Causes of Software Failures
|
|
- Job Craig
- 5 years ago
- Views:
Transcription
1 Causes of Software Failures Hardware Faults Permanent faults, e.g., wear-and-tear component Transient faults, e.g., bit flips due to radiation Software Faults (Bugs) (40% failures) Nondeterministic bugs, e.g., data races, atomic violations, due to timing-dependent issues such as process scheduling and signals Deterministic bugs, e.g., buffer overflow, memory leaks
2 An Example of Non-deterministic Bug /* From Apache httpd mod_log_config.c */ ap_buffered_log_writter() {.. s = &buffer[buf->outcnt]; memcpy(s, str, len); temp = buf->outcnt + len; buf->outcnt = temp; } /4/12
3 Failure Recovery Methods Reboot-Based Methods General Checkpointing and Rollback Methods Studied already Application-Specific Methods Redundancy-Based Methods Failure-Oblivious Computing Randomization-Based Methods Execution Environment Based Methods
4 Rebooting Simply reset the computer or restart the failed program Pros: A simple (and common) way to recover failures on a single system or program Cons: Losing work that have not been saved (Auto-save alleviates this problem) May cause inconsistent state Rebooting a large complex systems (e.g., data center) is time consuming
5 Software Rejuvenation Periodically restart a system when load is low Commonly used for maintaining servers Likely not cause big disruption to service E.g., cannot log on bank web sites on Saturday night Expect some failures would happen in near future Based on observed MTTF (Mean-Time-To-Failure) E.g., memory leaks, resource leaks
6 Micro-rebooting[1]* Full system rebooting is costly for large-scale Internet systems[1] Unexpected recovery time Unexpected data loss Micro-rebooting: individually rebooting of fine-grained application components. [*] Microreboot. A technique for cheap recovery. G. Candea, S. Kawamoto, Y. Fujiki, G. Friedman, and A. Fox. In Proceedings of the 6th Symposium on Operating System Design and Implementation, Dec 2004.
7 Requirements for Microrebootable Applications (I) Fine-grained components Enabling fast recovery State segregation prevent corruption in application persistent state Using mechanisms such as transactional databases and session state managers
8 Requirements for Microrebootable Applications (II) Decoupling: Components must be loosely coupled. Retryable requests Smooth reintegration of microrebooted components.
9 Trade-Offs of Micro-rebooting Pros: Low runtime overhead with normal execution Fast recovery No loss data Cons: Reconstruction of software with several requirements
10 Application-Specific Methods Exception Handling Java Programs Process/Thread-Pool Based Methods Apache Application-Specific Checkpointing HPC applications
11 Trade-offs of Previous Approaches Nicely deal with hardware transient errors and non-deterministic bugs Cannot handle deterministic bugs (except for some application-specific methods) We will discuss approaches that can deal with deterministic bugs on failure recovery
12 Redundancy-Based Methods Multiple instances of the program, modules, functions are used for failure recovery Examples: N-version Programming Recovery blocks
13 N-version Programming* Different teams to generate independent N>=2 software modules Detecting/Masking Failures using results from N versions of modules. [*] The N-version approach to fault-tolerant software. Algirdas Avizienis. IEEE Transactions on Software Engineering, 11(12), 1985.
14 Recovery Blocks* Program is structured into blocks (e.g., modules, functions) A recovery block consists of a conventional block which is provided with a means of error detection and stand-by spares with the same functionality. Once an error is detected, a spare block will be executed [*] System structure for software fault tolerance. Brian Randell. IEEE Transactions on Software Engineering, 1(2): , 1975
15 Pros: Trade-offs of Redundancy-Base Methods Can handle both deterministic and nondeterministic software bugs Cons: Expensive Implicit assumption is different team may have different bugs for implementing the same functionalities
16 Other Approaches Failure-Oblivious Computing Randomization-based Method Execution Environment based Methods
17 Failure-Oblivious Computing (FOC) Memory errors are common sources of program failures E.g., out of bound array accesses, invalid pointer accesses FOC enables servers to execute through memory errors without memory corruption [*] Enhancing Server Availability and Security Through Failure-Oblivious Computing. Martin Rinard et. al. OSDI 04
18 How to be Oblivious to Failures? The C Compiler inserts checks for dynamically detecting invalid memory accesses What to do when an invalid memory access is detected? Not terminating or throwing an exception Discarding invalid writes Manufacturing values to return for invalid reads Hopefully the server will continue its normal path
19 A Simple Example char buf[80]; for (int i = 0; i <= 80; I ++) { a = buf[i]; a ++; buf[i] = a; } i = 80, overflowed read i = 80, overflowed write
20 Rationales of FOC Memory errors may occur in irrelevant computations => FOC enables the server to continue the relevant computation Even when memory errors occur in relevant computations => FOC converts unanticipated requests into anticipated invalid inputs that the error-handling logic can handle
21 C Safety Checking A Checker developed by Jones and Kelly, enhanced by Ruwase and Lam Maintaining a table that maps locations and length info to data units (e.g., struct, array, and variable) For each memory access, use this table to distinguish in-bounds and out-of-bounds pointers
22 Randomization-Based Method Randomizing memory allocation with multiple replicas or running multiple times for surviving memory errors Handled errors: Double free, Invalid free, Uninitialized read, Dangling pointer, Buffer overflow [*] DieHard: Probabilistic Memory Safety for Unsafe Programming Languages. Emery Berger and Ben Zorn. PLDI 06
23 DieHard Architecture Replica 1 input Replica 2 output Replica 3 Each replica randomize the heap differently Majority voting at the output point Assumption: different replica fail differently (likely valid in this randomization case)
24 DieHard Randomize Heap Bitmap-based, segregated size classes: One bit for the status (free or allocated) of one object Objects with the same size are grouped (2^3, 2^4, ) Malloc: Get the closet size class Randomly assign one available space for the object Free: Check the object properly aligned, bit status, and reset bits Prevent invalid frees, double frees
25 An Example From the Paper
26 Rx Execution Environment Based Methods Change program execution environment Survive software failures caused by both nondeterministic and deterministic bugs [*] Rx: Treating Bugs as Allergies A Safe Method to Survive Software Failures. Feng Qin et. al. SOSP 05
27 Rx Idea: Treat Bugs As Allergies Allergies: Hard to cure Can be avoided by changing the living environments! Avoidance Therapy for Allergies 2018/4/12 27
28 Rx Avoids Software Bugs Avoidance Therapy: Introduce non-determinism during program recovery by changing the execution environments Goals: Deterministic bugs Nondeterministic bugs Non-deterministic bugs Lower probability to occur Software execution Execution environment /4/12
29 Examples of Environmental Changes Category Potentially- Avoided Bugs Environmental Changes Cost Double free, dangling pointer Delaying recycling of freed buffer Relatively Cheap Memory Management Dynamic buffer overflow Memory corruption Padding allocated memory blocks Allocating memory in an isolated location Relatively Cheap Expensive Un-initialized reads Zero-filling newly allocated memory buffers Expensive Timing- Related Concurrency Bugs Scheduling Signal delivery Cheap Cheap Message Reordering Cheap User- Related Bugs related to user requests Selectively Dropping user requests Really Expensive /4/12
30 The Rx Process Change execution environment on-demand upon software failures Fail App Software Failure App Rollback App Change Env App Re-execute App Succeed App checkpoint Env Env Env Env Env Env Log Time Out programmers Other Approaches 2018/4/12 30
31 Rx Architecture 1. Hide server failures from clients 2. Help server to recover Server Application Detect software failures or faults in servers Proxy Clients Sensors Environment Wrappers Implement those Checkpoint the program environmental changes periodically and rollback it whenever failure happens Checkpoint 1. Devise a Rx recovery System scheme & Rollback 2. Log diagnostic information Control Unit report errors programmers /4/12
DieHard: Probabilistic Memory Safety for Unsafe Programming Languages
DieHard: Probabilistic Memory Safety for Unsafe Programming Languages Emery Berger University of Massachusetts Amherst Ben Zorn Microsoft Research Problems with Unsafe Languages C, C++: pervasive apps,
More informationSurviving Software Failures
Surviving Software Failures A survey on the research context of "Rx: Treating Bugs as Allergies A Safe Method to Survive Software Failures" by F. Qin, J. Tucek, J. Sundaresan, and Y. Zhou. Johannes Pletzer,
More informationDieHard: Memory Error Fault Tolerance in C and C++
DieHard: Memory Error Fault Tolerance in C and C++ Ben Zorn Microsoft Research In collaboration with Emery Berger and Gene Novark, Univ. of Massachusetts Ted Hart, Microsoft Research DieHard: Memory Error
More informationFirst-Aid: Surviving and Preventing Memory Management Bugs during Production Runs
First-Aid: Surviving and Preventing Memory Management Bugs during Production Runs Qi Gao Wenbin Zhang Yan Tang Feng Qin Dept. of Computer Science and Engineering Ohio State University, Columbus, OH, 43210,
More informationBoundless Memory Blocks
Boundless Memory Blocks Cristian Cadar Massachusetts Institute of Technology (now Stanford University) M. Rinard, D. Dumitran D. Roy, T. Leu Massachusetts Institute of Technology Annual Computer Security
More informationA program execution is memory safe so long as memory access errors never occur:
A program execution is memory safe so long as memory access errors never occur: Buffer overflows, null pointer dereference, use after free, use of uninitialized memory, illegal free Memory safety categories
More informationDependability tree 1
Dependability tree 1 Means for achieving dependability A combined use of methods can be applied as means for achieving dependability. These means can be classified into: 1. Fault Prevention techniques
More informationRecovering Device Drivers
1 Recovering Device Drivers Michael M. Swift, Muthukaruppan Annamalai, Brian N. Bershad, and Henry M. Levy University of Washington Presenter: Hayun Lee Embedded Software Lab. Symposium on Operating Systems
More informationOn-Demand Proactive Defense against Memory Vulnerabilities
On-Demand Proactive Defense against Memory Vulnerabilities Gang Chen, Hai Jin, Deqing Zou, and Weiqi Dai Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science
More informationAnnouncements. Persistence: Crash Consistency
Announcements P4 graded: In Learn@UW by end of day P5: Available - File systems Can work on both parts with project partner Fill out form BEFORE tomorrow (WED) morning for match Watch videos; discussion
More informationCling: A Memory Allocator to Mitigate Dangling Pointers. Periklis Akritidis
Cling: A Memory Allocator to Mitigate Dangling Pointers Periklis Akritidis --2010 Use-after-free Vulnerabilities Accessing Memory Through Dangling Pointers Techniques : Heap Spraying, Feng Shui Manual
More informationLast week. Data on the stack is allocated automatically when we do a function call, and removed when we return
Last week Data can be allocated on the stack or on the heap (aka dynamic memory) Data on the stack is allocated automatically when we do a function call, and removed when we return f() {... int table[len];...
More informationFailure Models. Fault Tolerance. Failure Masking by Redundancy. Agreement in Faulty Systems
Fault Tolerance Fault cause of an error that might lead to failure; could be transient, intermittent, or permanent Fault tolerance a system can provide its services even in the presence of faults Requirements
More informationFAULT TOLERANCE. Fault Tolerant Systems. Faults Faults (cont d)
Distributed Systems Fö 9/10-1 Distributed Systems Fö 9/10-2 FAULT TOLERANCE 1. Fault Tolerant Systems 2. Faults and Fault Models. Redundancy 4. Time Redundancy and Backward Recovery. Hardware Redundancy
More informationIssues in Programming Language Design for Embedded RT Systems
CSE 237B Fall 2009 Issues in Programming Language Design for Embedded RT Systems Reliability and Fault Tolerance Exceptions and Exception Handling Rajesh Gupta University of California, San Diego ES Characteristics
More informationSoftware Fault Tolerance for Type-unsafe Languages
Software Fault Tolerance for Type-unsafe Languages C/C++ Ben Zorn Microsoft Research In collaboration with Emery Berger, Univ. of Massachusetts Karthik Pattabiraman, Univ. of Illinois, UC Vinod Grover,
More informationIn Java we have the keyword null, which is the value of an uninitialized reference type
+ More on Pointers + Null pointers In Java we have the keyword null, which is the value of an uninitialized reference type In C we sometimes use NULL, but its just a macro for the integer 0 Pointers are
More informationCMSC 330: Organization of Programming Languages
CMSC 330: Organization of Programming Languages Memory Management and Garbage Collection CMSC 330 - Spring 2013 1 Memory Attributes! Memory to store data in programming languages has the following lifecycle
More information[537] Journaling. Tyler Harter
[537] Journaling Tyler Harter FFS Review Problem 1 What structs must be updated in addition to the data block itself? [worksheet] Problem 1 What structs must be updated in addition to the data block itself?
More informationCMSC 330: Organization of Programming Languages
CMSC 330: Organization of Programming Languages Memory Management and Garbage Collection CMSC 330 Spring 2017 1 Memory Attributes Memory to store data in programming languages has the following lifecycle
More informationRuntime Defenses against Memory Corruption
CS 380S Runtime Defenses against Memory Corruption Vitaly Shmatikov slide 1 Reading Assignment Cowan et al. Buffer overflows: Attacks and defenses for the vulnerability of the decade (DISCEX 2000). Avijit,
More informationGFS: The Google File System. Dr. Yingwu Zhu
GFS: The Google File System Dr. Yingwu Zhu Motivating Application: Google Crawl the whole web Store it all on one big disk Process users searches on one big CPU More storage, CPU required than one PC can
More informationCHAPTER 3 RECOVERY & CONCURRENCY ADVANCED DATABASE SYSTEMS. Assist. Prof. Dr. Volkan TUNALI
CHAPTER 3 RECOVERY & CONCURRENCY ADVANCED DATABASE SYSTEMS Assist. Prof. Dr. Volkan TUNALI PART 1 2 RECOVERY Topics 3 Introduction Transactions Transaction Log System Recovery Media Recovery Introduction
More informationLimitations of the stack
The heap hic 1 Limitations of the stack int *table_of(int num, int len) { int table[len+1]; for (int i=0; i
More informationOpera&ng Systems CMPSCI 377 Dynamic Memory Management. Emery Berger and Mark Corner University of Massachuse9s Amherst
Opera&ng Systems CMPSCI 377 Dynamic Memory Management Emery Berger and Mark Corner University of Massachuse9s Amherst Dynamic Memory Management How the heap manager is implemented malloc, free new, delete
More informationYuxi Chen, Shu Wang, Shan Lu, and Karthikeyan Sankaralingam *
Yuxi Chen, Shu Wang, Shan Lu, and Karthikeyan Sankaralingam * * 2 q Synchronization mistakes in multithreaded programs Thread 1 Thread 2 If(ptr){ tmp = *ptr; ptr = NULL; } Segfault q Common q Hard to diagnose
More informationFault Tolerance for Highly Available Internet Services: Concept, Approaches, and Issues
Fault Tolerance for Highly Available Internet Services: Concept, Approaches, and Issues By Narjess Ayari, Denis Barbaron, Laurent Lefevre and Pascale primet Presented by Mingyu Liu Outlines 1.Introduction
More informationBuffer overflow background
and heap buffer background Comp Sci 3600 Security Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Address Space and heap buffer
More informationDistributed systems. Lecture 6: distributed transactions, elections, consensus and replication. Malte Schwarzkopf
Distributed systems Lecture 6: distributed transactions, elections, consensus and replication Malte Schwarzkopf Last time Saw how we can build ordered multicast Messages between processes in a group Need
More informationCS527 Software Security
Security Policies Purdue University, Spring 2018 Security Policies A policy is a deliberate system of principles to guide decisions and achieve rational outcomes. A policy is a statement of intent, and
More informationCSE P 501 Compilers. Memory Management and Garbage Collec<on Hal Perkins Winter UW CSE P 501 Winter 2016 W-1
CSE P 501 Compilers Memory Management and Garbage Collec
More informationTolerating and Correcting Memory Errors in C and C++
Tolerating and Correcting Memory Errors in C and C++ Ben Zorn Microsoft Research In collaboration with: Emery Berger and Gene Novark, UMass - Amherst Karthik Pattabiraman, UIUC Vinod Grover and Ted Hart,
More informationCS 241 Honors Memory
CS 241 Honors Memory Ben Kurtovic Atul Sandur Bhuvan Venkatesh Brian Zhou Kevin Hong University of Illinois Urbana Champaign February 20, 2018 CS 241 Course Staff (UIUC) Memory February 20, 2018 1 / 35
More informationTI2725-C, C programming lab, course
Valgrind tutorial Valgrind is a tool which can find memory leaks in your programs, such as buffer overflows and bad memory management. This document will show per example how Valgrind responds to buggy
More informationFault-tolerant techniques
What are the effects if the hardware or software is not fault-free in a real-time system? What causes component faults? Specification or design faults: Incomplete or erroneous models Lack of techniques
More informationStanford University Computer Science Department CS 295 midterm. May 14, (45 points) (30 points) total
Stanford University Computer Science Department CS 295 midterm May 14, 2008 This is an open-book exam. You have 75 minutes. Write all of your answers directly on the paper. Make your answers as concise
More informationAn Operating System Architecture for Future Information Appliances
An Operating System Architecture for Future Information Appliances Tatsuo Nakajima Hiroo Ishikawa Yuki Kinebuchi Midori Sugaya Sun Lei Alexandre Courbot Andrej van der Zee Aleksi Aalto Kwon Ki Duk Department
More informationAdvanced Memory Management
Advanced Memory Management Main Points Applications of memory management What can we do with ability to trap on memory references to individual pages? File systems and persistent storage Goals Abstractions
More informationLast time. Distributed systems Lecture 6: Elections, distributed transactions, and replication. DrRobert N. M. Watson
Distributed systems Lecture 6: Elections, distributed transactions, and replication DrRobert N. M. Watson 1 Last time Saw how we can build ordered multicast Messages between processes in a group Need to
More informationCMSC 330: Organization of Programming Languages. Memory Management and Garbage Collection
CMSC 330: Organization of Programming Languages Memory Management and Garbage Collection CMSC330 Fall 2018 1 Memory Attributes Memory to store data in programming languages has the following lifecycle
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 14: Software Security Department of Computer Science and Engineering University at Buffalo 1 Software Security Exploiting software vulnerabilities is paramount
More informationCrash Consistency: FSCK and Journaling. Dongkun Shin, SKKU
Crash Consistency: FSCK and Journaling 1 Crash-consistency problem File system data structures must persist stored on HDD/SSD despite power loss or system crash Crash-consistency problem The system may
More informationCS5460: Operating Systems Lecture 20: File System Reliability
CS5460: Operating Systems Lecture 20: File System Reliability File System Optimizations Modern Historic Technique Disk buffer cache Aggregated disk I/O Prefetching Disk head scheduling Disk interleaving
More informationCS558 Programming Languages
CS558 Programming Languages Winter 2017 Lecture 4a Andrew Tolmach Portland State University 1994-2017 Semantics and Erroneous Programs Important part of language specification is distinguishing valid from
More informationBinding and Storage. COMP 524: Programming Language Concepts Björn B. Brandenburg. The University of North Carolina at Chapel Hill
Binding and Storage Björn B. Brandenburg The University of North Carolina at Chapel Hill Based in part on slides and notes by S. Olivier, A. Block, N. Fisher, F. Hernandez-Campos, and D. Stotts. What s
More informationChapter 8 Fault Tolerance
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN Chapter 8 Fault Tolerance 1 Fault Tolerance Basic Concepts Being fault tolerant is strongly related to
More informationFault Tolerant Computing CS 530
Fault Tolerant Computing CS 530 Lecture Notes 1 Introduction to the class Yashwant K. Malaiya Colorado State University 1 Instructor, TA Instructor: Yashwant K. Malaiya, Professor malaiya @ cs.colostate.edu
More informationOS Extensibility: SPIN and Exokernels. Robert Grimm New York University
OS Extensibility: SPIN and Exokernels Robert Grimm New York University The Three Questions What is the problem? What is new or different? What are the contributions and limitations? OS Abstraction Barrier
More informationTransparent TCP Recovery
Transparent Recovery with Chain Replication Robert Burgess Ken Birman Robert Broberg Rick Payne Robbert van Renesse October 26, 2009 Motivation Us: Motivation Them: Client Motivation There is a connection...
More informationSequential Fault Tolerance Techniques
COMP-667 Software Fault Tolerance Software Fault Tolerance Sequential Fault Tolerance Techniques Jörg Kienzle Software Engineering Laboratory School of Computer Science McGill University Overview Robust
More informationThe Google File System
October 13, 2010 Based on: S. Ghemawat, H. Gobioff, and S.-T. Leung: The Google file system, in Proceedings ACM SOSP 2003, Lake George, NY, USA, October 2003. 1 Assumptions Interface Architecture Single
More informationAuthor... Department of Electrical Engineering and Computer Science A^~~~ - njuly 14, Enhancing Availability and Security Through
Enhancing Availability and Security Through Boundless Memory Blocks by Cristian Cadar Submitted to the Department of Electrical Engineering and Computer Science in partial fulfillment of the requirements
More informationMemory management. Johan Montelius KTH
Memory management Johan Montelius KTH 2017 1 / 22 C program # include int global = 42; int main ( int argc, char * argv []) { if( argc < 2) return -1; int n = atoi ( argv [1]); int on_stack
More informationGFS: The Google File System
GFS: The Google File System Brad Karp UCL Computer Science CS GZ03 / M030 24 th October 2014 Motivating Application: Google Crawl the whole web Store it all on one big disk Process users searches on one
More informationBlack Hat Webcast Series. C/C++ AppSec in 2014
Black Hat Webcast Series C/C++ AppSec in 2014 Who Am I Chris Rohlf Leaf SR (Security Research) - Founder / Consultant BlackHat Speaker { 2009, 2011, 2012 } BlackHat Review Board Member http://leafsr.com
More informationCS2141 Software Development using C/C++ Debugging
CS2141 Software Development using C/C++ Debugging Debugging Tips Examine the most recent change Error likely in, or exposed by, code most recently added Developing code incrementally and testing along
More informationCA464 Distributed Programming
1 / 25 CA464 Distributed Programming Lecturer: Martin Crane Office: L2.51 Phone: 8974 Email: martin.crane@computing.dcu.ie WWW: http://www.computing.dcu.ie/ mcrane Course Page: "/CA464NewUpdate Textbook
More informationCS61 Section Notes. Section 5 (Fall 2011) Topics to be covered Common Memory Errors Dynamic Memory Allocation Assignment 3: Malloc
CS61 Section Notes Section 5 (Fall 2011) Topics to be covered Common Memory Errors Dynamic Memory Allocation Assignment 3: Malloc Common Memory Errors In lecture, we learned about several errors programmers
More informationSpot: A Programming Language for Verified Flight Software
Spot: A Programming Language for Verified Flight Software Rob Bocchino (bocchino@jpl.nasa.gov) Ed Gamble (ed.gamble@jpl.nasa.gov) Kim Gostelow Jet Propulsion Laboratory Califor nia Institute of Technology
More informationExterminator: Automatically Correcting Memory Errors with High Probability By Gene Novark, Emery D. Berger, and Benjamin G. Zorn
Exterminator: Automatically Correcting Memory Errors with High Probability By Gene Novark, Emery D. Berger, and Benjamin G. Zorn doi:0.45/409360.40938 Abstract Programs written in C and C++ are susceptible
More informationCMPSC 497 Other Memory Vulnerabilities
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CMPSC 497 Other Memory
More informationCyber Moving Targets. Yashar Dehkan Asl
Cyber Moving Targets Yashar Dehkan Asl Introduction An overview of different cyber moving target techniques, their threat models, and their technical details. Cyber moving target technique: Defend a system
More informationDynamic Memory Management
Dynamic Memory Management Professor Jennifer Rexford http://www.cs.princeton.edu/~jrex 1 Goals of Today s Lecture Dynamic memory management o Garbage collection by the run-time system (Java) o Manual deallocation
More informationStatic Analysis in C/C++ code with Polyspace
1 Static Analysis in C/C++ code with Polyspace Yongchool Ryu Application Engineer gary.ryu@mathworks.com 2016 The MathWorks, Inc. 2 Agenda Efficient way to find problems in Software Category of Static
More informationCaching and reliability
Caching and reliability Block cache Vs. Latency ~10 ns 1~ ms Access unit Byte (word) Sector Capacity Gigabytes Terabytes Price Expensive Cheap Caching disk contents in RAM Hit ratio h : probability of
More informationBaggy bounds checking. Periklis Akri5dis, Manuel Costa, Miguel Castro, Steven Hand
Baggy bounds checking Periklis Akri5dis, Manuel Costa, Miguel Castro, Steven Hand C/C++ programs are vulnerable Lots of exis5ng code in C and C++ More being wrieen every day C/C++ programs are prone to
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ slide 1 Reference Monitor Observes execution of the program/process At what level? Possibilities:
More informationDistributed Systems Principles and Paradigms. Chapter 01: Introduction
Distributed Systems Principles and Paradigms Maarten van Steen VU Amsterdam, Dept. Computer Science Room R4.20, steen@cs.vu.nl Chapter 01: Introduction Version: October 25, 2009 2 / 26 Contents Chapter
More informationRedundancy in fault tolerant computing. D. P. Siewiorek R.S. Swarz, Reliable Computer Systems, Prentice Hall, 1992
Redundancy in fault tolerant computing D. P. Siewiorek R.S. Swarz, Reliable Computer Systems, Prentice Hall, 1992 1 Redundancy Fault tolerance computing is based on redundancy HARDWARE REDUNDANCY Physical
More informationTopics in Software Security Vulnerability
Topics in Software Security Vulnerability Software vulnerability What are software vulnerabilities? Types of vulnerabilities E.g., Buffer Overflows How to find these vulnerabilities and prevent them? Classes
More informationState Transfer for Hypervisor-Based Proactive Recovery of Heterogeneous Replicated Services
State Transfer for Hypervisor-Based Proactive Recovery of Heterogeneous Replicated Services Tobias Distler Rüdiger Kapitza Friedrich-Alexander University Erlangen-Nuremberg, Germany {distler,rrkapitz}@cs.fau.de
More informationCS-527 Software Security
CS-527 Software Security Memory Safety Asst. Prof. Mathias Payer Department of Computer Science Purdue University TA: Kyriakos Ispoglou https://nebelwelt.net/teaching/17-527-softsec/ Spring 2017 Eternal
More informationFixD : Fault Detection, Bug Reporting, and Recoverability for Distributed Applications
FixD : Fault Detection, Bug Reporting, and Recoverability for Distributed Applications Cristian Ţăpuş, David A. Noblet California Institute of Technology {crt,dnoblet}@cs.caltech.edu Abstract Model checking,
More informationProcess s Address Space. Dynamic Memory. Backing the Heap. Dynamic memory allocation 3/29/2013. When a process starts the heap is empty
/9/01 Process s Address Space Dynamic Memory 0x7fffffff Stack Data (Heap) Data (Heap) 0 Text (Code) Backing the Heap When a process starts the heap is empty The process is responsible for requesting memory
More informationMemory Allocation. Copyright : University of Illinois CS 241 Staff 1
Memory Allocation Copyright : University of Illinois CS 241 Staff 1 Memory allocation within a process What happens when you declare a variable? Allocating a page for every variable wouldn t be efficient
More informationDistributed Systems Principles and Paradigms. Chapter 01: Introduction. Contents. Distributed System: Definition.
Distributed Systems Principles and Paradigms Maarten van Steen VU Amsterdam, Dept. Computer Science Room R4.20, steen@cs.vu.nl Chapter 01: Version: February 21, 2011 1 / 26 Contents Chapter 01: 02: Architectures
More informationSurvey of Cyber Moving Targets. Presented By Sharani Sankaran
Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber moving target technique refers to any technique that attempts to defend a system and increase the complexity of
More informationFAULT TOLERANT SYSTEMS
FAULT TOLERANT SYSTEMS http://www.ecs.umass.edu/ece/koren/faulttolerantsystems Part 18 Chapter 7 Case Studies Part.18.1 Introduction Illustrate practical use of methods described previously Highlight fault-tolerance
More informationDynamic Memory Allocation
Dynamic Memory Allocation CS61, Lecture 11 Prof. Stephen Chong October 6, 2011 Announcements 1/2 Reminder: No section on Monday Monday sections have been rescheduled See website for details Please attend
More informationLecture 4 September Required reading materials for this class
EECS 261: Computer Security Fall 2007 Lecture 4 September 6 Lecturer: David Wagner Scribe: DK Moon 4.1 Required reading materials for this class Beyond Stack Smashing: Recent Advances in Exploiting Buffer
More informationUnderstanding Undefined Behavior
Session Developer Tools #WWDC17 Understanding Undefined Behavior 407 Fred Riss, Clang Team Ryan Govostes, Security Engineering and Architecture Team Anna Zaks, Program Analysis Team 2017 Apple Inc. All
More informationModern Buffer Overflow Prevention Techniques: How they work and why they don t
Modern Buffer Overflow Prevention Techniques: How they work and why they don t Russ Osborn CS182 JT 4/13/2006 1 In the past 10 years, computer viruses have been a growing problem. In 1995, there were approximately
More informationSoK: Eternal War in Memory Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song In: Oakland 14
SoK: Eternal War in Memory Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song In: Oakland 14 Presenter: Mathias Payer, EPFL http://hexhive.github.io 1 Memory attacks: an ongoing war Vulnerability classes
More informationDynamic Memory Allocation: Basic Concepts
Dynamic Memory Allocation: Basic Concepts 15-213: Introduction to Computer Systems 19 th Lecture, March 30, 2017 Instructor: Franz Franchetti & Seth Copen Goldstein 1 Today Basic concepts Implicit free
More informationCS558 Programming Languages
CS558 Programming Languages Fall 2016 Lecture 3a Andrew Tolmach Portland State University 1994-2016 Formal Semantics Goal: rigorous and unambiguous definition in terms of a wellunderstood formalism (e.g.
More information2018/10/29 22:25 1/5 Linux Processes vs NuttX Tasks
2018/10/29 22:25 1/5 Linux Processes vs NuttX Tasks Linux Processes vs NuttX Tasks You may be used to running programs that are stored in files on Linux or Windows. If you transition to using NuttX tasks
More informationOracle Developer Studio Code Analyzer
Oracle Developer Studio Code Analyzer The Oracle Developer Studio Code Analyzer ensures application reliability and security by detecting application vulnerabilities, including memory leaks and memory
More informationSoK: Eternal War in Memory
SoK: Eternal War in Memory László Szekeres, Mathias Payer, Tao Wei, Dawn Song Presenter: Wajih 11/7/2017 Some slides are taken from original S&P presentation 1 What is SoK paper? Systematization of Knowledge
More informationLecture 22: Fault Tolerance
Lecture 22: Fault Tolerance Papers: Token Coherence: Decoupling Performance and Correctness, ISCA 03, Wisconsin A Low Overhead Fault Tolerant Coherence Protocol for CMP Architectures, HPCA 07, Spain Error
More informationSecure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack
Secure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack John Criswell, University of Illinois Andrew Lenharth, University of Illinois Dinakar Dhurjati, DoCoMo Communications
More informationRuntime. The optimized program is ready to run What sorts of facilities are available at runtime
Runtime The optimized program is ready to run What sorts of facilities are available at runtime Compiler Passes Analysis of input program (front-end) character stream Lexical Analysis token stream Syntactic
More informationMemory Management. q Basic memory management q Swapping q Kernel memory allocation q Next Time: Virtual memory
Memory Management q Basic memory management q Swapping q Kernel memory allocation q Next Time: Virtual memory Memory management Ideal memory for a programmer large, fast, nonvolatile and cheap not an option
More informationMemory Management. To do. q Basic memory management q Swapping q Kernel memory allocation q Next Time: Virtual memory
Memory Management To do q Basic memory management q Swapping q Kernel memory allocation q Next Time: Virtual memory Memory management Ideal memory for a programmer large, fast, nonvolatile and cheap not
More informationDynamic Memory Management! Goals of this Lecture!
Dynamic Memory Management!!! 1 Goals of this Lecture! Help you learn about:! Dynamic memory management techniques! Garbage collection by the run-time system (Java)! Manual deallocation by the programmer
More informationNooks. Robert Grimm New York University
Nooks Robert Grimm New York University The Three Questions What is the problem? What is new or different? What are the contributions and limitations? Design and Implementation Nooks Overview An isolation
More informationCMSC 330: Organization of Programming Languages. Ownership, References, and Lifetimes in Rust
CMSC 330: Organization of Programming Languages Ownership, References, and Lifetimes in Rust CMSC330 Spring 2018 1 Memory: the Stack and the Heap The stack constant-time, automatic (de)allocation Data
More informationJ2EE Instrumentation for software aging root cause application component determination with AspectJ
J2EE Instrumentation for software aging root cause application component determination with AspectJ Javier Alonso Josep Ll. Berral Ricard Gavaldà Jordi Torres Technical University of Catalonia, Spain Contents
More informationHardBound: Architectural Support for Spatial Safety of the C Programming Language
HardBound: Architectural Support for Spatial Safety of the C Programming Language Joe Devietti *, Colin Blundell, Milo Martin, Steve Zdancewic * University of Washington, University of Pennsylvania devietti@cs.washington.edu,
More informationAdvanced Programming & C++ Language
Advanced Programming & C++ Language ~6~ Introduction to Memory Management Ariel University 2018 Dr. Miri (Kopel) Ben-Nissan Stack & Heap 2 The memory a program uses is typically divided into four different
More informationDynamic Memory Allocation II October 22, 2008
15-213 Dynamic Memory Allocation II October 22, 2008 Topics Explicit doubly-linked free lists Segregated free lists Garbage collection Review of pointers Memory-related perils and pitfalls class18.ppt
More information