lightweight memory tracing
play

Lightweight Memory Tracing Mathias Payer*, Enrico Kravina, Thomas - PowerPoint PPT Presentation

Sep 07, 2022 •211 likes •413 views

Lightweight Memory Tracing Mathias Payer*, Enrico Kravina, Thomas Gross Department of Computer Science ETH Zrich, Switzerland * now at UC Berkeley Memory Tracing via Memlets Execute code ( memlets ) for every memory access A memlet inspects

  1. Lightweight Memory Tracing Mathias Payer*, Enrico Kravina, Thomas Gross Department of Computer Science ETH Zürich, Switzerland * now at UC Berkeley

  2. Memory Tracing via Memlets Execute code ( memlets ) for every memory access A memlet inspects a single memory access based on target address , type of memory access, instruction , or prior state Memory tracing enables detailed memory access logs, debugging of memory accesses, security checks, privacy extensions

  3. Memory Tracing by Example Binary translation weaves memlets into executed code memTrace is general, for talk let’s focus on example: • Unlimited watchpoints : check if R/W watchpoint is set addl (%ebx), %eax /* check */ jg bb1 lea (%ebx), %reg jmp bb2 cmpl 0xshadow(%reg), $0x0 jnz handler_92746 /* translated instruction */ addl (%ebx), %eax jg bb1 jmp bb2

  4. Key to Lightweight Memory Tracing Modern CPUs support multiple ISAs: x86/x86_64 • Most programs still 32-bit x86 Cross-ISA binary translation allows the tracer to use additional hardware available in target ISA: • Wider address space: isolation & performance • Additional registers: flexibility & performance

  5. Outline Motivation and Introduction Lightweight Memory Tracing • Requirements • User-defined Memlets • Cross-ISA Binary Translation (BT) • Implementation Evaluation Related Work Conclusion

  6. Tracing Requirements Flexibility Isolation http://blogspot.com Laura Stanyer Performance http://i2.esmas.com http://elie.im

  7. Flexibility through BT Cross-ISA BT Dynamic translator ● Translates individual basic blocks ● Checks branch targets and origins ● Weaves mem emlets into code Original x86 code Translated x64 code 1' 1 Memlets execute 2 2' alongside application 3 3' 4 x64 Kernel

  8. Isolation: Larger Memory Space Application memory Shadow memory Translator memory Translator Stack Translator Code Translator Data Code Cache & Code & Data Code & Data’ Heap’ Stack’ Stack Heap 0x0000’0000 0x0’FFFF’FFFF (4GB) 0x?’FFFF’FFFF (x*4GB) Wider memory space Isolates tracer from application

  9. Key to Low Overhead Fast, efficient binary translation Letting the hardware do most of the work… • use 64-bit addressing (aligned 4GB blocks) • keep state in additional/wider registers • optimize for EFLAGS usage

  10. Implementation memTrace implementation (open source) • Cross-ISA translator • Sample memlets Small, lean implementation Code Comments memTrace 13,800* 3,300 Memlets 150-200 100-200 *4,900 LOC for the translation tables

  11. Outline Motivation and Introduction Lightweight Memory Tracing Evaluation • Unlimited Watchpoints • Safe Memory Allocation Related Work Conclusion

  12. Unlimited Watchpoints Watchpoints trigger on memory reads/writes Memlet checks if read/write watchpoint is set for each memory access addl (%ebx), %eax /* check */ jg bb1 lea (%ebx), %r8 jmp bb2 cmpl 0x100000000(%r8), $0x0 jnz handler_92746 /* translated instruction */ addl (%ebx), %eax jg bb1 jmp bb2

  13. Evaluation Setup SPEC CPU2006 benchmarks evaluated • System: Ubuntu 12.04, GCC 4.6.3 (64bit) • Intel Core i7-2640M @ 2.80GHz, 4GB RAM Four configurations: • Native • Binary translation (BT) only • Memory Tracing • Full Watchpoints

  14. 0.5 1.5 2.5 3.5 0 1 2 3 SPEC CPU 2006: Low Perf. Impact 400.perlbench 401.bzip2 Binary Translation 403.gcc 429.mcf 445.gobmp 456.hmmer 458.sjeng 462.libquantum 464.h264ref 471.omnetpp 473.astar 483.xalancbmk Memory Tracing 410.bwaves 416.gamess 433.milc 434.zeusmp 435.gromacs 436.cactusADM 437.leslie3d 444.namd 447.dealII Full Watchpoints 450.soplex 453.povray 454.calculix 459.GemsFDTD 465.tonto 470.lbm 482.sphinx3 Average Geo. Mean

  15. 1000 1500 2000 2500 500 0 Memory Overhead: 2x 400.perlbench 401.bzip2 403.gcc 429.mcf 445.gobmk Full Watchpoints [MB] Native Execution [MB] 456.hmmer 458.sjeng 462.libquantum 464.h264ref 471.omnetpp 473.astar 483.xalancbmk 410.bwaves 416.gamess 433.milc 434.zeusmp 435.gromacs Ovhd. [%] Binary Translation [MB] 436.cactusADM 437.leslie3d 444.namd 447.dealII 450.soplex 453.povray 454.calculix 459.GemsFDTD 465.tonto 470.lbm 482.sphinx3 Average Geo. Mean 0% 20% 40% 60% 80% 100% 120% 140% 160%

  16. Safe Memory Allocation Check for use-after-free bugs and heap corruption Intercept calls to malloc and free • Protect metadata of allocated blocks • Check for read/write accesses to freed blocks until they are reused

  17. Outline Motivation and Introduction Lightweight Memory Tracing Evaluation Related Work Conclusion

  18. Related work Valgrind allows high-level transformations on machine code with performance cost (~7x for nullgrind, ~26x for memcheck) GDB/Hardware watchpoints allow a limited set of watchpoints with negligible overhead Limitations of other dynamic tracing systems are (i) limited ISA support, (ii) high overhead, or (iii) limited flexibility

  19. Outline Motivation and Introduction Lightweight Memory Tracing Evaluation Related Work Conclusion

  20. Conclusion memTrace enables lightweight, low-overhead <90% memory inspection for unmodified applications • Use resources of modern CPUs Memlets allow user-configurable checks for each memory access • Flexible framework for memory tracing Source: • http://nebelwelt.net/projects/memTrace/ • https://github.com/gannimo/memTrace

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ligra: A Lightweight Graph Processing Framework for Shared Memory Shared memory Other not

Ligra: A Lightweight Graph Processing Framework for Shared Memory Shared memory Other not

Ligra: A Lightweight Graph Processing Framework for Shared Memory Shared memory Other not necessarily SM frameworks parallel Boost graph library (PBGL) Pregel Pegasus GraphLab* PowerGraph Knowledge Discovery Toolkit

678 views • 14 slides
Advanced Ray Tracing 1 2/8/2006 Distributed Ray Tracing Distributed ray tracing is an

Advanced Ray Tracing 1 2/8/2006 Distributed Ray Tracing Distributed ray tracing is an

Advanced Ray Tracing 1 2/8/2006 Distributed Ray Tracing Distributed ray tracing is an elegant technique that tackles many problems at once Stochastic ray tracing: distribute rays stochastically across pixel Distributed ray tracing:

327 views • 8 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
MIT 6.837 - Ray Tracing Ray Tracing MIT EECS 6.837 Most slides are taken from Frdo Durand and

MIT 6.837 - Ray Tracing Ray Tracing MIT EECS 6.837 Most slides are taken from Frdo Durand and

MIT 6.837 - Ray Tracing Ray Tracing MIT EECS 6.837 Most slides are taken from Frdo Durand and Barb Cutler Some slides courtesy of Leonard McMillan 1 2 Ray Tracing Ray Tracing Ray Tracing kills two birds with one stone: Solves the

327 views • 11 slides
Ligra: A Lightweight Graph Processing Framework for Shared Memory J. Shun and G. Blelloch

Ligra: A Lightweight Graph Processing Framework for Shared Memory J. Shun and G. Blelloch

Ligra: A Lightweight Graph Processing Framework for Shared Memory J. Shun and G. Blelloch Presented by Dmitry Kazhdan Overview Background (briefly) Existing work Key contributions Results Criticism Conclusions

974 views • 21 slides
Time-Warp: Lightweight Abort Minimization in Transactional Memory Nuno Diegues and Paolo Romano

Time-Warp: Lightweight Abort Minimization in Transactional Memory Nuno Diegues and Paolo Romano

Time-Warp: Lightweight Abort Minimization in Transactional Memory Nuno Diegues and Paolo Romano ndiegues@gsd.inesc-id.pt Nuno Diegues 1/27 Transactional Memory Powerful abstraction for synchronization in shared memory Nuno Diegues 2/27

1.14k views • 75 slides
Configurable and Efficient Memory Access Tracing via Selective Expression-based x86 Binary

Configurable and Efficient Memory Access Tracing via Selective Expression-based x86 Binary

Simone Economo, Davide Cingolani, Alessandro Pellegrini and Francesco Quaglia DIAG - Sapienza University of Rome Configurable and Efficient Memory Access Tracing via Selective Expression-based x86 Binary Instrumentation

729 views • 46 slides
Ligra: A Lightweight Graph Processing Framework for Shared Memory Whats it hoping to achieve?

Ligra: A Lightweight Graph Processing Framework for Shared Memory Whats it hoping to achieve?

Ligra: A Lightweight Graph Processing Framework for Shared Memory Whats it hoping to achieve? 1. A simple, concise framework 2. High-performance for shared-memory machines Why? An abundance of graph processing applications Problems

534 views • 17 slides
Efficient Memory Tracing by Program Skeletonization Alain Ketterlin Philippe Clauss Universit

Efficient Memory Tracing by Program Skeletonization Alain Ketterlin Philippe Clauss Universit

Efficient Memory Tracing by Program Skeletonization Alain Ketterlin Philippe Clauss Universit de Strasbourg (France) INRIA (CAMUS team, Centre Nancy Grand-Est) CNRS (LSIIT, UMR 7005) 2011 IEEE International Symposium on Performance

186 views • 16 slides
Ray Tracing 1 Ray Tracing Ray Tracing kills two birds with one stone: Solves the Hidden

Ray Tracing 1 Ray Tracing Ray Tracing kills two birds with one stone: Solves the Hidden

Ray Tracing 1 Ray Tracing Ray Tracing kills two birds with one stone: Solves the Hidden Surface Removal problem Evaluates an improved global illumination model shadows ideal specular reflections ideal specular refractions

586 views • 19 slides
Introduction to Path Tracing Marc Sunet Table of contents From Ray Tracing to Path Tracing The

Introduction to Path Tracing Marc Sunet Table of contents From Ray Tracing to Path Tracing The

Introduction to Path Tracing Marc Sunet Table of contents From Ray Tracing to Path Tracing The Rendering Equation Monte Carlo Integration A Basic Path Tracer Variance Reduction and Optimisation Techniques Additional Resources Plan From Ray

1.08k views • 54 slides
Computer Graphics - Ray-Tracing II - Hendrik Lensch Computer Graphics WS07/08 Ray Tracing II

Computer Graphics - Ray-Tracing II - Hendrik Lensch Computer Graphics WS07/08 Ray Tracing II

Computer Graphics - Ray-Tracing II - Hendrik Lensch Computer Graphics WS07/08 Ray Tracing II Overview Last lecture Ray tracing I Basic ray tracing What is possible? Recursive ray tracing algorithm Intersection

873 views • 84 slides
Ray-tracing Acceleration Motivation Distribution Ray Tracing Soft shadows

Ray-tracing Acceleration Motivation Distribution Ray Tracing Soft shadows

Ray-tracing Acceleration Motivation Distribution Ray Tracing Soft shadows Acceleration Data Structures Antialiasing (getting rid of jaggies) for Ray Tracing Glossy reflection Motion blur Depth of field (focus)

940 views • 10 slides
Welcome 1 Ray tracing part I of the course 2 Ray tracing part I of the course Why

Welcome 1 Ray tracing part I of the course 2 Ray tracing part I of the course Why

Graphics (INFOGR), 2018-19, Block IV, lecture 1 Deb Panja Today: Vectors and vector algebra Welcome 1 Ray tracing part I of the course 2 Ray tracing part I of the course Why vectors? you need to shoot a lot of such rays!

594 views • 47 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
Ray Tracing Basics CSE 681 Autumn 11 Han-Wei Shen Forward Ray Tracing We shoot a large

Ray Tracing Basics CSE 681 Autumn 11 Han-Wei Shen Forward Ray Tracing We shoot a large

Ray Tracing Basics CSE 681 Autumn 11 Han-Wei Shen Forward Ray Tracing We shoot a large number of photons Problem? Backward Tracing For every pixel Construct a ray from the eye For every object in the scene Find intersection with the ray

695 views • 55 slides
PeeringDB Arnold Nipper arnold@peeringdb.com 2017-03-23 CEE Peering Days 2017, Ljubljana,

PeeringDB Arnold Nipper arnold@peeringdb.com 2017-03-23 CEE Peering Days 2017, Ljubljana,

PeeringDB Arnold Nipper arnold@peeringdb.com 2017-03-23 CEE Peering Days 2017, Ljubljana, Slovenia 1 Agenda PeeringDB 2.0 Membership and Governance Committees Sponsorship Information and Resources 2017-03-23 CEE Peering

376 views • 36 slides
Principled work fm ow-centric tracing of distributed systems Raja Sambasivan Ilari Shafer,

Principled work fm ow-centric tracing of distributed systems Raja Sambasivan Ilari Shafer,

Principled work fm ow-centric tracing of distributed systems Raja Sambasivan Ilari Shafer, Jonathan Mace, Ben Sigelman, Rodrigo Fonseca, Greg Ganger Todays distributed systems E.g.,Twitter Twitter death star:

299 views • 14 slides
Trace Debugging in lowRISC lowRISC release v0.3 with Open SoC Debug Wei Song 1 , Stefan

Trace Debugging in lowRISC lowRISC release v0.3 with Open SoC Debug Wei Song 1 , Stefan

Trace Debugging in lowRISC lowRISC release v0.3 with Open SoC Debug Wei Song 1 , Stefan Wallentowitz 2 , Alex Bradbury 1 , Robert Mullins 1 1. lowRISC and University of Cambridge 2. Open SoC Debug 12 July 2016 lowRISC lowRISC

815 views • 22 slides
RISC-V: Emulation and Rich, Non-Intrusive Analytics Address Verification Complexity Embedded

RISC-V: Emulation and Rich, Non-Intrusive Analytics Address Verification Complexity Embedded

RISC-V: Emulation and Rich, Non-Intrusive Analytics Address Verification Complexity Embedded World | 27 Feb 2018 UltraSoC: Corporate Overview Tier-1 VC-funded start-up Automotive Recently completed round D ($6M) ARMv8 Founded 2009

557 views • 32 slides
Legislative Environment and Developments on Capitol Hill Global Energy Management Institute

Legislative Environment and Developments on Capitol Hill Global Energy Management Institute

Legislative Environment and Developments on Capitol Hill Global Energy Management Institute Conference Re: Dodd-Franks Impact on Energy Trading March 23, 2012 George D. Baker Williams &amp; Jensen, PLLC 701 8 th Street NW Washington,

1.15k views • 68 slides
Ronald Reagan 1981-1989 Background Born in Tampico, Illinois and raised in Dixon, Illinois

Ronald Reagan 1981-1989 Background Born in Tampico, Illinois and raised in Dixon, Illinois

Ronald Reagan 1981-1989 Background Born in Tampico, Illinois and raised in Dixon, Illinois Graduated from Eureka College with a degree in Sociology- Economics Served in World War II Famous actor and appeared in over fifty movies

426 views • 11 slides
Johnathan Croft &amp; Kerry Alley VTrans Mapping Section What is MIRE? M odel I nventory of R

Johnathan Croft &amp; Kerry Alley VTrans Mapping Section What is MIRE? M odel I nventory of R

March TPI Meeting 3/21/2019 Johnathan Croft &amp; Kerry Alley VTrans Mapping Section What is MIRE? M odel I nventory of R oadway E lements Listing of roadway and traffic elements critical to safety management Provides data

342 views • 9 slides
Online Master of Science in Cybersecurity Online Information Session Agenda Meet the Team Why

Online Master of Science in Cybersecurity Online Information Session Agenda Meet the Team Why

Online Master of Science in Cybersecurity Online Information Session Agenda Meet the Team Why Georgia Tech? Program Curriculum Admissions Requirements Program Format Application Requirements (including TOEFL/IELTS) Program Cost Summary

426 views • 31 slides

More recommend