extending a compiler backend for complete memory error
play

Extending a Compiler Backend for Complete Memory Error Detection - PowerPoint PPT Presentation

Aug 29, 2023 •330 likes •573 views

Extending a Compiler Backend for Complete Memory Error Detection Norman A. Rink and Jeronimo Castrillon Technische Universitt Dresden Automotive Safety & Security 2017 30 May 2017 Stuttgart Outline 1. Motivation 2. Error detection,

  1. Extending a Compiler Backend for Complete Memory Error Detection Norman A. Rink and Jeronimo Castrillon Technische Universität Dresden Automotive – Safety & Security 2017 30 May 2017 Stuttgart

  2. Outline 1. Motivation 2. Error detection, AN encoding 3. The extended compiler backend 4. Evaluation 5. Summary 2

  3. Outline 1. Motivation 2. Memory error detection, AN encoding 3. The extended compiler backend 4. Evaluation 5. Summary 3

  4. Motivation Frequency of transient HW faults (aka. soft errors ) is increasing. q Traditional cause of faults: cosmic rays. q Vulnerability is increasing due to smaller feature sizes and lower operating q voltages. Dark/dim silicon in memory modules: q § Extended refresh cycles for DRAM. for energy efficiency § Lower supply voltage for SRAM. S. Borkar, “Designing reliable systems from unreliable components: …,” IEEE Micro, vol. 25, no. 6, 2005. Memory errors: ECC memory modules have their limitations. q Typically SEC-DED codes ( single error correction, double error detection ). q Large fractions of memory errors cannot be handled by SEC-DED codes (Hwang et al., ASPLOS 2012). q ECC not necessarily extended to the entire memory hierarchy. (Load-store queues?) q Software-implemented error detection has the flexibility to detect also complex error patterns. 4 Norman Rink, norman.rink@tu-dresden.de

  5. Software-implemented error detection Manual incorporation of integrity checks. var = a + b; q r = c * var; Laborious and cumbersome. ✘ Mixes functional and non-functional requirements. ✘ Requires expert knowledge. ✘ Error detection limited to anticipated errors. ✘ Automated, disciplined approaches. q check(a0, a1); Enable comprehensive error detection. ... q var0 = a0 + b0; Source-to-source transformation. q var1 = a1 + b1; popular in the late 90s Aspects. check(var0, var1); q and early 2000s ... Compiler-based approaches: q r0 = c0 * var0; § Transformation of machine code. r1 = c1 * var1; check(r0, r1); § Transformation of intermediate representation (IR). increasingly popular since the gives access to sophisticated advent of the LLVM framework program analysis 5 Norman Rink, norman.rink@tu-dresden.de

  6. Limitations of software-implemented error detection To detect errors in memory … var = a + b; q r = c * var; Which variables are kept in memory? q Ultimately, the compiler When are variables kept in memory? q knows all this … Are there any hidden variables that ... but only very late! q are put into memory? check(a0, a1); Percentage of dynamic memory accesses ... (loads) that are present in the program IR var0 = a0 + b0; or inserted by the compiler backend: var1 = a1 + b1; check(var0, var1); (Twelve test programs, labeled A-L.) ... r0 = c0 * var0; r1 = c1 * var1; check(r0, r1); In some cases (H, L) virtually all loads are inserted by the compiler backend! 6 Norman Rink, norman.rink@tu-dresden.de

  7. Outline 1. Motivation 2. Memory error detection, AN encoding 3. The extended compiler backend 4. Evaluation 5. Summary 7

  8. Memory error detection by DMR q DMR (dual modular redundancy). q In the context of software-implemented error detection: duplication of data. store i64 %0, i64* %p0 store i64 %0, i64* %p1 duplication ... of data store i64 %0, i64* %p %10 = load i64* %p0 ... %11 = load i64* %p1 %1 = load i64* %p %f0 = icmp eq i64 %10, %r11 error br i1 %f0, label continue, detection label recover q DMR may introduce race conditions in multi-threaded applications. q State-of-the-art work usually assumes memory is protected by ECC (in hardware). 8

  9. AN encoding AN encoding: q Fix an integer constant A. q n enc = n * A Encode integer values by multiplying by A: q n = n enc / A Decode by dividing by A: q n enc mod A = 0 Check for errors: q Error-detecting capability varies with the constant A. q Generally, multi-bit errors can be detected by suitable A. q A = 58659 is known to have good properties; can detect up to 5 bit flips, Hoffmann et al., 2015. q AN encoding introduces large overheads if used to protect operations: several 10 x -100 x . q 9 Norman Rink, norman.rink@tu-dresden.de

  10. Memory error detection by AN encoding (1) Detection of multi-bit errors in memory, including caches, load-store queues. q Apply AN encoding only to values stored to memory à low overhead due to AN encoding. q encode before storing: check and decode after loading: %01 = mul i64 %00, A %1 = load i64* %p store i64 %01, i64* %p %2 = srem i64 %1, A %f0 = icmp eq i64 %2, 0 br i1 %f0, label continue, label recover AN encoding is applied at the LLVM IR level. q %3 = sdiv i64 %2, A Common approach in software-implemented fault q ... tolerance schemes. Error detection at the IR level misses memory accesses that are inserted by the compiler backend. 10 Norman Rink, norman.rink@tu-dresden.de

  11. Memory error detection by AN encoding (2) Remember this plot: Backend for the C programming language q q inserts memory accesses for: Register spills ( spill ). q Callee-saved registers ( csr ). q Frame pointer ( fptr ). q implement function calls Return address ( return ). q Function arguments ( arg ). q Jump tables ( jt ). q 11 Norman Rink, norman.rink@tu-dresden.de

  12. Outline 1. Motivation 2. Memory error detection, AN encoding 3. The extended compiler backend 4. Evaluation 5. Summary 12

  13. The extended compiler backend Implement error detection in the compiler q Backend for the C programming language q backend by DMR: inserts memory accesses for: Faster than AN encoding. q Register spills ( spill ). q Keeps function calls efficient. q Callee-saved registers ( csr ). q Adds (almost) no register pressure. q Frame pointer ( fptr ). q Return address ( return ). q Duplicated store/load: q Function arguments ( arg ). q Additional memory accesses are ”cheap”. q Jump tables ( jt ). q Memory locations already in the cache. q (All) memory accesses are thread-local. q 13 Norman Rink, norman.rink@tu-dresden.de

  14. DMR for register spills mov eax, -0x34(ebp) mov eax, -0x30(ebp) ... mov eax, -0x30(ebp) mov -0x30(ebp), eax ... cmp -0x34(ebp), eax mov -0x30(ebp), eax add eax, (esi) jne <error_handler> add eax, (esi) Comparison memory/register is specific to x86 – more generally, CISC machines. q RISC machines? à cmp mem/reg might be sensible ISA extension. q 14 Norman Rink, norman.rink@tu-dresden.de

  15. DMR for function arguments Requires co-operation between caller and callee (modified calling convention). q Library calls still work. (Caller can ignore duplicated arguments). q The number of arguments passed on the stack may be low (depending on the architecture). q 15 Norman Rink, norman.rink@tu-dresden.de

  16. DMR for the return address caller: 0x804a99e: mov 0x804a9a8, ebx 0x804a9a3: call <foo> caller: 0x804a9a8: ... 0x804a99e: ... callee (”foo”): 0x804a9a3: call <foo> 0x804a9a8: ... push ebx ... callee (”foo”): pop ebx cmp (esp), ebx ... ret jne <error_handler> add 0x4, esp jmp *ebx Modified calling convention: pass return address in register ebx . q No modification required on, e.g., ARM or MIPS. q 16 Norman Rink, norman.rink@tu-dresden.de

  17. Outline 1. Motivation 2. Memory error detection, AN encoding 3. The extended compiler backend 4. Evaluation 5. Summary 17

  18. Fault injection Assumptions: q Only a single fault affect program execution. letter test case q A array reduction Only single bit flips occurs. q B bubblesort C CRC-32 Commonly justified by the rarity of faults. D DES encryption ( SEU – single event upset) E Dijkstra (shortest path) F expression evaluation G token lexer Simulate symptoms of faults by … H expression parser q I matrix multiplication … flipping a bit in a memory location that is loaded from. q J array copy K quicksort Perform exhaustive fault injections: q L switch Flip a bit in all possible locations in all loads from memory q 18 Norman Rink, norman.rink@tu-dresden.de

  19. Full memory error detection no error detection: AN encoding and DMR in the backend: x86_64 (64bit) i386 (32bit) x86_64 (64bit) i386 (32bit) 19 Norman Rink, norman.rink@tu-dresden.de

  20. Runtime overhead AN encoding dominates Slow down dominated the slow down. by register spills. Test programs: Subset of SPEC CINT2006: i386 (32bit) x86_64 (64bit) i386 (32bit) x86_64 (64bit) 20 Norman Rink, norman.rink@tu-dresden.de

  21. Outline 1. Motivation 2. Memory error detection, AN encoding 3. The extended compiler backend 4. Evaluation 5. Summary 21

  22. Summary Automatic code transformation that introduced memory error detection not comprehensive when q applied above the level of machine code. Transformations at the level of source code or IR desirable for productivity. q Supporting memory error detection with DMR introduced by the compiler backend … q ... leads to full memory error detection, q ... incurs a runtime overhead of q § 1.50 on i386 (SPEC CINT2006), § 1.13 on x86_64 (SPEC CINT 2006). Absence of vulnerabilities introduced by the compiler backend required for … q ... (reliable analysis/evaluation of) relaxed fault tolerance schemes. q ... applications with strict safety and reliability requirements. q The stack has been found a major weakness. q 22 Norman Rink, norman.rink@tu-dresden.de

  23. Extending a Compiler Backend for Complete Memory Error Detection Norman A. Rink and Jeronimo Castrillon Technische Universität Dresden Thank you.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Compiler Construction Lecture 19: Code Generation V (Compiler Backend) Winter Semester 2018/19

Compiler Construction Lecture 19: Code Generation V (Compiler Backend) Winter Semester 2018/19

Compiler Construction Lecture 19: Code Generation V (Compiler Backend) Winter Semester 2018/19 Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ws-1819/cc/ The Compiler Backend

1.27k views • 59 slides
MetaPost 1.207 (TEXLive 2009) EuroTEX 2009 SVG backend SVG backend SVG backend SVG backend A

MetaPost 1.207 (TEXLive 2009) EuroTEX 2009 SVG backend SVG backend SVG backend SVG backend A

MetaPost 1.207 (TEXLive 2009) EuroTEX 2009 SVG backend SVG backend SVG backend SVG backend A complete SVG example outputformat := &quot;svg&quot;; outputtemplate := &quot;%j-%c.%o&quot;; beginfig(1); fill fullcircle scaled 100 withcolor

680 views • 15 slides
A Modular OpenModelica Compiler Backend J. Frenkel W. Braun A. Pop M. Sjlund

A Modular OpenModelica Compiler Backend J. Frenkel W. Braun A. Pop M. Sjlund

OpenModelica Workshop 2011 Chair of Construction Machines and Conveying Technology A Modular OpenModelica Compiler Backend J. Frenkel W. Braun A. Pop M. Sjlund Outline 1. Introduction 2. Concept of Modular Compiler

754 views • 20 slides
A realtime GraphQL backend as a compiler in Haskell http://bit.ly/graphql-haskell Heippa!

A realtime GraphQL backend as a compiler in Haskell http://bit.ly/graphql-haskell Heippa!

A realtime GraphQL backend as a compiler in Haskell http://bit.ly/graphql-haskell Heippa! Tanmai Gopal @tanmaigo http://bit.ly/graphql-haskell Contents 1. The compiler approach 2. Compiler pipeline a. Parse b. GraphQL AST c.

467 views • 21 slides
Design and Implementation of a TriCore Backend for the LLVM Compiler Framework Studienarbeit

Design and Implementation of a TriCore Backend for the LLVM Compiler Framework Studienarbeit

Design and Implementation of a TriCore Backend for the LLVM Compiler Framework Studienarbeit Christoph Erhardt Friedrich-Alexander-Universit at Erlangen-N urnberg November 20, 2009 A TriCore Backend for LLVM (November 20, 2009) 1 25

716 views • 35 slides
Extending ensembldb : MySQL backend and protein annotations Johannes Rainer (EURAC research,

Extending ensembldb : MySQL backend and protein annotations Johannes Rainer (EURAC research,

Extending ensembldb : MySQL backend and protein annotations Johannes Rainer (EURAC research, Italy), Sebastian Gibb, Laurent Gatto (CPU Cambridge, UK) December 7, 2016 Introduction ensembldb : retrieve gene &amp; transcript annotations.

389 views • 16 slides
Extending the CompCert certified C compiler with instruction scheduling and control-flow integrity

Extending the CompCert certified C compiler with instruction scheduling and control-flow integrity

Extending CompCert S. Boulm e ( Verimag , Grenoble-INP) RISC-V week @ Paris2019 Extending the CompCert certified C compiler with instruction scheduling and control-flow integrity (CFI) October 2019 Sylvain.Boulme@univ-grenoble-alpes.fr

557 views • 19 slides
Memory Tagging: e m p o s r r F e p how it improves C/C++ memory safety. Compiler

Memory Tagging: e m p o s r r F e p how it improves C/C++ memory safety. Compiler

r e l i p e m v o i t c c Memory Tagging: e m p o s r r F e p how it improves C/C++ memory safety. Compiler perspective. Kostya Serebryany , Evgenii Stepanov, Vlad Tsyrklevich (Google) Oct 2018 1 Agenda ARM v8.5

504 views • 29 slides
Memory Errors Bits in memory can be flipped Hard error The chip is broken E.g.,

Memory Errors Bits in memory can be flipped Hard error The chip is broken E.g.,

Verilog Memory Errors Bits in memory can be flipped Hard error The chip is broken E.g., manufacturing defect, wear (in Flash) Soft error Stored data corrupted, but cell still works Caused by atmospheric neutrons, alpha

291 views • 7 slides
The Helium Haskell compiler and its new LLVM backend Ivo Gabe de Wolff - ivogabe@ivogabe.nl [

The Helium Haskell compiler and its new LLVM backend Ivo Gabe de Wolff - ivogabe@ivogabe.nl [

The Helium Haskell compiler and its new LLVM backend Ivo Gabe de Wolff - ivogabe@ivogabe.nl [ Faculty of Science Information and Computing Sciences] 1 Haskell Functional Pure Lambda (function expression) Pattern matching

398 views • 29 slides
Compilers Error Handling Alex Aiken Error Handling Purpose of the compiler is To detect

Compilers Error Handling Alex Aiken Error Handling Purpose of the compiler is To detect

Compilers Error Handling Alex Aiken Error Handling Purpose of the compiler is To detect non-valid programs To translate the valid ones Many kinds of possible errors (e.g. in C) Error kind Example Detected

656 views • 9 slides
0 Correct Programming Compiler Compiler Hardware Language P Syntax PL compile P P PL HW

0 Correct Programming Compiler Compiler Hardware Language P Syntax PL compile P P PL HW

Bridging the Gap between Programming Languages and Hardware Weak Memory Models Anton Podkopaev Ori Lahav Viktor Vafeiadis 0 Correct Programming Compiler Compiler Hardware Language P Syntax PL compile P P PL HW PL HW is Memory Model

980 views • 74 slides
Extending Hardware Transactional Memory Capacity via Rollback-Only Transactions and Suspend/Resume

Extending Hardware Transactional Memory Capacity via Rollback-Only Transactions and Suspend/Resume

Extending Hardware Transactional Memory Capacity via Rollback-Only Transactions and Suspend/Resume Alexander Shady Issa Pascal Felber Paolo Romano Matveev 1 Extending Hardware Transactional Memory Capacity via Rollback-Only Transactions and

697 views • 58 slides
Enhancing Memory Error Detection for Large-Scale Applications and Fuzz testing Wookhyun Han ,

Enhancing Memory Error Detection for Large-Scale Applications and Fuzz testing Wookhyun Han ,

Enhancing Memory Error Detection for Large-Scale Applications and Fuzz testing Wookhyun Han , Byunggil Joe, Byoungyoung Lee * , Chengyu Song , Insik Shin KAIST, * Purdue, UCR 1 Memory error glibc: getaddrinfo Heartbleed Shellshock

659 views • 47 slides
No/fied Access: Extending Remote Memory Access Programming

No/fied Access: Extending Remote Memory Access Programming

spcl.inf.ethz.ch @spcl_eth R OBERTO B ELLI , T ORSTEN H OEFLER No/fied Access: Extending Remote Memory Access Programming Models for Producer-Consumer Synchroniza/on

843 views • 61 slides
Memory management Part I Michel Schinz (based on Erik Stenmans slides) Advanced Compiler

Memory management Part I Michel Schinz (based on Erik Stenmans slides) Advanced Compiler

Memory management Part I Michel Schinz (based on Erik Stenmans slides) Advanced Compiler Construction / 2006-04-01 Why memory management? The memory of a computer is a finite resource. Typical programs use a lot of memory over their

582 views • 47 slides
Performance Measurement of Performance Measurement of Wireless LAN Using Open Source Wireless

Performance Measurement of Performance Measurement of Wireless LAN Using Open Source Wireless

Performance Measurement of Performance Measurement of Wireless LAN Using Open Source Wireless LAN Using Open Source Vipin M Wireless Communication Research Group AU KBC Research Centre http://comm.au-kbc.org/ 1 Communication Research

747 views • 27 slides
All-Optical Buffer Tomas A. Tinoco Electrical Engineering and Computer Science Diablo Valley

All-Optical Buffer Tomas A. Tinoco Electrical Engineering and Computer Science Diablo Valley

All-Optical Buffer Tomas A. Tinoco Electrical Engineering and Computer Science Diablo Valley College University of California, Berkeley Optical Communications and Photonic Networks Group Mentor: John Mack University of California, Santa

233 views • 12 slides
Team - G Introduction to CAN How CAN works How Arbitration works on CAN bus Frame

Team - G Introduction to CAN How CAN works How Arbitration works on CAN bus Frame

C.Anudeep (200601020) A.Ajay (200601205) Team - G Introduction to CAN How CAN works How Arbitration works on CAN bus Frame Format Time Synchronization and Errors CAN Controller Chips CAN Application Layers

668 views • 34 slides
Integrating Enterprise Systems into Organizations Donna M. Schaeffer, PhD and Patrick C. Olson,

Integrating Enterprise Systems into Organizations Donna M. Schaeffer, PhD and Patrick C. Olson,

Integrating Enterprise Systems into Organizations Donna M. Schaeffer, PhD and Patrick C. Olson, PhD What is Quality? The degree to which software possesses a desired combination of attributes (e.g., reliability, interoperability) [IEEE

359 views • 12 slides
Study and Implementation of IEEE 802.11 Physical Layer Model in YANS (Future NS-3) Network

Study and Implementation of IEEE 802.11 Physical Layer Model in YANS (Future NS-3) Network

Study and Implementation of IEEE 802.11 Physical Layer Model in YANS (Future NS-3) Network Simulator Thesis of Master of Science Networked Computer Systems By Masood Khosroshahy Supervisors: Philippe Martins [Tlcom Paris] B E

482 views • 31 slides
Codebook and Marker Sequence Design for Synchronization-Correcting Codes Victor Buttigieg 1 Johann

Codebook and Marker Sequence Design for Synchronization-Correcting Codes Victor Buttigieg 1 Johann

Outline Introduction System Description Bound Results Closure Codebook and Marker Sequence Design for Synchronization-Correcting Codes Victor Buttigieg 1 Johann A. Briffa 2 1 Department of Communications and Computer Engineering University

632 views • 29 slides
optical fibers- properties, measurement, and applications Ori Golani What is NLIN? Nonlinear

optical fibers- properties, measurement, and applications Ori Golani What is NLIN? Nonlinear

Nonlinear interference noise in optical fibers- properties, measurement, and applications Ori Golani What is NLIN? Nonlinear Interference Noise Tx Rx Tx Rx Tx Rx Tx Rx Tx Rx IC IC COI IC IC frequency 2 What is NLIN? Nonlinear

594 views • 22 slides
Building scalable IoT apps using OSS technologies Pavel Hardak Basho Technologies Disclaimer:

Building scalable IoT apps using OSS technologies Pavel Hardak Basho Technologies Disclaimer:

Building scalable IoT apps using OSS technologies Pavel Hardak Basho Technologies Disclaimer: some of the opinions expressed here are mine and might not fully agree with those of my employer IOT &amp; INDUSTRY VERTICALS IOT MARKET GROWTH

523 views • 50 slides

More recommend