Bugs (part 1) CPS210 Spring 2006. Papers  Bugs as Deviant Behavior: A General Approach to Inferring Errors in System Code  Dawson Engler  Eraser: A.

Slides:



Advertisements
Similar presentations
Operating Systems Semaphores II
Advertisements

Polymorphism and Virtual Functions. Topics Polymorphism Virtual Functions Pure Virtual Functions Abstract Base Classes Virtual Destructors V-Tables Run.
CSCC69: Operating Systems
Chapter 6 Process Synchronization Bernard Chen Spring 2007.
Secure Operating Systems Lesson 5: Shared Objects.
Threads. Readings r Silberschatz et al : Chapter 4.
CS 443 Advanced OS Fabián E. Bustamante, Spring 2005 Bugs as deviant behavior – Inferring errors in systems code D. Engler, D. Chen, S. Hallem, B. Chelf,
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
CSE 451: Operating Systems Spring 2012 Module 7 Synchronization Ed Lazowska Allen Center 570.
Atomicity in Multi-Threaded Programs Prachi Tiwari University of California, Santa Cruz CMPS 203 Programming Languages, Fall 2004.
/ PSWLAB Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs By Cormac Flanagan, Stephen N. Freund 24 th April, 2008 Hong,Shin.
Big Picture Lab 4 Operating Systems Csaba Andras Moritz.
S. Narayanasamy, Z. Wang, J. Tigani, A. Edwards, B. Calder UCSD and Microsoft PLDI 2007.
Threading Part 2 CS221 – 4/22/09. Where We Left Off Simple Threads Program: – Start a worker thread from the Main thread – Worker thread prints messages.
TaintCheck and LockSet LBA Reading Group Presentation by Shimin Chen.
CS533 Concepts of Operating Systems Class 3 Data Races and the Case Against Threads.
Server Architecture Models Operating Systems Hebrew University Spring 2004.
Home: Phones OFF Please Unix Kernel Parminder Singh Kang Home:
Building Secure Software Chapter 9 Race Conditions.
Pthread Synchronization Operating Systems Hebrew University Spring 2004.
CS533 - Concepts of Operating Systems
CS533 Concepts of Operating Systems Class 3 Monitors.
Threads© Dr. Ayman Abdel-Hamid, CS4254 Spring CS4254 Computer Network Architecture and Programming Dr. Ayman A. Abdel-Hamid Computer Science Department.
Threads CNS What is a thread?  an independent unit of execution within a process  a "lightweight process"  an independent unit of execution within.
/ PSWLAB Eraser: A Dynamic Data Race Detector for Multithreaded Programs By Stefan Savage et al 5 th Mar 2008 presented by Hong,Shin Eraser:
Scheduler Activations Jeff Chase. Threads in a Process Threads are useful at user-level – Parallelism, hide I/O latency, interactivity Option A (early.
Discussion Week 3 TA: Kyle Dewey. Overview Concurrency overview Synchronization primitives Semaphores Locks Conditions Project #1.
Multithreaded Web Server.
15-740/ Oct. 17, 2012 Stefan Muller.  Problem: Software is buggy!  More specific problem: Want to make sure software doesn’t have bad property.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Inferring and checking system rules by static analysis William R Wright.
The University of Adelaide, School of Computer Science
Eraser: A Dynamic Data Race Detector for Multithreaded Programs STEFAN SAVAGE, MICHAEL BURROWS, GREG NELSON, PATRICK SOBALVARRO, and THOMAS ANDERSON Ethan.
Static Code Checking: Security and Concurrency Ben Watson The George Washington University CS 297 Security and Programming Languages June 9, 2005.
Threads and Thread Control Thread Concepts Pthread Creation and Termination Pthread synchronization Threads and Signals.
COMP 111 Threads and concurrency Sept 28, Tufts University Computer Science2 Who is this guy? I am not Prof. Couch Obvious? Sam Guyer New assistant.
Processes CS 6560: Operating Systems Design. 2 Von Neuman Model Both text (program) and data reside in memory Execution cycle Fetch instruction Decode.
Fundamentals of Parallel Computer Architecture - Chapter 71 Chapter 7 Introduction to Shared Memory Multiprocessors Yan Solihin Copyright.
Discussion Week 2 TA: Kyle Dewey. Overview Concurrency Process level Thread level MIPS - switch.s Project #1.
Sampling Dynamic Dataflow Analyses Joseph L. Greathouse Advanced Computer Architecture Laboratory University of Michigan University of British Columbia.
PHY 107 – Programming For Science. Today’s Goal  Learn how arrays normally used in real programs  Why a function returning an array causes bugs  How.
Threads. Readings r Silberschatz et al : Chapter 4.
Eraser: A dynamic Data Race Detector for Multithreaded Programs Stefan Savage, Michael Burrows, Greg Nelson, Patrick Sobalvarro, Thomas Anderson Presenter:
1 Critical Section Problem CIS 450 Winter 2003 Professor Jinhua Guo.
Semaphores Reference –text: Tanenbaum ch
Big Picture Lab 4 Operating Systems C Andras Moritz
Memory Management in Java Mr. Gerb Computer Science 4.
1 Introduction to Threads Race Conditions. 2 Process Address Space Revisited Code Data OS Stack (a)Process with Single Thread (b) Process with Two Threads.
1 Module 3: Processes Reading: Chapter Next Module: –Inter-process Communication –Process Scheduling –Reading: Chapter 4.5, 6.1 – 6.3.
Detecting Data Races in Multi-Threaded Programs
Presenter: Godmar Back
Healing Data Races On-The-Fly
Andy Wang COP 5611 Advanced Operating Systems
Concurrency.
CS533 Concepts of Operating Systems Class 3
Threads and Memory Models Hal Perkins Autumn 2011
Dynamic Memory A whole heap of fun….
Threads and Memory Models Hal Perkins Autumn 2009
Lecture 25: Multiprocessors
CS533 Concepts of Operating Systems Class 3
CSE 451: Operating Systems Autumn 2004 Module 6 Synchronization
CSE 451: Operating Systems Autumn 2003 Lecture 7 Synchronization
CSE 451: Operating Systems Autumn 2005 Lecture 7 Synchronization
CSE 451: Operating Systems Winter 2003 Lecture 7 Synchronization
Foundations and Definitions
CSE 153 Design of Operating Systems Winter 2019
CSE 451 Section 1/27/2000.
CS 144 Advanced C++ Programming May 7 Class Meeting
EECE.4810/EECE.5730 Operating Systems
Eraser: A dynamic data race detector for multithreaded programs
Presentation transcript:

Bugs (part 1) CPS210 Spring 2006

Papers  Bugs as Deviant Behavior: A General Approach to Inferring Errors in System Code  Dawson Engler  Eraser: A Dynamic Data Race Detector for Multithreaded Programs  Stefan Savage

Take a deep breath  One month is over, 2.5 left  15 papers down, 19 to go  (the reading schedule lightens)  Done with most “core OS” topics  Address spaces, page tables, threads, etc

What’s left  Various forms of IO  e.g. networking and storage  Broader system properties  e.g. reliability and security  Projects!

Dealing with bugs  We know how to build systems  How do we fix the ones we’re stuck with?  What is a buggy program?  One that behaves “incorrectly”

What does “correct” look like?  At the macro-level this is really hard  Need to know user expectations  Need to know programmers intentions  Easier to look at a micro-level  Are variables used as we expect?  Are primitives used as we expect?

Consistency example 1.int mxser_write (strcut ttyp_struct *tty) { // B(tty)=unknown 2. struct msxer_sstruct *info = tty>driver_data; // B(tty)=notnull 3. unsigned long flags; if (!tty || !info->xmit_buf) // B(tty)=null,notnull 6. return 0; 7. … Beliefs are MUST beliefs

Example template  T = “do not dereference null pntr ”  Slote instance p  Belief set B p  {}, {null}, {notnull}, {null, notnull}  Which actions matter?  Pointer dereferences, comparisons to null

Statistical analysis example 1.lock l; // lock 2.int a,b; // variables potentially protected by l 3.void foo () { 4. lock (l); // enter critical section 5. a = a + b; // MAY: a, b protected by l 6. unlock (l); // exit critical section 7. b = b + 1; // MUST: b not protected by l 8.} 9.void bar () { 10. lock (l); 11. a = a + 1; // MAY: a protected by l 12. unlock (l); 13.} 14.void baz () { 15. a = a + 1; // MAY: a protected by l 16. unlock (l); 17. b = b – 1; // MUST: b not protected by l 18. a = a / 5; // MUST: a not protected by l 19.} check Slot combination = ( a, l ) T = variable must be protected by lock check check (ERROR)

Statistical analysis example 1.lock l; // lock 2.int a,b; // variables potentially protected by l 3.void foo () { 4. lock (l); // enter critical section 5. a = a + b; // MAY: a, b protected by l 6. unlock (l); // exit critical section 7. b = b + 1; // MUST: b not protected by l 8.} 9.void bar () { 10. lock (l); 11. a = a + 1; // MAY: a protected by l 12. unlock (l); 13.} 14.void baz () { 15. a = a + 1; // MAY: a protected by l 16. unlock (l); 17. b = b – 1; // MUST: b not protected by l 18. a = a / 5; // MUST: a not protected by l 19.} check Slot combination = ( b, l ) T = variable must be protected by lock check (ERROR)

Eraser variable state machine Virgin Exclusive Shared- modified Shared wr, new thread rd/wr, first thread wr rd, new thread rd wr C(v) does not change C(v) changes No errors reported C(v) changes Errors reported

Intentional races 1.if (p->ip_fp == (NI2_XFILE *) 0) { // fpntr set? 2. NI2_LOCKS_LOCK (&p->ip_lock); // acq lock 3. if (p->ip_fp == (NI2_XFILE *) 0) { // fpntr set since we last checked? 4. p->ip_fp = ni2_xfopen (p->ip_name, “rb”); 5. } 6. NI2_LOCKS_UNLOCK (&p->ip_lock); // rel lock 7.} 8.… // no locking overhead if fpntr set

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.