a characterization of state spill in modern oses
play

A Characterization of State Spill in Modern OSes Kevin Boos Emilio - PowerPoint PPT Presentation

Apr 24, 2023 •399 likes •672 views

A Characterization of State Spill in Modern OSes Kevin Boos Emilio Del Vecchio Lin Zhong ECE Department, Rice University EuroSys 2017 How do we deal with complexity? 2 Modularization complex 1 2 3 4 system 3 Modularization 1

  1. A Characterization of State Spill in Modern OSes Kevin Boos Emilio Del Vecchio Lin Zhong ECE Department, Rice University EuroSys 2017

  2. How do we deal 
 with complexity? 2

  3. Modularization complex 
 1 2 3 4 system 3

  4. Modularization 1 2 3 4 4

  5. Reducing complexity should make things easier… • Process migration • Fault isolation & 
 1 2 fault tolerance • Live update, hot- swapping, software 3 4 virtualization • Maintainability • Security and more 5

  6. Modularization is not enough! interactions have 
 complex effects! 1 2 Effects of interactions: • Propagation of data 
 3 4 and control • Changes to the state 
 of each entity state spill 6

  7. 
 State spill in a nutshell a new term to describe the phenomenon when: A software entity’s state undergoes lasting change as a result of an interaction with another entity. 7

  8. Outline of contributions 1. Define and identify state spill as a root cause of challenging problems in computing 2. Classify state spill examples collected from real OSes 3. Automate state spill detection with S TATE S PY 4. Results from Android system services 8

  9. Definition of State Spill 9

  10. State spill definition by example Source (application) Destination (system service) public void main() { public class SystemService { int id = ; static int sCount; Before byte cfg = ; byte mConfig; fn cb = handleCb; List<Callback> mCallbacks; (empty) int unrelated; service.addCallback( id, cfg, cb); public void addCallback( int id, byte cfg, During temporary log(“added cb!”); Callback cb) { } int b = id; Log.print("id=" + b); mConfig = cfg; void handleCb() { mCallbacks.add(cb); // do something sCount++; After } } } 10

  11. S TATE S PY : Automated State Spill Detection 11

  12. S TATE S PY : runtime + static analysis • Goal: help developers understand how 
 state spill occurs in their entities Running Source software files entity Resolution requests State spill Static Runtime Modification-reachable results analysis analysis whitelist Runtime type resolutions 12

  13. State Spill in Android Services 13

  14. Evaluating Android system services Binder IPC Application Proxy Stub Service transactions • StateSpy monitors service stub boundary ( onTransact ) • monkey induces real apps to invoke various transactions Found state spill in 94% of service stubs analyzed. 14

  15. Secondary state spill Entity Entity Entity S D 1 D 2 User Applications UiModeManagerService VibratorService KeyguardService AlarmManagerService UsbService AudioService InputManagerService ActivityManagerService HdmiControlService NotificationManagerService DisplayManagerService PowerManagerService UserManagerService StatusBarManagerService WindowManagerService SensorService PackageManagerService Hinders fault tolerance, hot-swapping, maintainability 15

  16. Case study: Flux [EuroSys’15] App App App Sensor Location Input Sensor Location Input Alarm Notification Clipboard Alarm Notification Clipboard • Android app migration via record & replay • Manually handles residual dependencies with decorator methods for each service transaction • Significant effort to overcome state spill Alex Van’t Hof, et al., “Flux: multi-surface computing in Android”, EuroSys 2015. 16

  17. Case study: Flux [EuroSys’15] App App App ? ? Sensor Location Input Sensor Location Input Alarm Notification Clipboard Alarm Notification Clipboard • Android app migration via record & replay • Manually handles residual dependencies with decorator methods for each service transaction • Significant effort to overcome state spill Alex Van’t Hof, et al., “Flux: multi-surface computing in Android”, EuroSys 2015. 17

  18. Case study: Flux [EuroSys’15] App App App Sensor Location Input Sensor Location Input Alarm Notification Clipboard Alarm Notification Clipboard • Android app migration via record & replay • Manually handles residual dependencies with decorator methods for each service transaction • Significant effort to overcome state spill 18

  19. Comparison with Flux Not 
 decorated Flux 
 77% 23% • Using Flux apps, we reproduced 113 unique transactions for analysis with S TATE S PY 19

  20. High correlation with state spill Causes 
 Not 
 State Spill decorated Flux 
 77% 23% 92% • State spill identifies problematic service transactions • and which states need special handling 20

  21. S TATE S PY catches what’s missing missed Not 
 21% decorated Flux 
 77% 23% Safely ignored 79% • Found state spill in 18 (21%) undecorated methods, each is potentially dangerous • Easy detection demonstrates S TATE S PY ’s utility 21

  22. Parting Thoughts 22

  23. Designs to avoid state spill • Client-provided resources • Stateless communication RESTful principle • Separation of multiplexing from indirection • Hardening of entity state • Modularity without interdependence 23

  24. Related work • Coupling [1] /modularity [2] as a necessary condition • Info-flow analysis [3,4] • Designs that partially reduce state spill • Compartmentalizing important states Barrelfish/DC [5] , Microreboot [6] , CuriOS [7] • • RESTful architectures (web) [11,12] 24

  25. Conclusion • State spill is an underlying problem that hinders many computing goals • Prevalent and deeply ingrained in many OSes • Reducing state spill will lead to better designs • More so than minimizing coupling, etc. • Next steps: redesign OS to minimize state spill S TATE S PY & more: http://download.recg.org 25

  26. References (1) J. Offutt, et al., “A software metric system for module coupling.” Journal of Systems and Software , 1993. (2) B. Ford, et al., “The Flux OSKit: A substrate for kernel and language research.” SOSP , 1997. (3) S. Arzt, et al., “FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps.” PLDI , 2014. (4) W. Enck, et al., “TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones.” OSDI , 2010. (5) G. Zellweger, et al., “Decoupling cores, kernels, and operating systems.” OSDI , 2014. (6) G. Candea, et al., “Microreboot - a technique for cheap recovery.” OSDI , 2004. (7) F. David, et al., “CuriOS: Improving reliability through operating system structure.” OSDI , 2008. (8) D. Engler, et al., “Exokernel: An operating system architecture for application-level resource management.” SOSP , 1995. (9) D. Porter, et al., “Rethinking the library os from the top down.” ASPLOS , 2011. (10) A. Madhavapeddy, et al., “Unikernels: Library operating systems for the cloud.” ASPLOS , 2013. (11) C. Pautasso and E. Wilde. “Why is the web loosely coupled?: a multi-faceted metric for service design.” WWW , 2009. (12) C. Pautasso, et al., “RESTful web services vs. ’big’ web services: making the right architectural decision.” WWW , 2008. 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A State Spill-free Theseus: Operating System Kevin Boos Lin Zhong Rice Efficient Computing Group

A State Spill-free Theseus: Operating System Kevin Boos Lin Zhong Rice Efficient Computing Group

A State Spill-free Theseus: Operating System Kevin Boos Lin Zhong Rice Efficient Computing Group Rice University PLOS 2017 October 28 Problems with Todays OSes Modern single-node OSes are vast and very complex Results in entangled

1.11k views • 48 slides
An In-depth Performance Characterization of CPU- and GPU-based DNN Training on Modern

An In-depth Performance Characterization of CPU- and GPU-based DNN Training on Modern

An In-depth Performance Characterization of CPU- and GPU-based DNN Training on Modern Architectures Ammar Ahmad Awan, Hari Subramoni, and Dhableswar K. (DK) Panda Dept. of Computer Science and Engineering The Ohio State University Credits:

536 views • 50 slides
Spill Response Presented by Marc Kalbaugh, UST/Remediation Specialist Spill Response/DEQ DEQ?

Spill Response Presented by Marc Kalbaugh, UST/Remediation Specialist Spill Response/DEQ DEQ?

Spill Response Presented by Marc Kalbaugh, UST/Remediation Specialist Spill Response/DEQ DEQ? Spills/Reporting State Comm Idaho Hazardous Materials/WMD Incident Command &amp; Response Support Plan DEQs Role DEQ's

770 views • 29 slides
------------------------ Presented to Puget Sound Partnership Oil Spill Work Group Dale Jensen,

------------------------ Presented to Puget Sound Partnership Oil Spill Work Group Dale Jensen,

OIL TRANSPORTATION &amp; SPILL RISK IN WASHINGTON STATE ------------------------ Presented to Puget Sound Partnership Oil Spill Work Group Dale Jensen, Program Manager Spill Prevention, Preparedness &amp; Response Program Changes in movement of

495 views • 13 slides
Processes A process is an instance of a program running Modern OSes run multiple processes

Processes A process is an instance of a program running Modern OSes run multiple processes

Processes A process is an instance of a program running Modern OSes run multiple processes simultaneously Examples (can all run simultaneously): - gcc file_A.c compiler running on file A - gcc file_B.c compiler running on file B

619 views • 44 slides
Characterization of Aniline Dyes in the Modern Colored Papers and the Prints of Jos Posada: A

Characterization of Aniline Dyes in the Modern Colored Papers and the Prints of Jos Posada: A

Characterization of Aniline Dyes in the Modern Colored Papers and the Prints of Jos Posada: A Collaboration with Conservators at the Amon Carter Museum of American Art Ashley E. Ellsworth, Jenny K. Hedlund, Lev D. Gelb, Amy V. Walker

354 views • 21 slides
Flotsam &amp; Jetsam: Evolving a Modern Regulatory Framework for an Acutely Modern Marine Debris

Flotsam &amp; Jetsam: Evolving a Modern Regulatory Framework for an Acutely Modern Marine Debris

6IMDC: Its Not Just Rubber Ducks: Container Ship Spill Prevention, Regulation, Mitigation, Environmental Impact and Liability Flotsam &amp; Jetsam: Evolving a Modern Regulatory Framework for an Acutely Modern Marine Debris Problem March 15,

394 views • 25 slides
The Deepwater Horizon Oil Spill Trustees CITY, STATE SiV l;. tfiC USDA m i

The Deepwater Horizon Oil Spill Trustees CITY, STATE SiV l;. tfiC USDA m i

The Deepwater Horizon Oil Spill Trustees CITY, STATE SiV l;. tfiC USDA m i ---------------------- P R C fl'- Our assessment of Gulf injuries and the proposed restoration plan with funding allocations DATE, 2015 DWH-AR0301673 Who We

228 views • 19 slides
Understanding Latency Variation in Modern DRAM Chips Experimental Characterization, Analysis,

Understanding Latency Variation in Modern DRAM Chips Experimental Characterization, Analysis,

Understanding Latency Variation in Modern DRAM Chips Experimental Characterization, Analysis, and Optimization Kevin Chang Abhijith Kashyap, Hasan Hassan, Saugata Ghose, Kevin Hsieh, Donghyuk Lee, Tianshi Li, Gennady Pekhimenko, Samira Khan,

751 views • 37 slides
MENA3100 Characterization of materials OBK, 18.01.18 Material characterization Material is a

MENA3100 Characterization of materials OBK, 18.01.18 Material characterization Material is a

MENA3100 Characterization of materials OBK, 18.01.18 Material characterization Material is a generic term used to describe physical matter in the solid state which occurs naturally or is manufactured to achieve particular physical properties

569 views • 8 slides
Assessment of Marine Oil Spill Risk and Environmental Vulnerability for the State of Alaska

Assessment of Marine Oil Spill Risk and Environmental Vulnerability for the State of Alaska

Assessment of Marine Oil Spill Risk and Environmental Vulnerability for the State of Alaska Restoration Center NW Jason Lehto May 21, 2014 Why should we conduct a risk analysis? Prioritize our work. Use our limited resources well.

505 views • 34 slides
MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise

MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise

MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise and purify our thoughts like a strain picture, or a passage from the grander poets. It always does one good. 5 MODERN 6 MODERN 7 MODERN 8

524 views • 24 slides
Mobile Systems Thierry Sans History of mobile OSes Early &quot;smart&quot; devices are PDAs

Mobile Systems Thierry Sans History of mobile OSes Early &quot;smart&quot; devices are PDAs

Mobile Systems Thierry Sans History of mobile OSes Early &quot;smart&quot; devices are PDAs (touchscreen, Internet) Symbian, first modern mobile OS released in 2000 run in Ericsson R380, the first &quot;smartphone&quot; (mobile phone

633 views • 24 slides
Modern Mississippi Chapters 10-11 MS state flag, seal and Coat of Arms Chp 10 &amp;11 (Modern

Modern Mississippi Chapters 10-11 MS state flag, seal and Coat of Arms Chp 10 &amp;11 (Modern

Modern Mississippi Chapters 10-11 MS state flag, seal and Coat of Arms Chp 10 &amp;11 (Modern MS) 2 Chp 10 &amp;11 (Modern MS) 3 Modern Mississippi Statistics As of the year 2000, MS had a population of 2,844,658. The largest city

1.09k views • 60 slides
Marine Spill Response on the West Coast May-9-17 Agenda Canadas Spill Response Regime

Marine Spill Response on the West Coast May-9-17 Agenda Canadas Spill Response Regime

Marine Spill Response on the West Coast May-9-17 Agenda Canadas Spill Response Regime Tanker Safety Expert Panel Oceans Protection Plan WCMRC Coastal Response Program Trans Mountain Expansion Project 198 989: 9: Ex

729 views • 26 slides
Sound quality of textural audio: characterization, modeling and visualization ESI Modern Methods

Sound quality of textural audio: characterization, modeling and visualization ESI Modern Methods

Austrian Research Institute for Artificial Intelligence (OFAI) Thomas Grill Sound quality of textural audio: characterization, modeling and visualization ESI Modern Methods of Time-Frequency Analysis II, Time-frequency methods for the applied

633 views • 45 slides
Compiler Infrastructure Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1

Compiler Infrastructure Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Compiler Infrastructure Systems and Internet Infrastructure Security

603 views • 23 slides
Enhancing Mobile Apps to Use Sensor Hubs without Programmer Effort Haichen Shen , Aruna

Enhancing Mobile Apps to Use Sensor Hubs without Programmer Effort Haichen Shen , Aruna

Enhancing Mobile Apps to Use Sensor Hubs without Programmer Effort Haichen Shen , Aruna Balasubramanian, Anthony LaMarca, David Wetherall 1 Continuous sensing apps Step Counting Fall Detection Driver Monitor Theft Detection Healthcare apps:

743 views • 29 slides
Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio

Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio

Privacy-Enhancing Overlays in Bitcoin Sarah Meiklejohn (University College London) Claudio Orlandi (Aarhus University) 1 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin 2 Anonymity in Bitcoin

1.23k views • 90 slides
Privacy on Smartphones Presentation by Claude Barthels Roadmap TaintDroid: An

Privacy on Smartphones Presentation by Claude Barthels Roadmap TaintDroid: An

Privacy on Smartphones Presentation by Claude Barthels Roadmap TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones MockDroid: Trading Privacy for Application Functionality on Smartphones

429 views • 38 slides
Kaestner: Tax, Estate Planning, and Trust Administration Implications By: Jonathan G.

Kaestner: Tax, Estate Planning, and Trust Administration Implications By: Jonathan G.

7/1/2019 Kaestner: Tax, Estate Planning, and Trust Administration Implications Handout materials are available for download or printing on the HANDOUT TAB on the gotowebinar console. If the tab is not open click on that tab to open it and

278 views • 23 slides
Static analysis for exploitable vulnerability detection Marie-Laure Potet VERIMAG University of

Static analysis for exploitable vulnerability detection Marie-Laure Potet VERIMAG University of

Static analysis for exploitable vulnerability detection Marie-Laure Potet VERIMAG University of Grenoble September 2014 Static analysis for exploitable vulnerability detection 1/43 Outline 1 Context Vulnerability detection process Static

546 views • 43 slides
Andromeda: XSS Accurate and Scalable Security Attackers evil script Analysis of Web

Andromeda: XSS Accurate and Scalable Security Attackers evil script Analysis of Web

Andromeda: XSS Accurate and Scalable Security Attackers evil script Analysis of Web Applications Web Application &lt;SCRIPT&gt;...&lt;/SCRIPT&gt; Attackers evil script executed using victims credentials Omer Tripp Marco

410 views • 6 slides
Injection-Angriffe: Szenarien, Analyseanstze, Gegenmanahmen und Erfahrungen aus der Praxis

Injection-Angriffe: Szenarien, Analyseanstze, Gegenmanahmen und Erfahrungen aus der Praxis

Injection-Angriffe: Szenarien, Analyseanstze, Gegenmanahmen und Erfahrungen aus der Praxis Dr. Alexander von Rhein Alexander von Rhein Research Software Verification Software-Product-Line Analysis Taint-Analysis Consulting Software

894 views • 30 slides

More recommend