGO'14, Orlando, FL February 17, 2014 What is a Call Path? main() A() B() Foo() { x = *ptr;} Chain of function calls that
More informationCS527 Software Security
Security Policies Purdue University, Spring 2018 Security Policies A policy is a deliberate system of principles to guide decisions and achieve rational outcomes. A policy is a statement of intent, and
More informationOverview AEG Conclusion CS 6V Automatic Exploit Generation (AEG) Matthew Stephen. Department of Computer Science University of Texas at Dallas
CS 6V81.005 Automatic Exploit Generation (AEG) Matthew Stephen Department of Computer Science University of Texas at Dallas February 20 th, 2012 Outline 1 Overview Introduction Considerations 2 AEG Challenges
More informationDEVELOPING AN OPTIMIZED UPC COMPILER FOR FUTURE ARCHITECTURES
DEVELOPING AN OPTIMIZED UPC COMPILER FOR FUTURE ARCHITECTURES Tarek El-Ghazawi, François Cantonnet, Yiyi Yao Department of Electrical and Computer Engineering The George Washington University tarek@gwu.edu
More informationJackson Marusarz Software Technical Consulting Engineer
Jackson Marusarz Software Technical Consulting Engineer What Will Be Covered Overview Memory/Thread analysis New Features Deep dive into debugger integrations Demo Call to action 2 Analysis Tools for Diagnosis
More informationHonours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui
Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui Projects 1 Information flow analysis for mobile applications 2 2 Machine-learning-guide typestate analysis for UAF vulnerabilities 3 3 Preventing
More informationSystem Assertions. Andreas Zeller
System Assertions Andreas Zeller System Invariants Some properties of a program must hold over the entire run: must not access data of other processes must handle mathematical exceptions must not exceed
More informationPartitioned Global Address Space (PGAS) Model. Bin Bao
Partitioned Global Address Space (PGAS) Model Bin Bao Contents PGAS model introduction Unified Parallel C (UPC) introduction Data Distribution, Worksharing and Exploiting Locality Synchronization and Memory
More informationFast dynamic program analysis Race detection. Konstantin Serebryany May
Fast dynamic program analysis Race detection Konstantin Serebryany May 20 2011 Agenda Dynamic program analysis Race detection: theory ThreadSanitizer: race detector Making ThreadSanitizer
More informationCptS 360 (System Programming) Unit 4: Debugging
CptS 360 (System Programming) Unit 4: Debugging Bob Lewis School of Engineering and Applied Sciences Washington State University Spring, 2018 Motivation You re probably going to spend most of your code
More informationIntroducing the PurifyPlus Family: PurifyPlus for Windows PurifyPlus for UNIX PurifyPlus for Linux PurifyPlus RealTime
Introducing the PurifyPlus Family: PurifyPlus for PurifyPlus for UNIX Product version 2002 Release 2 Document version 1.5 Last revision: November 29, 2002 1 High level overview: A. Intro an introduction
More informationUnified Runtime for PGAS and MPI over OFED
Unified Runtime for PGAS and MPI over OFED D. K. Panda and Sayantan Sur Network-Based Computing Laboratory Department of Computer Science and Engineering The Ohio State University, USA Outline Introduction
More informationEnforcing Textual Alignment of
Parallel Hardware Parallel Applications IT industry (Silicon Valley) Parallel Software Users Enforcing Textual Alignment of Collectives using Dynamic Checks and Katherine Yelick UC Berkeley Parallel Computing
More informationIntro to Proving Absence of Errors in C/C++ Code
Intro to Proving Absence of Errors in C/C++ Code Develop high quality embedded software Kristian Lindqvist Senior Pilot Engineer MathWorks 2016 The MathWorks, Inc. 1 The Cost of Failure Ariane 5: Overflow
More informationSimple Overflow. #include <stdio.h> int main(void){ unsigned int num = 0xffffffff;
Simple Overflow 1 #include int main(void){ unsigned int num = 0xffffffff; printf("num is %d bits long\n", sizeof(num) * 8); printf("num = 0x%x\n", num); printf("num + 1 = 0x%x\n", num + 1); }
More informationMemory Analysis tools
Memory Analysis tools PURIFY The Necessity TOOL Application behaviour: Crashes intermittently Uses too much memory Runs too slowly Isn t well tested Is about to ship You need something See what your code
More informationHexType: Efficient Detection of Type Confusion Errors for C++ Yuseok Jeon Priyam Biswas Scott A. Carr Byoungyoung Lee Mathias Payer
HexType: Efficient Detection of Type Confusion Errors for C++ Yuseok Jeon Priyam Biswas Scott A. Carr Byoungyoung Lee Mathias Payer Motivation C++ is a popular programming language Google Chrome, Firefox,
More informationGuidelines for Writing C Code
Guidelines for Writing C Code Issue 01-bugfix Martin Becker Institute for Real-Time Computer Systems (RCS) Technische Universität München becker@rcs.ei.tum.de June 9, 2014 Contents 1 Introduction 1 2 Pragmatic
More informationBuffer overflow prevention, and other attacks
Buffer prevention, and other attacks Comp Sci 3600 Security Outline 1 2 Two approaches to buffer defense Aim to harden programs to resist attacks in new programs Run time Aim to detect and abort attacks
More informationSummary: Issues / Open Questions:
Summary: The paper introduces Transitional Locking II (TL2), a Software Transactional Memory (STM) algorithm, which tries to overcomes most of the safety and performance issues of former STM implementations.
More informationSoftware security, secure programming
Software security, secure programming Lecture 4: Protecting your code against software vulnerabilities? (overview) Master on Cybersecurity Master MoSiG Academic Year 2017-2018 Preamble Bad news several
More informationMISRA-C. Subset of the C language for critical systems
MISRA-C Subset of the C language for critical systems SAFETY-CRITICAL SYSTEMS System is safety-critical if people might die due to software bugs Examples Automobile stability / traction control Medical
More informationSoK: Eternal War in Memory
SoK: Eternal War in Memory László Szekeres, Mathias Payer, Tao Wei, Dawn Song Presenter: Wajih 11/7/2017 Some slides are taken from original S&P presentation 1 What is SoK paper? Systematization of Knowledge
More informationC Programming Basics II
C Programming Basics II Xianyi Zeng xzeng@utep.edu Department of Mathematical Sciences The University of Texas at El Paso. September 20, 2016. Pointers and Passing by Address Upon declaring a variable,
More informationStanford University Computer Science Department CS 295 midterm. May 14, (45 points) (30 points) total
Stanford University Computer Science Department CS 295 midterm May 14, 2008 This is an open-book exam. You have 75 minutes. Write all of your answers directly on the paper. Make your answers as concise
More informationIntermediate Programming, Spring 2017*
600.120 Intermediate Programming, Spring 2017* Misha Kazhdan *Much of the code in these examples is not commented because it would otherwise not fit on the slides. This is bad coding practice in general
More informationTI2725-C, C programming lab, course
Valgrind tutorial Valgrind is a tool which can find memory leaks in your programs, such as buffer overflows and bad memory management. This document will show per example how Valgrind responds to buggy
More informationUniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages
UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages Kangjie Lu, Chengyu Song, Taesoo Kim, Wenke Lee School of Computer Science, Georgia Tech Any Problem Here? /* File: drivers/usb/core/devio.c*/
More informationNew features in AddressSanitizer. LLVM developer meeting Nov 7, 2013 Alexey Samsonov, Kostya Serebryany
New features in AddressSanitizer LLVM developer meeting Nov 7, 2013 Alexey Samsonov, Kostya Serebryany Agenda AddressSanitizer (ASan): a quick reminder New features: Initialization-order-fiasco Stack-use-after-scope
More informationProgram Verification. Aarti Gupta
Program Verification Aarti Gupta 1 Agenda Famous bugs Common bugs Testing (from lecture 6) Reasoning about programs Techniques for program verification 2 Famous Bugs The first bug: A moth in a relay (1945)
More informationTyped Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts
Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts Toshiyuki Maeda and Akinori Yonezawa University of Tokyo Quiz [Environment] CPU: Intel Xeon X5570 (2.93GHz)
More informationSecure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack
Secure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack John Criswell, University of Illinois Andrew Lenharth, University of Illinois Dinakar Dhurjati, DoCoMo Communications
More informationPage 1. Stuff. Last Time. Today. Safety-Critical Systems MISRA-C. Terminology. Interrupts Inline assembly Intrinsics
Stuff Last Time Homework due next week Lab due two weeks from today Questions? Interrupts Inline assembly Intrinsics Today Safety-Critical Systems MISRA-C Subset of C language for critical systems System
More informationIn Java we have the keyword null, which is the value of an uninitialized reference type
+ More on Pointers + Null pointers In Java we have the keyword null, which is the value of an uninitialized reference type In C we sometimes use NULL, but its just a macro for the integer 0 Pointers are
More informationImportant From Last Time
Important From Last Time Volatile is tricky To write correct embedded C and C++, you have to understand what volatile does and does not do Ø What is the guarantee that it provides? Don t make the 8 mistakes
More informationCMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING
CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 16, SPRING 2013 TOPICS TODAY Project 6 Perils & Pitfalls of Memory Allocation C Function Call Conventions in Assembly Language PERILS
More informationMEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING
FEDERAL UNIVERSITY OF AMAZONAS INSTITUTE OF COMPUTING GRADUATE PROGRAM IN COMPUTER SCIENCE MEMORY MANAGEMENT TEST-CASE GENERATION OF C PROGRAMS USING BOUNDED MODEL CHECKING Herbert Rocha, Raimundo Barreto,
More informationC PGAS XcalableMP(XMP) Unified Parallel
PGAS XcalableMP Unified Parallel C 1 2 1, 2 1, 2, 3 C PGAS XcalableMP(XMP) Unified Parallel C(UPC) XMP UPC XMP UPC 1 Berkeley UPC GASNet 1. MPI MPI 1 Center for Computational Sciences, University of Tsukuba
More informationCMSC 330: Organization of Programming Languages. Ownership, References, and Lifetimes in Rust
CMSC 330: Organization of Programming Languages Ownership, References, and Lifetimes in Rust CMSC330 Spring 2018 1 Memory: the Stack and the Heap The stack constant-time, automatic (de)allocation Data
More informationDynamic Memory Allocation: Advanced Concepts
Dynamic Memory Allocation: Advanced Concepts Keeping Track of Free Blocks Method 1: Implicit list using length links all blocks 5 4 6 Method : Explicit list among the free blocks using pointers 5 4 6 Kai
More informationCSC 1600 Memory Layout for Unix Processes"
CSC 16 Memory Layout for Unix Processes" 1 Lecture Goals" Behind the scenes of running a program" Code, executable, and process" Memory layout for UNIX processes, and relationship to C" : code and constant
More information6.828: OS/Language Co-design. Adam Belay
6.828: OS/Language Co-design Adam Belay Singularity An experimental research OS at Microsoft in the early 2000s Many people and papers, high profile project Influenced by experiences at
More informationFiji VM Safety Critical Java
Fiji VM Safety Critical Java Filip Pizlo, President Fiji Systems Inc. Introduction Java is a modern, portable programming language with wide-spread adoption. Goal: streamlining debugging and certification.
More informationBuffer overflow background
and heap buffer background Comp Sci 3600 Security Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Address Space and heap buffer
More informationParallel Programming Languages. HPC Fall 2010 Prof. Robert van Engelen
Parallel Programming Languages HPC Fall 2010 Prof. Robert van Engelen Overview Partitioned Global Address Space (PGAS) A selection of PGAS parallel programming languages CAF UPC Further reading HPC Fall
More informationStatic Analysis in C/C++ code with Polyspace
1 Static Analysis in C/C++ code with Polyspace Yongchool Ryu Application Engineer gary.ryu@mathworks.com 2016 The MathWorks, Inc. 2 Agenda Efficient way to find problems in Software Category of Static
More informationOverview: The OpenMP Programming Model
Overview: The OpenMP Programming Model motivation and overview the parallel directive: clauses, equivalent pthread code, examples the for directive and scheduling of loop iterations Pi example in OpenMP
More informationNoise Injection Techniques to Expose Subtle and Unintended Message Races
Noise Injection Techniques to Expose Subtle and Unintended Message Races PPoPP2017 February 6th, 2017 Kento Sato, Dong H. Ahn, Ignacio Laguna, Gregory L. Lee, Martin Schulz and Christopher M. Chambreau
More informationCauses of Software Failures
Causes of Software Failures Hardware Faults Permanent faults, e.g., wear-and-tear component Transient faults, e.g., bit flips due to radiation Software Faults (Bugs) (40% failures) Nondeterministic bugs,
More informationChapter 1 GETTING STARTED. SYS-ED/ Computer Education Techniques, Inc.
Chapter 1 GETTING STARTED SYS-ED/ Computer Education Techniques, Inc. Objectives You will learn: Java platform. Applets and applications. Java programming language: facilities and foundation. Memory management
More informationCIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 2
CIS 551 / TCOM 401 Computer and Network Security Spring 2007 Lecture 2 Announcements First project is on the web Due: Feb. 1st at midnight Form groups of 2 or 3 people If you need help finding a group,
More informationNon-Blocking Inter-Partition Communication with Wait-Free Pair Transactions
Non-Blocking Inter-Partition Communication with Wait-Free Pair Transactions Ethan Blanton and Lukasz Ziarek Fiji Systems, Inc. October 10 th, 2013 WFPT Overview Wait-Free Pair Transactions A communication
More informationComparing One-Sided Communication with MPI, UPC and SHMEM
Comparing One-Sided Communication with MPI, UPC and SHMEM EPCC University of Edinburgh Dr Chris Maynard Application Consultant, EPCC c.maynard@ed.ac.uk +44 131 650 5077 The Future ain t what it used to
More informationA Characterization of Shared Data Access Patterns in UPC Programs
IBM T.J. Watson Research Center A Characterization of Shared Data Access Patterns in UPC Programs Christopher Barton, Calin Cascaval, Jose Nelson Amaral LCPC `06 November 2, 2006 Outline Motivation Overview
More informationA Novel Approach to Explain the Detection of Memory Errors and Execution on Different Application Using Dr Memory.
A Novel Approach to Explain the Detection of Memory Errors and Execution on Different Application Using Dr Memory. Yashaswini J 1, Tripathi Ashish Ashok 2 1, 2 School of computer science and engineering,
More informationCopyright 2015 MathEmbedded Ltd.r. Finding security vulnerabilities by fuzzing and dynamic code analysis
Finding security vulnerabilities by fuzzing and dynamic code analysis Security Vulnerabilities Top code security vulnerabilities don t change much: Security Vulnerabilities Top code security vulnerabilities
More informationC and C++ Secure Coding 4-day course. Syllabus
C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course
More informationIdentifying Memory Corruption Bugs with Compiler Instrumentations. 이병영 ( 조지아공과대학교
Identifying Memory Corruption Bugs with Compiler Instrumentations 이병영 ( 조지아공과대학교 ) blee@gatech.edu @POC2014 How to find bugs Source code auditing Fuzzing Source Code Auditing Focusing on specific vulnerability
More informationBlack Hat Webcast Series. C/C++ AppSec in 2014
Black Hat Webcast Series C/C++ AppSec in 2014 Who Am I Chris Rohlf Leaf SR (Security Research) - Founder / Consultant BlackHat Speaker { 2009, 2011, 2012 } BlackHat Review Board Member http://leafsr.com
More informationUsing Intel VTune Amplifier XE and Inspector XE in.net environment
Using Intel VTune Amplifier XE and Inspector XE in.net environment Levent Akyil Technical Computing, Analyzers and Runtime Software and Services group 1 Refresher - Intel VTune Amplifier XE Intel Inspector
More informationField Analysis. Last time Exploit encapsulation to improve memory system performance
Field Analysis Last time Exploit encapsulation to improve memory system performance This time Exploit encapsulation to simplify analysis Two uses of field analysis Escape analysis Object inlining April
More informationD as Better C Compiler. by Walter Bright dlang.org
D as Better C Compiler by Walter Bright dlang.org C Brilliantly conceived language Major force for 40 years Engine for major critical software Well known and understood Man behind the curtain All Is Not
More informationSemantics (cont.) Symbol Table. Static Scope. Static Scope. Static Scope. CSE 3302 Programming Languages. Static vs. Dynamic Scope
-2-1 CSE 3302 Programming Languages Semantics (cont.) Smbol Table Smbol Table: maintain bindings. Can be viewed as functions that map names to their attributes. Names SmbolTable Attributes Chengkai Li,
More informationProfilers and Debuggers. Introductory Material. One-Slide Summary
Profilers and Debuggers #1 Introductory Material First, who doesn t know assembly language? You ll get to answer all the assembly questions. Yes, really. Lecture Style: Sit on the table and pose questions.
More informationMemory & Thread Debugger
Memory & Thread Debugger Here is What Will Be Covered Overview Memory/Thread analysis New Features Deep dive into debugger integrations Demo Call to action Intel Confidential 2 Analysis Tools for Diagnosis
More informationToday s lecture. Pointers/arrays. Stack versus heap allocation CULTURE FACT: IN CODE, IT S NOT CONSIDERED RUDE TO POINT.
Pointers/arrays Mechanics, syntax Underlying memory model Array indexing == pointer arithmetic As parameters Stack versus heap allocation Stack declaration, scope, lifetime Heap allocation/deallocation
More informationLLNL Tool Components: LaunchMON, P N MPI, GraphLib
LLNL-PRES-405584 Lawrence Livermore National Laboratory LLNL Tool Components: LaunchMON, P N MPI, GraphLib CScADS Workshop, July 2008 Martin Schulz Larger Team: Bronis de Supinski, Dong Ahn, Greg Lee Lawrence
More informationChapter 1 INTRODUCTION SYS-ED/ COMPUTER EDUCATION TECHNIQUES, INC.
hapter 1 INTRODUTION SYS-ED/ OMPUTER EDUATION TEHNIQUES, IN. Objectives You will learn: Java features. Java and its associated components. Features of a Java application and applet. Java data types. Java
More informationECMWF Workshop on High Performance Computing in Meteorology. 3 rd November Dean Stewart
ECMWF Workshop on High Performance Computing in Meteorology 3 rd November 2010 Dean Stewart Agenda Company Overview Rogue Wave Product Overview IMSL Fortran TotalView Debugger Acumem ThreadSpotter 1 Copyright
More informationReview! Lecture 5 C Memory Management !
CS61C L05 C Memory Management (1)! inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture 5 C Memory Management 2010-06-28!!! Instructor Paul Pearce! Symmetric multiprocessor! MIPS support for
More informationGCC Developers Summit Ottawa, Canada, June 2006
OpenMP Implementation in GCC Diego Novillo dnovillo@redhat.com Red Hat Canada GCC Developers Summit Ottawa, Canada, June 2006 OpenMP Language extensions for shared memory concurrency (C, C++ and Fortran)
More informationCS61C : Machine Structures
inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture 5 C Memory Management 2010-06-28!!! Instructor Paul Pearce! Symmetric multiprocessor! MIPS support for Android MIPS Technologies (founded
More informationLLVM-based Communication Optimizations for PGAS Programs
LLVM-based Communication Optimizations for PGAS Programs nd Workshop on the LLVM Compiler Infrastructure in HPC @ SC15 Akihiro Hayashi (Rice University) Jisheng Zhao (Rice University) Michael Ferguson
More informationELP. Effektive Laufzeitunterstützung für zukünftige Programmierstandards. Speaker: Tim Cramer, RWTH Aachen University
ELP Effektive Laufzeitunterstützung für zukünftige Programmierstandards Agenda ELP Project Goals ELP Achievements Remaining Steps ELP Project Goals Goals of ELP: Improve programmer productivity By influencing
More informationECE 15B COMPUTER ORGANIZATION
ECE 15B COMPUTER ORGANIZATION Lecture 13 Strings, Lists & Stacks Announcements HW #3 Due next Friday, May 15 at 5:00 PM in HFH Project #2 Due May 29 at 5:00 PM Project #3 Assigned next Thursday, May 19
More informationImplementing and optimizing a Sparse Matrix-Vector Multiplication with UPC
Implementing and optimizing a Sparse Matrix-Vector Multiplication with UPC Jérémie Lagravière 1, Martina Prugger 3, Lukas Einkemmer, Johannes Langguth 1, Phuong H. Ha 2, and Xing Cai 1 1 Simula Research
More informationCS-527 Software Security
CS-527 Software Security Memory Safety Asst. Prof. Mathias Payer Department of Computer Science Purdue University TA: Kyriakos Ispoglou https://nebelwelt.net/teaching/17-527-softsec/ Spring 2017 Eternal
More informationCMPSC 497 Other Memory Vulnerabilities
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CMPSC 497 Other Memory
More informationCS 330 Lecture 18. Symbol table. C scope rules. Declarations. Chapter 5 Louden Outline
CS 0 Lecture 8 Chapter 5 Louden Outline The symbol table Static scoping vs dynamic scoping Symbol table Dictionary associates names to attributes In general: hash tables, tree and lists (assignment ) can
More informationComprehensive Kernel Instrumentation via Dynamic Binary Translation
Comprehensive Kernel Instrumentation via Dynamic Binary Translation Peter Feiner Angela Demke Brown Ashvin Goel University of Toronto 011 Complexity of Operating Systems 012 Complexity of Operating Systems
More informationANITA S SUPER AWESOME RECITATION SLIDES
ANITA S SUPER AWESOME RECITATION SLIDES 15/18-213: Introduction to Computer Systems Dynamic Memory Allocation Anita Zhang, Section M UPDATES Cache Lab style points released Don t fret too much Shell Lab
More informationCA31-1K DIS. Pointers. TA: You Lu
CA31-1K DIS Pointers TA: You Lu Pointers Recall that while we think of variables by their names like: int numbers; Computer likes to think of variables by their memory address: 0012FED4 A pointer is a
More informationJaguar: Enabling Efficient Communication and I/O in Java
Jaguar: Enabling Efficient Communication and I/O in Java Matt Welsh and David Culler UC Berkeley Presented by David Hovemeyer Outline ' Motivation ' How it works ' Code mappings ' External objects ' Pre
More informationCOMP26120: Linked List in C (2018/19) Lucas Cordeiro
COMP26120: Linked List in C (2018/19) Lucas Cordeiro lucas.cordeiro@manchester.ac.uk Linked List Lucas Cordeiro (Formal Methods Group) lucas.cordeiro@manchester.ac.uk Office: 2.28 Office hours: 10-11 Tuesday,
More information