skip to content

Department of Computer Science and Technology

Addressing Temporal Memory Safety

26 February 2020

Our upcoming Oakland paper was released onto the internet recently, despite the publication date actually being in May when the conference is held (the IEEE Symposium on Security and Privacy , to give its official name). So now seemed like a good time to talk about some of the security work we've been doing, in particular our research into schemes for temporal memory safety.

When we talk about memory safety, issues fall into two categories. The first, and most well-known, even if not by name, is spatial safety. This includes buffer-overflow vulnerabilities, such as the one that caused the infamous heartbleed bug . Here, during a TLS session, a missing check on the amount of data requested by...

Read more

In Praise of Undergraduate Research

8 August 2019

In my last post I discussed the Janus automatic binary parallelisation tool that my postdoc, Kevin, has developed. At VEE earlier this year we had another paper on Janus , this time extending it to extract other forms of parallelism—automatic vectorisation for data-level parallelism and software prefetching for memory-level parallelism. We show how these schemes are applied to binaries in the context of Janus (with a neat trick for dealing with bounds-checking code when inserting prefetches to arrays) and evaluate them together. I’m not aware of any other work that tries to extract all three forms of parallelism at once. However, what I liked best about this paper was not the techniques, nor the results, but the fact that the two passes...

Read more

Janus: Statically-Driven and Profile-Guided Automatic Dynamic Binary Parallelisation

18 February 2019

One of the themes of my research has been and continues to be the exploitation of parallelism in its many forms. I’ve looked into data-level parallelism by improving the performance of SLP by, for example, reducing the number of instructions that are vectorised and (spoiler alert for a future publication) I have a PhD student working on speculative vectorisation. With Sam Ainsworth , formerly my PhD student, now a postdoc, I have published research that exploits memory-level parallelism within the compiler , architecture and in both with a programmable prefetcher . We’ve also looked into taking advantage of parallelism for error detection . However, the first work I did in this area, and the kind of work...

Read more

Parallel Error Detection Using Heterogeneous Cores

27 June 2018

Soft, or transient, errors are faults that occur seemingly at random, causing bits to flip within an integrated circuit. This is especially important in memory cells, and I remember very clearly reading a blog post from James Hamilton several years ago now, where he talked about the need for ECC on DRAM in servers and discussed some (what was then) recent academic work in the subject. ECC is a great way to protect memory, being high performance with low power and area overheads, given its ability to detect multiple errors and correct some too. However, beyond the memory hierarchy, techniques for error detection and recovery are little used due to the difficulties in protecting logic cheaply.

One area where error detection...

Read more

World Cup 2018 Sticker Collecting

10 May 2018

Once again a major football tournament is approaching and my son is collecting stickers of all the teams who have reached the finals. This time it’s the World Cup in Russia and the album published by Panini has 682 to collect. I’ve blogged before about the maths behind collecting stickers so you can calculate how many packets of five distinct stickers you expect to need to finish it. At the time, to help me visualise this, I wrote a web page with a bit of JavaScript on it to do the calculations. This time I’ve looked over it again and increased its functionality a little, so I’ve decided it’s robust enough to advertise. It’s on my main university site...

Read more

An Event-Triggered Programmable Prefetcher for Irregular Workloads

28 March 2018

Over the last few years my PhD student, Sam Ainsworth , and I have been looking into data prefetching, especially for applications containing irregular memory accesses. We published a paper in ICS 2016 about a specialised hardware prefetcher that optimises breadth-first traversals on graphs in the commonly-used compressed sparse-row format, which I previously blogged about . We also published a paper at CGO on automatic software-prefetch generation, more generally for indirect memory accesses ( blog post ). At ASPLOS this year, we marry the two ideas together and generalise even further, creating a programmable prefetcher, using an event-driven programming model, that is capable of fetching in data for many types of memory access, complete...

Read more

Gonville and Caius

2 October 2017

Today I’m joining a college. Or, to be more precise, at a ceremony later this afternoon I’ll be admitted as a fellow to Gonville and Caius college .

Now the questions you might ask are why, and why aren’t you part of a college already—this is Cambridge after all and it’s all about the colleges, isn’t it?

Actually it’s not. In Cambridge you don’t have to be part of a college. All students are, both undergraduate and postgraduate. Postdocs generally aren’t, although some colleges make provision for a small number of postdocs to be part of their community. Lecturers, readers and professors can choose whether to be part of a college or not....

Read more

Comparison of AArch64 Dynamic Binary Modification Tools

12 July 2017

Over the past few years I’ve become increasingly interested in dynamic binary modification (DBM) tools, so much so that I supervise a PhD student who is trying to parallelise binaries using one, and am just starting work on a grant that continues and extends this work . On Intel’s architecture, Pin is probably the most famous tool, and one that I had most experience of in the past. (As an aside, Pin is a dynamic binary instrumentation tool, but I’m going to use modification instead of instrumentation throughout this post, since modification subsumes instrumentation and I’m more interested in optimisation than just analysis.) However, it’s closed source and only targets Intel’s ISAs. Another option is ...

Read more

Negar’s Memorial

7 June 2017

On Monday we held a memorial event in Emmanuel College for my PhD student, Negar , who died so tragically in October last year. These are the words I said in memory of her.

The first time I talked to Negar was just over 5 years ago, in May 2012. I can remember it vividly, sitting in Alan Mycroft’s office phoning Iran to interview a candidate for a job on hardware reliability. She came across as a quiet person who was unflustered by the questions that we threw at her. And behind that a determination too, a determination to secure the job, to come to Cambridge and achieve her ambition...

Read more

Student Research Competition at EuroLLVM 2017

29 March 2017

My student, Sam Ainsworth , has won first prize in the student research competition at EuroLLVM 2017 . This work was previously published at CGO 2017 and I’ve blogged about it too. Below is a copy of his poster, or download it here . Well done, Sam!

Read more