In overview, methods, computer programs products and devices for securing software are provided. In accordance with the disclosure, a method may comprise attaching a debugger process to a software process. During execution of the software process, operations relevant to the functionality of the code process are carried out within the debugger process. As a result, the debugger process cannot be replaced or subverted without impinging on the functionality of the software process. The software process can therefore be protected from inspection by modified or malicious debugging techniques.

A method of operating a telemetry system includes automatically populating a base field of a schema in an event definition using a logging library of the telemetry system for an event of an instrumented application, and automatically populating a conditional field of the schema in the event definition using the logging library in response to a selected condition for the event.

Embodiments provide enhanced performance diagnosis in a network computing environment. In response to an occurrence of a performance issue for a node while under operating conditions, common logs for applications on the node are analyzed. The applications are respectively registered in advance for diagnosis services. The applications each register rules in advance for the diagnosis services. At a time of the performance issue, debug programs are automatically issued to generate debug level logs respectively for the applications. Debug level logs are analyzed according to the rules to determine a root cause of the performance issue. A potential solution to the root cause of the performance issue is determined using the rules, without having to recreate the operating conditions occurring during the performance issue. The potential solution to rectify the root cause of the performance issue is executed without having to recreate the operating conditions occurring during the performance issue.

A processor includes an instruction pipeline and control circuitry. The instruction pipeline is configured to process instructions of program code. The control circuitry is configured to monitor the processed instructions at run-time, to construct an invocation data structure comprising multiple entries, wherein each entry (i) specifies an initial instruction that is a target of a branch instruction, (ii) specifies a portion of the program code that follows one or more possible flow-control traces beginning from the initial instruction, and (iii) specifies, for each possible flow-control trace specified in the entry, a next entry that is to be processed following processing of that possible flow-control trace, and to configure the instruction pipeline to process segments of the program code, by continually traversing the entries of the invocation data structure.

Described is a computer-implemented method of reordering condition checks. Two or more condition checks in computer code that may be reordered within the code are identified. It is determined that the execution frequency of a later one of the condition checks is satisfied at a greater frequency than a preceding one of the condition checks. It is determined that there is an absence of side effects in the two or more condition checks. The values of the condition checks are propagated and abstract interpretation is performed on the values that are propagated. It is determined that the condition checks are exclusive of each other, and the condition checks are reordered within the computer code.

A system and method for real-time or near real-time anomaly detection and root cause automation in production environments or in other environments using shrunk dynamic call graphs are provided. The system includes an instrumentation agent that generates shrunk dynamic call graphs and exceptions/errors by injecting monitoring code or probes or call-tags into monitored application, a data agent that forwards collected data to the analysis engine over a network, an analysis engine that performs continuous clustering using machine learning, anomaly, and root cause detection. The system also includes a reporting module to report the anomaly.

An automated video game testing framework and method includes communicatively coupling an application programming interface (API) to an agent in a video game, where the video game includes a plurality of in-game objects that are native to the video game. The agent is managed as an in-game object of the video game. A test script is executed to control the agent, via the API, to induce gameplay and interrogate a behavior of a test object. The test object is identified from the plurality of in-game objects based on a query that specifies an object attribute of the test object.

Systems and methods are described for automated classification of defective code from bug tracking tool data. An example method includes receiving a plurality of datasets representing a plurality of bug reports from a bug tracking application. Each dataset may be generated by vectorizing and clustering a source code associated with a respective bug report represented by the dataset. Each dataset may comprise a plurality of classes. At least one class of each dataset may indicate at least one known bug. For each dataset of the plurality of datasets, a respective supervised feature vector may be generated. Each supervised feature vector may be associated with an index of the at least one class with the at least one known bug. Using the supervised feature vectors, a classification model is trained to detect a new bug presence in a new source code.

An automated fault injection testing and analysis approach drives fault injection into a processor driven instruction sequence to quantify and define susceptibility to external fault injections for manipulating instruction execution and control flow of a set of computer instructions. A fault injection such as a voltage or electromagnetic pulse directed at predetermined locations on a processor (Central Processing Unit, or CPU) alters a result of a processor instruction to change values or execution paths. One or more quantified injections define an injection chain that causes a predictable or repeatable deviant result from an expected execution path through the code executed by the processor. Based on accumulation of fault injections and results, a repeatable injection chain and probability identifies an external action taken on a processing device to cause unexpected results that differ from an expected execution of a program or set of computer instructions.

A method for implementing LINUX kernel hot patch, an electronic device and a computer readable medium, the method includes: modifying header instruction code of a patched function in an atomic operation mode, and jumping directly or indirectly from a patched function address to a patching function address to activate a patching function. The method for implementing LINUX kernel hot patch can achieve the activation of the patching function without restarting the LINUX system.