6 research outputs found
An efficient and generic reversible debugger using the virtual machine based approach
The reverse execution of programs is a function where pro-grams are executed backward in time. A reversible debugger is a debugger that provides such a functionality. In this pa-per, we propose a novel reversible debugger that enables reverse execution of programs written in the C language. Our approach takes the virtual machine based approach. In this approach, the target program is executed on a special virtual machine. Our contribution in this paper is two-fold. First, we propose an approach that can address problems of (1) compatibility and (2) efficiency that exist in previous works. By compatibility, we mean that previous debuggers are not generic, i.e., they support only a special language or special intermediate code. Second, our approach provides two execution modes: the native mode, where the debuggee is directly executed on a real CPU, and the virtual ma-chine mode, where the debuggee is executed on a virtual machine. Currently, our debugger provides four types of trade-off settings (designated by unit and optimization) to consider trade-offs between granularity, accuracy, overhead and memory requirement. The user can choose the appro-priate setting flexibly during debugging without finishing and restarting the debuggee
Programming with Undo
This thesis is about objects that can undo their state changes. Based on an earlier work on data structure persistence, we propose generating undo methods for classes from annotated classes automatically. As opposed to ephemeral data structures, persistent data structures carry their older versions, and undo for a persistent structure is just returning to a previous version. Undoable objects simplify programming in a number of areas such as backtracking in constraint programming, and undo for interactive applications. Using the undo methods of individual objects, larger application level undo functionality can be built in an easier way
Scaling Causality Analysis for Production Systems.
Causality analysis reveals how program values influence each other.
It is important for debugging, optimizing, and understanding the execution of
programs. This thesis scales causality analysis to production systems
consisting of desktop and server applications as well as large-scale Internet
services. This enables developers to employ causality analysis to debug and
optimize complex, modern software systems. This thesis shows that it is
possible to scale causality analysis to both fine-grained instruction level
analysis and analysis of Internet scale distributed systems with thousands of
discrete software components by developing and employing automated methods to
observe and reason about causality.
First, we observe causality at a fine-grained instruction level by developing
the first taint tracking framework to support tracking millions of input
sources. We also introduce flexible taint tracking to allow
for scoping different queries and dynamic filtering of inputs, outputs, and
relationships.
Next, we introduce the Mystery Machine, which uses a ``big data'' approach to
discover causal relationships between software components in a large-scale
Internet service. We leverage the fact that large-scale Internet services
receive a large number of requests in order to observe counterexamples to
hypothesized causal relationships. Using discovered casual relationships, we
identify the critical path for request execution and use the critical path
analysis to explore potential scheduling optimizations.
Finally, we explore using causality to make data-quality tradeoffs in
Internet services. A data-quality tradeoff is an explicit decision by a software
component to return lower-fidelity data in order to improve response time or
minimize resource usage. We perform a study of data-quality tradeoffs in a
large-scale Internet service to show the pervasiveness of these
tradeoffs. We develop DQBarge, a system that enables better data-quality
tradeoffs by propagating critical information along the causal path of request
processing. Our evaluation shows that DQBarge helps Internet services mitigate
load spikes, improve utilization of spare resources, and implement dynamic
capacity planning.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/135888/1/mcchow_1.pd
A new approach to reversible computing with applications to speculative parallel simulation
In this thesis, we propose an innovative approach to reversible computing that shifts the focus from the operations to the memory outcome of a generic program. This choice allows us to overcome some typical challenges of "plain" reversible computing. Our methodology is to instrument a generic application with the help of an instrumentation tool, namely Hijacker, which we have redesigned and developed for the purpose. Through compile-time instrumentation, we enhance the program's code to keep track of the memory trace it produces until the end. Regardless of the complexity behind the generation of each computational step of the program, we can build inverse machine instructions just by inspecting the instruction that is attempting to write some value to memory. Therefore from this information, we craft an ad-hoc instruction that conveys this old value and the knowledge of where to replace it.
This instruction will become part of a more comprehensive structure, namely the reverse window. Through this structure, we have sufficient information to cancel all the updates done by the generic program during its execution.
In this writing, we will discuss the structure of the reverse window, as the building block for the whole reversing framework we designed and finally realized. Albeit we settle our solution in the specific context of the parallel discrete event simulation (PDES) adopting the Time Warp synchronization protocol, this framework paves the way for further general-purpose development and employment. We also present two additional innovative contributions coming from our innovative reversibility approach, both of them still embrace traditional state saving-based rollback strategy. The first contribution aims to harness the advantages of both the possible approaches. We implement the rollback operation combining state saving together with our reversible support through a mathematical model. This model enables the system to choose in autonomicity the best rollback strategy, by the mutable runtime dynamics of programs. The second contribution explores an orthogonal direction, still related to reversible computing aspects. In particular, we will address the problem of reversing shared libraries. Indeed, leading from their nature, shared objects are visible to the whole system and so does every possible external modification of their code. As a consequence, it is not possible to instrument them without affecting other unaware applications. We propose a different method to deal with the instrumentation of shared objects.
All our innovative proposals have been assessed using the last generation of the open source ROOT-Sim PDES platform, where we integrated our solutions. ROOT-Sim is a C-based package implementing a general purpose simulation environment based on the Time Warp synchronization protocol
Malware variant detection
Malware programs (e.g., viruses, worms, Trojans, etc.) are a worldwide epidemic. Studies and statistics show that the impact of malware is getting worse. Malware detectors are the primary tools in the defence against malware. Most commercial anti-malware scanners maintain a database of malware patterns and heuristic signatures for detecting malicious programs within a computer system. Malware writers use semantic-preserving code transformation (obfuscation) techniques to produce new stealth variants of their malware programs. Malware variants are hard to detect with today's detection technologies as these tools rely mostly on syntactic properties and ignore the semantics of malicious executable programs. A robust malware detection technique is required to handle this emerging security threat. In this thesis, we propose a new methodology that overcomes the drawback of existing malware detection methods by analysing the semantics of known malicious code. The methodology consists of three major analysis techniques: the development of a semantic signature, slicing analysis and test data generation analysis. The core element in this approach is to specify an approximation for malware code semantics and to produce signatures for identifying, possibly obfuscated but semantically equivalent, variants of a sample of malware. A semantic signature consists of a program test input and semantic traces of a known malware code. The key challenge in developing our semantics-based approach to malware variant detection is to achieve a balance between improving the detection rate (i.e. matching semantic traces) and performance, with or without the e ects of obfuscation on malware variants. We develop slicing analysis to improve the construction of semantic signatures. We back our trace-slicing method with a theoretical result that shows the notion of correctness of the slicer. A proof-of-concept implementation of our malware detector demonstrates that the semantics-based analysis approach could improve current detection tools and make the task more di cult for malware authors. Another important part of this thesis is exploring program semantics for the selection of a suitable part of the semantic signature, for which we provide two new theoretical results. In particular, this dissertation includes a test data generation method that works for binary executables and the notion of correctness of the method
Nova combinação de hardware e de software para veículos de desporto automóvel baseada no processamento directo de funções gráficas
Doutoramento em Engenharia EletrónicaThe main motivation for the work presented here began with previously
conducted experiments with a programming concept at the time named
"Macro". These experiments led to the conviction that it would be possible to
build a system of engine control from scratch, which could eliminate many of
the current problems of engine management systems in a direct and intrinsic
way. It was also hoped that it would minimize the full range of software and
hardware needed to make a final and fully functional system.
Initially, this paper proposes to make a comprehensive survey of the state of
the art in the specific area of software and corresponding hardware of
automotive tools and automotive ECUs. Problems arising from such software
will be identified, and it will be clear that practically all of these problems stem
directly or indirectly from the fact that we continue to make comprehensive use
of extremely long and complex "tool chains". Similarly, in the hardware, it will
be argued that the problems stem from the extreme complexity and
inter-dependency inside processor architectures. The conclusions are
presented through an extensive list of "pitfalls" which will be thoroughly
enumerated, identified and characterized.
Solutions will also be proposed for the various current issues and for the
implementation of these same solutions. All this final work will be part of a
"proof-of-concept" system called "ECU2010". The central element of this
system is the before mentioned "Macro" concept, which is an graphical block
representing one of many operations required in a automotive system having
arithmetic, logic, filtering, integration, multiplexing functions among others. The
end result of the proposed work is a single tool, fully integrated, enabling the
development and management of the entire system in one simple visual
interface. Part of the presented result relies on a hardware platform fully
adapted to the software, as well as enabling high flexibility and scalability in
addition to using exactly the same technology for ECU, data logger and
peripherals alike.
Current systems rely on a mostly evolutionary path, only allowing online
calibration of parameters, but never the online alteration of their own
automotive functionality algorithms. By contrast, the system developed and
described in this thesis had the advantage of following a "clean-slate"
approach, whereby everything could be rethought globally. In the end, out of all
the system characteristics, "LIVE-Prototyping" is the most relevant feature,
allowing the adjustment of automotive algorithms (eg. Injection, ignition,
lambda control, etc.) 100% online, keeping the engine constantly working,
without ever having to stop or reboot to make such changes. This consequently
eliminates any "turnaround delay" typically present in current automotive
systems, thereby enhancing the efficiency and handling of such systems.A principal motivação para o trabalho que conduziu a esta tese residiu na
constatação de que os actuais métodos de modelação de centralinas
automóveis conduzem a significativos problemas de desenvolvimento e
manutenção. Como resultado dessa constatação, o objectivo deste trabalho
centrou-se no desenvolvimento de um conceito de arquitectura que rompe
radicalmente com os modelos state-of-the-art e que assenta num conjunto de
conceitos que vieram a ser designados de "Macro" e "Celular ECU". Com este
modelo pretendeu-se simultaneamente minimizar a panóplia de software e de
hardware necessários à obtenção de uma sistema funcional final.
Inicialmente, esta tese propõem-se fazer um levantamento exaustivo do
estado da arte na área específica do software e correspondente hardware das
ferramentas e centralinas automóveis. Os problemas decorrentes de tal
software serão identificados e, dessa identificação deverá ficar claro, que
praticamente todos esses problemas têm origem directa ou indirecta no facto
de se continuar a fazer um uso exaustivo de "tool chains" extremamente
compridas e complexas. De forma semelhante, no hardware, os problemas
têm origem na extrema complexidade e inter-dependência das arquitecturas
dos processadores. As consequências distribuem-se por uma extensa lista de
"pitfalls" que também serão exaustivamente enumeradas, identificadas e
caracterizadas.
São ainda propostas soluções para os diversos problemas actuais e
correspondentes implementações dessas mesmas soluções. Todo este
trabalho final faz parte de um sistema "proof-of-concept" designado
"ECU2010". O elemento central deste sistema é o já referido conceito de
“Macro”, que consiste num bloco gráfico que representa uma de muitas
operações necessárias num sistema automóvel, como sejam funções
aritméticas, lógicas, de filtragem, de integração, de multiplexagem, entre
outras. O resultado final do trabalho proposto assenta numa única ferramenta,
totalmente integrada que permite o desenvolvimento e gestão de todo o
sistema de forma simples numa única interface visual. Parte do resultado
apresentado assenta numa plataforma hardware totalmente adaptada ao
software, bem como na elevada flexibilidade e escalabilidade, para além de
permitir a utilização de exactamente a mesma tecnologia quer para a
centralina, como para o datalogger e para os periféricos.
Os sistemas actuais assentam num percurso maioritariamente evolutivo,
apenas permitindo a calibração online de parâmetros, mas nunca a alteração
online dos próprios algoritmos das funcionalidades automóveis. Pelo contrário,
o sistema desenvolvido e descrito nesta tese apresenta a vantagem de seguir
um "clean-slate approach", pelo que tudo pode ser globalmente repensado. No
final e para além de todas as restantes características, o
“LIVE-PROTOTYPING” é a funcionalidade mais relevante, ao permitir alterar
algoritmos automóveis (ex: injecção, ignição, controlo lambda, etc.) de forma
100% online, mantendo o motor constantemente a trabalhar e sem nunca ter
de o parar ou re-arrancar para efectuar tais alterações. Isto elimina
consequentemente qualquer "turnaround delay" tipicamente presente em
qualquer sistema automóvel actual, aumentando de forma significativa a
eficiência global do sistema e da sua utilização