DOCSLIB.ORG

A Framework for Tracking Memory Accesses in Scientific Applications

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Framework for Tracking Memory Accesses in Scientific Applications A Framework for Tracking Memory Accesses in Scientific Applications Antonio J. Pena˜ Pavan Balaji Mathematics and Computer Science Division Mathematics and Computer Science Division Argonne National Laboratory Argonne National Laboratory Argonne, IL 60439 Argonne, IL 60439 Email: [email protected] Email: [email protected] Abstract—Profiling is of great assistance in understand- differently depending on the place from where it has ing and optimizing applications’ behavior. Today’s profiling been called (i.e., its stack trace), researchers devised techniques help developers focus on the pieces of code more advanced tools that use call graphs to orga- leading to the highest penalties according to a given per- nize profiling information. This approach is limited, formance metric. In this paper we describe a pair of tools we have extended to complement the traditional algorithm- however, to pointing to the conflicting piece of code oriented analysis. Our extended tools provide new object- consuming large portions of execution time; it does differentiated profiling capabilities that help software de- not provide any hint about the root of that time. velopers and hardware designers (1) understand access For instance, a highly optimized, compute-intensive patterns, (2) identify unexpected access patterns, and (3) task may legitimately be spending a considerable determine whether a particular memory object is con- amount of time, hiding other possible candidates for sistently featuring a troublesome access pattern. Memory objects found in this way may have gone unnoticed with optimization. the traditional profiling approach. This additional view may lead developers to think of different ways of storing A more informative approach consists of dif- data, leveraging different algorithms, or employing differ- ferentiating time spent in computation from that ent memory subsystems in future heterogeneous memory spent on memory accesses. In current multilevel systems. memory hierarchies, cache hits pose virtually no penalty, whereas cache misses are likely to lead I. INTRODUCTION to large amounts of processor stall cycles. Cache misses, therefore, are a commonly used metric to Analyzing applications’ performance has been determine whether a performance issue is caused by of interest since the early days of computers, with a troublesome data access pattern. the objective of exploiting the underlying hardware to the greatest possible extent. As computational In this regard, cache simulators have been used in power and the performance of data access paths optimizing applications [3], [4]. The main benefit of have been increasing, such analysis has become these is their flexibility, since they enable the cache less crucial in commodity applications. However, parameters to be easily changed and the analysis software profiling is still largely used to determine repeated for different architectures. A disadvantage the root of unexpected performance issues, and it is of this profiling approach, however, is the large highly relevant to the high-end computing commu- execution timings caused by the intrinsically large nity, where code is expected to be highly tuned. cache simulation and system emulation overheads. The first modern profiling approaches used code The introduction of hardware counters enabled a instrumentation to measure the time spent by dif- relatively accurate and fast method of profiling [5], ferent parts of applications [1], [2]. Recognizing [6], [7]. These are based mainly on sampling the that the same functional piece of code may behave hardware counters at a given frequency or deter- mined by certain events and relating these measure- memory subsystem on which to host the different ments with the code being executed. Both automated memory objects according to their access pattern. and user-driven tools exist for this purpose, and in The rest of the paper is organized as follows. some cases code instrumentation is not required. Section II introduces the Valgrind instrumentation Unlike their simulator-based counterpart, however, framework as the basis for our developed tools. these limit the analysis to the real platform on Sections III and IV describe our modifications to in- which they are executing on. Although different corporate per-object differentiation capabilities into architectures provide a different set of counters, the Valgrind core and the two tools we target. cache misses are commonly available and a widely Section V reviews related work, and Section VI used profiling metric. provides concluding remarks and ideas for future All these approaches are code focused. They work. point developers to the place of code showing large execution time or large amounts of cache misses. II. VALGRIND However, it is not uncommon to perform accesses to different memory objects from the same line of Valgrind is a generic instrumentation framework. code. For instance, a matrix-matrix multiplication A set of tools making use of this generic core implementation is very likely to access all the three constitute the Valgrind ecosystem. Valgrind’s most- memory buffers in the same line of code. In this used tool is Memcheck [12], a memory debugger, case, a code-oriented profiler would not provide executed by default on Valgrind’s invocation. enough information to determine the root of the Valgrind can be seen as a virtual machine. It problem. performs just-in-time compilation, translating the The approach pursued in this paper is intended code to a processor-agnostic intermediate represen- tation (IR), which the tools are free to analyze and to complement that view, differentiating those per- 2 formance metrics by memory object1 [8], [9]. The modify. Tools tend to use this process for inserting intent of this approach is to expose particular objects hooks (instrument) to perform different tasks at run showing problematic access patterns throughout the time. This code is taken back by the Valgrind core to execution lifetime, which may be imperceptible be executed. The process is performed repeatedly in from a traditional approach. This view focuses on chunks of code featuring a single entry and multiple data objects rather than lines of code. exit points, called “super blocks” (SBs), as depicted in Figure 1. In this paper we present a pair of tools we developed on top of state-of-the art technologies. The main drawback of this process is the incurred We incorporated per-object tracing capabilities into overhead. Typically the code translation process the widely used Valgrind instrumentation frame- itself—ignoring the tool’s tasks—poses an overhead work [10]. Next, we extended two of the tools from of around 4x to 5x. its large ecosystem to demonstrate the possibilities Valgrind exposes a rich API to its tools, plus a of this approach: Lackey [11] and Callgrind [4]. We client request mechanism for final applications to describe the intrinsics of our developments with the interact with the tools if needed. The API enables hope that they prove useful for subsequent exten- tools to interact with the Valgrind core, for instance, sions and research, such as profilers and runtime to inform the core of the required capabilities at systems targeting heterogeneous memory systems. initialization time, get debug information about the Indeed, we envision memory-object differentiation executed code generated by the compiler (typically to be a basic technique in these emerging systems code compiled with the -g option), manage stack as a means of determining the most appropriate traces, or get information about the thread status. It 1We refer as “memory object” to every memory entity as seen from 2The tools do not directly interact with the IR itself but, rather, with the code level, that is, statically and dynamically allocated variables a high-level application programming interface (API) and processed and buffers. data structures to manage it. Listing 1. Sample output from Lackey. I 04e9f363,5 S 7fefff4b8,8 I 04f23660,3 I 04f23663,7 L 05215e60,8 I 04f2366a,6 I 04f23670,6 I 04f23676,2 I 04f23691,3 I 04f23694,3 I 04f23697,2 ==16084== ==16084== Counted 1 call to main() ==16084== ==16084== Jccs: ==16084== total: 567,015 ==16084== taken: 312,383 ( 55%) ==16084== ==16084== Executed: ==16084== SBs entered: 511,667 ==16084== SBs completed: 357,784 ==16084== guest instrs: 3,279,975 ==16084== IRStmts: 18,712,277 ==16084== ==16084== Ratios: ==16084== guest instrs : SB entered = 64 : 10 ==16084== IRStmts : SB entered = 365 : 10 ==16084== IRStmts : guest instr = 57 : 10 Fig. 1. Simplified high-level view of the interaction between Valgrind ==16084== and its tools. ==16084== Exit code: 0 also provides a set of high-level containers such as a arrays, sets, or hash tables. In addition, it facilitates from this tool with the memory tracing functionality the possibility of intercepting the different memory enabled. allocation calls to enable tools to provide specific Our extensions enable Lackey to differentiate wrappers for them. The client request mechanism memory accesses to different objects, which will enables capabilities such as starting and stopping the provide application developers and hardware design- tool instrumentation on demand to save execution ers with information about raw access patterns to the time on uninteresting portions of code. different memory objects. In the following we introduce the two tools we have extended: Lackey and Callgrind. B. Callgrind Callgrind is autodefined as “a call-graph gener- A. Lackey ating cache and branch prediction profiler” and is Lackey is an example tool designed to show intended to be a profiling tool. By default, it collects Valgrind’s capabilities and its interaction with tools. the number of instructions, the number of function Its main functionality is to provide basic statistics calls, and the caller-callee relationship among func- about the executed code, such as number of calls tion calls (the call graph). All this data is related to to user-specified functions, number of conditional their source lines of code. If the cache simulation is branches, amount of superblocks, and number of enabled, cache misses can be used as a performance guest instructions. It can also provide counts of load, metric.
Load more

Recommended publications
  • Memory Diagrams and Memory Debugging
    CSCI-1200 Data Structures | Spring 2020 Lab 4 | Memory Diagrams and Memory Debugging Checkpoint 1 (focusing on Memory Diagrams) will be available at the start of Wednesday's lab. Checkpoints 2 and 3 focus on using a memory debugger. It is highly recommended that you thoroughly read the instructions for Checkpoint 2 and Checkpoint 3 before starting. Memory debuggers will be a useful tool in many of the assignments this semester, and in C++ development if you work with the language outside of this course. While a traditional debugger lets you step through your code and examine variables, a memory debugger instead reports memory-related errors during execution and can help find memory leaks after your program has terminated. The next time you see a \segmentation fault", or it works on your machine but not on Submitty, try running a memory debugger! Please download the following 4 files needed for this lab: http://www.cs.rpi.edu/academics/courses/spring20/csci1200/labs/04_memory_debugging/buggy_lab4. cpp http://www.cs.rpi.edu/academics/courses/spring20/csci1200/labs/04_memory_debugging/first.txt http://www.cs.rpi.edu/academics/courses/spring20/csci1200/labs/04_memory_debugging/middle. txt http://www.cs.rpi.edu/academics/courses/spring20/csci1200/labs/04_memory_debugging/last.txt Checkpoint 2 estimate: 20-40 minutes For Checkpoint 2 of this lab, we will revisit the final checkpoint of the first lab of this course; only this time, we will heavily rely on dynamic memory to find the average and smallest number for a set of data from an input file. You will use a memory debugging tool such as DrMemory or Valgrind to fix memory errors and leaks in buggy lab4.cpp.
    [Show full text]
  • Automatic Detection of Uninitialized Variables
    Automatic Detection of Uninitialized Variables Thi Viet Nga Nguyen, Fran¸cois Irigoin, Corinne Ancourt, and Fabien Coelho Ecole des Mines de Paris, 77305 Fontainebleau, France {nguyen,irigoin,ancourt,coelho}@cri.ensmp.fr Abstract. One of the most common programming errors is the use of a variable before its definition. This undefined value may produce incorrect results, memory violations, unpredictable behaviors and program failure. To detect this kind of error, two approaches can be used: compile-time analysis and run-time checking. However, compile-time analysis is far from perfect because of complicated data and control flows as well as arrays with non-linear, indirection subscripts, etc. On the other hand, dynamic checking, although supported by hardware and compiler tech- niques, is costly due to heavy code instrumentation while information available at compile-time is not taken into account. This paper presents a combination of an efficient compile-time analysis and a source code instrumentation for run-time checking. All kinds of variables are checked by PIPS, a Fortran research compiler for program analyses, transformation, parallelization and verification. Uninitialized array elements are detected by using imported array region, an efficient inter-procedural array data flow analysis. If exact array regions cannot be computed and compile-time information is not sufficient, array elements are initialized to a special value and their utilization is accompanied by a value test to assert the legality of the access. In comparison to the dynamic instrumentation, our method greatly reduces the number of variables to be initialized and to be checked. Code instrumentation is only needed for some array sections, not for the whole array.
    [Show full text]
  • Memory Debugging
    Center for Information Services and High Performance Computing (ZIH) Memory Debugging HRSK Practical on Debugging, 03.04.2009 Zellescher Weg 12 Willers-Bau A106 Tel. +49 351 - 463 - 31945 Matthias Lieber ([email protected]) Tobias Hilbrich ([email protected]) Content Introduction Tools – Valgrind – DUMA Demo Exercise Memory Debugging 2 Memory Debugging Segmentation faults sometimes happen far behind the incorrect code Memory debuggers help to find the real cause of memory bugs Detect memory management bugs – Access non-allocated memory – Access memory out off allocated bounds – Memory leaks – when pointers to allocated areas get lost forever – etc. Different approaches – Valgrind: Simulation of the program run in a virtual machine which accurately observes memory operations – Libraries like ElectricFence, DMalloc, and DUMA: Replace memory management functions through own versions Memory Debugging 3 Memory Debugging with Valgrind Valgrind detects: – Use of uninitialized memory – Access free’d memory – Access memory out off allocated bounds – Access inappropriate areas on the stack – Memory leaks – Mismatched use of malloc and free (C, Fortran), new and delete (C++) – Wrong use of memcpy() and related functions Available on Deimos via – module load valgrind Simply run program under Valgrind: – valgrind ./myprog More Information: http://www.valgrind.org Memory Debugging 4 Memory Debugging with Valgrind Memory Debugging 5 Memory Debugging with DUMA DUMA detects: – Access memory out off allocated bounds – Using a
    [Show full text]
  • GC Assertions: Using the Garbage Collector to Check Heap Properties
    GC Assertions: Using the Garbage Collector to Check Heap Properties Edward Aftandilian Samuel Z. Guyer Tufts University Tufts University 161 College Ave 161 College Ave Medford MA Medford MA [email protected] [email protected] ABSTRACT The goal of this work is to develop a general mechanism, which GC assertion ex- This paper introduces GC assertions, a system interface that pro- we call a , that allows the programmer to express pected grammers can use to check for errors, such as data structure in- properties of data structures and convey this information to variant violations, and to diagnose performance problems, such as the garbage collector. The key is that many useful, non-trivial prop- memory leaks. GC assertions are checked by the garbage collec- erties can be easily checked by the garbage collector at GC time, tor, which is in a unique position to gather information and answer imposing little or no run-time overhead. The collector triggers the questions about the lifetime and connectivity of objects in the heap. assertion if it finds that the expected properties have been violated. We introduce several kinds of GC assertions, and we describe how While GC assertions require extra programmer effort, they cap- they are implemented in the collector. We also describe our report- ture application-specific properties that programmers want to check ing mechanism, which provides a complete path through the heap and can easily express. For example, we provide a GC assertion to to the offending objects. We show results for one type of asser- verify that a data structure is reclaimed at the next collection when tion that allows the programmer to indicate that an object should the programmer expects it to be garbage.
    [Show full text]
  • Heapviz: Interactive Heap Visualization for Program Understanding and Debugging
    Heapviz: Interactive Heap Visualization for Program Understanding and Debugging 1 Abstract Understanding the data structures in a program is crucial to understanding how the program works, or why it doesn’t work. Inspecting the code that implements the data structures, however, is an arduous task and often fails to yield insights into the global organization of a program’s data. Inspecting the actual contents of the heap solves these problems but presents a significant challenge of its own: finding an effective way to present the enormous number of objects it contains. In this paper we present Heapviz, a tool for visualizing and exploring snapshots of the heap obtained from a running Java program. Unlike existing tools, such as tra- ditional debuggers, Heapviz presents a global view of the program state as a graph, together with powerful interactive capabilities for navigating it. Our tool employs sev- eral key techniques that help manage the scale of the data. First, we reduce the size and complexity of the graph by using algorithms inspired by static shape analysis to aggregate the nodes that make up a data structure. Second, we implement a power- ful visualization component whose interactive interface provides extensive support for exploring the graph. The user can search for objects based on type, connectivity, and field values; group objects; and color or hide and show each group. The user may also inspect individual objects to see their field values and neighbors in the graph. These interactive abilities help the user manage the complexity of these huge graphs. By applying Heapviz to both constructed and real-world examples, we show that Heapviz provides programmers with a powerful and intuitive tool for exploring program behavior.
    [Show full text]
  • Efficient and Programmable Support for Memory Access Monitoring And
    Appears in the Proceedings of the 13th International Symposium on High-Performance Computer Architecture (HPCA-13), February 2007. MemTracker: Efficient and Programmable Support for Memory Access Monitoring and Debugging ∗ Guru Venkataramani Brandyn Roemer Yan Solihin Milos Prvulovic Georgia Tech Georgia Tech North Carolina State University Georgia Tech [email protected] [email protected] [email protected] [email protected] Abstract many of these tasks, performance overheads of such tools are prohibitive, especially in post-deployment monitoring of live Memory bugs are a broad class of bugs that is becoming (production) runs where end users are directly affected by the increasingly common with increasing software complexity, overheads of the monitoring scheme. and many of these bugs are also security vulnerabilities. Un- One particularly important and broad class of program- fortunately, existing software and even hardware approaches ming errors is erroneous use or management of memory for finding and identifying memory bugs have considerable (memory bugs). This class of errors includes pointer arith- performance overheads, target only a narrow class of bugs, metic errors, use of dangling pointers, reads from unini- are costly to implement, or use computational resources in- tialized locations, out-of-bounds accesses (e.g. buffer over- efficiently. flows), memory leaks, etc. Many software tools have been This paper describes MemTracker, a new hardware sup- developed to detect some of these errors. For example, Pu- port mechanism that can be configured to perform different rify [8] and Valgrind [13] detect memory leaks, accesses to kinds of memory access monitoring tasks. MemTracker as- unallocated memory, reads from uninitialized memory, and sociates each word of data in memory with a few bits of some dangling pointer and out-of-bounds accesses.
    [Show full text]
  • Secure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack
    Secure Virtual Architecture: Using LLVM to Provide Memory Safety to the Entire Software Stack John Criswell, University of Illinois Andrew Lenharth, University of Illinois Dinakar Dhurjati, DoCoMo Communications Laboratories, USA Vikram Adve, University of Illinois What is Memory Safety? Intuitively, the guarantees provided by a safe programming language (e.g., Java, C#) Array indexing stays within object bounds No uses of uninitialized variables All operations are type safe No uses of dangling pointers Control flow obeys program semantics Sound operational semantics Benefits of Memory Safety for Commodity OS Code Security Memory error vulnerabilities in OS kernel code are a reality1 Novel Design Opportunities Safe kernel extensions (e.g. SPIN) Single address space OSs (e.g. Singularity) Develop New Solutions to Higher-Level Security Challenges Information flow policies Encoding security policies in type system 1. Month of Kernel Bugs (http://projects.info-pull.com/mokb/) Secure Virtual Architecture Commodity OS Virtual ISA Compiler + VM Hardware Native ISA Compiler-based virtual machine underneath software stack Uses analysis & transformation techniques from compilers Supports commodity operating systems (e.g., Linux) Typed virtual instruction set enables sophisticated program analysis Provide safe execution environment for commodity OSs Outline SVA Architecture SVA Safety Experimental Results SVA System Architecture Applications Safety Checking Compiler OS Kernel Drivers OS Memory Allocator SVA ISA Safety Verifier
    [Show full text]
  • Debugging Memory Problems on Cray XT Supercomputers with Totalview Debugger
    Debugging Memory Problems on Cray XT Supercomputers with TotalView Debugger Chris Gottbrath, Ariel Burton TotalView Technologies Robert Moench, Luiz DeRose Cray Inc. ABSTRACT: The TotalView Source Code Debugger gives scientists and engineers a way to debug memory problems on the Cray XT series supercomputer. Memory problems such as memory leaks, array bounds violations, and dangling pointers are difficult to track down with conventional tools on even a simple desktop architecture – they can be much more vexing when encountered on a distributed parallel architecture like that of the XT. KEYWORDS: Programming Environment Tools, Debuggers, Memory Debuggers, Cray XT Series 1. Introduction 2. Classes Of Memory Errors The purpose of this paper is to highlight the Programs typically make use of several different availability of memory debugging on the Cray XT series categories of memory that are managed in different supercomputer. Scientists and engineers taking ways. These include stack memory, heap memory, shared advantage of the unique capabilities of the Cray XT can memory, thread private memory and static or global now identify problems like memory leaks and heap memory. Programmers have to pay special attention, allocation bounds violations – problems that are though, to memory that is allocated out of the Heap extremely difficult and tedious to track down without the Memory. This is because the management of heap kinds of capabilities described here. memory is done explicitly in the program rather than implicitly at compile or run time. We begin by discussing and categorizing memory errors then provide a brief overview of both TotalView There are quite a number of ways that a program can Source Code Debugger and the Cray XT Series.
    [Show full text]
  • Detecting Memory Related Errors Using a Valgrind Tool Suite and Detecting Data Races Using Thread Sanitizer Clang
    Volume 6, No. 2, March-April 2015 International Journal of Advanced Research in Computer Science RESEARCH PAPER Available Online at www.ijarcs.info Detecting Memory Related Errors using a Valgrind Tool Suite and Detecting Data Races using Thread Sanitizer Clang Saroj. A.Shambharkar Kavikulguru Institute of Technology and Science Nagpur, India Abstract: It is important for a programmer to detect data races when a programming is done under concurrent systems or using shared memory or parallel programming. Many researchers are implementing their applications using the parallel programming and even for simple c programs ,they are not much concentrating on memory issues,accuracy of a result obtained, speed. It is important and one must take care it. There may found data races in their application code which has to be resolve and for that some data race detectors are required. There is also a need of detecting the memory related problems that may occur with shared memory. As a result of such memory related bugs and data races, the system may slow down the speed of the execution of a program .To improve the speed,the valgrind tool suite is used for memory related problems and ThreadSanitizer is used for detecting data races and some authors used Intel Thread Checker,ADAT,on-the-fly techniques for detecting them. Some tools are reducing the false positives but removing all false positives. Valgrind is providing a number of debugging and profiling tools that helps in improving the accuracy and to enhance the performance of system. This paper is demonstrating and showing the different results obtained by using the mentioned tool suite.
    [Show full text]
  • Introduction to C++ for Java Users
    Introduction Memory management Standard Template Library Classes and templates Introduction to C++ for Java users Leo Liberti DIX, Ecole´ Polytechnique, Palaiseau, France I semester 2006 Leo Liberti Introduction to C++ for Java users Introduction Programming style issues Memory management Main differences Standard Template Library Development of the first program Classes and templates Preliminary remarks Teachers Leo Liberti: [email protected]. TDs: Pietro Belotti [email protected], Claus Gwiggner [email protected] Aim of the course Introducing C++ to Java users Means Develop a simple C++ application which performs a complex task http://www.lix.polytechnique.fr/~liberti/teaching/c++/ fromjava/ Leo Liberti Introduction to C++ for Java users Introduction Programming style issues Memory management Main differences Standard Template Library Development of the first program Classes and templates Course structure Timetable Lecture: Wednesday 20/9/06 14:00-15:30, Amphi Pierre Curie TDs: 21-22/9: 8-10, 10:15-12:15, 13:45-15:45, 16-18, S.I. 34-35 25/9/06: 8-10, 10:15-12:15, S.I. 34-35 Course material (optional) Bjarne Stroustrup, The C++ Programming Language, 3rd edition, Addison-Wesley, Reading (MA), 1999 Stephen Dewhurst, C++ Gotchas: Avoiding common problems in coding and design, Addison-Wesley, Reading (MA), 2002 Herbert Schildt, C/C++ Programmer’s Reference, 2nd edition, Osborne McGraw-Hill, Berkeley (CA) Leo Liberti Introduction to C++ for Java users Introduction Programming style issues Memory management Main differences
    [Show full text]
  • Thread & Memory Debugger
    Thread & Memory Debugger Klaus-Dieter Oertel Intel IAGS HLRN User Workshop, 3-6 Nov 2020 Optimization Notice Copyright © 2020, Intel Corporation. All rights reserved. *Other names and brands may be claimed as the property of others. Debug Memory & Threading Errors Intel® Inspector Find and eliminate errors ▪ Memory leaks, invalid access… ▪ Races & deadlocks ▪ C, C++ and Fortran (or a mix) Simple, Reliable, Accurate ▪ No special recompiles Use any build, any compiler1 Clicking an error instantly displays source ▪ Analyzes dynamically generated or linked code code snippets and the call stack ▪ Inspects 3rd party libraries without source ▪ Productive user interface + debugger integration Fits your existing ▪ Command line for automated regression analysis process Optimization Notice 1That follows common OS standards. Copyright © 2020, Intel Corporation. All rights reserved. 3 *Other names and brands may be claimed as the property of others. Race Conditions Are Difficult to Diagnose They only occur occasionally and are difficult to reproduce Correct Incorrect Shared Shared Thread 1 Thread 2 Thread 1 Thread 2 Counter Counter 0 0 Read count 0 Read count 0 Increment 0 Read count 0 Write count ➔ 1 Increment 0 Read count 1 Increment 0 Increment 1 Write count ➔ 1 Write count ➔ 2 Write count ➔ 1 Optimization Notice Copyright © 2020, Intel Corporation. All rights reserved. 4 *Other names and brands may be claimed as the property of others. Deliver More Reliable Applications Intel® Inspector and Intel® Compiler Intel® Inspector Memory Errors Threading Errors ▪ Dynamic instrumentation ▪ No special builds ▪ Any compiler1 • Invalid Accesses • Races ▪ Source not required • Memory Leaks • Deadlocks • Uninit. Memory Accesses • Cross Stack References Intel® Compiler Pointer Errors ▪ Pointer checker • Out of bounds accesses • Dangling pointers ▪ Run time checks ▪ C, C++ Find errors earlier with less effort 1That follows common OS standards.
    [Show full text]
  • SCARPE: a Technique and Tool for Selective Capture and Replay of Program Executions∗
    SCARPE: A Technique and Tool for Selective Capture and Replay of Program Executions∗ Shrinivas Joshi Alessandro Orso Advanced Micro Devices Georgia Institute of Technology [email protected] [email protected] Abstract used. For another example, capture and replay would also allow for performing dynamic analyses that impose a high Because of software’s increasing dynamism and the het- overhead on the execution time. In this case, we could capture erogeneity of execution environments, the results of in-house executions of the uninstrumented program and then perform testing and maintenance are often not representative of the the expensive analyses off-line, while replaying. way the software behaves in the field. To alleviate this prob- State of the Art. Most existing capture-replay techniques lem, we present a technique for capturing and replaying par- and tools (e.g., WinRunner [17]) are defined to be used in- tial executions of deployed software. Our technique can be house, typically during testing. These techniques cannot used for various applications, including generation of test be used in the field, where many additional constraints ap- cases from user executions and post-mortem dynamic anal- ply. First, traditional techniques capture complete executions, ysis. We present our technique and tool, some possible appli- which may require to record and transfer a huge volume of cations, and a preliminary empirical evaluation that provides data for each execution. Second, existing techniques typi- initial evidence of the feasibility of our approach. cally capture inputs to an application, which can be difficult and may require ad-hoc mechanisms, depending on the way 1 Introduction the application interacts with its environment (e.g., via a net- Today’s software is increasingly dynamic, and its complexity work, through a GUI).
    [Show full text]