Lockstep

Abstract: SIMD organizations amortize the area and power of fetch, decode, and issue logic across multiple processing units in order to maximize throughput for a given area and power budget. However, throughput is reduced when a set of threads operating in lockstep (a warp) are stalled due to long latency memory accesses. The resulting idle cycles are extremely costly. Multi-threading can hide latencies by interleaving the execution of multiple warps, but deep multi-threading using many warps dramatically increases the cost of the register files (multi-threading depth x SIMD width), and cache contention can make performance worse. Instead, intra-warp latency hiding should first be exploited. This allows threads that are ready but stalled by SIMD restrictions to use these idle cycles and reduces the need for multi-threading among warps. This paper introduces dynamic warp subdivision (DWS), which allows a single warp to occupy more than one slot in the scheduler without requiring extra register file space. Independent scheduling entities allow divergent branch paths to interleave their execution, and allow threads that hit to run ahead. The result is improved latency hiding and memory level parallelism (MLP). We evaluate the technique on a coherent cache hierarchy with private L1 caches and a shared L2 cache. With an area overhead of less than 1%, experiments with eight data-parallel benchmarks show our technique improves performance on average by 1.7X.

Abstract: The garbage can theory of organizational choice is one of the best-known innovations in modern organization theory. It also has significantly shaped a major branch of the new institutionalism. Yet, the theory has not received the systematic assessment that it both deserves and needs. We evaluate the early verbal theory and argue that it fails to create an adequate foundation for scientific progress. We then analyze and rerun Cohen, March, and Olsen’s computer model and discover that its agents move in lockstep patterns that are strikingly different from the spirit of the theory. Indeed, the simulation and the theory are incompatible. Next, we examine how the authors have built upon these incompatible formulations in developing the theory further. We assess this larger program, which includes the March-Olsen version of the new institutionalism, and find that many of the problems that attended the original article have intensified over time. We conclude that a fundamental overhaul is required if the theory is to realize its early promise.

Abstract: A computer system includes a primary processor and a secondary processor running in lockstep. The lockstep may or may not be synchronous. Errors occurring in the primary processor or the secondary processor are reported to an error-handling module. If the error is a recoverable error, the state of one of the processors is saved and the processors are restarted using the saved state. In addition to the reporting of errors from the processors, cross checking of the operation of the processors is performed to detect a divergence in the operation of the processors. If the divergence is reported to be due to a recoverable error, the state of the one of the processors is saved and the processors are restarted using the saved state. Procedures are also disclosed to ensure that data corruption does not propagate onto an associated network, and to ensure that the system is not lost as a network resource during processor restart.

Abstract: Present approaches to software security are to a large extent reactive: when vulnerabilities are discovered, developers scramble to fix the underlying error. The advantage is on the side of the attackers because they only have to find a single vulnerability to exploit all vulnerable systems, while defenders have to prevent the exploitation of all vulnerabilities. We argue that the compiler is at the heart of the solution for this problem: when the compiler is translating high-level source code to low-level machine code, it is able to automatically diversify the machine code, thus creating multiple functionally equivalent, but internally different variants of a program.We present two orthogonal compiler-based techniques.With multi-variant execution, a monitoring layer executes several diversified variants in lockstep while examining their behavior for differences that indicate attacks. With massive-scale software diversity, every user gets its own diversified variant, so that the attacker has no knowledge about the internal structure of that variant and therefore cannot construct an attack. Both techniques make it harder for an attacker to run a successful attack. We discuss variation techniques that the compiler can utilize to diversify software, and evaluate their effectiveness for our two execution models.