Abstract
Not all operating systems are created equal. Contrasting traditional monolithic kernels, there is a class of systems called microkernels more prevalent in embedded systems like cellphones, chip cards or real-time controllers. These kernels offer an abstraction very different from the classical POSIX interface. The resulting unfamiliarity for programmers complicates development and debugging. Valgrind is a well-known debugging tool that virtualizes execution to perform dynamic binary analysis. However, it assumes to run on a POSIX-like kernel and closely interacts with the system to control execution. In this paper we analyze how to adapt Valgrind to a non-POSIX environment and describe our port to the Fiasco.OC microkernel. Additionally, we analyze bug classes that are indigenous to capability systems and show how Valgrind's flexibility can be leveraged to create custom debugging tools detecting these errors.
- KGDB: Linux Kernel source-level debugger. http://kgdb.linsyssoft.com/.Google Scholar
- Bonwick, J. The Slab allocator: An object-caching kernel memory allocator. In USENIX Summer (1994), pp. 87--98. Google Scholar
Digital Library
- Chou, A., Yang, J., Chelf, B., Hallem, S., and Engler, D. An Empirical Study of Operating Systems Errors. In SOSP '01: Proceedings of the Eighteenth ACM symposium on Operating Systems Principles (New York, NY, USA, 2001), ACM, pp. 73--88. Google Scholar
Digital Library
- Clarke, E., Grumberg, O., Jha, S., Lu, Y., and Veith, H. Counterexample-guided abstraction refinement for symbolic model checking. Journal of the ACM 50, 5 (2003), 752--794. Google Scholar
Digital Library
- Drewry, W., and Ormandy, T. Flayer: exposing application internals. In WOOT '07: Proceedings of the First USENIX Workshop On Offensive Technologies (Berkeley, CA, USA, 2007), USENIX Association, pp. 1--9. Google Scholar
Digital Library
- Engler, D., Chen, D. Y., Hallem, S., Chou, A., and Chelf, B. Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code. In SOSP '01: Proceedings of the Eighteenth ACM Symposium on Operating Systems Principles (New York, NY, USA, 2001), ACM, pp. 57--72. Google Scholar
Digital Library
- Evans, D., and Larochelle, D. Improving security using extensible lightweight static analysis. Software, IEEE 19, 1 (2002), 42--51. Google Scholar
Digital Library
- Fetzer, C., and Süsskraut, M. Switchblade: enforcing dynamic personalized system call models. In Eurosys '08: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems (New York, NY, USA, 2008), ACM, pp. 273--286. Google Scholar
Digital Library
- Herlihy, M., and Moss, J. Transactional memory: Architectural support for lock-free data structures. In Proceedings of the 20th annual international symposium on Computer architecture (1993), ACM, p. 300. Google Scholar
Digital Library
- Ho, A., Hand, S., and Harris, T. PDB: Pervasive Debugging With Xen. In IEEE/ACM International Workshop on Grid Computing (Los Alamitos, CA, USA, 2004), IEEE Computer Society, pp. 260--265. Google Scholar
Digital Library
- Karger, P., and Herbert, A. An augmented capability architecture to support lattice security and traceability of access. In Proceedings of the 1984 IEEE Symposium on Security and Privacy (1984), pp. 2--12.Google Scholar
Cross Ref
- King, S. T., Dunlap, G. W., and Chen, P. M. Debugging operating systems with time-traveling virtual machines. In USENIX 2005 Annual Technical Conference, General Track, pp. 1--15. Google Scholar
Digital Library
- Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., and Winwood, S. seL4: Formal verification of an OS kernel. In SOSP '09: Proceedings of the 22nd ACM Symposium on Operating Systems Principles (Big Sky, MT, USA, Oct. 2009), ACM, pp. 207--220. Google Scholar
Digital Library
- Krishnakumar, R. Kernel korner: kprobes-a kernel debugger. Linux J. 2005, 133 (2005), 11. Google Scholar
Digital Library
- Lackorzynski, A., and Warg, A. Taming Subsystems: Capabilities as Universal Resource Access Control in L4. In IIES '09: Proceedings of the Second Workshop on Isolation and Integration in Embedded Systems (Nuremberg, Germany, 2009), ACM, pp. 25--30. Google Scholar
Digital Library
- Li, Z., Tan, L., Wang, X., Lu, S., Zhou, Y., and Zhai, C. Have Things Changed Now?: An Empirical Study of Bug Characteristics in Modern Open Source Software. In ASID '06: Proceedings of the 1st workshop on Architectural and system support for improving software dependability (New York, NY, USA, 2006), ACM, pp. 25--33. Google Scholar
Digital Library
- Liedtke, J. On u-kernel construction. In Proceedings of the 15th ACM Symposium on Operating System Principles (SOSP) (Copper Mountain Resort, CO, Dec. 1995), pp. 237--250. Google Scholar
Digital Library
- Luk, C.-K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V. J., and Hazelwood, K. Pin: building customized program analysis tools with dynamic instrumentation. In PLDI '05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation (New York, NY, USA, 2005), ACM, pp. 190--200. Google Scholar
Digital Library
- McDougall, R., Mauro, J., and Gregg, B. Solaris performance and tools: DTrace and MDB techniques for Solaris 10 and OpenSolaris. Sun Microsystems Press-Prentice Hall, Upper Saddle River, NJ, 2007.Google Scholar
- Nethercote, N., and Seward, J. How to Shadow Every Byte of Memory Used by a Program. In VEE '07: Proceedings of the 3rd International Conference on Virtual Execution Environments (New York, NY, USA, 2007), ACM, pp. 65--74. Google Scholar
Digital Library
- Nethercote, N., and Seward, J. How to shadow every byte of memory used by a program. In VEE '07: Proceedings of the 3rd international conference on Virtual execution environments (New York, NY, USA, 2007), ACM, pp. 65--74. Google Scholar
Digital Library
- Nethercote, N., and Seward, J. Valgrind: a Framework for Heavyweight Dynamic Binary Instrumentation. In PLDI '07: Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation (New York, NY, USA, 2007), ACM, pp. 89--100. Google Scholar
Digital Library
- Newsome, J., and Song, D. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS '05: Proceedings of the Network and Distributed System Security Symposium (2005).Google Scholar
- O'Callahan, R. Chronicle Recorder -- Valgrind-based complete, indexed recording of process execution. http://code.google.com/p/chronicle-recorder/.Google Scholar
- Olszewski, M., Mierle, K., Czajkowski, A., and Brown, A. D. JIT instrumentation: a novel approach to dynamically instrument operating systems. SIGOPS Oper. Syst. Rev. 41, 3 (2007), 3--16. Google Scholar
Digital Library
- Park, I. Event Tracing for Windows: Best Practices. In Int. CMG Conference (2004), Computer Measurement Group, pp. 565--574.Google Scholar
- Pohlack, M., Döbel, B., and Lackorzynski, A. Towards Runtime Monitoring in Real-Time Systems. In Proceedings of the Eigth Real-Time Linux Workshop (Lanzhou, China, 2006).Google Scholar
- Robson, D., and Strazdins, P. Parallelisation of the Valgrind Dynamic Binary Instrumentation Framework. In ISPA '08: International Symposium on Parallel and Distributed Processing with Applications (Los Alamitos, CA, USA, 2008), IEEE Computer Society, pp. 113--121. Google Scholar
Digital Library
- Stallman, R. M., Pesch, R. H., and Shebs, S. Debugging With GDB: The GNU Source--Level Debugger. 2002.Google Scholar
- Stecklina, J. Remote debugging via firewire. Master's thesis, TU Dresden, 2009.Google Scholar
- Tews, H., Völp, M., and Weber, T. Formal Memory Models for the Verification of Low--Level Operating--System Code. Journal of Automated Reasoning -- Special Issue on Operating System Verification 42, 2 (April 2009), 189--227. Google Scholar
Digital Library
- Weinhold, C., and Härtig, H. VPFS: Building a virtual private file system with a small trusted computing base. SIGOPS Oper. Syst. Rev. 42, 4 (2008), 81--93. Google Scholar
Digital Library
- Yaghmour, K., and Dagenais, M. R. Measuring and characterizing system behavior using kernel-level event logging. In ATEC '00: Proceedings of the annual conference on USENIX Annual Technical Conference (Berkeley, CA, USA, 2000), USENIX Association. Google Scholar
Digital Library
Index Terms
Capability wrangling made easy: debugging on a microkernel with valgrind
Recommendations
Capability wrangling made easy: debugging on a microkernel with valgrind
VEE '10: Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environmentsNot all operating systems are created equal. Contrasting traditional monolithic kernels, there is a class of systems called microkernels more prevalent in embedded systems like cellphones, chip cards or real-time controllers. These kernels offer an ...
seL4: formal verification of an OS kernel
SOSP '09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principlesComplete formal verification is the only known way to guarantee that a system is free of programming errors.
We present our experience in performing the formal, machine-checked verification of the seL4 microkernel from an abstract specification down to ...
Comprehensive formal verification of an OS microkernel
We present an in-depth coverage of the comprehensive machine-checked formal verification of seL4, a general-purpose operating system microkernel.
We discuss the kernel design we used to make its verification tractable. We then describe the functional ...







Comments