Current Projects

Hurdle: Code-reuse attacks can subvert the control-flow of a running application by redirecting indirect branches to new targets. Code-reuse attacks are particularly nasty because they have been shown to be able to function in the presence of write + execute protections and address runtime layout randomization. In this project, we attempt to solve the problem of detecting and preventing code-reuse attacks through the use of hardware and software support.

SOFRITAS: Writing correct synchronization is one of the main difficulties of multithreaded programming. Incorrect synchronization causes many subtle concurrency errors such as data races and atomicity violations. SOFRITAS proposes a new memory consistency model that uses Ordering-free Regions to mostly-automatically provide atomicity for parallel programs.

SlimFast: Data races are one of the main culprits behind the complexity of multithreaded programming. Existing data race detectors require large amounts of metadata for each program variable to perform their analyses. The SlimFast system exploits the insight that there is a large amount of redundancy in this metadata: many program variables often have identical metadata state. By sharing metadata across variables, a large reduction in space usage can be achieved compared to the state-of-the-art FastTrack algorithm. SlimFast uses immutable metadata to safely support metadata sharing across threads while also accelerating concurrency control. SlimFast’s lossless metadata compression achieves these benefits while preserving soundness and completeness.

Prior Projects

TMI?: TMI combats the problem of false sharing in multicore processors. TMI operates completely in userspace, leveraging performance counters and the Linux ptrace mechanism to tread lightly on monitored applications, intervening only when necessary. TMI’s compatible-by-default design allows it to scale to real-world workloads, unlike previous proposals. TMI introduces a novel code-centric consistency model to handle cross-language memory consistency issues. TMI exploits the flexibility of code-centric consistency to efficiently repair false sharing while preserving strong consistency model semantics when necessary.

REMIX: REMIX is a modified Java8 HotSpot JVM capable of automatically detecting and repairing false sharing in Java and other JVM languages. REMIX utilizes performance counters available in Intel's 4th generation processors (and above) to detect cache contention, isolate false sharing events and relayout data in the heap to prevent further contention.

LASER: Contention for shared memory, in the forms of true sharing and false sharing, is a challenging performance bug to discover and to repair. Understanding cache contention requires global knowledge of the program's actual sharing behavior, and can even arise invisibly in the program due to the opaque decisions of the memory allocator. LASER leverages new performance counter capabilities available on Intel's Haswell architecture that identify the source of expensive cache coherence events. Using records of these events generated by the hardware, we build a system for online contention detection and repair that operates with low performance overhead and does not require any invasive program, compiler or operating system changes.

Computational Sprinting: While conventional processor designs (including their energy delivery systems and heat sinks) are designed primarly for sustained performance, we pose the question: "What would a system look like if designed to provide responsiveness during bursts rather than with a singular focus on sustained performance?" Our approach, called computational sprinting is aimed at mobile environments like smart-phones, where many interactive applications are characterized by short bursts of computational demand punctuated by long idle periods waiting for user input. Computational sprinting activates otherwise powered-down cores for sub-second bursts of intense parallel computation in response to such sporadic user activity. During sprints, the processor generates heat at a rate that far exceeds the thermal (cooling) and electrical (power delivery and stability) capacities of a typical smart-phone like device. This project therfore explores various thermal, electrical, architectural and software/runtime aspects to effectively facilitate sprinting for short time durations overcoming the physical challenges inherent in our target environments.

Ironclad C++: Unsafe languages, such as C and C++, suffer from security vulnerabilities due to unchecked memory accesses that can result in buffer overflow and use-after-free errors. Modern programming languages (such as Java) prevent memory safety errors, but using a different language is often not an option due to project constraints or the need for extensive code modifications. Furthermore, the performance cost of using a different programming language is relatively unknown. The Ironclad C++ project investigates the cost of providing memory safety for C and C++ without the use of a non-standard compiler or hardware.

Protocol Synthesis: Distributed protocols such as cache coherence protocols have traditionally been modeled and specified as extended finite state machines. While the actual code for such specifications is usually simple, the programmer needs to reason about all the corner cases that arise out of asynchrony and concurrency. In this project, we are investigating alternative approaches to specify distributed protocols using a mixture of concrete examples that describe the behavior of the protocol in various scenarios and completely specified fragments for the simple cases and combining these descriptions in a consistent manner to arrive at a complete implementation of the protocol.

Softbound/CETS: SoftBound and CETS are compile-time transformations for enforcing spatial safety and temporal safety for C. Together, SoftBound + CETS provide full memory safety for C. The key features are SoftBound + CETS are (1) use of pointer based checking with bounds and identifier metadata with every pointer, (2) use of disjoint metadata for pointers in memory, and (3) metadata propagation and manipulation only with pointer values leveraging the intermediate representation (IR) type information in LLVM. Defining pointer based checking in the LLVM IR reduces the overhead of such pointer based checking significantly.