Embed Size (px)
DESCRIPTION
Thread-Safe Dynamic Binary Translation using Transactional Memory. JaeWoong Chung, Michael Dalton, Harri Kannan and Christos Kozyrakis (HPCA 2008). LBA reading group 02/07/2008 by Evangelos Vlachos. Introduction. Wide spectrum of DBT applicability - PowerPoint PPT Presentation
Citation preview
Thread-Safe Dynamic Binary Translation using Transactional Memory
JaeWoong Chung, Michael Dalton, Harri Kannan and Christos Kozyrakis (HPCA 2008)
LBA reading group 02/07/2008
by Evangelos Vlachos
Introduction
Wide spectrum of DBT applicability Debugging, Cross-ISA binary compatibility, etc.
Poor support for multithreaded applications Data races on metadata
Solutions given so far Not supported Locking Serialization of application’s threads
Introduction
Solution proposed DBT with transactional memory to eliminate
metadata races Implemented a DBT framework that runs DIFT on
multithreaded applications
Overview
DBT & DIFT overview DBT & TM = Thread-Safe DBT Optimazations for DBT Transactions DIFT prototype Evaluation Conclusion
Metadata RacesFalse negative False positive
• Introduction of metadata breaks atomicity of RMW instructions
• Attackers may introduce race conditions to exploit memory safety vulnerabilities
DBT + TM
Different flavors of TM STM, Hybrid STM, HTM
Many issues to consider and many trade-offs
…to be continued
DBT + TM
Software & Hybrid TM High overhead – Barriers required for every access
Transaction Length Basic block boundaries? Indirect branches?
DBT + TM
User level transactions Requires nesting of transactions Avoid partial overlap of transactions
User level sync If span multiple
blocks problem Solution:
Detect Re-instrument Re-optimize for basic
blocks
DBT + TM optimizations
Length & cost of starting a transaction DBT trace granularity
Limited length Cost only at start & end of the trace
Dynamic transaction merging At Tx_End check if work amortizes cost Some additional cost when merging Longer transactions
DBT + TM optimizations
Limit the use of barriers Conflict detection & Data Versioning Categorize accesses
During trace generation Dynamically
DIFT prototype
Software TM system Based on Pin 210 locks word version encoded also Software checkpoint provided by Pin RD_barrier(), WR_barrier(), WRlocal_barrier() Transaction length = DBT trace
All other systems emulated!!! ☺
Evaluation
Compared to the same DIFT tool without transactions (not thread-safe)
Evaluation
Effect of Transaction Length Additional overhead to base case TM system
Evaluation
Effect of access categorization
Evaluation
Effect of Hardware Support for Transactions
Conclusion
First system to truly support parallel monitoring
Based on TM to resolve metadata races Based on DBT High Overhead due to DBT
