Pinpointing scale-dependent integer overflow bugs in large-scale parallel applications
Article No.: 19, Pages 1 - 12
Abstract
We present a technique to pinpoint scale-dependent integer overflow bugs, a class of bugs in large-scale parallel applications that is hard and time-consuming to detect manually. Rather than detecting integer overflows when applications are deployed at large scale, as existing techniques do, our method forecasts these overflows without requiring the application to be run at large scale. Our approach statically identifies integer variables that depend on the scale, and then in a refinement phase, uses data points from small-scale runs to forecast whether variables will actually overflow at large-scale runs. We implement our technique in LLVM and evaluate it on several HPC benchmarks and the MPICH MPI implementation. Our tool finds five instances of previously unknown scale-dependent integer overflow bugs, including one in MPICH, and has few false positives, demonstrating its practical utility.
References
[1]
I. Laguna, D. H. Ahn, B. R. de Supinski, T. Gamblin, G. L. Lee, M. Schulz, S. Bagchi, M. Kulkarni, B. Zhou, Z. Chen, and F. Qin, "Debugging High-performance Computing Applications at Massive Scales," Communications of the ACM, vol. 58, no. 9, pp. 72--81, Aug. 2015. {Online}. Available: http://doi.acm.org/10.1145/2667219
[2]
D. H. Ahn, B. R. de Supinski, I. Laguna, G. L. Lee, B. Liblit, B. P. Miller, and M. Schulz, "Scalable temporal order analysis for large scale debugging," in Proceedings of the Conference on High Performance Computing Networking, Storage and Analysis (SC), ser. SC '09, 2009.
[3]
G. Gopalakrishnan, R. M. Kirby, S. Siegel, R. Thakur, W. Gropp, E. Lusk, B. R. De Supinski, M. Schulz, and G. Bronevetsky, "Formal Analysis of MPI-based Parallel Programs," Communications of the ACM, vol. 54, no. 12, pp. 82--91, Dec. 2011. {Online}. Available: http://doi.acm.org/10.1145/2043174.2043194
[4]
J. Dongarra et al., "The international exascale software project roadmap," International Journal of High Performance Computing Applications, vol. 25, no. 1, pp. 3--60, Feb. 2011.
[5]
"Mantevo Project," https://mantevo.org/.
[6]
"Clang runtime checks," http://clang.llvm.org/docs/index.html.
[7]
B. Zhou, M. Kulkarni, and S. Bagchi, "Vrisha: Using Scaling Properties of Parallel Programs for Bug Detection and Localization," in Proceedings of the 20th International Symposium on High Performance Distributed Computing, ser. HPDC '11. ACM, 2011, pp. 85--96.
[8]
B. Zhou, J. Too, M. Kulkarni, and S. Bagchi, "WuKong: Automatically Detecting and Localizing Bugs That Manifest at Large System Scales," in Proceedings of the 22Nd International Symposium on High-performance Parallel and Distributed Computing, ser. HPDC '13, 2013, pp. 131--142.
[9]
M. A. Heroux, D. W. Doerfler, P. S. Crozier, J. M. Willenbring, H. C. Edwards, A. Williams, M. Rajan, E. R. Keiter, H. K. Thornquist, and R. W. Numrich, "Improving Performance via Mini-applications," Sandia National Laboratories, Tech. Rep. SAND2009--5574, 2009.
[10]
W. Gropp, E. Lusk, N. Doss, and A. Skjellum, "A high-performance, portable implementation of the MPI message passing interface standard," Parallel computing, vol. 22, no. 6, pp. 789--828, 1996.
[11]
W. Dietz, P. Li, J. Regehr, and V. Adve, "Understanding integer overflow in C/C++," in Proceedings of the 34th International Conference on Software Engineering. IEEE Press, 2012, pp. 760--770.
[12]
M. Forum, "MPI: a Message-Passing Interface Standard," Knoxville, TN, USA, Tech. Rep., 1994.
[13]
B. Chapman, T. Curtis, S. Pophale, S. Poole, J. Kuehn, C. Koelbel, and L. Smith, "Introducing OpenSHMEM: SHMEM for the PGAS community," in Proceedings of the Fourth Conference on Partitioned Global Address Space Programming Model. ACM, 2010, p. 2.
[14]
T. El-Ghazawi and L. Smith, "UPC: unified parallel C," in Proceedings of the 2006 ACM/IEEE conference on Supercomputing (SC). ACM, 2006, p. 27.
[15]
C. Lattner, "LLVM and Clang: Next generation compiler technology," in The BSD Conference, 2008, pp. 1--2.
[16]
"WLLVM - A wrapper script to build whole-program LLVM bitcode files," https://github.com/travitch/whole-program-llvm.
[17]
"DragonEgg - Using LLVM as a GCC backend," http://dragonegg.llvm.org/.
[18]
"LLVM to get Fortran compiler that targets parallel GPUs in clusters," http://arstechnica.com/information-technology/2015/11/llvm-to-get-fortran-compiler-that-targets-parallel-gpus-in-clusters/.
[19]
B. Scholz, C. Zhang, and C. Cifuentes, "User-input Dependence Analysis via Graph Reachability," Mountain View, CA, USA, Tech. Rep., 2008.
[20]
J. Newsome and D. Song, "Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software," 2005.
[21]
J. Clause, W. Li, and A. Orso, "Dytan: a generic dynamic taint analysis framework," in Proceedings of the 2007 international symposium on Software testing and analysis. ACM, 2007, pp. 196--206.
[22]
J. Ferrante, K. J. Ottenstein, and J. D. Warren, "The program dependence graph and its use in optimization," ACM Transactions on Programming Languages and Systems (TOPLAS), vol. 9, no. 3, pp. 319--349, 1987.
[23]
S. Sinha, M. J. Harrold, and G. Rothermel, "System-dependence-graph-based slicing of programs with arbitrary interprocedural control flow," in Proceedings of the 1999 International Conference on Software Engineering. IEEE, 1999, pp. 432--441.
[24]
A. E. Hoerl and R. W. Kennard, "Ridge regression: Biased estimation for nonorthogonal problems," Technometrics, vol. 12, no. 1, pp. 55--67, 1970.
[25]
A. J. Smola and B. Schölkopf, "A tutorial on support vector regression," Statistics and Computing, vol. 14, no. 3, pp. 199--222.
[26]
S. Nakagawa and I. C. Cuthill, "Effect size, confidence interval and statistical significance: a practical guide for biologists," Biological Reviews, vol. 82, no. 4, pp. 591--605, 2007.
[27]
B. Steensgaard, "Points-to analysis in almost linear time," in Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages. ACM, 1996, pp. 32--41.
[28]
C. Lattner and V. Adve, "Automatic Pool Allocation: Improving Performance by Controlling Data Structure Layout in the Heap," in Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, ser. PLDI '05. ACM, 2005, pp. 129--142.
[29]
C. Chatfield, Time-series forecasting. CRC Press, 2000.
[30]
N. R. Draper and H. Smith, Applied regression analysis. John Wiley & Sons, 2014.
[31]
M. J. Berger and J. Oliger, "Adaptive mesh refinement for hyperbolic partial differential equations," Journal of computational Physics, vol. 53, no. 3, pp. 484--512, 1984.
[32]
T. N. Y. Times, "F.A.A. Orders Fix for Possible Power Loss in Boeing 787," http://www.nytimes.com/2015/05/01/business/faa-orders-fix-for-possible-power-loss-in-boeing-787.html, 2015.
[33]
D. Brumley, T.-c. Chiueh, R. Johnson, H. Lin, and D. Song, "RICH: Automatically protecting against integer-based vulnerabilities," Department of Electrical and Computing Engineering, p. 28, 2007.
[34]
P. Chen, Y. Wang, Z. Xin, B. Mao, and L. Xie, "Brick: A binary tool for run-time detecting and locating integer-based vulnerability," in International Conference onAvailability, Reliability and Security, 2009 (ARES'09). IEEE, 2009, pp. 208--215.
[35]
T. Wang, T. Wei, Z. Lin, and W. Zou, "IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution." in NDSS. Citeseer, 2009.
[36]
M. G. Kang, S. McCamant, P. Poosankam, and D. Song, "DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation," in NDSS, 2011.
[37]
C. Cifuentes and B. Scholz, "Parfait: designing a scalable bug checker," in Proceedings of the 2008 workshop on Static analysis. ACM, 2008, pp. 4--11.
[38]
U. Shankar, K. Talwar, J. S. Foster, and D. Wagner, "Detecting format string vulnerabilities with type qualifiers." in USENIX Security Symposium, 2001, pp. 201--220.
[39]
N. Jovanovic, C. Kruegel, and E. Kirda, "Pixy: A static analysis tool for detecting web application vulnerabilities," in 2006 IEEE Symposium on Security and Privacy. IEEE, 2006, pp. 6--pp.
[40]
C. Hammer, J. Krinke, and G. Snelting, "Information flow control for Java based on path conditions in dependence graphs," in IEEE International Symposium on Secure Software Engineering, 2006, pp. 87--96.
[41]
G. Snelting, T. Robschink, and J. Krinke, "Efficient path conditions in dependence graphs for software safety analysis," ACM Transactions on Software Engineering and Methodology (TOSEM), vol. 15, no. 4, pp. 410--457, 2006.
Recommendations
Optimization and Performance of a Fortran 90 MPI-Based Unstructured Code on Large-Scale Parallel Systems
The message-passing interface (MPI) has become the standard in achieving effective results when using the message passing paradigm of parallelization. Codes written using MPI are extremely portable and are applicable to both clusters and massively ...
PGDB: A Debugger for MPI Applications
XSEDE '14: Proceedings of the 2014 Annual Conference on Extreme Science and Engineering Discovery EnvironmentAs MPI applications scale to larger machines, errors that had been hidden from testing at smaller scales begin to manifest themselves. It is therefore necessary to extend debuggers to work at these scales, in order for efficient development of correct ...
Accurate application progress analysis for large-scale parallel debugging
PLDI '14Debugging large-scale parallel applications is challenging. In most HPC applications, parallel tasks progress in a coordinated fashion, and thus a fault in one task can quickly propagate to other tasks, making it difficult to debug. Finding the least-...
Comments
Information & Contributors
Information
Published In
Sponsors
- SIGARCH: ACM Special Interest Group on Computer Architecture
- IEEE-CS: Computer Society
In-Cooperation
Publisher
IEEE Press
Publication History
Published: 13 November 2016
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
SC16
Sponsor:
- SIGARCH
- IEEE-CS
SC16: The International Conference for High Performance Computing, Networking, Storage and Analysis
November 13 - 18, 2016
Utah, Salt Lake City
Acceptance Rates
SC '16 Paper Acceptance Rate 81 of 442 submissions, 18%;
Overall Acceptance Rate 1,516 of 6,373 submissions, 24%
Upcoming Conference
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 152Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Reflects downloads up to 06 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in