LAB 2 CSE 660 Submitted By: Arumugam Thendramil Pavai
|
|
- Allyson Evans
- 6 years ago
- Views:
Transcription
1 LAB 2 CSE 660 Submitted By: Arumugam Thendramil Pavai Steps to install Xv6 in CentOS 7 Copied the source code by using the git clone command, git clone git://github.com/mit-pdos/xv6-public.git Copied to a folder named lab2 cp -r xv6-public/ Documents/lab2 Installed QEMU using the following commands [root@localhost qemu]# git clonegit://git.qemu-project.org/qemu.git [root@localhost qemu]#./configure [root@localhost qemu]# make [root@localhost qemu]# make install Found the Path for QEMU using 'which' command [root@localhost qemu]# which qemu-system-i386 /usr/local/bin/qemu-system-i386
2 In the Makefile for Xv6 changed the path for QEMU QEMU = /usr/local/bin/qemu-system-i386 open terminal in lab2 folder which contains files for Xv6 Script for running Xv6 [root@localhost lab2]# make qemu-nox dd if=/dev/zero of=xv6.img count= records in records out bytes (5.1 MB) copied, s, 53.5 MB/s dd if=bootblock of=xv6.img conv=notrunc 1+0 records in 1+0 records out 512 bytes (512 B) copied, s, 348 kb/s dd if=kernel of=xv6.img seek=1 conv=notrunc records in records out bytes (181 kb) copied, s, 3.0 MB/s /usr/local/bin/qemu-system-i386 -nographic -drive file=fs.img,index=1,media=disk,format=raw -drive file=xv6.img,index=0,media=disk,format=raw -smp 2 -m 512 xv6... cpu1: starting cpu0: starting sb: size 1000 nblocks 941 ninodes 200 nlog 30 logstart 2 inodestart 32 bmap start 58 init: starting sh $ ls README cat echo forktest grep init kill ln ls mkdir rm sh stressfs usertests wc zombie console myfile myfile $ echo cse 660
3 cse 660 $ cat README xv6 is a re-implementation of Dennis Ritchie's and Ken Thompson's Unix Version 6 (v6). xv6 loosely follows the structure and style of v6, but is implemented for a modern x86-based multiprocessor using ANSI C. ACKNOWLEDGMENTS xv6 is inspired by John Lions's Commentary on UNIX 6th Edition (Peer to Peer Communications; ISBN: ; 1st edition (June 14, 2000)). See also which provides pointers to on-line resources for v6. xv6 borrows code from the following sources: JOS (asm.h, elf.h, mmu.h, bootasm.s, ide.c, console.c, and others) Plan 9 (entryother.s, mp.h, mp.c, lapic.c) FreeBSD (ioapic.c) NetBSD (console.c) The following people have made contributions: Russ Cox (context switching, locking), Cliff Frey (MP), Xiao Yu (MP), Nickolai Zeldovich, and Austin Clements. We are also grateful for the bug reports and patches contributed by Silas Boyd-Wickizer, Cody Cutler, Mike CAT, Nelson Elhage, Nathaniel Filardo, Peter Froehlich, Yakir Goaron, Shivam Handa, Bryan Henry, Jim Huang, Anders Kaseorg, kehao95, Wolfgang Keller, Eddie Kohler, Imbar Marinescu, Yandong Mao, Hitoshi Mitake, Carmi Merimovich, Joel Nider, Greg Price, Ayan Shafqat, Eldar Sehayek, Yongming Shen, Cam Tenny, Rafael Ubal, Warren Toomey, Stephen Tu, Pablo Ventura, Xi Wang, Keiichi Watanabe, Nicolas Wolovick, Jindong Zhang, and Zou Chang Wei. The code in the files that constitute xv6 is Copyright Frans Kaashoek, Robert Morris, and Russ Cox. ERROR REPORTS If you spot errors or have suggestions for improvement, please send to Frans Kaashoek and Robert Morris (kaashoek,rtm@csail.mit.edu). If you have suggestions for improvements, please keep in mind that the main purpose of xv6 is as a teaching operating system for MIT's For example, we are in particular interested in simplifications and clarifications, instead of suggestions for new systems calls, more portability, etc. BUILDING AND RUNNING XV6
4 To build xv6 on an x86 ELF machine (like Linux or FreeBSD), run "make". On non-x86 or non-elf machines (like OS X, even on x86), you will need to install a cross-compiler gcc suite capable of producing x86 ELF binaries. See Then run "make TOOLPREFIX=i386-jos-elf-". To run xv6, install the QEMU PC simulators. To run in QEMU, run "make qemu". To create a typeset version of the code, run "make xv6.pdf". This requires the "mpage" utility. See $ grep os README Version 6 (v6). xv6 loosely follows the structure and style of v6, 2000)). See also which kehao95, Wolfgang Keller, Eddie Kohler, Imbar Marinescu, Yandong Mao, Hitoshi suggestions for improvements, please keep in mind that the main purpose of xv6 need to install a cross-compiler gcc suite capable of producing x86 ELF binaries. See Then run "make TOOLPREFIX=i386-jos-elf-". $ cat README grep os wc $ echo cse 660 lab report > myfile $ cat myfile cse 660 lab report Learning and Observations: Ran various commands like ls, echo, cat, grep in Xv6. All commands seems to work same as basic linux commands. =================================================================================== Answer a) Debugging GDB [root@localhost lab2]# make qemu-nox-gdb dd if=/dev/zero of=xv6.img count= records in records out bytes (5.1 MB) copied, s, 79.6 MB/s dd if=bootblock of=xv6.img conv=notrunc 1+0 records in 1+0 records out 512 bytes (512 B) copied, s, 390 kb/s dd if=kernel of=xv6.img seek=1 conv=notrunc records in records out bytes (181 kb) copied, s, 6.7 MB/s sed "s/localhost:1234/localhost:25000/" <.gdbinit.tmpl >.gdbinit
5 *** Now run 'gdb'. /usr/local/bin/qemu-system-i386 -nographic -drive file=fs.img,index=1,media=disk,format=raw -drive file=xv6.img,index=0,media=disk,format=raw -smp 2 -m 512 -S -gdb tcp::25000 ============================================================================== Remote to XV6 [root@localhost lab2]# gdb GNU gdb (GDB) Red Hat Enterprise Linux el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later < This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: < warning: File "/root/documents/lab2/.gdbinit" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/autoload:/usr/bin/mono-gdb.py". To enable execution of this file add add-auto-load-safe-path /root/documents/lab2/.gdbinit line to your configuration file "/root/.gdbinit". To completely disable this security protection add set auto-load safe-path / line to your configuration file "/root/.gdbinit". For more information about this security protection see the "Auto-loading safe path" section in the GDB manual. E.g., run from the shell: info "(gdb)auto-loading safe path" (gdb) target remote : Remote debugging using : x0000fff0 in?? () (gdb) file kernel A program is being debugged already. Are you sure you want to change the file? (y or n) y Reading symbols from /root/documents/lab2/kernel...done. (gdb) break swtch Breakpoint 1 at 0x b: file swtch.s, line 10. Breakpoint 1, swtch () at swtch.s:10 10 movl 4(%esp), %eax 11 movl 8(%esp), %edx 14 pushl %ebp swtch () at swtch.s:15
6 15 pushl %ebx swtch () at swtch.s:16 16 pushl %esi swtch () at swtch.s:17 17 pushl %edi swtch () at swtch.s:20 20 movl %esp, (%eax) 21 movl %edx, %esp swtch () at swtch.s:24 24 popl %edi swtch () at swtch.s:25 25 popl %esi swtch () at swtch.s:26 26 popl %ebx swtch () at swtch.s:27 27 popl %ebp swtch () at swtch.s:28 28 ret forkret () at proc.c: { forkret () at proc.c: release(&ptable.lock); release (lk=<error reading variable: can't compute CFA for this frame>, lk@entry=0x80112da0 <ptable>) at spinlock.c:48 48 { 49 if(!holding(lk)) holding (lock=0x80112da0 <ptable>) at spinlock.c:92 92 return lock->locked && lock->cpu == cpu; release (lk=<error reading variable: can't compute CFA for this frame>, lk@entry=0x80112da0 <ptable>) at spinlock.c:52 52 lk->pcs[0] = 0; 53 lk->cpu = 0; Breakpoint 1, swtch () at swtch.s:10 10 movl 4(%esp), %eax (gdb) clear
7 Deleted breakpoint 1 (gdb) break exec Breakpoint 2 at 0x801009b0: file exec.c, line 12. [New Thread 2] [Switching to Thread 2] Breakpoint 1, exec (path=0x1c "/init", argv=argv@entry=0x8dfffeb0) at exec.c:12 12 { 21 begin_op(); Ran the following command in the Xv6 main terminal init: starting sh $ ls -l The Breakpoint was hit at the other terminal Breakpoint 1, exec (path=0x1940 "ls", argv=argv@entry=0x8dfbeeb0) at exec.c:12 12 { 21 begin_op(); (gdb) print argv[0] $1 = 0x1940 "ls" (gdb) print argv[1] $2 = 0x1943 "-l" (gdb) print argv[2] $3 = 0x0 Ran Backtrace command (gdb) backtrace #0 exec (path=0x1940 "ls", argv=argv@entry=0x8dfbeeb0) at exec.c:21 #1 0x801051d3 in sys_exec () at sysfile.c:418 #2 0x in syscall () at syscall.c:133 #3 0x801056c1 in trap (tf=0x8dfbefb4) at trap.c:43 #4 0x801054aa in alltraps () at trapasm.s:23 #5 0x8dfbefb4 in?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) up #1 0x801051d3 in sys_exec () at sysfile.c: return exec(path, argv); (gdb) list 413 break; 414 } 415 if(fetchstr(uarg, &argv[i]) < 0) 416 return -1; 417 } 418 return exec(path, argv);
8 419 } int 422 sys_pipe(void) Learning and Observations: Learned how to run Xv6 in debug mode. Ran various commands to debug and to put breakpoints for debugging. Examined context switching by putting breakpoint on swtch using break swtch command. Ran continue and step commands to step through the context switching functions. Learned how to debug input command from the terminal such as ls -l Also learned how to apply patch to the Xv6 file and updating qemu path in Makefile in order to run Xv6 with Qemu. Difficulties encountered I was getting following error while using break exec Breakpoint 2, exec ( path=<error reading variable: can't compute CFA for this frame>, argv=<error reading variable: can't compute CFA for this frame>, argv@entry=0x8dfffeb0) at exec.c:12 Solution: Applied following patch to existing Makefile CFLAGS = -fno-pic -static -fno-builtin -fno-strict-aliasing -Wall -MD - ggdb -m32 -Werror -fno-omit-frame-pointer -gdwarf-2 Answer b) Examined and debugged 'wait' function in proc.c wait function does the following Waits for a child process to exit and return its pid Return -1 if this process has no children. Applied breakpoints in proc.c (gdb) break wait Breakpoint 7 at 0x80103d90: file proc.c, line 232. Execute echo command in the Xv6 main terminal $ echo lab2 It hits the breakpoint at line 7 Breakpoint 7, wait () at proc.c: { Applied more breakpoints in the same wait function (gdb) break 246 Breakpoint 8 at 0x80103e00: file proc.c, line 246. (gdb) break 254
9 Breakpoint 9 at 0x80103e3d: file proc.c, line 254. (gdb) break 262 Breakpoint 10 at 0x80103e52: file proc.c, line 262. (gdb) break 267 Breakpoint 11 at 0x80103deb: file proc.c, line 267. Stepping through the function 236 acquire(&ptable.lock); acquire (lk=lk@entry=0x80114ce0 <tickslock>) at spinlock.c:27 27 pushcli(); // disable interrupts to avoid deadlock. Breakpoint 11, wait () at proc.c: sleep(proc, &ptable.lock); //DOC: wait-sleep It switches to thread 2 and execute echo command in the Xv6 main terminal $ echo lab2 lab2 In the other terminal breakpoint is hit [Switching to Thread 2] Breakpoint 8, wait () at proc.c: pid = p->pid; Breakpoint 9, wait () at proc.c: p->state = UNUSED; 255 release(&ptable.lock); (gdb) next 269 } (gdb) next 256 return pid; Finally wait function returns the pid for the child process. Answer C) Disassemble the kernel in i386 While running in debug mode, following commands were executed (gdb) set disassembly-flavor intel (gdb) disass Dump of assembler code for function acquire: 0x801041b0 <+0>: push ebp
10 0x801041b1 <+1>: mov ebp,esp 0x801041b3 <+3>: sub esp,0x18 0x801041b6 <+6>: pushf 0x801041b7 <+7>: pop ecx 0x801041b8 <+8>: cli 0x801041b9 <+9>: mov eax,gs:0x0 0x801041bf <+15>: mov edx,dword PTR [eax+0xac] 0x801041c5 <+21>: test edx,edx 0x801041c7 <+23>: jne 0x801041d5 <acquire+37> 0x801041c9 <+25>: and ecx,0x200 0x801041cf <+31>: mov DWORD PTR [eax+0xb0],ecx 0x801041d5 <+37>: add edx,0x1 0x801041d8 <+40>: mov DWORD PTR [eax+0xac],edx 0x801041de <+46>: mov edx,dword PTR [ebp+0x8] 0x801041e1 <+49>: mov ecx,dword PTR [edx] 0x801041e3 <+51>: test ecx,ecx 0x801041e5 <+53>: je 0x801041ec <acquire+60> 0x801041e7 <+55>: cmp eax,dword PTR [edx+0x8] 0x801041ea <+58>: je 0x <acquire+120> 0x801041ec <+60>: mov ecx,0x1 0x801041f1 <+65>: jmp 0x801041fb <acquire+75> ---Type <return> to continue, or q <return> to quit---return 0x801041f3 <+67>: nop 0x801041f4 <+68>: lea esi,[esi+eiz*1+0x0] => 0x801041f8 <+72>: mov edx,dword PTR [ebp+0x8] 0x801041fb <+75>: mov eax,ecx 0x801041fd <+77>: lock xchg DWORD PTR [edx],eax 0x <+80>: test eax,eax 0x <+82>: jne 0x801041f8 <acquire+72> 0x <+84>: mfence 0x <+87>: mov eax,dword PTR [ebp+0x8] 0x a <+90>: mov edx,dword PTR gs:0x0 0x <+97>: add eax,0xc 0x <+100>: mov DWORD PTR [eax-0x4],edx 0x <+103>: mov DWORD PTR [esp+0x4],eax 0x b <+107>: lea eax,[ebp+0x8] 0x e <+110>: mov DWORD PTR [esp],eax 0x <+113>: call 0x <getcallerpcs> 0x <+118>: leave 0x <+119>: ret 0x <+120>: mov DWORD PTR [esp],0x x f <+127>: call 0x <panic> Answer d) Implementation of cp command to copy one file to two others /* * copy command, cp for xv6 which copies one file to two other files */ #include "types.h" #include "stat.h" #include "user.h"
11 #include "fcntl.h" char buf[512]; void copy(char *file1, char *file2){ int fd0, fd1, n; // Validation for opening of files if((fd0 = open(file1, O_RDONLY)) < 0){ printf(1, "cp: cannot open %s\n", file1); exit(); } if((fd1 = open(file2, O_CREATE O_RDWR)) < 0){ printf(1, "cp: cannot open %s\n", file2); exit(); } } // Read file1 and write it to file2 while((n = read(fd0, buf, sizeof(buf))) > 0){ write(fd1, buf, n); } close(fd0); close(fd1); int main(int argc, char *argv[]) { // Check for number of parameters if(argc <= 3){ printf(1, "Need 3 arguments!\n"); exit(); } //Call copy function twice to copy from first file to other files copy(argv[1], argv[2]); copy(argv[1], argv[3]); exit(); } Testing and Execution a) Ran ls command. Output shows that cp has been added to Xv6 $ ls README cat echo forktest grep init
12 kill ln ls mkdir rm sh stressfs usertests wc cp zombie console b) Ran cp command with no parameters $ cp Need 3 arguments! c) Ran cp command with only one parameter $ cp README Need 3 arguments! d) Ran cp with valid parameters $ cp README myfile1 myfile2 e) Ran ls command to see whether files have been added. Output show files have been added with exact same size (in bytes) as of README. $ ls README cat echo forktest grep init kill ln ls mkdir rm sh stressfs usertests wc cp zombie console myfile myfile
13 f) Ran cat command for myfile1 and myfile2 to test the content of the files. Output shows that files have been successfully copied from README. $ cat myfile1 xv6 is a re-implementation of Dennis Ritchie's and Ken Thompson's Unix Version 6 (v6). xv6 loosely follows the structure and style of v6, but is implemented for a modern x86-based multiprocessor using ANSI C. ACKNOWLEDGMENTS xv6 is inspired by John Lions's Commentary on UNIX 6th Edition (Peer to Peer Communications; ISBN: ; 1st edition (June 14, 2000)). See also which provides pointers to on-line resources for v6. xv6 borrows code from the following sources: JOS (asm.h, elf.h, mmu.h, bootasm.s, ide.c, console.c, and others) Plan 9 (entryother.s, mp.h, mp.c, lapic.c) FreeBSD (ioapic.c) NetBSD (console.c) The following people have made contributions: Russ Cox (context switching, locking), Cliff Frey (MP), Xiao Yu (MP), Nickolai Zeldovich, and Austin Clements. We are also grateful for the bug reports and patches contributed by Silas Boyd-Wickizer, Cody Cutler, Mike CAT, Nelson Elhage, Nathaniel Filardo, Peter Froehlich, Yakir Goaron, Shivam Handa, Bryan Henry, Jim Huang, Anders Kaseorg, kehao95, Wolfgang Keller, Eddie Kohler, Imbar Marinescu, Yandong Mao, Hitoshi Mitake, Carmi Merimovich, Joel Nider, Greg Price, Ayan Shafqat, Eldar Sehayek, Yongming Shen, Cam Tenny, Rafael Ubal, Warren Toomey, Stephen Tu, Pablo Ventura, Xi Wang, Keiichi Watanabe, Nicolas Wolovick, Jindong Zhang, and Zou Chang Wei. The code in the files that constitute xv6 is Copyright Frans Kaashoek, Robert Morris, and Russ Cox. ERROR REPORTS If you spot errors or have suggestions for improvement, please send to Frans Kaashoek and Robert Morris (kaashoek,rtm@csail.mit.edu). If you have suggestions for improvements, please keep in mind that the main purpose of xv6 is as a teaching operating system for MIT's For example, we are in particular interested in simplifications and clarifications, instead of suggestions for new systems calls, more portability, etc.
14 BUILDING AND RUNNING XV6 To build xv6 on an x86 ELF machine (like Linux or FreeBSD), run "make". On non-x86 or non-elf machines (like OS X, even on x86), you will need to install a cross-compiler gcc suite capable of producing x86 ELF binaries. See Then run "make TOOLPREFIX=i386-jos-elf-". To run xv6, install the QEMU PC simulators. To run in QEMU, run "make qemu". To create a typeset version of the code, run "make xv6.pdf". This requires the "mpage" utility. See $ cat myfile2 xv6 is a re-implementation of Dennis Ritchie's and Ken Thompson's Unix Version 6 (v6). xv6 loosely follows the structure and style of v6, but is implemented for a modern x86-based multiprocessor using ANSI C. ACKNOWLEDGMENTS xv6 is inspired by John Lions's Commentary on UNIX 6th Edition (Peer to Peer Communications; ISBN: ; 1st edition (June 14, 2000)). See also which provides pointers to on-line resources for v6. xv6 borrows code from the following sources: JOS (asm.h, elf.h, mmu.h, bootasm.s, ide.c, console.c, and others) Plan 9 (entryother.s, mp.h, mp.c, lapic.c) FreeBSD (ioapic.c) NetBSD (console.c) The following people have made contributions: Russ Cox (context switching, locking), Cliff Frey (MP), Xiao Yu (MP), Nickolai Zeldovich, and Austin Clements. We are also grateful for the bug reports and patches contributed by Silas Boyd-Wickizer, Cody Cutler, Mike CAT, Nelson Elhage, Nathaniel Filardo, Peter Froehlich, Yakir Goaron, Shivam Handa, Bryan Henry, Jim Huang, Anders Kaseorg, kehao95, Wolfgang Keller, Eddie Kohler, Imbar Marinescu, Yandong Mao, Hitoshi Mitake, Carmi Merimovich, Joel Nider, Greg Price, Ayan Shafqat, Eldar Sehayek, Yongming Shen, Cam Tenny, Rafael Ubal, Warren Toomey, Stephen Tu, Pablo Ventura, Xi Wang, Keiichi Watanabe, Nicolas Wolovick, Jindong Zhang, and Zou Chang Wei. The code in the files that constitute xv6 is Copyright Frans Kaashoek, Robert Morris, and Russ Cox.
15 ERROR REPORTS If you spot errors or have suggestions for improvement, please send to Frans Kaashoek and Robert Morris If you have suggestions for improvements, please keep in mind that the main purpose of xv6 is as a teaching operating system for MIT's For example, we are in particular interested in simplifications and clarifications, instead of suggestions for new systems calls, more portability, etc. BUILDING AND RUNNING XV6 To build xv6 on an x86 ELF machine (like Linux or FreeBSD), run "make". On non-x86 or non-elf machines (like OS X, even on x86), you will need to install a cross-compiler gcc suite capable of producing x86 ELF binaries. See Then run "make TOOLPREFIX=i386-jos-elf-". To run xv6, install the QEMU PC simulators. To run in QEMU, run "make qemu". To create a typeset version of the code, run "make xv6.pdf". This requires the "mpage" utility. See Learnings and Observations: a) Learned various functions for reading/writing files (e.g. read(), open() and write()) b) Learned how to implement a new command in the Xv6. All the required parts for this lab were successfully completed.
NYU Poly s Policy on Academic Misconduct:
Homework 1 Academic Honesty Aside from the narrow exception for collaboration on homework, all work submitted in this course must be your own. Cheating and plagiarism will not be tolerated. If you have
More informationA: We see the ps auxw execute and print on screen. The program holds the command in buffer then it is printed on screen.
Brian Duenas CSE 460 Lab 4 20 points Total 2. Process Pipes Q: What do you see when you execute "pipe1"? Why? We see the ps auxw execute and print on screen. The program holds the command in buffer then
More informationW4118 Operating Systems. Junfeng Yang
W4118 Operating Systems Junfeng Yang Bad News This is a DIFFICULT course Most difficult rated by CS alumni Unfamiliar low-level systems programming C and Assembly No abstraction, close to hardware Intense
More informationBuffer Overflow Attack
Buffer Overflow Attack What every applicant for the hacker should know about the foundation of buffer overflow attacks By (Dalgona@wowhacker.org) Email: zinwon@gmail.com 2005 9 5 Abstract Buffer overflow.
More informationProcesses (Intro) Yannis Smaragdakis, U. Athens
Processes (Intro) Yannis Smaragdakis, U. Athens Process: CPU Virtualization Process = Program, instantiated has memory, code, current state What kind of memory do we have? registers + address space Let's
More informationCS Lab 1 xv6 Introduction Setup and exercise
CS 1550 Lab 1 xv6 Introduction Setup and exercise CS 1550 Kernel Space vs User Space OS manages hardware, services and user processes CPU Memory (Address space) I/O devices (Disk, mouse, video card, sound,
More informationBuffer-Overflow Attacks on the Stack
Computer Systems Buffer-Overflow Attacks on the Stack Introduction A buffer overflow occurs when a program, while writing data to a buffer, overruns the buffer's boundary and overwrites memory in adjacent
More informationBuffer-Overflow Attacks on the Stack
Computer Systems Buffer-Overflow Attacks on the Stack Introduction A buffer overflow occurs when a program, while writing data to a buffer, overruns the buffer's boundary and overwrites memory in adjacent
More informationUsing the GNU Debugger
Using the GNU Debugger 6.828 Fall 2014 September 10, 2014 6.828 Fall 2014 Using the GNU Debugger September 10, 2014 1 / 14 Homework solution From bootasm.s: # Set up the stack pointer and call into C.
More informationIntro x86 Part 3: Linux Tools & Analysis
Intro x86 Part 3: Linux Tools & Analysis Xeno Kovah 2009/2010 xkovah at gmail Approved for Public Release: 10-3348. Distribution Unlimited All materials is licensed under a Creative Commons Share Alike
More informationW4118 Operating Systems I
W4118 Operating Systems I Junfeng Yang References: Modern Operating Systems (3 rd edition), Operating Systems Concepts (8 th edition), previous W4118, and OS at MIT, Stanford, and UWisc Bad News This is
More informationUsing the GNU Debugger
Using the GNU Debugger 6.828 Fall 2016 September 14, 2016 6.828 Fall 2016 Using the GNU Debugger September 14, 2016 1 / 14 Homework solution 6.828 Fall 2016 Using the GNU Debugger September 14, 2016 2
More informationProcesses and Threads
1 Programs and Processes 1.1 What is a program? At its simplest, a program is a collection of instructions that are to be executed by the CPU. The program begins life as source code and is, most commonly,
More informationLAB 2: PROCESS SYNCHRONIZATION IN XV6
Fall 2018 - CS/COE 1550 LAB 2: PROCESS SYNCHRONIZATION IN XV6 In this lab, you will implement a synchronization solution using locks and condition variables to guarantee a specific execution ordering among
More information1 Programs and Processes
1 Programs and Processes 1.1 What is a program? At its simplest, a program is a collection of instructions that are to be executed by the CPU. The program begins life as source code and is, most commonly,
More informationCPS104 Recitation: Assembly Programming
CPS104 Recitation: Assembly Programming Alexandru Duțu 1 Facts OS kernel and embedded software engineers use assembly for some parts of their code some OSes had their entire GUIs written in assembly in
More informationAssembly Programmer s View Lecture 4A Machine-Level Programming I: Introduction
Assembly Programmer s View Lecture 4A Machine-Level Programming I: Introduction E I P CPU isters Condition Codes Addresses Data Instructions Memory Object Code Program Data OS Data Topics Assembly Programmer
More informationCS/COE 0449 term 2174 Lab 5: gdb
CS/COE 0449 term 2174 Lab 5: gdb What is a debugger? A debugger is a program that helps you find logical mistakes in your programs by running them in a controlled way. Undoubtedly by this point in your
More informationLab 10: Introduction to x86 Assembly
CS342 Computer Security Handout # 8 Prof. Lyn Turbak Wednesday, Nov. 07, 2012 Wellesley College Revised Nov. 09, 2012 Lab 10: Introduction to x86 Assembly Revisions: Nov. 9 The sos O3.s file on p. 10 was
More informationProgram Exploitation Intro
Program Exploitation Intro x86 Assembly 04//2018 Security 1 Univeristà Ca Foscari, Venezia What is Program Exploitation "Making a program do something unexpected and not planned" The right bugs can be
More informationCPEG421/621 Tutorial
CPEG421/621 Tutorial Compiler data representation system call interface calling convention Assembler object file format object code model Linker program initialization exception handling relocation model
More informationSimple C Program. Assembly Ouput. Using GCC to produce Assembly. Assembly produced by GCC is easy to recognize:
Simple C Program Helloworld.c Programming and Debugging Assembly under Linux slides by Alexandre Denault int main(int argc, char *argv[]) { } printf("hello World"); Programming and Debugging Assembly under
More informationbuffer overflow exploitation
buffer overflow exploitation Samuele Andreoli, Nicolò Fornari, Giuseppe Vitto May 11, 2016 University of Trento Introduction 1 introduction A Buffer Overflow is an anomaly where a program, while writing
More informationCS 537 Lecture 2 - Processes
CS 537 Lecture 2 - Processes Michael Swift 1 Basic Structure Kernel is a big program that starts when you boot your program Has full access to physical hardware. User programs, utilities, services see
More informationCMSC 313 Lecture 08 Project 2 Questions Recap Indexed Addressing Examples Some i386 string instructions A Bigger Example: Escape Sequence Project
CMSC 313 Lecture 08 Project 2 Questions Recap Indexed Addressing Examples Some i386 string instructions A Bigger Example: Escape Sequence Project UMBC, CMSC313, Richard Chang CMSC 313,
More informationCSE 351: Week 4. Tom Bergan, TA
CSE 35 Week 4 Tom Bergan, TA Does this code look okay? int binarysearch(int a[], int length, int key) { int low = 0; int high = length - ; while (low
More informationCSE 410: Systems Programming
CSE 410: Systems Programming Recitation 4: Introduction to gdb Introduction The GNU Debugger, or gdb, is a powerful symbolic debugger. Symbolic debuggers are available for many languages and platforms,
More informationmp2 Warmup Instructions (Updated 1/25/2016 by Ron Cheung for using VMs)
mp2 Warmup Instructions (Updated 1/25/2016 by Ron Cheung for using VMs) Study the lecture notes on the tools and instruction set. Then follow along with this document. Make sure everything works for you
More informationTyler Gaynair Lab 6 Score is out of 20
Tyler Gaynair Lab 6 Score is out of 20 1.) Try the pthreads.cpp and sdlthreads_demo.cpp programs presented in Introduction. Modify the programs so that they run 3 threads ( instead of two ) and each thread
More informationCS3210: Booting and x86. Taesoo Kim
1 CS3210: Booting and x86 Taesoo Kim 2 What is an operating system? e.g. OSX, Windows, Linux, FreeBSD, etc. What does an OS do for you? Abstract the hardware for convenience and portability Multiplex the
More informationCSC 591 Systems Attacks and Defenses Return-into-libc & ROP
CSC 591 Systems Attacks and Defenses Return-into-libc & ROP Alexandros Kapravelos akaprav@ncsu.edu NOEXEC (W^X) 0xFFFFFF Stack Heap BSS Data 0x000000 Code RW RX Deployment Linux (via PaX patches) OpenBSD
More informationCMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING PREVIEW SLIDES 16, SPRING 2013
CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING PREVIEW SLIDES 16, SPRING 2013 CONST POINTERS CONST POINTERS 4 ways to declare pointers in combination with const:!! int *ptr! const int *ptr!
More informationMachine Language, Assemblers and Linkers"
Machine Language, Assemblers and Linkers 1 Goals for this Lecture Help you to learn about: IA-32 machine language The assembly and linking processes 2 1 Why Learn Machine Language Last stop on the language
More informationCMSC 313 Lecture 12. Project 3 Questions. How C functions pass parameters. UMBC, CMSC313, Richard Chang
Project 3 Questions CMSC 313 Lecture 12 How C functions pass parameters UMBC, CMSC313, Richard Chang Last Time Stack Instructions: PUSH, POP PUSH adds an item to the top of the stack POP
More informationCOP4610: Operating Systems Project 1
COP4610: Operating Systems Project 1 Zhi Wang Florida State University Spring 2015 Zhi Wang (FSU) COP4610: Operating Systems Spring 2015 1 / 8 Part 1: xv6 on QEMU Run xv6 ssh linprog.cs.fsu.edu wget http://www.cs.fsu.edu/
More informationCMSC 313 Lecture 12 [draft] How C functions pass parameters
CMSC 313 Lecture 12 [draft] How C functions pass parameters UMBC, CMSC313, Richard Chang Last Time Stack Instructions: PUSH, POP PUSH adds an item to the top of the stack POP removes an
More information3. Process Management in xv6
Lecture Notes for CS347: Operating Systems Mythili Vutukuru, Department of Computer Science and Engineering, IIT Bombay 3. Process Management in xv6 We begin understanding xv6 process management by looking
More informationProcesses. q Process concept q Process model and implementation q Multiprocessing once again q Next Time: Scheduling
Processes q Process concept q Process model and implementation q Multiprocessing once again q Next Time: Scheduling The process model Computers can do more than one thing at a time Hard to keep track of
More informationPractical Malware Analysis
Practical Malware Analysis Ch 4: A Crash Course in x86 Disassembly Revised 1-16-7 Basic Techniques Basic static analysis Looks at malware from the outside Basic dynamic analysis Only shows you how the
More informationCS3210: Booting and x86
CS3210: Booting and x86 Lecture 2 Instructor: Dr. Tim Andersen 1 / 34 Today: Bootstrapping CPU -> needs a first instruction Memory -> needs initial code/data I/O -> needs to know how to communicate 2 /
More informationMitchell Adair January, 2014
Mitchell Adair January, 2014 Know Owen from our time at Sandia National Labs Currently work for Raytheon Founded UTDallas s Computer Security Group (CSG) in Spring 2010 Reversing, binary auditing, fuzzing,
More informationGDB Tutorial. Young W. Lim Tue. Young W. Lim GDB Tutorial Tue 1 / 32
GDB Tutorial Young W. Lim 2017-02-14 Tue Young W. Lim GDB Tutorial 2017-02-14 Tue 1 / 32 Outline 1 Introduction Young W. Lim GDB Tutorial 2017-02-14 Tue 2 / 32 Based on "Self-service Linux: Mastering the
More informationIntroduction Selected details Live demos. HrwCC. A self-compiling C-compiler. Stefan Huber Christian Rathgeb Stefan Walkner
HrwCC A self-compiling C-compiler. Stefan Huber Christian Rathgeb Stefan Walkner Universität Salzburg VP Compiler Construction June 26, 2007 Overview 1 Introduction Basic properties Features 2 Selected
More informationBUFFER OVERFLOW DEFENSES & COUNTERMEASURES
BUFFER OVERFLOW DEFENSES & COUNTERMEASURES CMSC 414 FEB 01 2018 RECALL OUR CHALLENGES How can we make these even more difficult? Putting code into the memory (no zeroes) Finding the return address (guess
More informationInstruction Set Architectures
Instruction Set Architectures! ISAs! Brief history of processors and architectures! C, assembly, machine code! Assembly basics: registers, operands, move instructions 1 What should the HW/SW interface
More information238P: Operating Systems. Lecture 7: Basic Architecture of a Program. Anton Burtsev January, 2018
238P: Operating Systems Lecture 7: Basic Architecture of a Program Anton Burtsev January, 2018 What is a program? What parts do we need to run code? Parts needed to run a program Code itself By convention
More information16.317: Microprocessor Systems Design I Spring 2015
16.317: Microprocessor Systems Design I Spring 2015 Exam 2 Solution 1. (16 points, 4 points per part) Multiple choice For each of the multiple choice questions below, clearly indicate your response by
More informationInstruction Set Architectures
Instruction Set Architectures ISAs Brief history of processors and architectures C, assembly, machine code Assembly basics: registers, operands, move instructions 1 What should the HW/SW interface contain?
More informationStack Debugging. Young W. Lim Sat. Young W. Lim Stack Debugging Sat 1 / 40
Stack Debugging Young W. Lim 2017-07-22 Sat Young W. Lim Stack Debugging 2017-07-22 Sat 1 / 40 Outline 1 Introduction References Compiling to IA32 Assembly Checking /proc//maps file Checking Stack
More informationCSE 351 Section 4 GDB and x86-64 Assembly Hi there! Welcome back to section, we re happy that you re here
CSE 351 Section 4 GDB and x86-64 Assembly Hi there! Welcome back to section, we re happy that you re here x86-64 Assembly Language Assembly language is a human-readable representation of machine code instructions
More informationLab 3. The Art of Assembly Language (II)
Lab. The Art of Assembly Language (II) Dan Bruce, David Clark and Héctor D. Menéndez Department of Computer Science University College London October 2, 2017 License Creative Commons Share Alike Modified
More information238P: Operating Systems. Lecture 4: Linking and Loading (Basic architecture of a program) Anton Burtsev October, 2018
238P: Operating Systems Lecture 4: Linking and Loading (Basic architecture of a program) Anton Burtsev October, 2018 What is a program? What parts do we need to run code? Parts needed to run a program
More informationGabrielle Evaristo CSE 460. Lab Dining Philosophers and Deadlock
Gabrielle Evaristo CSE 460 Lab 8 1. Dining Philosophers and Deadlock Try dine1.cpp. Type to check the number of philosophers eating. What conclusion can you draw on the number of philosophers that can
More informationReturn oriented programming
Return oriented programming TOOR - Computer Security Hallgrímur H. Gunnarsson Reykjavík University 2012-05-04 Introduction Many countermeasures have been introduced to foil EIP hijacking: W X: Prevent
More informationLinux Memory Layout. Lecture 6B Machine-Level Programming V: Miscellaneous Topics. Linux Memory Allocation. Text & Stack Example. Topics.
Lecture 6B Machine-Level Programming V: Miscellaneous Topics Topics Linux Memory Layout Understanding Pointers Buffer Overflow Upper 2 hex digits of address Red Hat v. 6.2 ~1920MB memory limit FF C0 Used
More informationSecond Part of the Course
CSC 2400: Computer Systems Towards the Hardware 1 Second Part of the Course Toward the hardware High-level language (C) assembly language machine language (IA-32) 2 High-Level Language g Make programming
More informationProcesses. Today. Next Time. Process concept Process model Implementing processes Multiprocessing once again. Scheduling processes
Processes Today Process concept Process model Implementing processes Multiprocessing once again Next Time Scheduling processes The process model Most computers can do more than one thing at a time Hard
More informationThe geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86) Hovav Shacham presented by: Fabian Fäßler
The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86) Hovav Shacham presented by: Fabian Fäßler return-oriented programming Hovav Shacham presented by: Fabian
More informationY86 Processor State. Instruction Example. Encoding Registers. Lecture 7A. Computer Architecture I Instruction Set Architecture Assembly Language View
Computer Architecture I Instruction Set Architecture Assembly Language View Processor state Registers, memory, Instructions addl, movl, andl, How instructions are encoded as bytes Layer of Abstraction
More informationx86 assembly CS449 Fall 2017
x86 assembly CS449 Fall 2017 x86 is a CISC CISC (Complex Instruction Set Computer) e.g. x86 Hundreds of (complex) instructions Only a handful of registers RISC (Reduced Instruction Set Computer) e.g. MIPS
More informationCS / ECE , Spring 2010 Exam 1
Andrew login ID: Full Name: Recitation Section: CS 15-213 / ECE 18-243, Spring 2010 Exam 1 Version 1100101 Tuesday, March 2nd, 2010 Instructions: Make sure that your exam is not missing any sheets, then
More informationSystems I. Machine-Level Programming I: Introduction
Systems I Machine-Level Programming I: Introduction Topics Assembly Programmerʼs Execution Model Accessing Information Registers IA32 Processors Totally Dominate General Purpose CPU Market Evolutionary
More informationCNIT 127: Exploit Development. Ch 3: Shellcode. Updated
CNIT 127: Exploit Development Ch 3: Shellcode Updated 1-30-17 Topics Protection rings Syscalls Shellcode nasm Assembler ld GNU Linker objdump to see contents of object files strace System Call Tracer Removing
More informationCMPT 300. Operating Systems. Brief Intro to UNIX and C
CMPT 300 Operating Systems Brief Intro to UNIX and C Outline Welcome Review Questions UNIX basics and Vi editor Using SSH to remote access Lab2(4214) Compiling a C Program Makefile Basic C/C++ programming
More informationAssembly Language Programming Debugging programs
Assembly Language Programming Debugging programs November 18, 2017 Debugging programs During the development and investigation of behavior of system programs various tools are used. Some utilities are
More informationBinghamton University. CS-220 Spring X86 Debug. Computer Systems Section 3.11
X86 Debug Computer Systems Section 3.11 GDB is a Source Level debugger We have learned how to debug at the C level But the machine is executing X86 object code! How does GDB play the shell game? Makes
More informationChanges made in this version not seen in first lecture:
Changelog 0 Changes made in this version not seen in first lecture: 30 August: juggling stacks: add arguments to stacks 30 August: where things go in context switch: new slide this duplicates some notional
More informationCS3210: Isolation Mechanisms
CS3210: Isolation Mechanisms Lecture 4 Instructor: Dr. Tim Andersen 1 / 34 Administrivia Lab 2 on Virtual Memory Due Feb 10 (one of the trickiest labs!) (Feb 16) Quiz #1. Lab1-3, Ch 0-3, Appendix A/B (Feb
More informationx86 architecture et similia
x86 architecture et similia 1 FREELY INSPIRED FROM CLASS 6.828, MIT A full PC has: PC architecture 2 an x86 CPU with registers, execution unit, and memory management CPU chip pins include address and data
More informationLecture 2 Assembly Language
Lecture 2 Assembly Language Computer and Network Security 9th of October 2017 Computer Science and Engineering Department CSE Dep, ACS, UPB Lecture 2, Assembly Language 1/37 Recap: Explorations Tools assembly
More informationLecture 08 Control-flow Hijacking Defenses
Lecture 08 Control-flow Hijacking Defenses Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides adapted from Miller, Bailey, and Brumley Control Flow Hijack: Always control + computation
More informationBinghamton University. CS-220 Spring X86 Debug. Computer Systems Section 3.11
X86 Debug Computer Systems Section 3.11 GDB is a Source Level debugger We have learned how to debug at the C level Now, C has been translated to X86 assembler! How does GDB play the shell game? Makes it
More informationReturn Oriented Programming
ROP gadgets Small instruction sequence ending with a ret instruction 0xc3 Gadgets are found in existing, resident code and libraries There exist tools to search for and find gadgets Gadgets are put together
More informationMachine-level Representation of Programs. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University
Machine-level Representation of Programs Jin-Soo Kim (jinsookim@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Program? 짬뽕라면 준비시간 :10 분, 조리시간 :10 분 재료라면 1개, 스프 1봉지, 오징어
More informationCMPSC 311- Introduction to Systems Programming Module: Debugging
CMPSC 311- Introduction to Systems Programming Module: Debugging Professor Patrick McDaniel Fall 2016 Debugging Often the most complicated and time-consuming part of developing a program is debugging.
More informationStack overflow exploitation
Stack overflow exploitation In order to illustrate how the stack overflow exploitation goes I m going to use the following c code: #include #include #include static void
More information143A: Principles of Operating Systems. Lecture 4: Linking and Loading (Basic architecture of a program) Anton Burtsev October, 2018
143A: Principles of Operating Systems Lecture 4: Linking and Loading (Basic architecture of a program) Anton Burtsev October, 2018 What is a program? What parts do we need to run code? Parts needed to
More informationFinal Exam. Fall Semester 2016 KAIST EE209 Programming Structures for Electrical Engineering. Name: Student ID:
Fall Semester 2016 KAIST EE209 Programming Structures for Electrical Engineering Final Exam Name: This exam is open book and notes. Read the questions carefully and focus your answers on what has been
More informationCSCE 212H, Spring 2008 Lab Assignment 3: Assembly Language Assigned: Feb. 7, Due: Feb. 14, 11:59PM
CSCE 212H, Spring 2008 Lab Assignment 3: Assembly Language Assigned: Feb. 7, Due: Feb. 14, 11:59PM February 7, 2008 1 Overview The purpose of this assignment is to introduce you to the assembly language
More informationQuiz I Solutions MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Department of Electrical Engineering and Computer Science
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.828 Fall 2011 Quiz I Solutions Mean 71 Median 69 Std. dev. 20.2 10 8 6 4 2 0 0 10 20 30 40 50 60 70 80
More informationAutodesk AutoCAD DWG-AC1021 Heap Corruption
security research Autodesk AutoCAD DWG-AC1021 Heap Corruption Mar 2013 AutoCAD is a software for computer-aided design (CAD) and technical drawing in 2D/3D, being one of the worlds leading CAD design tools.
More informationMACHINE-LEVEL PROGRAMMING I: BASICS COMPUTER ARCHITECTURE AND ORGANIZATION
MACHINE-LEVEL PROGRAMMING I: BASICS COMPUTER ARCHITECTURE AND ORGANIZATION Today: Machine Programming I: Basics History of Intel processors and architectures C, assembly, machine code Assembly Basics:
More informationEEE3052: Introduction to Operating Systems. Fall Project #1
EEE3052: Introduction to Operating Systems Fall 2017 Project #1 Project Plan 4 projects 0) Install Xv6 1) Process management - System call (9/11 ~ 9/17) - Scheduling 2) Virtual memory 3) Synchronization
More informationUniversità Ca Foscari Venezia
Stack Overflow Security 1 2018-19 Università Ca Foscari Venezia www.dais.unive.it/~focardi secgroup.dais.unive.it Introduction Buffer overflow is due to careless programming in unsafe languages like C
More informationComputer Architecture and Assembly Language. Practical Session 5
Computer Architecture and Assembly Language Practical Session 5 Addressing Mode - "memory address calculation mode" An addressing mode specifies how to calculate the effective memory address of an operand.
More informationBuilding Concurrency Primitives
Building Concurrency Primitives Science Computer Science CS 450: Operating Systems Sean Wallace Previously 1. Decided concurrency was a useful (sometimes necessary) thing to have. 2.
More informationECE/ME/EMA/CS 759 High Performance Computing for Engineering Applications
ECE/ME/EMA/CS 759 High Performance Computing for Engineering Applications Elements of Program Debugging Dan Negrut, 2017 ECE/ME/EMA/CS 759 UW-Madison Debugging on Euler [with gdb] Slides on gdb include
More informationCSC 405 Computer Security Shellcode
CSC 405 Computer Security Shellcode Alexandros Kapravelos akaprav@ncsu.edu Attack plan Attack code Vulnerable code xor ebx, ebx xor eax, eax mov ebx,edi mov eax,edx sub eax,0x388 Vulnerable code xor ebx,
More informationThe Process Abstraction. CMPU 334 Operating Systems Jason Waterman
The Process Abstraction CMPU 334 Operating Systems Jason Waterman How to Provide the Illusion of Many CPUs? Goal: run N processes at once even though there are M CPUs N >> M CPU virtualizing The OS can
More informationProject 1 System Calls
Project 1 System Calls Introduction In this project, you will become familiar with: 1. Using the xv6 Makefile 2. Using conditional compilation. 3. The xv6 system call invocation path. 4. Implementing a
More informationCNIT 127: Exploit Development. Ch 1: Before you begin. Updated
CNIT 127: Exploit Development Ch 1: Before you begin Updated 1-14-16 Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend, such as Denial
More informationICS143A: Principles of Operating Systems. Midterm recap, sample questions. Anton Burtsev February, 2017
ICS143A: Principles of Operating Systems Midterm recap, sample questions Anton Burtsev February, 2017 Describe the x86 address translation pipeline (draw figure), explain stages. Address translation What
More informationIntroduction. This project will focus primarily on processes.
Project 2 Processes Introduction This project will focus primarily on processes. In this project, you will become familiar with: 1. Locks for kernel-level data structures; concurrency. 2. Implementing
More information1. A student is testing an implementation of a C function; when compiled with gcc, the following x86-32 assembly code is produced:
This assignment refers to concepts discussed in the course notes on gdb and the book The Art of Debugging by Matloff & Salzman. The questions are definitely "hands-on" and will require some reading beyond
More informationBuffer Overflow. An Introduction
Buffer Overflow An Introduction Workshop Flow-1 Revision (4-10) How a program runs Registers Memory Layout of a Process Layout of a StackFrame Layout of stack frame using GDB and looking at Assembly code
More informationThe IA-32 Stack and Function Calls. CS4379/5375 Software Reverse Engineering Dr. Jaime C. Acosta
1 The IA-32 Stack and Function Calls CS4379/5375 Software Reverse Engineering Dr. Jaime C. Acosta 2 Important Registers used with the Stack EIP: ESP: EBP: 3 Important Registers used with the Stack EIP:
More informationW4118: interrupt and system call. Junfeng Yang
W4118: interrupt and system call Junfeng Yang Outline Motivation for protection Interrupt System call 2 Need for protection Kernel privileged, cannot trust user processes User processes may be malicious
More informationCS333 Project 1 Test Report Your Name Here
To obtain the L A TEX source for this document, change the file extension to.tex in the url. Testing Aside: Each student will need to provide their own screen shots or other test output as well as the
More informationCMPSC 311- Introduction to Systems Programming Module: Debugging
CMPSC 311- Introduction to Systems Programming Module: Debugging Professor Patrick McDaniel Fall 2014 Debugging Often the most complicated and time-consuming part of developing a program is debugging.
More information16.317: Microprocessor Systems Design I Fall 2015
16.317: Microprocessor Systems Design I Fall 2015 Exam 2 Solution 1. (16 points, 4 points per part) Multiple choice For each of the multiple choice questions below, clearly indicate your response by circling
More information