optimizing binary translation of dynamically generated
play

Optimizing Binary Translation of Dynamically Generated Code Byron - PowerPoint PPT Presentation

Jun 18, 2023 •299 likes •1.15k views

Optimizing Binary Translation of Dynamically Generated Code Byron Hawkins Brian Demsky University of California, Irvine Derek Bruening Qin Zhao Google, Inc. Profiling Bug detection Program analysis Security SPEC CPU 2006

  1. Optimizing Binary Translation of Dynamically Generated Code Byron Hawkins Brian Demsky University of California, Irvine Derek Bruening Qin Zhao Google, Inc.

  2. ● Profiling ● Bug detection ● Program analysis ● Security

  3. SPEC CPU 2006 ● 12% overhead* ● 21% overhead* *geometric mean

  4. SPEC CPU 2006 ● 12% overhead* ● 21% overhead* *geometric mean

  5. Octane JavaScript Benchmark ● 15x overhead on Chrome V8 4.4x overhead on Mozilla Ion ● 18x overhead on Chrome V8 8x overhead on Mozilla Ion

  6. Octane JavaScript Benchmark ● 15x overhead on Chrome V8 4.4x overhead on Mozilla Ion ● 18x overhead on Chrome V8 8x overhead on Mozilla Ion

  7. New Era of Dynamic Code ● Back in 2003 ... – Browsers : one single-phase JIT engine – Microsoft Office : negligible dynamic code ● A decade later... – Browsers : at least 2 multi-phase JIT engines – Microsoft Office : one multi-phase JIT ● Active at startup of all applications

  8. New Era of Dynamic Code ● Back in 2003 ... – Browsers : one single-phase JIT engine – Microsoft Office : negligible dynamic code ● A decade later... – Browsers : at least 2 multi-phase JIT engines – Microsoft Office : one multi-phase JIT ● Active at startup of all applications

  9. Goals ● Optimize binary translation of dynamic code ● Maintain performance for static code Evaluation Platform ● DynamoRIO on 64-bit Linux for x86

  10. Goals ● Optimize binary translation of dynamic code ● Maintain performance for static code Evaluation Platform ● DynamoRIO on 64-bit Linux for x86

  11. Outline ● Background on binary translation – Current optimizations for statically compiled code – Dynamic code → wasting translation overhead ● Coarse-grained detection of code changes ● New optimizations – Manual annotations – Automated inference ● Performance results ● Related Work

  12. Outline ● Background on binary translation – Current optimizations for statically compiled code – Dynamic code → wasting translation overhead ● Coarse-grained detection of code changes ● New optimizations – Manual annotations – Automated inference ● Performance results ● Related Work

  13. Outline ● Background on binary translation – Current optimizations for statically compiled code – Dynamic code → wasting translation overhead ● Coarse-grained detection of code changes ● New optimizations – Manual annotations – Automated inference ● Performance results ● Related Work

  14. SPEC Benchmark App DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A B C D E F Translate application into code cache as it runs

  15. SPEC Benchmark App DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C D E F Translate application into code cache as it runs

  16. SPEC Benchmark App DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C D D E F Translate application into code cache as it runs

  17. SPEC Benchmark App DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C D D E E F Translate application into code cache as it runs

  18. SPEC Benchmark App DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C D D E E Indirect Branch Lookup F Translate application into code cache as it runs

  19. SPEC Benchmark App DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C D D E E Indirect Branch Lookup F F Correlate indirect branch targets via hashtable

  20. SPEC Benchmark App DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C A C D D D E E E Indirect ? Branch F Lookup F F Hot paths are compiled into traces (10% speedup)

  21. Cost ● Translate code ● Build traces Benefit ● Repeated execution of translated code ● Optimized traces – Can beat native performance on SPEC benchmarks

  22. Cost ● Translate code ● Build traces Benefit ● Repeated execution of translated code ● Optimized traces – Can beat native performance on SPEC benchmarks

  23. JIT Compiled Function DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C A C D D D E E E Indirect ? Branch F Lookup F F What if the target code is dynamically generated?

  24. JIT Compiled Function DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C' A C D E D E E D' Indirect ? Branch F Lookup F F The code may be changed frequently at runtime

  25. JIT Compiled Function DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C' A C D E D E E D' Indirect ? Branch F Lookup F F Corresponding translations become invalid

  26. JIT Compiled Function DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C' A C D E D E E D' Indirect ? Branch F Lookup F F Stale translations must be deleted for retranslation

  27. JIT Compiled Function DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C' A C D E D E E D' Indirect ? Branch F Lookup F F Stale translations must be deleted for retranslation → “cache consistency”

  28. JIT Compiled Function DynamoRIO Code Cache BB Trace foo() bar() Cache Cache A A C B C' A C D E D E E D' Indirect ? Branch F Lookup F F Stale translations must be deleted for retranslation → How to detect code changes?

  29. Detecting Code Changes on x86 ● Monitor all memory writes

  30. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead!

  31. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead! ● Instrument traces to check freshness

  32. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead! ● Instrument traces to check freshness – DynamoRIO supports standalone basic blocks → too much overhead!

  33. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead! ● Instrument traces to check freshness – DynamoRIO supports standalone basic blocks → too much overhead! ● Leverage page permissions and faults

  34. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead! ● Instrument traces to check freshness – DynamoRIO supports standalone basic blocks → too much overhead! ● Leverage page permissions and faults – Make code pages artificially read-only

  35. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead! ● Instrument traces to check freshness – DynamoRIO supports standalone basic blocks → too much overhead! ● Leverage page permissions and faults – Make code pages artificially read-only – Intercept page faults and invalidate translations

  36. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead! ● Instrument traces to check freshness – DynamoRIO supports standalone basic blocks → too much overhead! ● Leverage page permissions and faults – Make code pages artificially read-only – Intercept page faults and invalidate translations → Acceptable overhead (for rare occurrence)

  37. Detecting Code Changes on x86 ● Monitor all memory writes – Too much overhead! ● Instrument traces to check freshness – DynamoRIO supports standalone basic blocks → too much overhead! ● Leverage page permissions and faults – Make code pages artificially read-only – Intercept page faults and invalidate translations → How does this work?

  38. Chrome V8 DynamoRIO Code Cache r-x foo() foo() bar() bar() rwx r-x compile_js() compile_js()

  39. Chrome V8 DynamoRIO Code Cache r-x foo() foo() X bar() bar() Page fault rwx r-x compile_js() compile_js()

  40. Chrome V8 DynamoRIO Code Cache r-x foo() foo() X bar() bar() rwx r-x compile_js() compile_js()

  41. Chrome V8 DynamoRIO Code Cache rwx Allow foo_2() write bar() bar() rwx r-x compile_js() compile_js()

  42. Chrome V8 DynamoRIO Code Cache rwx foo_2() bar_2() bar() rwx Allow compile_more_js() write! Thread B r-x compile_js() compile_js() Thread A

  43. Chrome V8 DynamoRIO Code Cache rwx foo_2() bar_2() bar() rwx compile_more_js() Concurrent Writer Problem All translations from the modifjed page must be removed Thread B r-x compile_js() compile_js() Thread A

  44. Cache Consistency Overhead ● For non-JIT modules: – System call hooks (program startup only) – Self-modifying code (very rare) ● For JIT engines: – Code generation – Code optimization – Code adjustment for reuse

  45. Cache Consistency Overhead ● For non-JIT modules: – System call hooks (program startup only) – Self-modifying code (very rare) ● For JIT engines: – Code generation – Code optimization – Code adjustment for reuse

  46. Cache Consistency Overhead Chrome V8 DynamoRIO Code Cache r-x foo() foo() bar() rwx r-x compile_js() compile_js() JIT writes a second function to unused space in the page

  47. Cache Consistency Overhead Chrome V8 DynamoRIO Code Cache r-x foo() foo() bar() rwx r-x compile_js() compile_js() DynamoRIO must invalidate all translations from the page

  48. Cache Consistency Overhead Chrome V8 DynamoRIO Code Cache r-x foo() foo() bar() bar() rwx r-x compile_js() compile_js() Trivial code changes require flushing all translations

Recommend

Dynamic Binary Optimization Introduction Application profiling Optimizing translation

Dynamic Binary Optimization Introduction Application profiling Optimizing translation

Dynamic Binary Optimization Introduction Application profiling Optimizing translation blocks Compatibility Code reordering Other code optimizations 1 EECS 768 Virtual Machines Optimization Overview Identify frequently

822 views • 40 slides
Dynamically Optimizing End-to-End Latency for Time-Triggered Networks Zonghui Li NEAT2019

Dynamically Optimizing End-to-End Latency for Time-Triggered Networks Zonghui Li NEAT2019

Dynamically Optimizing End-to-End Latency for Time-Triggered Networks Zonghui Li NEAT2019 2019/8/19 1 Content Background Motivation Best TT Protocol Evaluation Conclusion and Future Work 2 Background

434 views • 26 slides
Covariant Vector meson-Vector meson Interactions and Dynamically Generated Resonances Dilege

Covariant Vector meson-Vector meson Interactions and Dynamically Generated Resonances Dilege

Covariant Vector meson-Vector meson Interactions and Dynamically Generated Resonances Dilege Glmez HISKP , Universitt Bonn 15 th International Workshop on Meson Physics Uniwersytet Jagiello nski, Krakw June 7-12, 2018 Overview 1

410 views • 13 slides
Fast Binary Translation: Translation Efficiency and Runtime Efficiency Mathias Payer and Thomas

Fast Binary Translation: Translation Efficiency and Runtime Efficiency Mathias Payer and Thomas

Fast Binary Translation: Translation Efficiency and Runtime Efficiency Mathias Payer and Thomas R. Gross Department of Computer Science ETH Zrich Motivation Goal: User-Space BT for Software Virtualization fastBT as a system to analyze

358 views • 34 slides
Five Shades of Noise: Analyzing Machine Translation Errors in User-Generated Text Marlies van

Five Shades of Noise: Analyzing Machine Translation Errors in User-Generated Text Marlies van

Five Shades of Noise: Analyzing Machine Translation Errors in User-Generated Text Marlies van der Wees, Arianna Bisazza, Christof Monz Statistical Machine Translation News sentence: (mumbai,

448 views • 12 slides
x (Actually, its smaller than that heap Process 3 What goes

x (Actually, its smaller than that heap Process 3 What goes

11/20/15 Virtual Memory Physical Addressing Motivation: why not direct physical memory access? Main memory Address translation with pages 0: 1: Optimizing translation: translation

431 views • 12 slides
A jump-target identification method for multi-architecture static binary translation Alessandro

A jump-target identification method for multi-architecture static binary translation Alessandro

A jump-target identification method for multi-architecture static binary translation Alessandro Di Federico Giovanni Agosta Politecnico di Milano CASES 2016 October 4, 2016 Index Introduction Our solution Evaluation Static binary

667 views • 63 slides
Maintaining sentiment polarity in translation of user-generated content Pintu Lohar, Haithem Afli

Maintaining sentiment polarity in translation of user-generated content Pintu Lohar, Haithem Afli

Maintaining sentiment polarity in translation of user-generated content Pintu Lohar, Haithem Afli and Andy Way ADAPT Centre, School of Computing, Dublin City University The ADAPT Centre is funded under the SFI Research Centres Programme (Grant

1.01k views • 63 slides
This is a PDF version with notes. You can find the PPTX version at

This is a PDF version with notes. You can find the PPTX version at

This is a PDF version with notes. You can find the PPTX version at http://www.cse.iitd.ernet.in/~sbansal/talks/btkernel.pptx 1 Firstly, what is Dynamic Binary Translation and what is it used for. Dynamic Binary Translation or DBT is the

617 views • 49 slides
Binary Numbers Binary numbers look like this Binary Numbers or Binary Code Binary numbers or

Binary Numbers Binary numbers look like this Binary Numbers or Binary Code Binary numbers or

Binary Numbers Binary numbers look like this Binary Numbers or Binary Code Binary numbers or binary code are used by computers and digital devices to talk to each other. It is used to give commands to the computer or a way to enter data

165 views • 12 slides
Analyse and binary transformation Guillaume Bouffard Analyse and binary transformation Guillaume

Analyse and binary transformation Guillaume Bouffard Analyse and binary transformation Guillaume

Analyse and binary transformation Guillaume Bouffard Analyse and binary transformation Guillaume Bouffard Outline 1 Introduction Profiling step 2 Translation step 3 Binary Modification 4 Proof Of Concept 5 Conclusion 6 2 / 19

779 views • 40 slides
Accelerate Cycle-Level Multi-Core RISC-V Simulation with Binary Translation Xuan Guo, Robert

Accelerate Cycle-Level Multi-Core RISC-V Simulation with Binary Translation Xuan Guo, Robert

Accelerate Cycle-Level Multi-Core RISC-V Simulation with Binary Translation Xuan Guo, Robert Mullins Department of Computer Science and Technology Both the paper and the slides are made available under CC BY 4.0 Motivation We want to

790 views • 22 slides
for Optimizing the Partial AUC Harikrishna Narasimhan (Joint work with Shivani Agarwal) A paper

for Optimizing the Partial AUC Harikrishna Narasimhan (Joint work with Shivani Agarwal) A paper

A Structural SVM Based Approach for Optimizing the Partial AUC Harikrishna Narasimhan (Joint work with Shivani Agarwal) A paper on this work has been accepted in ICML 2013 Learning with Binary Supervision Learning with Binary Supervision

770 views • 63 slides
Optimizing Compilers Source Optimization (ideal case) Performance Front End Introduction

Optimizing Compilers Source Optimization (ideal case) Performance Front End Introduction

Languages and Performance Optimizing Compiler High Optimizing Compilers Source Optimization (ideal case) Performance Front End Introduction Translation Low IR (straight forward) Markus Schordan Optimizer High level Low level

205 views • 8 slides
x86 Memory Protection and Binary Memory Threads Formats Allocators Translation User System

x86 Memory Protection and Binary Memory Threads Formats Allocators Translation User System

2/5/20 COMP 790: OS Implementation COMP 790: OS Implementation Logical Diagram x86 Memory Protection and Binary Memory Threads Formats Allocators Translation User System Calls Kernel RCU File System Networking Sync Don Porter

238 views • 9 slides
Cross-ISA Machine Instrumentation Cross-ISA Machine Instrumentation using Fast and Scalable

Cross-ISA Machine Instrumentation Cross-ISA Machine Instrumentation using Fast and Scalable

Cross-ISA Machine Instrumentation Cross-ISA Machine Instrumentation using Fast and Scalable using Fast and Scalable Dynamic Binary Translation Dynamic Binary Translation Emilio G. Cota Columbia University Luca P. Carloni VEE'19 April 14,

1.05k views • 45 slides
Virtual Memory Process Abstraction, Part 2: Private Address Space Motivation : why not direct

Virtual Memory Process Abstraction, Part 2: Private Address Space Motivation : why not direct

Virtual Memory Process Abstraction, Part 2: Private Address Space Motivation : why not direct physical memory access? Address translation with pages Optimizing translation : translation lookaside buffer Extra benefits : sharing and protection

622 views • 38 slides
Generating Low-Overhead Dynamic Binary Translators Mathias Payer and Thomas R. Gross Department

Generating Low-Overhead Dynamic Binary Translators Mathias Payer and Thomas R. Gross Department

Generating Low-Overhead Dynamic Binary Translators Mathias Payer and Thomas R. Gross Department of Computer Science ETH Z rich Motivation Binary Translation (BT) well known technique for late transformations Extend or add

326 views • 29 slides
S8822 OPTIMIZING NMT WITH TENSORRT Micah Villmow Senior TensorRT Software Engineer 2 100

S8822 OPTIMIZING NMT WITH TENSORRT Micah Villmow Senior TensorRT Software Engineer 2 100

S8822 OPTIMIZING NMT WITH TENSORRT Micah Villmow Senior TensorRT Software Engineer 2 100 2 DOUGLAS ADAMS BABEL FISH Neural Machine Translation Unit 3 4 OVER 100X FASTER, IS IT REALLY

834 views • 40 slides
The Power of Binary 0, 1, 10, 11, 100, 101, 110, 111... What is Binary? a binary number

The Power of Binary 0, 1, 10, 11, 100, 101, 110, 111... What is Binary? a binary number

The Power of Binary 0, 1, 10, 11, 100, 101, 110, 111... What is Binary? a binary number is a number expressed in the binary numeral system, or base-2 numeral system, which represents numeric values using two different symbols: typically

485 views • 19 slides
LECTURE 2 Review 1 Binary Math and Assembly BINARY MATH In this section, we review Binary

LECTURE 2 Review 1 Binary Math and Assembly BINARY MATH In this section, we review Binary

LECTURE 2 Review 1 Binary Math and Assembly BINARY MATH In this section, we review Binary to decimal conversions and vice versa IEEE 754 Floating point representations Binary Arithmetic Decimal representation of binary numbers

1.66k views • 118 slides
Binary There are 10 types of people in the world those that understand binary and those

Binary There are 10 types of people in the world those that understand binary and those

Binary There are 10 types of people in the world those that understand binary and those that dont. What is binary? You and I write numbers like this: twelve is 12, sixty eight is 68, and one hundred is 100 Binary is a number

525 views • 26 slides
Optimizing re me dia tio n a ppro a c he s Optimizing re me dia tio n a ppro a c he s a t mine

Optimizing re me dia tio n a ppro a c he s Optimizing re me dia tio n a ppro a c he s a t mine

Optimizing re me dia tio n a ppro a c he s Optimizing re me dia tio n a ppro a c he s a t mine site s: ho w unde rsta nding b io g e o c he mic a l pro c e sse s a nd b io g e o c he mic a l pro c e sse s a nd mo de ling c a n g uide

394 views • 26 slides
1 Translation and Scalling Matrice Translation o The translation and scaling transformations may

1 Translation and Scalling Matrice Translation o The translation and scaling transformations may

3D Coordinate Systems 3D Transformation o The translation, scaling and rotation transformations used for 2D o 3D computer graphics involves the additional dimension of can be extended to three dimensions depth, allowing more realistic

435 views • 9 slides

More recommend