Jiaqi Li,Ke Wang,Yaoguang Chen,Yajin Zhou,Lei Wu,Jiashui Wang

2023-01-01

Abstract:DBMS bugs can cause serious consequences, posing severe security and privacy concerns. This paper works towards the detection of memory bugs and logic bugs in DBMSs, and aims to solve the two innate challenges, including how to generate semantically correct SQL queries in a test case, and how to propose effective oracles to capture logic bugs. To this end, our system proposes two key techniques. The first key technique is called context-sensitive instantiation, which considers all static semantic requirements (including but not limited to the identifier type used by existing systems) to generate semantically valid SQL queries. The second key technique is called multi-plan execution, which can effectively capture logic bugs. Given a test case, multi-plan execution makes the DBMS execute all query plans instead of the default optimal one, and compares the results. A logic bug is detected if a difference is found among the execution results of the executed query plans. We have implemented a prototype system called Kangaroo and applied it to three widely used and well-tested DBMSs, including SQLite, PostgreSQL, and MySQL. Our system successfully detected 50 new bugs. The comparison between our system with the state-of-the-art systems shows that our system outperforms them in terms of the number of generated semantically valid SQL queries, the explored code paths during testing, and the detected bugs.

Shao Zhijiang,Wang Yongming

DOI: https://doi.org/10.1109/wcica.2004.1342196

2004-01-01

Abstract:The problem of heterogeneous data integration in industrial supervisory control is presented and analyzed. The demand and difficulties of complex lab data representing, storing and publishing are outlined and analyzed in this paper. It is pointed out that a self-descriptive data structure with clear organization of contents and easy connection to human-machine interface is needed. A solution based on XML (eXtended Mark-up Language) is proposed with combination of different layers of data storage, data logic and presentation, human-machine interface. An XML-based system is developed to meet the demands of laboratory data publishing with complex structure. Construction of user interface from XML schema, conversion of lab data into XML, algorithm of storing XML into RDBMS (relation database manager system), query and reconstruction of XML documents from the RDBMS are touched upon. The data structure is described in details and its unique advantage is presented.

Georg Wuitschik,Vera Jost,Torsten Schindler,Michal Jakubik

DOI: https://doi.org/10.26434/chemrxiv-2024-c071p

2024-03-29

Abstract:HTE OS is a free, open-source High-Throughput Experimentation workflow that supports practitioners from experiment submission all the way to results presentation. A core Google Sheet is responsible for reaction planning and execution as well communication with users and robots. All generated data is funneled into Spotfire where users can analyze it. Tools for parsing of LCMS-data and translation of chemical identifiers provide data wrangling capabilities to complete the workflow.

Chemistry

Xing Niu,Bahareh Sadat Arab,Seokki Lee,Su Feng,Xun Zou,Dieter Gawlick,Vasudha Krishnaswamy,Zhen Hua Liu,Boris Glavic

DOI: https://doi.org/10.48550/arXiv.1707.09930

2017-08-01

Abstract:Debugging transactions and understanding their execution are of immense importance for developing OLAP applications, to trace causes of errors in production systems, and to audit the operations of a database. However, debugging transactions is hard for several reasons: 1) after the execution of a transaction, its input is no longer available for debugging, 2) internal states of a transaction are typically not accessible, and 3) the execution of a transaction may be affected by concurrently running transactions. We present a debugger for transactions that enables non-invasive, post-mortem debugging of transactions with provenance tracking and supports what-if scenarios (changes to transaction code or data). Using reenactment, a declarative replay technique we have developed, a transaction is replayed over the state of the DB seen by its original execution including all its interactions with concurrently executed transactions from the history. Importantly, our approach uses the temporal database and audit logging capabilities available in many DBMS and does not require any modifications to the underlying database system nor transactional workload.

Databases

Shuxin Li,Manuel Rigger

2024-01-10

Abstract:Extensible Markup Language (XML) is a widely used file format for data storage and transmission. Many XML processors support XPath, a query language that enables the extraction of elements from XML documents. These systems can be affected by logic bugs, which are bugs that cause the processor to return incorrect results. In order to tackle such bugs, we propose a new approach, which we realized as a system called XPress. As a test oracle, XPress relies on differential testing, which compares the results of multiple systems on the same test input, and identifies bugs through discrepancies in their outputs. As test inputs, XPress generates both XML documents and XPath queries. Aiming to generate meaningful queries that compute non-empty results, XPress selects a so-called targeted node to guide the XPath expression generation process. Using the targeted node, XPress generates XPath expressions that reference existing context related to the targeted node, such as its tag name and attributes, while also guaranteeing that a predicate evaluates to true before further expanding the query. We tested our approach on six mature XML processors, BaseX, eXist-DB, Saxon, PostgreSQL, libXML2, and a commercial database system. In total, we have found 20 unique bugs in these systems, of which 25 have been verified by the developers, and 12 of which have been fixed. XPress is efficient, as it finds 12 unique bugs in BaseX in 24 hours, which is 2x as fast as naive random generation. We expect that the effectiveness and simplicity of our approach will help to improve the robustness of many XML processors.

Software Engineering

Michael Mior

DOI: https://doi.org/10.1145/3596673.3596978

2023-06-23

Abstract:Students in introductory data management courses are often taught how to write queries in SQL. This is a useful and practical skill, but it gives limited insight into how queries are processed by relational database engines. In contrast, relational algebra is a commonly used internal representation of queries by database engines, but can be challenging for students to grasp. We developed a tool we call Relational Playground for database students to explore the connection between relational algebra and SQL.

Databases

Zhengjie Miao,Sudeepa Roy,Jun Yang

DOI: https://doi.org/10.1145/3299869.3319866

Abstract:For testing the correctness of SQL queries, e.g., evaluating student submissions in a database course, a standard practice is to execute the query in question on some test database instance and compare its result with that of the correct query. Given two queries Q 1 and Q 2, we say that a database instance D is a counterexample (for Q 1 and Q 2) if Q 1(D) differs from Q 2(D); such a counterexample can serve as an explanation of why Q 1 and Q 2 are not equivalent. While the test database instance may serve as a counterexample, it may be too large or complex to read and understand where the inequivalence comes from. Therefore, in this paper, given a known counterexample D for Q 1 and Q 2, we aim to find the smallest counterexample D' ⊆ D where Q 1(D') ≠ Q 2(D'). The problem in general is NP-hard. We give a suite of algorithms for finding the smallest counterexample for different classes of queries, some more tractable than others. We also present an efficient provenance-based algorithm for SPJUD queries that uses a constraint solver, and extend it to more complex queries with aggregation, group-by, and nested queries. We perform extensive experiments indicating the effectiveness and scalability of our solution on student queries from an undergraduate database course and on queries from the TPC-H benchmark. We also report a user study from the course where we deployed our tool to help students with an assignment on relational algebra.

Yannis Foufoulas,Eleni Zacharia,Harry Dimitropoulos,Natalia Manola,Yannis Ioannidis

DOI: https://doi.org/10.1007/s00799-023-00358-1

2023-05-10

Abstract:Metadata enrichment through text mining techniques is becoming one of the most significant tasks in digital libraries. Due to the exponential increase of open access publications, several new challenges have emerged. Raw data are usually big, unstructured, and come from heterogeneous data sources. In this paper, we introduce a text analysis framework implemented in extended SQL that exploits the scalability characteristics of modern database management systems. The purpose of this framework is to provide the opportunity to build performant end-to-end text mining pipelines which include data harvesting, cleaning, processing, and text analysis at once. SQL is selected due to its declarative nature which offers fast experimentation and the ability to build APIs so that domain experts can edit text mining workflows via easy-to-use graphical interfaces. Our experimental analysis demonstrates that the proposed framework is very effective and achieves significant speedup, up to three times faster, in common use cases compared to other popular approaches.

Sumeet Bajaj,Anrin Chakraborti,Radu Sion

DOI: https://doi.org/10.1109/tifs.2015.2491309

IF: 7.231

2016-02-01

IEEE Transactions on Information Forensics and Security

Abstract:The way data structures organize data is often a function of the sequence of past operations. The organization of data is referred to as the data structure's state, and the sequence of past operations constitutes the data structure's history. A data structure state can, therefore, be used as an oracle to derive information about its history. For history-sensitive applications, such as privacy in e-voting, it is imperative to conceal historical information contained within data structure states. Data structure history can be hidden by making data structures history independent. In this paper, we explore how to achieve history independence (HI). We observe that the current HI notions are significantly limited in number and scope. There are two existing notions of HI: 1) weak HI (WHI) and 2) strong HI (SHI). WHI does not protect against insider adversaries, and SHI mandates canonical representations, resulting in inefficiency. We postulate the need for a broad, encompassing notion of HI, which can capture WHI, SHI, and a broad spectrum of new HI notions. To this end, we introduce AHI, a generic game-based framework that is malleable enough to accommodate the existing and new HI notions. As an essential step toward formalizing AHI, we explore the concepts of abstract data types, data structures, machine models, memory representations, and HI. Finally, to bridge the gap between theory and practice, we outline a general recipe for building end-to-end, history-independent systems and demonstrate the use of the recipe in designing two historyindependent file systems.

computer science, theory & methods,engineering, electrical & electronic

Ruifan Xu,Jin Luo,Yawen Zhang,Yibo Lin,Runsheng Wang,Ru Huang,Yun Liang

DOI: https://doi.org/10.1109/micro61859.2024.00062

2024-01-01

Abstract:High-level synthesis (HLS) offers an opportunity to design hardware at the software level, which automatically trans-forms high-level specifications into RTL designs. However, HLS compilers are often considered complex black-box procedures, lacking transparency for designers and hindering the debugging process. Programmers often rely on simulating the HLS design to comprehend the behavior of the generated hardware. RTL simulation, the prevalent hardware debugging method, is time-consuming and inundates designers with excessive details when applied to HLS designs. Conversely, software-level simulation is fast but does not model hardware-specific details. The debug-ging challenge primarily stems from the semantic gap between software descriptions and RTL implementations. In this paper, we present Hestia, an efficient cross-level debugger enabling debugging HLS designs at different abstraction levels. Hestia provides a multi-level interpreter, aiding in debugging various issues in the HLS procedure with less hardware details and lower time costs. With an equivalent mapping across different levels, Hestia facilitates bug identifi-cation and localization, providing breakpoints and stepping at multiple granularities. We demonstrate the effectiveness of Hestia from three aspects: simulation efficiency, debugging capability, and scalability. Experimental results show that Hestia achieves significant simulation speedup compared to RTL simulators and prior work. The experiment of a case study also illustrates how Hestia helps find and localize bugs easily.

Peiquan Jin,Shouhong Wan,Lihua Yue

DOI: https://doi.org/10.1109/MDM.2008.21

2008-01-01

Abstract:In this paper, we present a CASE tool supporting conceptual modeling for moving objects database applications, which is called STXER (spatio-temporal extended entity-relational model). The main purpose of STXER is to support the database design for moving objects applications on typical object-relational DBMS. The STXER tool enhances the traditional ER model with moving characteristics. It can express rich spatiotemporal semantics for moving objects applications. After an overview of the general features of STXER, we discuss the architecture of STXER. And finally, a case study of STXER's demonstration is presented.

Christoph Bockisch,Marnix van 't Riet,Haihan Yin,Mehmet Aksit,Ziyi Lin,Yuting Chen,Jianjun Zhao

DOI: https://doi.org/10.1145/2843915.2843922

2015-01-01

Abstract:Advanced-dispatching programming languages allow to implicitly alter the behaviour of a program, depending on run-time program context. While this improves modularity, it also impedes comprehensibility. The use of advanced-dispatching programming languages can give rise to complex debugging scenarios, which cannot efficiently be resolved with traditional debugging approaches such as breakpoint-based debugging. Therefore, tool support for analysing the full history of runtime behaviour of advanced-dispatching programs is of importance for efficient debugging. In this paper, we characterise debugging scenarios for which existing work does not apply well, because they require access to the program execution history for efficient resolution. We present our design and implementation of a trace-based debugger for advanced-dispatching that supports such debugging scenarios efficiently. Our approach is the first one based on an XML-representation of the execution trace, giving rise to using very powerful standard tools such as the XQuery language for searching and navigating the trace, or scalable visualisations such as tree-maps.

Ashish Kamra,Evimaria Terzi,Elisa Bertino

DOI: https://doi.org/10.1007/s00778-007-0051-4

2007-05-17

The VLDB Journal

Abstract:A considerable effort has been recently devoted to the development of Database Management Systems (DBMS) which guarantee high assurance and security. An important component of any strong security solution is represented by Intrusion Detection (ID) techniques, able to detect anomalous behavior of applications and users. To date, however, there have been few ID mechanisms proposed which are specifically tailored to function within the DBMS. In this paper, we propose such a mechanism. Our approach is based on mining SQL queries stored in database audit log files. The result of the mining process is used to form profiles that can model normal database access behavior and identify intruders. We consider two different scenarios while addressing the problem. In the first case, we assume that the database has a Role Based Access Control (RBAC) model in place. Under a RBAC system permissions are associated with roles, grouping several users, rather than with single users. Our ID system is able to determine role intruders, that is, individuals while holding a specific role, behave differently than expected. An important advantage of providing an ID technique specifically tailored to RBAC databases is that it can help in protecting against insider threats. Furthermore, the existence of roles makes our approach usable even for databases with large user population. In the second scenario, we assume that there are no roles associated with users of the database. In this case, we look directly at the behavior of the users. We employ clustering algorithms to form concise profiles representing normal user behavior. For detection, we either use these clustered profiles as the roles or employ outlier detection techniques to identify behavior that deviates from the profiles. Our preliminary experimental evaluation on both real and synthetic database traces shows that our methods work well in practical situations.

computer science, information systems, hardware & architecture

Kai Pan,Xintao Wu,Tao Xie

DOI: https://doi.org/10.1007/s10515-014-0158-y

IF: 1.677

2014-01-01

Automated Software Engineering

Abstract:Testing is essential for quality assurance of database applications. Achieving high code coverage of the database applications is important in testing. In practice, there may exist a copy of live databases that can be used for database application testing. Using an existing database state is desirable since it tends to be representative of real-world objects' characteristics, helping detect faults that could cause failures in real-world settings. However, to cover a specific program-code portion (e.g., block), appropriate program inputs also need to be generated for the given existing database state. To address this issue, in this paper, we propose a novel approach that generates program inputs for achieving high code coverage of a database application, given an existing database state. Our approach uses symbolic execution to track how program inputs are transformed before appearing in the executed SQL queries and how the constraints on query results affect the application's execution. One significant challenge in our problem context is the gap between program-input constraints derived from the program and from the given existing database state; satisfying both types of constraints is needed to cover a specific program-code portion. Our approach includes novel query formulation to bridge this gap. We incorporate the data-instantiation component in our framework to deal with the case that no effective program input values can be attained. We determine how to generate new records and populate them in the new database state such that the code along the path can be covered. We also extend our approach of program-input generation to test database applications including canonical queries and group-by queries. Our approach is loosely integrated into Pex, a state-of-the-art white-box testing tool for .NET from Microsoft Research. Empirical evaluations on two real database applications show that our approach assists Pex to generate program inputs that achieve higher code coverage than the program inputs generated by Pex without our approach's assistance.

Hao Qian,Zhaoguo Wang,Haibing Guan,Binyu Zang,Haibo Chen

2015-01-01

Abstract:The commercial availability of Intel’s Haswell processor suggests that hardware transactional memory (HTM), a technique inspired by database transactions, is likely to be widely exploited for in-memory databases in the near future. Its features such as hardware-maintained read/write sets and automatic conflict detection naturally put forward a challenge on how HTM can successfully support concurrency control for fast in-memory transaction processing. To answer this challenge, we first conduct a detailed analysis on solely using HTM to protect a database transaction without other concurrency controls such as OCC or 2PL. Our analysis reveals that such an approach may lead to scalability issues due to the high probability of aborting transactions. To reduce HTM-protected transaction regions, we propose to leverage the theory of transaction chopping with several workload-inspired optimizations, including recovering commutativity with deferred execution and a database cache for database operations, to reduce HTM aborts while preserving serializability. While transaction chopping effectively reduces HTM aborts due to memory access conflicts, it also creates a new challenge for read-only transactions, which can no longer observe a consistent database snapshot. To address this problem, we propose a lazy snapshot mechanism that constructs a database snapshot during execution which eventually becomes consistent. We implement the proposed techniques in DBX-TC on an Intel Haswell processor and conduct an extensive performance study. Performance evaluation shows that DBX-TC with our mechanisms outperforms a naively constructed database using HTM by 4.77x and 36% over DBX on a 4-core/8threads machine. The speedup is especially significant under high contention.

Ioannis Alagiannis,Debabrata Dash,Karl Schnaitter,Anastasia Ailamaki,Neoklis Polyzotis

DOI: https://doi.org/10.1145/1807167.1807314

2010-06-06

Abstract:Tuning tools attempt to configure a database to achieve optimal performance for a given workload. Selecting an optimal set of physical structures is computationally hard since it involves searching a vast space of possible configurations. Commercial DBMSs offer tools that can address this problem. The usefulness of such tools, however, is limited by their dependence on greedy heuristics, the need for a-priori (offline) knowledge of the workload, and lack of an optimal materialization schedule to get the best out of suggested design features. Moreover, the open source DBMSs do not provide any automated tuning tools. This demonstration introduces a comprehensive physical designer for the PostgreSQL open source DBMS. The tool suggests design features for both offline and online workloads. It provides close to optimal suggestions for indexes for a given workload by modeling the problem as a combinatorial optimization problem and solving it by sophisticated and mature solvers. It also determines the interaction between indexes to suggest an effective materialization strategy for the selected indexes. The tool is interactive as it allows the database administrator (DBA) to suggest a set of candidate features and shows their benefits and interactions visually. For the demonstration we use large real-world scientific datasets and query workloads.

Haixiang Li,Xiaoyan Li,Yuxing Chen,Yuean Zhu,Xiaoyong Du,Wei Lu,Chang Liu,Anqun Pan

DOI: https://doi.org/10.48550/arXiv.2109.06485

2021-11-01

Abstract:Transaction processing technology has three important contents: data anomalies, isolation levels, and concurrent control algorithms. Concurrent control algorithms are used to eliminate some or all data anomalies at different isolation levels to ensure data consistency. Isolation levels in the current ANSI standard are defined by disallowing certain kinds of data anomalies. Yet, the definitions of data anomalies in the ANSI standard are controversial. On one hand, the definitions lack a mathematical formalization and cause ambiguous interpretations. On the other hand, the definitions are made in a case-by-case manner and lead to a situation that even a senior DBA could not have infallible knowledge of data anomalies, due to a lack of a full understanding of its nature. While revised definitions in existing literature propose various mathematical formalizations to correct the former argument, how to address the latter argument still remains an open problem. In this paper, we present a general framework called Coo with the capability to systematically define data anomalies. Under this framework, we show that existing reported data anomalies are only a small portion. While we theoretically prove that Coo is complete to mathematically formalize data anomalies, we employ a novel method to classify infinite data anomalies. In addition, we use this framework to define new isolation levels and quantitatively describe the concurrency and rollback rate of mainstream concurrency control algorithms. These works show that the C and I of ACID can be quantitatively analyzed based on all data anomalies.

Databases

Zhen He,Jérôme Darmont

DOI: https://doi.org/10.48550/arXiv.0704.3500

2007-04-26

Abstract:In object-oriented or object-relational databases such as multimedia databases or most XML databases, access patterns are not static, i.e., applications do not always access the same objects in the same order repeatedly. However, this has been the way these databases and associated optimisation techniques such as clustering have been evaluated up to now. This paper opens up research regarding this issue by proposing a dynamic object evaluation framework (DOEF). DOEF accomplishes access pattern change by defining configurable styles of change. It is a preliminary prototype that has been designed to be open and fully extensible. Though originally designed for the object-oriented model, it can also be used within the object-relational model with few adaptations. Furthermore, new access pattern change models can be added too. To illustrate the capabilities of DOEF, we conducted two different sets of experiments. In the first set of experiments, we used DOEF to compare the performances of four state of the art dynamic clustering algorithms. The results show that DOEF is effective at determining the adaptability of each dynamic clustering algorithm to changes in access pattern. They also led us to conclude that dynamic clustering algorithms can cope with moderate levels of access pattern change, but that performance rapidly degrades to be worse than no clustering when vigorous styles of access pattern change are applied. In the second set of experiments, we used DOEF to compare the performance of two different object stores: Platypus and SHORE. The use of DOEF exposed the poor swapping performance of Platypus.

Databases

Sijie Shen,Rong Chen,Haibo Chen,Binyu Zang

2021-01-01

Abstract:Many application domains can benefit from hybrid transaction/analytical processing (HTAP) by executing queries on real-time datasets produced by concurrent transactions. However, with the increasingly speedy transactions and queries thanks to large memory and fast interconnect, commodity HTAP systems have to make a tradeoff between data freshness and performance degradation. Fortunately, we observe that the backups for high availability in modern distributed OLTP systems can be retrofitted to bridge the analytical queries and transactions in HTAP workloads. In this paper, we present VEGITO, a distributed in-memory HTAP system that embraces freshness and performance with the following three techniques: (1) a lightweight gossip-style scheme to apply logs on backups consistently; (2) a block-based design for multi-version columnar backups; (3) a two-phase concurrent updating mechanism for the tree-based index of backups. They collectively make the backup fresh, columnar, and fault-tolerant, even facing millions of concurrent transactions per second. Evaluations show that VEGITO can perform 1.9 million TPC-C NEWORDER transactions and 24 TPC-H-equivalent queries per second simultaneously, which retain the excellent performance of specialized OLTP and OLAP counterparts (e.g., DrTM+H and MonetDB). These results outperform state-of-the-art HTAP systems by several orders of magnitude on transactional performance, while just incurring little performance slowdown (5% over pure OLTP workloads) and still enjoying data freshness for analytical queries (less than 20 ms of maximum delay) in the failure-free case. Further, VEGITO can recover from cascading machine failures by using the columnar backup in less than 60 ms.

Guoliang Li,Chao Zhang

DOI: https://doi.org/10.1145/3514221.3522565

2022-01-01

Abstract:Processing the mixed workloads of transactions and analytical queries in a single database system can eliminate the ETL process and enable real-time data analysis on the transaction data. However, there is no free lunch. Such systems must balance the trade-off between workload isolation and data freshness due to interweaving workloads of OLTP and OLAP. Since Gartner coined the term, Hybrid Transactional/Analytical Processing (HTAP), we have witnessed the emergence of various database systems to support HTAP. One common feature is that they leverage the best of row store and column store to achieve high quality of HTAP. As they have disparate storage strategies and processing techniques to satisfy the requirements of various HTAP applications, it is essential to understand, compare, and evaluate their key techniques. In this tutorial, we offer a comprehensive survey of HTAP databases. We introduce a taxonomy of state-of-the-art HTAP databases according to their storage strategies and architectures. We then take a deep dive into their key techniques regarding transaction processing, analytical processing, data synchronization, query optimization, and resource scheduling. We also introduce existing HTAP benchmarks. Finally, we discuss the research challenges and open problems for HTAP.