6,026 research outputs found
Instruction sequences with indirect jumps
We study sequential programs that are instruction sequences with direct and
indirect jump instructions. The intuition is that indirect jump instructions
are jump instructions where the position of the instruction to jump to is the
content of some memory cell. We consider several kinds of indirect jump
instructions. For each kind, we define the meaning of programs with indirect
jump instructions of that kind by means of a translation into programs without
indirect jump instructions. For each kind, the intended behaviour of a program
with indirect jump instructions of that kind under execution is the behaviour
of the translated program under execution on interaction with some memory
device.Comment: 23 pages; typos corrected, phrasing improved, reference replace
Quantitative Expressiveness of Instruction Sequence Classes for Computation on Single Bit Registers
The number of instructions of an instruction sequence is taken for its
logical SLOC, and is abbreviated with LLOC. A notion of quantitative
expressiveness is based on LLOC and in the special case of operation over a
family of single bit registers a collection of elementary properties are
established. A dedicated notion of interface is developed and is used for
stating relevant properties of classes of instruction sequence
Programming an interpreter using molecular dynamics
PGA (ProGram Algebra) is an algebra of programs which concerns programs in
their simplest form: sequences of instructions. Molecular dynamics is a simple
model of computation developed in the setting of PGA, which bears on the use of
dynamic data structures in programming. We consider the programming of an
interpreter for a program notation that is close to existing assembly languages
using PGA with the primitives of molecular dynamics as basic instructions. It
happens that, although primarily meant for explaining programming language
features relating to the use of dynamic data structures, the collection of
primitives of molecular dynamics in itself is suited to our programming wants.Comment: 27 page
Mechanistic Behavior of Single-Pass Instruction Sequences
Earlier work on program and thread algebra detailed the functional,
observable behavior of programs under execution. In this article we add the
modeling of unobservable, mechanistic processing, in particular processing due
to jump instructions. We model mechanistic processing preceding some further
behavior as a delay of that behavior; we borrow a unary delay operator from
discrete time process algebra. We define a mechanistic improvement ordering on
threads and observe that some threads do not have an optimal implementation.Comment: 12 page
Putting Instruction Sequences into Effect
An attempt is made to define the concept of execution of an instruction
sequence. It is found to be a special case of directly putting into effect of
an instruction sequence. Directly putting into effect of an instruction
sequences comprises interpretation as well as execution. Directly putting into
effect is a special case of putting into effect with other special cases
classified as indirectly putting into effect
Instruction sequences with dynamically instantiated instructions
We study sequential programs that are instruction sequences with dynamically
instantiated instructions. We define the meaning of such programs in two
different ways. In either case, we give a translation by which each program
with dynamically instantiated instructions is turned into a program without
them that exhibits on execution the same behaviour by interaction with some
service. The complexity of the translations differ considerably, whereas the
services concerned are equally simple. However, the service concerned in the
case of the simpler translation is far more powerful than the service concerned
in the other case.Comment: 25 pages; phrasing improve
CONFLLVM: A Compiler for Enforcing Data Confidentiality in Low-Level Code
We present an instrumenting compiler for enforcing data confidentiality in
low-level applications (e.g. those written in C) in the presence of an active
adversary. In our approach, the programmer marks secret data by writing
lightweight annotations on top-level definitions in the source code. The
compiler then uses a static flow analysis coupled with efficient runtime
instrumentation, a custom memory layout, and custom control-flow integrity
checks to prevent data leaks even in the presence of low-level attacks. We have
implemented our scheme as part of the LLVM compiler. We evaluate it on the SPEC
micro-benchmarks for performance, and on larger, real-world applications
(including OpenLDAP, which is around 300KLoC) for programmer overhead required
to restructure the application when protecting the sensitive data such as
passwords. We find that performance overheads introduced by our instrumentation
are moderate (average 12% on SPEC), and the programmer effort to port OpenLDAP
is only about 160 LoC.Comment: Technical report for CONFLLVM: A Compiler for Enforcing Data
Confidentiality in Low-Level Code, appearing at EuroSys 201
Software-Based Self-Test of Set-Associative Cache Memories
Embedded microprocessor cache memories suffer from limited observability and controllability creating problems during in-system tests. This paper presents a procedure to transform traditional march tests into software-based self-test programs for set-associative cache memories with LRU replacement. Among all the different cache blocks in a microprocessor, testing instruction caches represents a major challenge due to limitations in two areas: 1) test patterns which must be composed of valid instruction opcodes and 2) test result observability: the results can only be observed through the results of executed instructions. For these reasons, the proposed methodology will concentrate on the implementation of test programs for instruction caches. The main contribution of this work lies in the possibility of applying state-of-the-art memory test algorithms to embedded cache memories without introducing any hardware or performance overheads and guaranteeing the detection of typical faults arising in nanometer CMOS technologie
Lockdown: Dynamic Control-Flow Integrity
Applications written in low-level languages without type or memory safety are
especially prone to memory corruption. Attackers gain code execution
capabilities through such applications despite all currently deployed defenses
by exploiting memory corruption vulnerabilities. Control-Flow Integrity (CFI)
is a promising defense mechanism that restricts open control-flow transfers to
a static set of well-known locations. We present Lockdown, an approach to
dynamic CFI that protects legacy, binary-only executables and libraries.
Lockdown adaptively learns the control-flow graph of a running process using
information from a trusted dynamic loader. The sandbox component of Lockdown
restricts interactions between different shared objects to imported and
exported functions by enforcing fine-grained CFI checks. Our prototype
implementation shows that dynamic CFI results in low performance overhead.Comment: ETH Technical Repor
Static analysis of SEU effects on software applications
Control flow errors have been widely addressed in literature as a possible threat to the dependability of computer systems, and many clever techniques have been proposed to detect and tolerate them. Nevertheless, it has never been discussed if the overheads introduced by many of these techniques are justified by a reasonable probability of incurring control flow errors. This paper presents a static executable code analysis methodology able to compute, depending on the target microprocessor platform, the upper-bound probability that a given application incurs in a control flow error
- …