DateOct.. 5, 2012
Speaker Gene Cooperman (Northeastern University)
TopicA History of DMTCP: Checkpoint-Restart, Reversible Debugging, Virtual Machines, and Cyber-Security
Abstract: DMTCP (Distributed MultiThreaded Checkpointing) is an eight-year old open source software project encompassing the work of about ten developers, and available for several popular Linux distros. DMTCP has interesting parallels with virtual machines. DMTCP's process-level checkpoints correspond to the snapshots of a virtual machine.

In a later enhancement, DMTCP was extended to support checkpointing of GDB sessions, which provided the basis for a reversible debugger. This paralleled the previous work on reversible debugging via virtual machines (King et al., Lewis et al.). The DMTCP-based reversible debugger (FReD: Fast Reversible Debugger) stands on three legs: checkpoint-restart (DMTCP), deterministic multi-threaded logging, and a debugger (GDB or other). The deterministic logging supports multi-threaded, multi-core replay. This is the basis for a module that implements a binary search in time for the moment when a bug first appeared. Additional novel debugging strategies are planned on top of this platform.

Quite recently, DMTCP was further enhanced to checkpoint the user-mode Qemu virtual machine. This enables whole-machine debugging (e.g. of Windows), and some interesting potential for cyber-security. Some possibilities to be investigated include: rapid fuzz testing, and low-latency cyber-hopping. Fuzz testing through checkpointing is particularly interesting for blackbox testing, in which one compares checkpointed memory images to quickly identify unusual memory patterns that may indicate potential input vulnerabilities.