Self-Propelled Instrumentation Alex Mirgorodskiy Barton Miller Computer Sciences Department University.

Slides:



Advertisements
Similar presentations
6 Copyright © 2005, Oracle. All rights reserved. Building Applications with Oracle JDeveloper 10g.
Advertisements

OPERATING SYSTEMS Lecturer: Szabolcs Mikulas Office: B38B
Shauvik Roy Choudhary, Alex Orso Georgia Institute of Tech nology.
DynaTrace Platform.
Debugging operating systems with time-traveling virtual machines Sam King George Dunlap Peter Chen CoVirt Project, University of Michigan.
K T A U Kernel Tuning and Analysis Utilities Department of Computer and Information Science Performance Research Laboratory University of Oregon.
INTRODUCTION TO SIMULATION WITH OMNET++ José Daniel García Sánchez ARCOS Group – University Carlos III of Madrid.
Trap Diagnostic Facility Todays Software Diagnostic Tool with innovative features for the z/OS software developer Arney Computer Systems.
Full-System Timing-First Simulation Carl J. Mauer Mark D. Hill and David A. Wood Computer Sciences Department University of Wisconsin—Madison.
Executional Architecture
Enhancing Spotfire with the Power of R
PASTE 2011 Szeged, Hungary September 5, 2011 Labeling Library Functions in Stripped Binaries Emily R. Jacobson, Nathan Rosenblum, and Barton P. Miller.
Software & Services Group PinPlay: A Framework for Deterministic Replay and Reproducible Analysis of Parallel Programs Harish Patil, Cristiano Pereira,
Exploring Security Vulnerabilities by Exploiting Buffer Overflow using the MIPS ISA Andrew T. Phillips Jack S. E. Tan Department of Computer Science University.
© 2005 Dorian C. Arnold Reliability in Tree-based Overlay Networks Dorian C. Arnold University of Wisconsin Paradyn/Condor Week March 14-18, 2005 Madison,
Paradyn Project Paradyn / Dyninst Week College Park, Maryland March 26-28, 2012 Self-propelled Instrumentation Wenbin Fang.
Review: Software Security David Brumley Carnegie Mellon University.
Distributed Self-Propelled Instrumentation Alex Mirgorodskiy VMware, Inc. Barton P. Miller University of Wisconsin-Madison.
Set 20 Interrupts. INTERRUPTS The Pentium has a mechanism whereby external devices can interrupt it. Devices such as the keyboard, the monitor, hard disks.
1 Function Calls Professor Jennifer Rexford COS 217 Reading: Chapter 4 of “Programming From the Ground Up” (available online from the course Web site)
OS Spring’03 Introduction Operating Systems Spring 2003.
Instrumentation and Measurement CSci 599 Class Presentation Shreyans Mehta.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
What Can You do With BTM? Business Transaction Management touches the following disciplines:  Performance Management  Application Management  Capacity.
Presenter: Chi-Hung Lu 1. Problems Distributed applications are hard to validate Distribution of application state across many distinct execution environments.
TM Herding Penguins with Performance Co-Pilot Ken McDonell Performance Tools Group SGI, Melbourne.
Microsoft ® Official Course Monitoring and Troubleshooting Custom SharePoint Solutions SharePoint Practice Microsoft SharePoint 2013.
1 CSC 2405: Computer Systems II Spring 2012 Dr. Tom Way.
0 Deterministic Replay for Real- time Software Systems Alice Lee Safety, Reliability & Quality Assurance Office JSC, NASA Yann-Hang.
1 CS503: Operating Systems Part 1: OS Interface Dongyan Xu Department of Computer Science Purdue University.
Testing Tools. Categories of testing tools Black box testing, or functional testing Testing performed via GUI. The tool helps in emulating end-user actions.
Automated Tracing and Visualization of Software Security Structure and Properties Symposium on Visualization for Cyber Security 2012 (VizSec’12) Seattle,
Paradyn Project Dyninst/MRNet Users’ Meeting Madison, Wisconsin August 7, 2014 The Evolution of Dyninst in Support of Cyber Security Emily Gember-Jacobson.
Introduction and Overview Questions answered in this lecture: What is an operating system? How have operating systems evolved? Why study operating systems?
PMaC Performance Modeling and Characterization Performance Modeling and Analysis with PEBIL Michael Laurenzano, Ananta Tiwari, Laura Carrington Performance.
Scalable Analysis of Distributed Workflow Traces Daniel K. Gunter and Brian Tierney Distributed Systems Department Lawrence Berkeley National Laboratory.
Section 2 Section 2.1 Identify hardware Describe processing components Compare and contrast input and output devices Compare and contrast storage devices.
29th ACSAC (December, 2013) SPIDER: Stealthy Binary Program Instrumentation and Debugging via Hardware Virtualization Zhui Deng, Xiangyu Zhang, and Dongyan.
Real Time Operating Systems Lecture 10 David Andrews
A performance evaluation approach openModeller: A Framework for species distribution Modelling.
Windows 2000 Course Summary Computing Department, Lancaster University, UK.
March 12, 2001 Kperfmon-MP Multiprocessor Kernel Performance Profiling Alex Mirgorodskii Computer Sciences Department University of Wisconsin.
Security Issues in Distributed Heterogeneous Systems Somesh Jha Computer Sciences Department University of Wisconsin Madison, WI
G53SEC 1 Reference Monitors Enforcement of Access Control.
Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.
Developer TECH REFRESH 15 Junho 2015 #pttechrefres h Understand your end-users and your app with Application Insights.
© 2001 Barton P. MillerParadyn/Condor Week (12 March 2001, Madison/WI) The Paradyn Port Report Barton P. Miller Computer Sciences Department.
Root Cause Analysis of Failures in Large-Scale Computing Environments Alex Mirgorodskiy, University of Wisconsin Naoya Maruyama, Tokyo.
© 2006, National Research Council Canada © 2006, IBM Corporation Solving performance issues in OTS-based systems Erik Putrycz Software Engineering Group.
© 2001 B. P. Miller & M. Livny (12-14 March 2001)Paradyn/Condor Week Agenda Paradyn/Condor Week 2001 Barton P. Miller Miron Livny
© 1999 Ariel TamchesFebruary 19, 1999OSDI ‘99 Fine-Grained Dynamic Instrumentation of Commodity Operating System Kernels Ariel Tamches Barton P. Miller.
Lecture 1: Network Operating Systems (NOS) An Introduction.
Making the “Box” Transparent: System Call Performance as a First-class Result Yaoping Ruan, Vivek Pai Princeton University.
© 2001 Week (14 March 2001)Paradyn & Dyninst Demonstrations Paradyn & Dyninst Demos Barton P. Miller Computer.
Lecture 5 Rootkits Hoglund/Butler (Chapters 1-3).
7-Nov Fall 2001: copyright ©T. Pearce, D. Hutchinson, L. Marshall Oct lecture23-24-hll-interrupts 1 High Level Language vs. Assembly.
Homework Reading Machine Projects Labs
Kernel Code Coverage Nilofer Motiwala Computer Sciences Department
Presented by Dr. Ramesh K. Karne
Evolution of Operating Systems
By Dunlap, King, Cinar, Basrai, Chen
Dept. of Computer Science, Univ. of Rochester
Efficient x86 Instrumentation:
System Calls David Ferry CSCI 3500 – Operating Systems
EE 472 – Embedded Systems Dr. Shwetak Patel.
Why Threads Are A Bad Idea (for most purposes)
A Bare PC Text Based Browser
Why Threads Are A Bad Idea (for most purposes)
Why Threads Are A Bad Idea (for most purposes)
Adaptive Operating Systems: An Architecture for Evolving Systems
Presentation transcript:

Self-Propelled Instrumentation Alex Mirgorodskiy Barton Miller Computer Sciences Department University of Wisconsin-Madison 1210 West Dayton Street Madison, WI USA

Self-propelled Instrumentation 2 Motivation Finding the causes of bugs and performance problems in production systems is hard Systems are complex and non-transparent –Multiple components, different vendors Anomalies are common –Intermittent –Environment-specific Users have little debugging expertise

Self-propelled Instrumentation 3 Vision New family of run-time tools: Autonomous Detailed Low-overhead Host A Host B Process P Process Q Agent network

Self-propelled Instrumentation 4 Applications Diagnostics of E-commerce systems –Find bugs by following the paths of individual requests through the system of Web and Database servers Diagnostics of Cluster and Grid systems –Work without process control facilities: Red Storm, BG/L –Start up without batch scheduler support Diagnostics of Interactive and Real-time systems –Find the causes of latency problems in multimedia –Trace a word said by one user through a phone network Enforcement of Security –Sandboxing and controlling execution

Self-propelled Instrumentation 5 Self-Propelled Instrumentation: Overview Insert an initial probe into a process The probe starts propagating –Inserts more probes ahead of the control flow The probes may monitor or control execution –Collect run-time data –Look for anomalies in the data

Self-propelled Instrumentation 6 Instrumentation without an external tool –Ultra-fast code insertion –Same mechanism for applications and the kernel Propagation –Instrument only what is necessary –Make decisions autonomously and on the fly Self-Propelled Instrumentation: Key Ideas

a.out bar 8430: 8431: 8433: 8444: 8446: 8449: 844b: 844c: push mov... int mov xor pop ret foo %ebp %esp,%ebp 0x80 %ebp,%esp %eax,%eax %ebp call jmp Patch1 instrument(foo) foo 0x8405 6cf5: 6d20: 6d27: 6d49: push... call... iret sys_call: %eax *%eax call jmp instrument(%eax) *%eax 0x6d27 Patch3 instrumenter.so /dev/instrumenter ioctl int jmp (INSTRUMENT_SYS) 0x80 0x8446 Patch2 patch jmp %ebp %esp,%ebp foo %ebp,%esp %ebp push mov... call mov pop ret 83f0: 83f1: 83f3: 8400: 8405: 8413: 8414: OS Kernel patch jmp Inject Activate Propagate

Self-propelled Instrumentation 8 Prototype Tool: spTracer Collects traces of function calls and returns Activates/deactivates at run time –Trace between two user-specified events Can trace unmodified applications Can trace the OS kernel code –System calls – follow control flow into the kernel –Hardware interrupts

Self-propelled Instrumentation 9 Propagation and Trace Collection call instrument(B) call traceEntry(B) call B call traceExit(B) jmp back... call C()... return... call B()... return jmp ApatchABB Overwrite call sites in the code –Fast: done with local memory operations Invoke tracing routines before and after each call

Self-propelled Instrumentation 10 Visualization: Nupshot Time-diagram of all function calls Nested rectangles = nested function calls

Self-propelled Instrumentation 11 Evaluation: DVD playback study Choppy DVD playback under Linux Same hardware works fine under Windows

Self-propelled Instrumentation 12 Evaluation: DVD playback study Activation –Start on the alarm timer to skip lengthy initialization/warm-up in MPlayer Propagation –Instrument both MPlayer and the kernel –Collect function-level traces Deactivation –Stop tracing after 250 msec (~6 frames)

Evaluation: DVD playback study Freeze is neither in a loop nor in a system call Also happened in other places in the code –Could not discover it with cumulative metrics (gprof) Preemption? User-level trace of MPlayer

Evaluation: DVD playback study User-level trace of MPlayer Kernel interrupts while MPlayer was running

Self-propelled Instrumentation 15 Evaluation: DVD playback study The time is spent handling interrupts from the DVD drive The root cause – ide_input_data that reads data from the drive 4 bytes at a time Solution – enable DMA ! Kernel interrupts under magnification

Self-propelled Instrumentation 16 Ongoing Work Cross process and host boundaries –Jump from one process to another –Reconstruct system-wide flows –Analyze collected data for anomalies Diagnostics of Cluster and Grid environments –Debugging the SCore batch scheduler –Joint work with Naoya Maruyama and Satoshi Matsuoka, Tokyo Institute of Technology Diagnostics of E-commerce environments

Self-propelled Instrumentation 17 Conclusion Analysis by following the control flow –Autonomous, detailed, low-overhead Analysis across the kernel boundary –Foundation for full-system analysis For further information: – –Come see the demo: Friday, CS 7355 –Paper: Mirgorodskiy and Miller, Autonomous analysis of interactive systems with self-propelled instrumentation,

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.