Dual Execution for On the Fly Fine Grained Execution Comparison

Execution comparison has many applications in debugging, malware analysis, software feature identification, and intrusion detection. Existing comparison techniques have various limitations. Some can only compare at the system event level and require executions to take the same input. Some require storing instruction traces that are very space-consuming and have difficulty dealing with non-determinism. In this paper, we propose a novel dual execution technique that allows on-the-fly comparison at the instruction level. Only differences between the executions are recorded. It allows executions to proceed in a coupled mode such that they share the same input sequence with the same timing, reducing nondeterminism. It also allows them to proceed in a decoupled mode such that the user can interact with each one differently. Decoupled executions can be recoupled to share the same future inputs and facilitate further comparison. We have implemented a prototype and applied it to identifying functional components for reuse, comparative debugging with new GDB primitives, and understanding real world regression failures. Our results show that dual execution is a critical enabling technique for execution comparison.

[1]  Yuanyuan Zhou,et al.  PRES: probabilistic replay with execution sketching on multiprocessors , 2009, SOSP '09.

[2]  Andreas Zeller,et al.  Yesterday, my program worked. Today, it does not. Why? , 1999, ESEC/FSE-7.

[3]  Yann-Gaël Guéhéneuc,et al.  Feature Location Using Probabilistic Ranking of Methods Based on Execution Scenarios and Information Retrieval , 2007, IEEE Transactions on Software Engineering.

[4]  Martin Schulz,et al.  Accurate application progress analysis for large-scale parallel debugging , 2014, PLDI.

[5]  Srikanth Kandula,et al.  Jockey: guaranteed job latency in data parallel clusters , 2012, EuroSys '12.

[6]  Miguel Castro,et al.  BASE: Using abstraction to improve fault tolerance , 2003, TOCS.

[7]  Yann-Gaël Guéhéneuc,et al.  Feature identification: a novel approach and a case study , 2005, 21st IEEE International Conference on Software Maintenance (ICSM'05).

[8]  Santosh K. Shrivastava,et al.  The Voltan application programming environment for fail-silent processes , 1998, Distributed Syst. Eng..

[9]  Liming Chen,et al.  N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..

[10]  Landon P. Cox,et al.  TightLip: Keeping Applications from Spilling the Beans , 2007, NSDI.

[11]  Zhenkai Liang,et al.  Golden implementation driven software debugging , 2010, FSE '10.

[12]  Václav Rajlich,et al.  RIPPLES: tool for change in legacy software , 2001, Proceedings IEEE International Conference on Software Maintenance. ICSM 2001.

[13]  Hari Balakrishnan,et al.  Tolerating byzantine faults in transaction processing systems using commit barrier scheduling , 2007, SOSP.

[14]  Rainer Koschke,et al.  Locating Features in Source Code , 2003, IEEE Trans. Software Eng..

[15]  Josep Torrellas,et al.  Capo: a software-hardware interface for practical deterministic multiprocessor replay , 2009, ASPLOS.

[16]  Zhenkai Liang,et al.  Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation , 2007, USENIX Security Symposium.

[17]  Santosh K. Shrivastava,et al.  Preventing state divergence in replicated distributed programs , 1990, Proceedings Ninth Symposium on Reliable Distributed Systems.

[18]  Norman Wilde,et al.  An approach to feature location in distributed systems , 2006, J. Syst. Softw..

[19]  Michael Franz,et al.  Multi-variant execution: run-time defense against malicious code injection attacks , 2009 .

[20]  Harish Patil,et al.  Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.

[21]  Emery D. Berger,et al.  Archipelago: trading address space for reliability and security , 2008, ASPLOS.

[22]  Patrick Th. Eugster,et al.  Semantics-aware trace analysis , 2009, PLDI '09.

[23]  Jason Nieh,et al.  Transparent mutable replay for multicore debugging and patch validation , 2013, ASPLOS '13.

[24]  Stephen McCamant,et al.  Differential Slicing: Identifying Causal Execution Differences for Security Applications , 2011, 2011 IEEE Symposium on Security and Privacy.

[25]  Liang Guo,et al.  Accurately Choosing Execution Runs for Software Fault Localization , 2006, CC.

[26]  Emery D. Berger,et al.  DieHard: probabilistic memory safety for unsafe languages , 2006, PLDI '06.

[27]  Andrew David Eisenberg,et al.  Dynamic feature traces: finding features in unfamiliar code , 2005, 21st IEEE International Conference on Software Maintenance (ICSM'05).

[28]  Abhik Roychoudhury,et al.  CoREBench: studying complexity of regression errors , 2014, ISSTA 2014.

[29]  Satish Narayanasamy,et al.  Recording shared memory dependencies using strata , 2006, ASPLOS XII.

[30]  Xiangyu Zhang,et al.  Memory indexing: canonicalizing addresses across executions , 2010, FSE '10.

[31]  Shaz Qadeer,et al.  CHESS: A Systematic Testing Tool for Concurrent Software , 2007 .

[32]  Xiangyu Zhang,et al.  Efficient program execution indexing , 2008, PLDI '08.

[33]  Suresh Jagannathan,et al.  Sieve: A Tool for Automatically Detecting Variations Across Program Versions , 2006, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE'06).

[34]  Miguel Castro,et al.  Using abstraction to improve fault tolerance , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[35]  Francesco Sorrentino,et al.  PENELOPE: weaving threads to expose atomicity violations , 2010, FSE '10.

[36]  Xiangyu Zhang,et al.  Analyzing concurrency bugs using dual slicing , 2010, ISSTA '10.

[37]  Asaf Cidon,et al.  Flashback: decoupled lightweight wireless control , 2012, CCRV.

[38]  Lorenzo Cavallaro,et al.  Diversified Process Replicæ for Defeating Memory Error Exploits , 2007, 2007 IEEE International Performance, Computing, and Communications Conference.

[39]  Derek Hower,et al.  Rerun: Exploiting Episodes for Lightweight Memory Race Recording , 2008, 2008 International Symposium on Computer Architecture.

[40]  Satish Narayanasamy,et al.  DoublePlay: parallelizing sequential logging and replay , 2011, ASPLOS XVI.

[41]  David Evans,et al.  N-Variant Systems: A Secretless Framework for Security through Diversity , 2006, USENIX Security Symposium.

[42]  Steven P. Reiss,et al.  Fault localization with nearest neighbor queries , 2003, 18th IEEE International Conference on Automated Software Engineering, 2003. Proceedings..

[43]  Xiangyu Zhang,et al.  Comparative causality: Explaining the differences between executions , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[44]  John P. McDermott,et al.  Doc, Wyatt, and Virgil: prototyping storage jamming defenses , 1997, Proceedings 13th Annual Computer Security Applications Conference.

[45]  Xiangyu Zhang,et al.  Reuse-oriented reverse engineering of functional components from x86 binaries , 2014, ICSE.

[46]  David Abramson,et al.  Relative debugging: a new methodology for debugging scientific applications , 1996, CACM.

[47]  Zhenchang Xing,et al.  Improving feature location practice with multi-faceted interactive exploration , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[48]  Václav Rajlich,et al.  Concept location using program dependencies and information retrieval (DepIR) , 2013, Inf. Softw. Technol..

[49]  Kenneth P. Birman,et al.  Replication and fault-tolerance in the ISIS system , 1985, SOSP '85.

[50]  Scott Shenker,et al.  Diverse Replication for Single-Machine Byzantine-Fault Tolerance , 2008, USENIX Annual Technical Conference.

[51]  P. Reynier,et al.  Active replication in Delta-4 , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.