A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety

C is a dominant programming language for implementing system and low-level embedded software. Unfortunately, the unsafe nature of its low-level control of memory often leads to memory errors. Dynamic analysis has been widely used to detect memory errors at runtime. However, existing monitoring algor...

Full description

Bibliographic Details
Published in:ACM Transactions on Software Engineering and Methodology
Main Authors: Chen, Zhe, Yan, Rui, Ma, Yingzi, Sui, Yulei, Xue, Jingling
Other Authors: National Natural Science Foundation of China, Joint Research Funds of the National Natural Science Foundation of China, Civil Aviation Administration of China
Format: Article in Journal/Newspaper
Language:English
Published: Association for Computing Machinery (ACM) 2024
Subjects:
The Pointers
Online Access:http://dx.doi.org/10.1145/3637227
https://dl.acm.org/doi/pdf/10.1145/3637227
id cracm:10.1145/3637227
record_format openpolar
spelling cracm:10.1145/3637227 2024-05-12T08:11:58+00:00 A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety Chen, Zhe Yan, Rui Ma, Yingzi Sui, Yulei Xue, Jingling National Natural Science Foundation of China Joint Research Funds of the National Natural Science Foundation of China Civil Aviation Administration of China 2024 http://dx.doi.org/10.1145/3637227 https://dl.acm.org/doi/pdf/10.1145/3637227 en eng Association for Computing Machinery (ACM) ACM Transactions on Software Engineering and Methodology volume 33, issue 4, page 1-47 ISSN 1049-331X 1557-7392 journal-article 2024 cracm https://doi.org/10.1145/3637227 2024-05-01T06:46:53Z C is a dominant programming language for implementing system and low-level embedded software. Unfortunately, the unsafe nature of its low-level control of memory often leads to memory errors. Dynamic analysis has been widely used to detect memory errors at runtime. However, existing monitoring algorithms for dynamic analysis are not yet satisfactory, as they cannot deterministically and completely detect some types of errors, such as segment confusion errors, sub-object overflows, use-after-frees and memory leaks. We propose a new monitoring algorithm, namely Smatus , short for smart status , that improves memory safety by performing comprehensive dynamic analysis. The key innovation is to maintain at runtime a small status node for each memory object. A status node records the status value and reference count of an object, where the status value denotes the liveness and segment type of this object, and the reference count tracks the number of pointer variables pointing to this object. Smatus maintains at runtime a pointer metadata for each pointer variable, to record not only the base and bound of a pointer’s referent but also the address of the referent’s status node. All the pointers pointing to the same referent share the same status node in their pointer metadata. A status node is smart in the sense that it is automatically deleted when it becomes useless (indicated by its reference count reaching zero). To the best of our knowledge, Smatus represents the most comprehensive approach of its kind. We have evaluated Smatus by using a large set of programs including the NIST Software Assurance Reference Dataset, MSBench, MiBench, SPEC and stress testing benchmarks. In terms of effectiveness (detecting different types of memory errors), Smatus outperforms state-of-the-art tools, Google’s AddressSanitizer, SoftBoundCETS and Valgrind, as it is capable of detecting more errors. In terms of performance (the time and memory overheads), Smatus outperforms SoftBoundCETS and Valgrind in terms of both lower time and ... Article in Journal/Newspaper The Pointers ACM Publications (Association for Computing Machinery) ACM Transactions on Software Engineering and Methodology
institution Open Polar
collection ACM Publications (Association for Computing Machinery)
op_collection_id cracm
language English
description C is a dominant programming language for implementing system and low-level embedded software. Unfortunately, the unsafe nature of its low-level control of memory often leads to memory errors. Dynamic analysis has been widely used to detect memory errors at runtime. However, existing monitoring algorithms for dynamic analysis are not yet satisfactory, as they cannot deterministically and completely detect some types of errors, such as segment confusion errors, sub-object overflows, use-after-frees and memory leaks. We propose a new monitoring algorithm, namely Smatus , short for smart status , that improves memory safety by performing comprehensive dynamic analysis. The key innovation is to maintain at runtime a small status node for each memory object. A status node records the status value and reference count of an object, where the status value denotes the liveness and segment type of this object, and the reference count tracks the number of pointer variables pointing to this object. Smatus maintains at runtime a pointer metadata for each pointer variable, to record not only the base and bound of a pointer’s referent but also the address of the referent’s status node. All the pointers pointing to the same referent share the same status node in their pointer metadata. A status node is smart in the sense that it is automatically deleted when it becomes useless (indicated by its reference count reaching zero). To the best of our knowledge, Smatus represents the most comprehensive approach of its kind. We have evaluated Smatus by using a large set of programs including the NIST Software Assurance Reference Dataset, MSBench, MiBench, SPEC and stress testing benchmarks. In terms of effectiveness (detecting different types of memory errors), Smatus outperforms state-of-the-art tools, Google’s AddressSanitizer, SoftBoundCETS and Valgrind, as it is capable of detecting more errors. In terms of performance (the time and memory overheads), Smatus outperforms SoftBoundCETS and Valgrind in terms of both lower time and ...
author2 National Natural Science Foundation of China
Joint Research Funds of the National Natural Science Foundation of China
Civil Aviation Administration of China
format Article in Journal/Newspaper
author Chen, Zhe
Yan, Rui
Ma, Yingzi
Sui, Yulei
Xue, Jingling
spellingShingle Chen, Zhe
Yan, Rui
Ma, Yingzi
Sui, Yulei
Xue, Jingling
A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety
author_facet Chen, Zhe
Yan, Rui
Ma, Yingzi
Sui, Yulei
Xue, Jingling
author_sort Chen, Zhe
title A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety
title_short A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety
title_full A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety
title_fullStr A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety
title_full_unstemmed A Smart Status Based Monitoring Algorithm for the Dynamic Analysis of Memory Safety
title_sort smart status based monitoring algorithm for the dynamic analysis of memory safety
publisher Association for Computing Machinery (ACM)
publishDate 2024
url http://dx.doi.org/10.1145/3637227
https://dl.acm.org/doi/pdf/10.1145/3637227
genre The Pointers
genre_facet The Pointers
op_source ACM Transactions on Software Engineering and Methodology
volume 33, issue 4, page 1-47
ISSN 1049-331X 1557-7392
op_doi https://doi.org/10.1145/3637227
container_title ACM Transactions on Software Engineering and Methodology
_version_ 1798834221465206784

Similar Items