How to Increase Applica on Security & Reliability with So ware in Silicon Technology
Angelo Rajuderai, SPARC Technology Lead, Oracle Systems Partners Ikroop Dhillon, Principal Product Manager, Oracle Solaris Studio July, 2014
Please Stand By. This session will begin promptly at the me indicated on the agenda. Thank You.
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
1 Safe Harbor Statement The following is intended to outline our general product direc on. It is intended for informa on purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or func onality, and should not be relied upon in making purchasing decisions. The development, release, and ming of any features or func onality described for Oracle’s products remains at the sole discre on of Oracle.
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 2 Agenda
1 Hardware and So ware Engineered to work together
2 So ware in Silicon Overview
3 Security with Applica on Data Integrity
4 Oracle Solaris Studio Development Tools
5 Q + A
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 3 The Unique Oracle Advantage Hardware and Software Engineered to Work Together
One Engineering Team
vs
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Application Accelerators In SPARC T5 The Integrated Stack Advantage
One Engineering Team
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Partners Benefit from Innova on & Integra on All Software Benefit
System Software
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle SPARC No Change in ABI
Your exis ng apps just run be er ..
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | The M7 Chip
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | • 32 SPARC Cores M7 Processor • Fourth Genera on CMT Core (S4) • Dynamically Threaded, 1 to 8 Threads Per Core • New Cache Organiza ons • Shared Level 2 Data and Instruc on Caches COREExtreme CORE CORE CORE CLUSTER CLUSTER CLUSTER CLUSTER • 64MB Shared & Par oned Level 3 Cache Performance • DDR4 DRAM • Up to 2TB Physical Memory per Processor
INTERCONNECT INTERCONNECT • 2X-3X Memory Bandwidth over Prior Genera ons MEMORY CONTROL ACCELERATORS COHERENCE, SMP & I/O I/O & COHERENCE,SMP • PCIe Gen3 Support L3$ & ON-CHIP
ACCELERATORS ACCELERATORS NETWORK • MEMORY CONTROL CONTROL MEMORY Applica on Accelera on • Real- me Applica on Data Integrity • Concurrent Memory Migra on and VA Masking
CORE CORE CORE CORE • DB Query Offload Engines CLUSTER CLUSTER CLUSTER CLUSTER
INTERCONNECT INTERCONNECT • SMP Scalability from 1 to 32 Processors COHERENCE, SMP & I/O I/O & COHERENCE,SMP • Coherent Memory Clusters • Technology: 20nm, 13ML
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 5 M7 Processor Performance
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 12 “… the Ul mate So ware Op miza on is Hardware…
John Fowler
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | So ware Accelera on Integrated into Hardware Over all Strategy to move So ware features into Hardware
Database Query Application DB 12c Acceleration JVM Op miza on Acceleration Hardware • In Memory •Completely in Op miza on moved to •Move So ware op miza on to •Large Memory hardware hardware •So ware systems op miza on only
HW SW Current • Work on • Comp DB tes ng Oracle Compress • Memor Tradi onal Studio Hardware based ed data res- tools Tools sion y • low • Wire Bandwi • 200X • Reduced overhead Real time • Perf overhead overhead Data speed dth Application Uncompr Data Integrity Decompression Penalt Limited ess y
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al Hardware So ware & Silicon Engineered to Work Together So ware in Silicon
Performance Reliability/Security DB In-Memory Applica on Data Accelera on Engines Integrity
Capacity Revolu on, Compression Engines Not Evolu on!
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | List of So ware in Silicon Features • Applica on Data Integrity
• Virtual Address (VA) Masking
• Database Query Accelerator Engine
• Fine Grain Memory Migra on
• On-Chip Uncompression
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al So ware in Silicon Cloud Third Party developers can benefit from the So ware in Silicon • So ware in Silicon Cloud available TODAY! • Access to M7 Hardware • Secure environment to develop, build and test your applica on with So ware in Silicon features • Open to ISV Partners and Customer • Developer tools and IPS pkg repository included • “How to” Guides and technical support included • Need to sign Beta Legal Agreement
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Restricted 20 Safe Harbor Statement The following is intended to outline our general product direc on. It is intended for informa on purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or func onality, and should not be relied upon in making purchasing decisions. The development, release, and ming of any features or func onality described for Oracle’s products remains at the sole discre on of Oracle.
h ps://SWiSDev.Oracle.COM/
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 16 Memory Corrup on – The Problem
• Applica ons vulnerable to memory corrup on caused by so ware error. • Major source of database and OS corrup ons and crashes • Databases and OS(s) have tens of millions of lines of code, developed by distributed teams of thousands of developers, so errors introduced by a subsystem could adversely affect one or more subsystems. • Buffer overflows are a major source of security exploits • In-memory database increases exposure – terabytes of cri cal data in-memory • Memory corrup on bugs are extremely hard to find • Vic m thread finds corrupted data long a er corrup on happens.
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al
“… this is the most important thing we have done in Silicon in may be ever…” … because even smart programmers make mistakes” Larry Ellison
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Applica on Data Integrity • Near Real- me Data Integrity M7 M7 Core Pipeline Execu on Memory & Caches Checking in Dev, Test & Produc on version 64Bytes ld … • Version Metadata Associated with version 64Bytes st … version address version 64Bytes 64Byte Aligned Memory Data version 64Bytes • Metadata Stored in Memory, Maintained version 64Bytes Version Miscompare Throughout the Cache Hierarchy and All version 64Bytes Interconnects version 64Bytes version 64Bytes ld … • Memory Version Metadata Checked st … version address Version Memory Against Reference Version by Core Load/ Metadata Data Reference Store Units Versions • HW Implementa on, Very Low Overhead Safeguards Against Invalid/Stale References and • Enables Applica ons to Inspect Buffer Overruns for Solaris and DB Clients Faul ng References, Diagnose and Take Appropriate Recovery Ac ons
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al 13 Drama c Reduc on in over head with ADI
Test Case: gcc compile
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al 20 Safe Harbor Statement The following is intended to outline our general product direc on. It is intended for informa on purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or func onality, and should not be relied upon in making purchasing decisions. The development, release, and ming of any features or func onality described for Oracle’s products remains at the sole discre on of Oracle.
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 21 Heartbleed - Impacted Websites using OpenSSL
Heartbeat request sent Vic m responds with to vic m requested payload size (64K bytes) Type Payload_size Payload Type Payload_size Payload HB_REQUEST 65535 Hello HB_RESPONSE 65535 Hello ………. ………………….
Payload_size does not match Payload Unauthorized data returned to requestor
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 22 How can you use the ADI APIs
• Oracle’s So ware enhanced with ADI – Ex. Oracle DB uses ADI in SGA. • Solaris malloc() enhanced with ADI - libadimalloc – LD_PRELOAD able with no applica on change • Solaris ADI API – Add ADI to applica ons – Libraries in libc in Solaris 11.2 • Studio Discover tool with ADI – Find and fix bugs during development – Available on Studio 12.4 All of the above available on the SWiSDev cloud
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al Oracle Solaris Studio Ikroop Dhillon, Principal Product Manager
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
24 Oracle Solaris Studio
Security
Produc vity Performance
Integra on
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 25 Mul -language Applica on IDE Development Analy cs
COMPLETE TOOLSUITE
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 26 Complete & Comprehensive Toolsuite
Mul -language Development Applica on Analy cs
C, C++ Compilers Code Analyzer
Fortran Compiler Performance Analyzer Debugger Thread Analyzer Performance Library
IDE
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 27 Secure So ware – Made Simple With Applica on Data Integrity and Oracle Solaris Studio Integrated + = Simple Complete
Applica on Data Integrity Oracle Solaris Studio Memory a ack protec on Comprehensive so ware analysis Near-zero overhead ADI integra on Easy and embedded Simple, fast, easy to use
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 28 ADI in Development and Deployment Memory Error Checking in Silicon
ADI in Development ADI in Deployment Increase Applica on Reliability Ensure Data Integrity
Applica on
Oracle Solaris Studio Code Analyzer Find and fix memory corrup on Real- me data protec on errors
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 29 Code Analyzer Increase Applica on Security & Reliability • Simple, intui ve, easy to use • Rapid iden fica on of memory corrup on errors, including ADI support • Advanced error filtering and sor ng • Comprehensive sta c, dynamic and code coverage analysis
Error Type Memory Error Loca on alloca on
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 30 “We used the Oracle Solaris Studio Code Analyzer for memory leak protec on and it helped us be more proac ve and improve our efficiency by 50%. Our developers were impressed with ease of use and depth of data provided by the Oracle Solaris Studio analysis tool suite.” – Mr. Fu Tingsheng, Director of Engineering, AsiaInfo
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 31 Performance Analyzer Op mize Applica on Performance • Enable development teams to easily increase app performance • Quick iden fica on of bo lenecks with intui ve UI • Rich set of performance metrics • Remote and cross-pla orm analysis • Supports Java, C, C++, Fortran, and OpenMP
Data organized by a Visualize me spent Call stack for variety of Views across mul ple threads selected event
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 32 Overview Screen View a summary of performance metrics
Experiment Overview
Summary of important metrics
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 33 Func ons View Understand which func ons are taking the most me
Func ons View
Time spent across different func ons Caller and callees of selected func on
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 34 Source View Drill to source and iden fy hotspots
Source View
Drill down to the source line
Hotspots highlighted
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 35 Timeline View Visualize me spent
Timeline View
Timeline of events
Call stack for selected event
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 36 “The Oracle Solaris Studio development tools are world class; we use the Performance Analyzer on Oracle Solaris to tune and op mize our applica ons which also typically yields performance benefits across all of our pla orms.” – Bub Huemmer, So ware Development Manager, SAS
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 37 Thread Analyzer Simplify Mul core Programming • Quickly iden fy race and deadlock condi ons • Improve developer efficiency • Supports Solaris threads, P-threads, OpenMP 4.0
Data organized by a variety of Views, Quickly iden fy including Dual Source race condi ons
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 38 Oracle Solaris Studio IDE Maximize Produc vity • Specifically tailored for C/C++ developers, includes C++11 support • Remotely build, debug, run and analyze • Small IDE memory footprint and fast response mes simplify development of large apps • Custom extensions for Oracle DB and Oracle Tuxedo development • Extend with NetBeans Plug-ins Monitor CPU, Memory Feature-rich language- and Thread usage aware code editor
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 39 Remote Development Increase Efficiency
• Develop applica ons from virtually any desktop environment • IDE can remotely build, debug, analyze • Performance Analyzer can remotely collect app performance data and analyze results
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 40
Remote Development Flavors
Systems Technology Communica ons Forum Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal 41 Oracle Solaris Studio IDE Memory Footprint
7K files 16K files 13M LOC 6M LOC
1.5 GB 0.8 GB
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 42 Oracle Solaris Studio IDE Parse Time
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 43 Fastest SPARC Applica on Performance
Oracle Solaris Studio Speed Oracle Solaris Studio Throughput Performance Performance
* System used: Oracle SPARC M7, Es mated results from SPEC CPU2006 benchmarks, see disclosure statement
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 44 Fastest x86 Applica on Performance
Oracle Solaris Studio on Oracle x86 Oracle Solaris Studio on Oracle x86 Haswell (untuned results) Ivy Bridge/EP/EX Est. Speedup Est. Speedup
* Es mated results from SPEC CPU2006 benchmarks, see disclosure statement
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 45 C++ 2011 Standard
• Rvalue references! § Universal character name literals! • Non-static data member initializers! § Standard Layout Types! • Variadic templates! § Defaulted functions! • Extending variadic template template parameters! § Deleted functions! • Static assertions! § Extended friend declarations! • auto-typed variables! § Extended sizeof! • Multi-declarator auto! § Inline namespaces! • Leading C++11 implementa on • New function declarator syntax! § Unrestricted unions! • Declared type of an expression § Local and unnamed types as template with best performance (decltype)! arguments! • Right angle brackets for templates! § Range-based for! • Default template arguments for function • All features implemented, templates! § Explicit virtual overrides! • Template aliases! § Allowing move constructors to throw! except: • Extern templates! § Defining move special member functions! • Null pointer constant! § Type Traits! – User-defined literals • Strongly-typed enums! § Noexcept! • Forward declarations for enums (opaque)! § Constexpr! – C++11 concurrency, atomic • Generalized constant expressions! • Thread-local storage! • Alignment support! • Full support for Lambda expressions! opera ons, and memory model § Explicit conversion operators! • Full support for Initializer lists! § New character types! • Delegating constructors! § Unicode string literals! • Inheriting constructors! § Raw string literals!
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 46 Oracle Solaris Studio Complete & Comprehensive Toolsuite Mul -language Development Applica on Analy cs
C, C++ Compilers Code Analyzer Deliver record-se ng app Increases applica on reliability performance and security Fortran Compiler Performance Analyzer Op mizes compute intensive app Maximizes applica on performance performance by orders of Debugger magnitude Ensures app correctness Thread Analyzer Simplifies complex parallel Performance Library programming errors Advanced numerical solver libraries
IDE specifically geared for C/C++ developers
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 47 Hardware and So ware Engineered to Work Together
Oracle Applica ons
Custom Oracle SPARC Developer systems Extensions A Be er Development Development Pla orm Pla orm Oracle x86 Oracle Linux systems
Oracle Solaris
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 48 “The combina on of Oracle Solaris and Oracle Solaris Studio delivers a robust and reliable pla orm with high performance, high efficiency and high value.” – Jerry Chen, Senior Manager of Telecom So ware Product Department, Capitek
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 49 Oracle Solaris Studio 12.4
Highlights: • Applica on security with So ware in Silicon ADI Security • Memory leak protec on with Code Analyzer • Rapid iden fica on of performance bo lenecks • Performance op miza ons for latest systems: Produc vity Performance Oracle SPARC, Intel x86, Fujitsu • C++ 2011 and valida on with BOOST • Efficient code edi ng of large apps with IDE
Integra on
* Oracle Solaris Studio 12.4, 4/15 PSE required for SPARC M7 performance and ADI support – Available through MOS
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Confiden al – Internal/Restricted/Highly Restricted 50 “Oracle Solaris Studio 12.4 will certainly help Murex to con nue to enhance the MX.3 code produc on tool-chain in a safe and integrated manner towards higher quality and produc vity.” – Marwan Khalil, Global Head of Core Technologies, Murex
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 51 Availability and Support
• Availability – OTN download • License – Perpetual no-cost license, allows for produc on use • Oracle Solaris Development Tools Support: – Oracle Premier Support Offering – Unlimited 24x7 service requests and access to MOS for patches, fixes, PSEs – $1200 per year per user – Oracle Life me Support
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 52 Q+A Learn More; Stay Connected
• oracle.com/goto/solarisstudio
• @SolarisStudio
• facebook.com/oraclesolarisstudio
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 53 Keep Learning with Training from Oracle University
• Hands-on training delivered in-class or online by tenured instructors around the world • New subscrip on-based learning services to give you any- me access to training • Cer fica on programs to validate your skills
educa on.oracle.com
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 54 Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 55 Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 56 Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 57 Mul -language Development
Mul -language Development Applica on Analy cs
C, C++ Compilers Code Analyzer
Fortran Compiler Performance Analyzer Debugger Thread Analyzer Performance Library
IDE
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 58 Debugger Increase Applica on Stability & Quality • Most stable debugger in the industry • Quick debugging of both GCC and Oracle Solaris Studio binaries • Interac ve, source-level, real- me and postmortem debugging • Available through graphical debugging solu on or command line interface
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 59 Performance Library Highly Op mized Mathema cal Subrou nes • Highly tuned for Oracle SPARC and x86 systems • Includes enhanced and newly added mathema cal subrou nes • Used by leading financial ins tu ons for maximizing compute-intensive applica on performance • Leverage paralleliza on features of the Oracle Solaris Studio C, C++, and Fortran Compilers
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 60 Applica on Analy cs
Mul -language Development Applica on Analy cs
C, C++ Compilers Code Analyzer
Fortran Compiler Performance Analyzer Debugger Thread Analyzer Performance Library
IDE
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 61 Solaris Binary Compa bility Guarantee Unmatched Compa bility Preserves Investment • Ensures binaries created on older versions of Solaris will con nue to run on newer versions • 20+ year track record of delivering unmatched binary compa bility • Allows developers to intermix object files created with different compiler versions
Guaranteed + = Compa bility
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | 62 Q+A
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
63