the jvm is not observable enough and what to do about it
play

The JVM is not observable enough (and what to do about it) Stephen - PowerPoint PPT Presentation

Mar 02, 2023 •191 likes •422 views

The JVM is not observable enough (and what to do about it) Stephen Kell stephen.kell@usi.ch University of Lugano joint work with: Danilo Ansaloni, Walter Binder, Luk a s Marek The JVM is. . . p.1/20 0xcafebabe This is a talk

  1. The JVM is not observable enough (and what to do about it) Stephen Kell stephen.kell@usi.ch “University of Lugano” joint work with: Danilo Ansaloni, Walter Binder, Luk´ aˇ s Marek The JVM is. . . – p.1/20

  2. 0xcafebabe This is a talk about Java bytecode instrumentation � the Java platform’s de facto standard mechanism � ... for observing programs in execution � (non-interactively, usually) The JVM is. . . – p.2/20

  3. What � profilers (JP2, ...) � data race detectors (FastTrack, ...) � white-box / active testing (jCUTE, ...) � security monitors (TaintDroid, ...) � memory / GC analyses (ElephantTracks, ...) � ... The JVM is. . . – p.3/20

  4. How Rewrite the bytecode, adding analysis “snippets” � on e.g. method entries, object allocations, locking, ... Can use libraries that help to munge bytecode � ASM, BCEL, Javassist, Soot, ... Or, some systems abstract the problem a bit more � Chord, DiSL, BTrace, RoadRunner, ... The JVM is. . . – p.4/20

  5. An “innocuous” example (using DiSL) public class TargetClass { public static void main(String[] args) { System.err.println (”MAIN”); } } public class DiSLClass { @Before(marker = BodyMarker. class , scope = ”java.lang.Object. ∗ ”) public static void onMethodExit(MethodStaticContext msc) { System.err.print(”.” ); } } The JVM is. . . – p.5/20

  6. A choice quotation (from http://docs.oracle.com/javase/6/docs/technotes/guides/jvmti/ ) ‘Typically, these alterations are to add “events” to the code of a method —for example, to add, at the beginning of a method, a call to MyProfiler.methodEntered() . Since the changes are purely additive, they do not modify application state or behavior.’ Purely additive? The JVM is. . . – p.6/20

  7. Wishful thinking Some questions: � what problems occur writing tools this way? � can we avoid them? � what would be a better observation mechanism? Answers: several; not really; let’s talk about it... The JVM is. . . – p.7/20

  8. A summary of the difficulties In the paper: � deadlock between instrumentation and program � state corruption by non-reentrant code � method calls: unsafe but unavoidable � “my instrumentation crashes the VM” � instrumented bytecode that doesn’t verify � coverage underapproximation (initializers, startup) � coverage overapproximation (shared threads) The JVM is. . . – p.8/20

  9. Deadlock The JVM is. . . – p.9/20

  10. Attempted escape (1): share no mutable state! Q. Can’t we just never share mutable state ? ( → no locking) A. Good idea. But � this implies calling no methods � ... not even static ones � does your analysis do I/O? (hint: yes) The JVM is. . . – p.10/20

  11. Reentrancy example public class TargetClass { public static void main(String[] args) { System.err.println (”MAIN”); } } public class DiSLClass { @Before(marker = BodyMarker. class , scope = ”java.lang.Object. ∗ ”) public static void onMethodExit(MethodStaticContext msc) { System.err.print(”.” ); } } Any guesses about the output? The JVM is. . . – p.11/20

  12. The output ...................................................... MAIN.MAIN . .... The JVM is. . . – p.12/20

  13. Non-reentrant code now called reentrantly package java.io; class PrintStream { // ... void println () { The JVM is. . . – p.13/20

  14. Non-reentrant code now called reentrantly package java.io; class PrintStream { // ... void println () { // ... try { this .state = PENDING; The JVM is. . . – p.13/20

  15. Non-reentrant code now called reentrantly package java.io; class PrintStream { // ... void println () { // ... try { this .state = PENDING; while (pos != len) pos = copySome(in, out, pos, len); The JVM is. . . – p.13/20

  16. Non-reentrant code now called reentrantly package java.io; class PrintStream { // ... void println () { // ... try { this .state = PENDING; while (pos != len) pos = copySome(in, out, pos, len); } finally { assert this .state == PENDING; // FAILS following reentrant call! this .state = CLEAR; } } } The JVM is. . . – p.13/20

  17. Attempted escape (2): use native code? Q. Maybe just do your analysis in native code? A. Okay, but � (I thought you liked Java?) � any library method might be implemented natively... � and might call back into [instrumented] Java � so sharing can still happen, unbeknownst to analysis Less likely perhaps, but how to be safe ? The JVM is. . . – p.14/20

  18. A known approach we could borrow... Valgrind, Pin, DynamoRIO et al: � share neither state nor code with the observed program � → private libraries (duplicate libc, etc.) � → avoid signal handling, wait() , shared fds, ... We can do the same, at least from native code... � maybe from Java too? � ... if can replicate down to Object , ClassLoader etc. Problem: lost expressiveness! The JVM is. . . – p.15/20

  19. Expressiveness lost If we’re avoiding shared state, we can’t call any Java APIs: � no reflection � can’t call getters ( → field access instead) � can’t observe even basic semantics (e.g. equals() ) � → can’t aggregate data using equality � can’t synchronise One consequence: can’t analyse user-defined abstractions � including library-defined abstractions! The JVM is. . . – p.16/20

  20. Aiming at something better Wanted: keep the abstraction, but add isolation � bytecode instrumentation (BCI) is an abstraction � so far, we have made it “safe” by throwing it away The JVM is. . . – p.17/20

  21. What’s the design space of observation? � isolation: in-process (soft) versus out-of-process (hard) � abstraction: VM-level (fixed) versus user-level (flexible) � synchrony... We have a weird asymmetric isolation requirement. � observed is not influenced by observer � observer is influenced by observed! The JVM is. . . – p.18/20

  22. Isolated bytecode abstractions Existing systems we can take inspiration from � debugger expression eval (VM-style) � debugger expression eval (native-style) � Unix fork() � shared memory (is asymmetric...) � isolates, SIPs (MVM, Singularity) � async assertions (Aftandilian &al, OOPSLA ’11) � JIT purity analysis Can we share the work with expression eval in debuggers? The JVM is. . . – p.19/20

  23. Conclusions Currently, bytecode instrumentors risk � deadlock, reentrancy-derived corruption, ... � more in the paper! We can only do things safely by � trapping to a sharing-free environment ASAP � avoid interacting with user-defined abstractions This limits our expressiveness. Real solution: � an asymmetric “isolated bytecode” abstraction � might unify/replace a subset of JDWP too! (ask me) Thanks for listening. Questions? The JVM is. . . – p.20/20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Stochastic, Partially Observable Markov Decision Process (MDP) Partially Observable MDP S

1 Stochastic, Partially Observable Markov Decision Process (MDP) Partially Observable MDP S

Stochastic Planning Classical Planning (MDPs, Reinforcement Learning) Static Predictable Unpredictable Static CSE 473 Artificial Intelligence Environment Environment Fully Fully Observable Discrete Observable Observable Discrete

669 views • 9 slides
Reinforcement Learning Environments Fully-observable vs partially-observable Single agent

Reinforcement Learning Environments Fully-observable vs partially-observable Single agent

Reinforcement Learning Environments Fully-observable vs partially-observable Single agent vs multiple agents Deterministic vs stochastic Episodic vs sequential Static or dynamic Discrete or continuous What is reinforcement

684 views • 39 slides
Reinforcement Learning Environments Fully-observable vs

Reinforcement Learning Environments Fully-observable vs

Reinforcement Learning Environments Fully-observable vs par9ally-observable Single agent vs mul9ple agents Determinis9c vs stochas9c Episodic vs

393 views • 8 slides
Dichotomic Observables; GP(1992) vs Psudospin observable(2002). Gisin-Peres observable for Bell

Dichotomic Observables; GP(1992) vs Psudospin observable(2002). Gisin-Peres observable for Bell

Dichotomic Observables; GP(1992) vs Psudospin observable(2002). Gisin-Peres observable for Bell test of N-dim. Pseudospin operator s = ( s x , s y , s z ) for a nonlo- state cality test of continuous variables A ( ) = x sin +

298 views • 7 slides
Precision nuclear physics Observable calculations are becoming increasingly precise Hamiltonian

Precision nuclear physics Observable calculations are becoming increasingly precise Hamiltonian

Precision nuclear physics Observable calculations are becoming increasingly precise Hamiltonian Calculation Experiment Observable What are the theory errors? Hergert et al. PRL 110 , 242501 (2013) Ground-state energies for even oxygen

358 views • 12 slides
Partially observable Markov decision processes Matthijs Spaan Institute for Systems and Robotics

Partially observable Markov decision processes Matthijs Spaan Institute for Systems and Robotics

Partially observable Markov decision processes Matthijs Spaan Institute for Systems and Robotics Instituto Superior T ecnico Lisbon, Portugal Reading group meeting, February 12, 2007 1/22 Overview Partially observable Markov decision

443 views • 25 slides
Conditional Planning Section 11.3 Sec. 11.3 p.1/18 Outline Fully observable environments

Conditional Planning Section 11.3 Sec. 11.3 p.1/18 Outline Fully observable environments

Conditional Planning Section 11.3 Sec. 11.3 p.1/18 Outline Fully observable environments Partially observable environments Conditional POP Sec. 11.3 p.2/18 Uncertainty The agent might not know what the initial state is The agent

447 views • 18 slides
Conditional Planning Section 12.4 Sec. 12.4 p.1/13 Outline Fully observable environments

Conditional Planning Section 12.4 Sec. 12.4 p.1/13 Outline Fully observable environments

Conditional Planning Section 12.4 Sec. 12.4 p.1/13 Outline Fully observable environments Partially observable environments Conditional POP Sec. 12.4 p.2/13 Uncertainty The agent

581 views • 13 slides
Introduction to Partially Observable Markov Decision Processes CS 886 Sequential Decision Making

Introduction to Partially Observable Markov Decision Processes CS 886 Sequential Decision Making

Module 14 Introduction to Partially Observable Markov Decision Processes CS 886 Sequential Decision Making and Reinforcement Learning University of Waterloo Markov Decision Processes MDPs: Fully Observable MDPs Decision maker

398 views • 21 slides
Observable microservices with MicroProfile OpenTracing and looking beyond to OpenTelemetry

Observable microservices with MicroProfile OpenTracing and looking beyond to OpenTelemetry

OPTIONAL SECTION MARKER OR TITLE Observable microservices with MicroProfile OpenTracing and looking beyond to OpenTelemetry Pavol Loffay Senior Software Engineer 1 Agenda Introduction to distributed tracing MicroProfile-OpenTracing

555 views • 26 slides
Entropy-based characterizations of the observable-dependence of the fluctuation-dissipation

Entropy-based characterizations of the observable-dependence of the fluctuation-dissipation

Introduction General framework Illustration on simple models Conclusions Entropy-based characterizations of the observable-dependence of the fluctuation-dissipation temperature Michel Droz 1 Kirsten Martens 1 , 2 , Eric Bertin 3 1 Department

1.08k views • 77 slides
Pattern-Database Heuristics for Partially Observable Nondeterministic Planning

Pattern-Database Heuristics for Partially Observable Nondeterministic Planning

Pattern-Database Heuristics for Partially Observable Nondeterministic Planning Albert-Ludwigs-Universitt Freiburg Manuela Ortlieb and Robert Mattmller Research Group Foundations of Artificial Intelligence Department of Computer Science

3.03k views • 25 slides
HOW AN IOC CAN LEAD TO ANOTHER? Sad Kadhi TheHive Project Automate bulk observable

HOW AN IOC CAN LEAD TO ANOTHER? Sad Kadhi TheHive Project Automate bulk observable

BEERUMP 17 / 2017-06-22 TLP:WHITE HOW AN IOC CAN LEAD TO ANOTHER? Sad Kadhi TheHive Project Automate bulk observable analysis through a REST API Can be queried Web UI Analyzers can be developed in any programming language that

443 views • 8 slides
UNIFICATION, OBSERVABLE LANDSCAPES AND NEW PARTICLES AT THE LHC Raffaele Tito DAgnolo - IAS

UNIFICATION, OBSERVABLE LANDSCAPES AND NEW PARTICLES AT THE LHC Raffaele Tito DAgnolo - IAS

UNIFICATION, OBSERVABLE LANDSCAPES AND NEW PARTICLES AT THE LHC Raffaele Tito DAgnolo - IAS Princeton A First Glance Beyond the Energy Frontier 9/9/2016-ICTP THE MOST EXCITING LHC RESULT THE HIGGS IS LIGHT AND THERE IS NOTHING

470 views • 46 slides
Towards an LHC observable NMSSM grid Joscha Knolle in collaboration with Sophie

Towards an LHC observable NMSSM grid Joscha Knolle in collaboration with Sophie

Introduction NMSSM Phenomenology Constraints SUSY Searches Scan Simulation Conclusion Towards an LHC observable NMSSM grid Joscha Knolle in collaboration with Sophie Henrot-Versill, Anja Butter, Laurent Duflot & Dirk Zerwas and

404 views • 16 slides
Using multiple SLE to explain a certain observable in the 2d Ising model Michael J. Kozdron

Using multiple SLE to explain a certain observable in the 2d Ising model Michael J. Kozdron

Using multiple SLE to explain a certain observable in the 2d Ising model Michael J. Kozdron University of Regina http://stat.math.uregina.ca/ kozdron/ Statcomb 2009: Workshop on Two-Dimensional Lattice Models Centre Emile Borel, Institut

499 views • 36 slides
Pufferfish: Container-driven Elastic Memory Management for Data-intensive Applications Wei Chen,

Pufferfish: Container-driven Elastic Memory Management for Data-intensive Applications Wei Chen,

Pufferfish: Container-driven Elastic Memory Management for Data-intensive Applications Wei Chen, Aidi Pi , Shaoqi Wang and Xiaobo Zhou University of Colorado, Colorado Springs Outline Introduction to data-intensive applications Memory

336 views • 22 slides
Alibaba Dragonwell JDK: Towards a Java Runtime for Cloud Computing Xiaoming Gu Alibaba JVM Team

Alibaba Dragonwell JDK: Towards a Java Runtime for Cloud Computing Xiaoming Gu Alibaba JVM Team

Alibaba Dragonwell JDK: Towards a Java Runtime for Cloud Computing Xiaoming Gu Alibaba JVM Team 1 System Software (OS / JVM / Virtualization) Resource Scheduling / Cluster Management / Container Database / Storage / Middleware / Computing

2.11k views • 20 slides
EXPIRED LISTING Ugly Yellow Postcard MARKETING KIT Turn expired listings into a consistent

EXPIRED LISTING Ugly Yellow Postcard MARKETING KIT Turn expired listings into a consistent

EXPIRED LISTING Ugly Yellow Postcard MARKETING KIT Turn expired listings into a consistent monthly income K.I.S.S. Keep It Simple Silly Im not going to talk for an hour about something I can describe in 2 minutes This

1.84k views • 162 slides
Introduction to treebanks Session 1: 7/08/2011 1 Outline Types of treebanks (Syntactic)

Introduction to treebanks Session 1: 7/08/2011 1 Outline Types of treebanks (Syntactic)

Introduction to treebanks Session 1: 7/08/2011 1 Outline Types of treebanks (Syntactic) Treebank PropBank Discourse Treebank The English Penn Treebank Why do we need treebanks? Hw1 2 (Syntactic) Treebank

476 views • 29 slides
Fitness + In-Memory Computing = Getting ahead of the game Craig Gresbrink Solutions Architect

Fitness + In-Memory Computing = Getting ahead of the game Craig Gresbrink Solutions Architect

Fitness + In-Memory Computing = Getting ahead of the game Craig Gresbrink Solutions Architect 24 Hour Fitness Who are we? 24 Hour Fitness is a leading fitness industry pioneer with more than 400 clubs across the United States. 24 Hour Fitness

355 views • 23 slides
IN-MEMORY COMPUTING AT SCALE? LOOK BEYOND PHYSICAL DRAM! Iacovos G. Kolokasis , Anastasios

IN-MEMORY COMPUTING AT SCALE? LOOK BEYOND PHYSICAL DRAM! Iacovos G. Kolokasis , Anastasios

IN-MEMORY COMPUTING AT SCALE? LOOK BEYOND PHYSICAL DRAM! Iacovos G. Kolokasis , Anastasios Papagiannis, Polyvios Pratikakis, and Angelos Bilas October 25, 2019 Institute of Computer Science (ICS) Foundation of Research and T echnology

445 views • 11 slides
An Experimental Evaluation of Garbage Collectors on Big Data Applications Lijie Xu 1 , Tian Guo 2 ,

An Experimental Evaluation of Garbage Collectors on Big Data Applications Lijie Xu 1 , Tian Guo 2 ,

The 45th International Conference on Very Large Data Bases (VLDB 2019) An Experimental Evaluation of Garbage Collectors on Big Data Applications Lijie Xu 1 , Tian Guo 2 , Wensheng Dou 1 , Wei Wang 1 , Jun Wei 1 1 Institute of Software, Chinese

456 views • 45 slides
JVM Implementation Challenges JVM Implementation Challenges: JVM Unit of execution is a class

JVM Implementation Challenges JVM Implementation Challenges: JVM Unit of execution is a class

Smalltalk on the JVM By James Ladd object@redline.st http://redline.st @redline_st - ESUG 2011 JVM Implementation Challenges JVM Implementation Challenges: JVM Unit of execution is a class Sequence of bytes in class format Class is not an

632 views • 42 slides

More recommend