skip to main content
10.1145/1133981.1133992acmconferencesArticle/Chapter ViewAbstractPublication PagespldiConference Proceedingsconference-collections
Article

Artemis: practical runtime monitoring of applications for execution anomalies

Published:11 June 2006Publication History

ABSTRACT

A number of hardware and software techniques have been proposed to detect dynamic program behaviors that may indicate a bug in a program. Because these techniques suffer from high overheads they are useful in finding bugs in programs before they are released, but are significantly less useful in finding bugs in long-running programs on production systems -- the same bugs that are the most difficult to find using traditional techniques. In this paper we propose the Artemis1 is the Greek goddess of the hunt and wild animals. Our framework guides the hunt for wild bugs. compiler-based instrumentation framework that complements many pre-existing runtime monitoring techniques. The Artemis framework guides baseline monitoring techniques toward regions of the program where bugs are likely to occur, yielding a low asymptotic monitoring overhead. Artemis also facilitates system-load aware runtime monitoring that allows the monitoring coverage to be dynamically scaled up to take advantage of extra cycles when the system load is low, and dynamically scaled down to monitor only the most suspicious regions when the system load is high. Our experiments show that Artemis' asymptotic overhead can outperform the performance floor overhead of random sampling for many tools, and that Artemis can effectively guide a monitoring tool to the buggy regions of a program. Our experimental results show that Artemis applied to a hardware-based PC-invariance monitoring scheme and a value-based invariance detection and checking scheme significantly improves their runtime monitoring overhead (by up to 4.6 times) with moderate impact on their bug-detecting capabilities.

References

  1. M. Arnold and B. G. Ryder. A framework for reducing the cost of instrumented code. In Proceedings of the ACM SIGPLAN 2001 conference on Programming Language Design and Implementation, pages 168--179, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. T. M. Austin, S. E. Breach, and G. S. Sohi. Efficient detection of all pointer and array access errors. In Proceedings of the ACM SIGPLAN 1994 conference on Programming Language Design and Implementation, pages 290--301, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. W. R. Bush, J. D. Pincus, and D. J. Sielaff. A static analyzer for finding dynamic programming errors. Software Practice and Experience, 30(7):775--802, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. T. M. Chilimbi and M. Hauswirth. Low-overhead memory leak detection using adaptive statistical profiling. In ASPLOS-XI: Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, pages 156--164, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. J.-D. Choi, K. Lee, A. Loginov, R. O'Callahan, V. Sarkar, and M. Sridharan. Efficient and precise datarace detection for multithreaded object-oriented programs. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation, pages 258--269. ACM Press, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. J. Condit, M. Harren, S. McPeak, G. C. Necula, and W. Weimer. CCured in the real world. In Proceedings of the ACM SIGPLAN 2003 conference on Programming Language Design and Implementation, pages 232--244. ACM Press, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang. Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the 7th USENIX Security Symposium, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. V. Dallmeier, C. Lindig, and A. Zeller. Lightweight defect localization for java. In Proceedings of the 19th European Conference on Object-Oriented Programming, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. D. Engler and K. Ashcraft. RacerX: effective, static detection of race conditions and deadlocks. In Proceedings of the nineteenth ACM Symposium on Operating Systems Principles, pages 237--252. ACM Press, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. M. D. Ernst, A. Czeisler, W. G. Griswold, and D. Notkin. Quickly detecting relevant program invariants. In Proceedings of the 22nd International Conference on Software Engineering, pages 449--458, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. D. Evans, J. Guttag, J. Horning, and Y. M. Tan. LCLint: a tool for using specifications to check code. In Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software engineering, pages 87--96. ACM Press, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. L. Fei, K. Lee, F. Li, and S. P. Midkiff. Argus: Online statistical bug detection. In Proceedings of Fundamental Approaches to Software Engineering (FASE'06), 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. S. Hangal and M. S. Lam. Tracking down software bugs using automatic anomaly detection. In Proceedings of the 24th International Conference on Software Engineering, pages 291--301, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. R. Hastings and B. Joyce. Purify: Fast detection of memory leaks and access errors. In Proceedings of the USENIX Winter Technical Conference, 1992.Google ScholarGoogle Scholar
  15. D. L. Heine and M. S. Lam. A practical flow-sensitive and context-sensitive c and c++ memory leak detector. In Proceedings of the ACM SIGPLAN 2003 conference on Programming Language Design and Implementation, pages 168--181, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. In Third International Workshop on Automated Debugging, pages 13--26. Linkoping University Electronic Press, 1997.Google ScholarGoogle Scholar
  17. S.-I. Lee, T. A. Johnson, and R. Eigenmann. Cetus -- an extensible compiler infrastructure for source-to-source transformation. In Proceedings of the 16th International Workshop on Languages and Compilers for Parallel Computing (LCPC), 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. B. Liblit, A. Aiken, A. X. Zheng, and M. I. Jordan. Bug isolation via remote program sampling. In Proceedings of the ACM SIGPLAN 2003 conference on Programming Language Design and Implementation, pages 141--154, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. B. Liblit, M. Naik, A. X. Zheng, A. Aiken, and M. I. Jordan. Scalable statistical bug isolation. In Proceedings of the ACM SIGPLAN 2005 conference on Programming Language Design and Implementation, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. C. Liu, X. Yan, L. Fei, J. Han, and S. P. Midkiff. Sober: Statistical model-based bug localization. In Proceedings of The fifth joint meeting of the European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 05), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. A. Loginov, S. H. Yong, S. Horwitz, and T. W. Reps. Debugging via run-time type checking. In Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering, pages 217--232, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: building customized program analysis tools with dynamic instrumentation. In Proceedings of the 2005 ACM SIGPLAN conference on Programming Language Design and Implementation, pages 190--200, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Software errors cost U.S. economy $59.5 billion annually, 2002. NIST News, Release 2002-10.Google ScholarGoogle Scholar
  24. R. O'Callahan and J.-D. Choi. Hybrid dynamic data race detection. In Proceedings of the ninth ACM SIGPLAN symposium on Principles and Practice of Parallel Programming, pages 167--178. ACM Press, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. A. One. Smashing the stack for fun and profit. Phrack, 7(49), 1996.Google ScholarGoogle Scholar
  26. J. Oplinger and M. S. Lam. Enhancing software reliability with speculative threads. In Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems, pages 184--196. ACM Press, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. H. Patil and C. Fischer. Low-cost, concurrent checking of pointer and array accesses in C programs. Software Practice and Experience, 27(1):87--110, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. F. Qin, S. Lu, and Y. Zhou. SafeMem: Exploiting ECC-memory for detecting memory leaks and memory corruption during production runs. In HPCA '05: Proceedings of the 11th International Symposium on High-Performance Computer Architecture (HPCA'05), pages 291--302. IEEE Computer Society, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. O. Ruwase and M. S. Lam. A practical dynamic buffer overflow detector. In Proceedings of the 11th Annual Network and Distributed System Security Symposium, 2004.Google ScholarGoogle Scholar
  30. S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: a dynamic data race detector for multithreaded programs. ACM Transactions on Computer Systems (TOCS), 15(4):391--411, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. A. Srivastava and A. Eustace. Atom: a system for building customized program analysis tools. In Proceedings of the ACM SIGPLAN 1994 conference on Programming Language Design and Implementation, pages 196--205. ACM Press, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. J. L. Steffen. Adding run-time checking to the portable C compiler. Software Practice and Experience, 22(4):305--316, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed System Security Symposium, pages 3--17, San Diego, CA, February 2000.Google ScholarGoogle Scholar
  34. P. Zhou, W. Liu, L. Fei, S. Lu, F. Qin, Y. Zhou, S. Midkiff, and J. Torrellas. AccMon: Automatically detecting memory-related bugs via program counter-based invariants. In Proceedings of the 37th Annual IEEE/ACM International Symposium on Micro-architecture (MICRO'04), 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. P. Zhou, F. Qin, W. Liu, Y. Zhou, and J. Torrellas. iWatcher: Efficient architectural support for software debugging. In Proceedings of the 31st Annual International Symposium on Computer Architecture, page 224. IEEE Computer Society, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Artemis: practical runtime monitoring of applications for execution anomalies

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!