Upload
maria-alison-dennis
View
220
Download
4
Tags:
Embed Size (px)
Citation preview
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 2
Sessions of InterestOOW Sessions
Mon, Tue, Wed Oracle Software in Silicon Developer Cloud [Oracle Demo], Moscone South
Wed, 11:45 – 12:45pm Create Quality, Secure, High-Performing Applications on Oracle Solaris [HOL9805], Hotel Nikko Mendocino I/II
Wed, 3:45 – 5:30pm Engineering Insights: Best Practices for Optimizing Oracle Software for Oracle Hardware [CON8108], Intercontinental Grand Ballroom C
Java One Sessions
Mon, 5:50 – 6:30pm Java Performance: Hardware, Structures, and Algorithms [CON2654], Hilton Imperial Ballroom A
Wed, 3 – 4pm Simplifying Development of Mixed-Language Java and C++ Applications [CON8109], Hilton Continental Ballroom B
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
September 28 –October 2, 2014San Francisco
Code Analysis ToolsFor Achieving Consistent, Secure and Reliable Product Quality
Sheldon LoboOracle Solaris Studio
Jared SmolensMicroelectronics
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Safe Harbor StatementThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 5
Outline
Tools introduction
SPARC Simulator Case Study
OpenSSL Heartbleed
Wrap-up
1
2
3
4
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 6
Oracle Solaris Studio
Compiler Suite
C, C++ Compiler
Visual Debugger
Performance Library
Fortran Compiler
#1 Development Tool Suite for Oracle Systems
Analysis Suite
Performance Analyzer
Code Analyzer
Thread Analyzer
IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 7
Oracle Solaris Studio
Compiler Suite
C, C++ Compiler
Visual Debugger
Performance Library
Fortran Compiler
#1 Development Tool Suite for Oracle Systems
Analysis Suite
Performance Analyzer
Code Analyzer
Thread Analyzer
IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 8
What is the Code AnalyzerCode Analyzer Tools
Previse– Source code analysis
Discover– Runtime memory analysis–Memory leak detection
Uncover– Code coverage
Supported Interfaces
CLI
GUI
IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 9
The Studio 12.4 Code Analyzer is better• Tightly integrated with the Studio compiler, tools, and IDE.
– Reliable– In sync– Backwards compatible
• Binary based, no recompilation.• Compare and/or accumulate multiple run results.• Customizable via the parseable results format.• Free!
– Fast– No additional configuration– Debugable
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 10
Outline
Tools introduction
SPARC Simulator Case Study
OpenSSL Heartbleed
Wrap-up
2
3
4
1
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 11
• Internal simulation tool for designing and analyzing next-generation SPARC CPUs• 440,000+ lines of C/C++ code built with Oracle
Solaris Studio on SPARC/Solaris• Largest simulations can run for 2-3 days, consume
200+GB RAM, ~32 processes• Heavily-optimized codebase, including custom
allocators and hand-crafted data structuresTime to reproduce and diagnose a bug is a limiting factor for our performance engineers
SPARC Processor Model Overview
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 12
Reference for SPARC CPU designs• Projects performance for maturing
products
• Follows design through pre-silicon implementation
• Well-defined designs
Gradual changes week-to-weekOutcome generally predictable
Experimental platform for future CPUs• Initial path-finding looks at “out-of-the-
box” ideas
• First prototypes often ad-hoc and “use-once”, no specifications, few tests
• May eventually inspire reference code
Large code revisions week-to-weekNo two simulations are the same
Two Application Usage Models
Single code base with biweekly merges of committed code
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 13
• On critical path to releasing chip to manufacturing– Hundreds of new lines of code + recent source merge– BUT we hit non-deterministic SEGV in multi-day simulations
• I requested a small-input test case from developer– Built a discover-instrumented binary– Ran smaller test case
Targeted Bug Hunting with Discover
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 14
• On critical path to releasing chip to manufacturing– Hundreds of new lines of code + recent source merge– BUT we hit non-deterministic SEGV in multi-day simulations
• I requested a small-input test case from developer– Built a discover-instrumented binary– Ran smaller test case
• In <4 hours discover pinpointed both:– Line of code and reason for the crash (array bounds write).
• Engineer delivered fix the same afternoon
Targeted Bug Hunting with Discover
buf[-1] = val;
[0][1][2][3][4]
ABW!
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 15
• Previse: static code analysis – Simple rebuild with –xanalyze=code– Error report available immediately after build
• Discover: dynamic code analysis– Execute regular battery of check-in tests• 500+ wide-ranging tests; baseline code runs <1 hr in compute ranch
– Build rules replace custom memory allocators with trivial malloc()/free() calls using #ifdef, debug compiler flags–We request 2x additional memory, expect longer runtime
Biweekly Checkup Process
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 16
• Triage output after each weekend run– Perl scripts aggregate previse and discover output– Sort previously-known errors and false positives• Typically a handful of new error signatures
– ~30 minutes to dispatch new errors to unit owners
• Most common errors– Uninitialized variable read/write– Array bounds errors– Freed memory read/write
Biweekly Checkup Process
Discover’s output:{ Error stack,
Alloc location stack, Free location stack }
Provides developers sufficient information to
completely isolate many common errors
Many new errors now detected proactively
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 17
Outline
Tools introduction
SPARC Simulator Case Study
OpenSSL Heartbleed
Wrap-up4
1
2
3
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 18
OpenSSL Heartbleed
Type (1 byte) Length (2 bytes) Payload data
TLS1_HB_REQUEST 65535 X (1 byte)
Type (1 byte) Length (2 bytes) Payload data
TLS1_HB_RESPONSE 65535 X (65535 bytes)
Heartbeat sent to victim (4 bytes):
Victim’s response (65538 bytes):
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 19
OpenSSL Heartbeat sourcetypedef struct ssl3_record_st{ […] unsigned int length; /* How many bytes available */ […] unsigned char *data; /* pointer to the record data */ […]} SSL3_RECORD;
unsigned char *p = &s->s3->rrec.data[0], *pl;[…]/* Read type and payload length first */hbtype = *p++;n2s(p, payload);pl = p;
/* Enter response type, length and copy payload */*bp++ = TLS1_HB_RESPONSE;s2n(payload, bp);memcpy(bp, pl, payload);
Read Heartbeat Request
Create Heartbeat Response
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 20
Heartbleed with Code Analyzer
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 21
Heartbleed with Code Analyzer
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 22
OpenSSL Heartbeat source fixtypedef struct ssl3_record_st{ […] unsigned int length; /* How many bytes available */ […] unsigned char *data; /* pointer to the record data */ […]} SSL3_RECORD;
unsigned char *p = &s->s3->rrec.data[0], *pl;[…]/* Read type and payload length first */hbtype = *p++;n2s(p, payload);pl = p;
/* Enter response type, length and copy payload */*bp++ = TLS1_HB_RESPONSE;s2n(payload, bp);memcpy(bp, pl, payload);
Read Heartbeat Request
Create Heartbeat Response
if ([…]+payload > s->s3->rrec.length) return 0;
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 23
Previse
• Beyond array bounds access• Freed memory• Memory leaks• Compiler option• No change to the
executable
Compile Time Analysis
int a[5];
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 24
Previse
• Beyond array bounds access• Freed memory• Memory leaks• Compiler option• No change to the
executable
Compile Time Analysis
for (i=0; i<=5; i++) printf(“%d\n”, a[i]);
int a[5];
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 25
Previse
• Beyond array bounds access• Freed memory• Memory leaks• Compiler option• No change to the
executable
Compile Time Analysis
for (i=0; i<=5; i++) printf(“%d\n”, a[i]);
int a[5];
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 26
Previse
• Beyond array bounds access• Freed memory• Memory leaks• Compiler option• No change to the
executable
Compile Time Analysis
for (i=0; i<=5; i++) printf(“%d\n”, a[i]);
int a[5];
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 27
Discover• Uninitialized memory
access• Beyond array bounds
access• Across compilation units• Heap, stack, globals• Points to allocation/free
code• Memory leak APIs
Runtime Analysis
char *z = (char *) malloc(1);
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 28
Discover• Uninitialized memory
access• Beyond array bounds
access• Across compilation units• Heap, stack, globals• Points to allocation/free
code• Memory leak APIs
Runtime Analysis
char *z = (char *) malloc(1);
printf(“*y = %c\n”, *y);
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 29
Discover• Uninitialized memory
access• Beyond array bounds
access• Across compilation units• Heap, stack, globals• Points to allocation/free
code• Memory leak APIs
Runtime Analysis
char *z = (char *) malloc(1);
printf(“*y = %c\n”, *y);
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 30
Discover• Uninitialized memory
access• Beyond array bounds
access• Across compilation units• Heap, stack, globals• Points to allocation/free
code• Memory leak APIs
Runtime Analysis
char *z = (char *) malloc(1);
printf(“*y = %c\n”, *y);
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 31
Uncover
• Source line level granularity• Weighted call graph based
sorting• Coverage potential per
function• No recompilation• Accumulates coverage
over multiple runs
Code Coverage
if (unmet_condition) *y = ‘a’;
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 32
Uncover
• Source line level granularity• Weighted call graph based
sorting• Coverage potential per
function• No recompilation• Accumulates coverage
over multiple runs
Code Coverage
if (unmet_condition) *y = ‘a’;
printf(“*y = %c\n”, *y);
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 33
Uncover
• Source line level granularity• Weighted call graph based
sorting• Coverage potential per
function• No recompilation• Accumulates coverage
over multiple runs
Code Coverage
if (unmet_condition) *y = ‘a’;
printf(“*y = %c\n”, *y);
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 34
Uncover
• Source line level granularity• Weighted call graph based
sorting• Coverage potential per
function• No recompilation• Accumulates coverage
over multiple runs
Code Coverage
if (unmet_condition) *y = ‘a’;
printf(“*y = %c\n”, *y);
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 35
DogfoodingInternal Studio Usage
• Code statistics:• Over 10K C/C++ source/header files• Over 4M lines of C/C++ code• ~300 binaries delivered
• Compiler and tools built nightly with Previse, new errors sent to the responsible engineer.
• Major components built with Discover, run on a representative test suite.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 36
M7 Application Data Integrity (ADI)Memory checking in Silicon
• Real-time Data Integrity checking in test and production environments.– HW implementation, Low overhead
• Colored pointers detect accesses outside a memory region.
– Buffer overflow
– Freed pointer
– Stale pointer
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
ADI in DevelopmentEnsures App Correctness
37
ADI in DeploymentEnsures Data Integrity
Application
Oracle Solaris Studio Code Analyzer provides detailed diagnostic
information to aid developers in fixing memory corruption errors
Real-time data protection that provides a more robust,
vulnerability-resistant platform
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 38
Outline
Tools introduction
SPARC Simulator Case Study
Heartbleed
Wrap-up
1
2
4
3
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 39
Next Steps and More Information• Oracle Solaris Studio OTN page for download, learning resources, forums• Sessions of interest:
OOW Sessions
Mon, Tue, Wed Oracle Software in Silicon Developer Cloud [Oracle Demo], Moscone South
Wed, 11:45 – 12:45pm Create Quality, Secure, High-Performing Applications on Oracle Solaris [HOL9805], Hotel Nikko Mendocino I/II
Wed, 3:45 – 5:30pm Engineering Insights: Best Practices for Optimizing Oracle Software for Oracle Hardware [CON8108], Intercontinental Grand Ballroom C
Java One Sessions
Mon, 5:50 – 6:30pm Java Performance: Hardware, Structures, and Algorithms [CON2654], Hilton Imperial Ballroom A
Wed, 3 – 4pm Simplifying Development of Mixed-Language Java and C++ Applications [CON8109], Hilton Continental Ballroom B
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 40
Oracle Solaris Studio 12.4Highlights
Best for Oracle Systems
Best for Enterprise
Applications
• C++11 support with validation on latest BOOST libraries
• Rapid identification of performance bottlenecks with re-designed Performance Analyzer UI
• New CLI codean, APIs, and report comparison with updated Code Analyzer
• Efficient code editing with IDE tuned for large apps
• Highest application performance on new Oracle Systems• Oracle SPARC T5, M5 & M6• Intel x86 Haswell • Fujitsu M10 & M10+
• Leverage Oracle product integration and joint innovations
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 41
Questions?
• oracle.com/goto/solarisstudio• @SolarisStudio• facebook.com/oraclesolarisstudio
Learn More; Stay Connected
List of sessions/demos/HOLs:bit.ly/OOW14-Solaris
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 42
Hardware and Software Engineered to Work Together
Database
Oracle Applications
Oracle SPARC & x86 Systems
Oracle SolarisTuxedo
Oracle Linux
Developer Tools
A Better Development Platform
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 43
Backup Slides
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 44
Memory corruption
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 45
Automated new development checking
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 46
Nightly automated checking
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 47
Compile Time Analysis CLI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 48
Compile Time Analysis CLI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 49
Compile Time Analysis GUI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 50
Compile Time Analysis CLI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 51
Compile Time Analysis GUI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 52
Compile Time Analysis IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 53
Compile Time Analysis IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 54
Compile Time Analysis IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 55
Compile Time Analysis IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 56
Runtime Analysis CLI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 57
Runtime Analysis CLI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 58
Runtime Analysis GUI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 59
Runtime Analysis GUI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 60
Runtime Analysis IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 61
Runtime Analysis IDE
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 62
Code Coverage GUI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 63
Code Coverage GUI
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 64
--whatisnew
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 65
--whatisnew
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 66
--whatisfixed
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 67
--whatisfixed
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 68
Discover APIs
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 69
Discover APIs
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 70
Multiple tools
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 71
Multiple tools
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | 72
Error suppression