CETS: Compiler-Enforced Temporal Safety for C
Temporal memory safety errors, such as dangling pointer dereferences and double frees, are a prevalent source of software bugs in unmanaged languages such as C. Existing schemes that attempt to retrofit temporal safety for such languages have high runtime overheads and/or are incomplete, thereby lim...
Main Authors: | , , , |
---|---|
Format: | Conference Object |
Language: | unknown |
Published: |
2010
|
Subjects: | |
Online Access: | https://repository.upenn.edu/handle/20.500.14332/6635 https://hdl.handle.net/20.500.14332/6635 |
id |
ftunivpenn:oai:repository.upenn.edu:20.500.14332/6635 |
---|---|
record_format |
openpolar |
spelling |
ftunivpenn:oai:repository.upenn.edu:20.500.14332/6635 2024-02-04T10:04:58+01:00 CETS: Compiler-Enforced Temporal Safety for C Nagarakatte, Santosh Martin, Milo Zhao, Jianzhou Zdancewic, Stephan A 2010-01-01 application/pdf https://repository.upenn.edu/handle/20.500.14332/6635 https://hdl.handle.net/20.500.14332/6635 unknown https://repository.upenn.edu/handle/20.500.14332/6635 576 Departmental Papers (CIS) published Computer Sciences Presentation 2010 ftunivpenn https://doi.org/20.500.14332/6635 2024-01-06T23:27:13Z Temporal memory safety errors, such as dangling pointer dereferences and double frees, are a prevalent source of software bugs in unmanaged languages such as C. Existing schemes that attempt to retrofit temporal safety for such languages have high runtime overheads and/or are incomplete, thereby limiting their effectiveness as debugging aids. This paper presents CETS, a compile-time transformation for detecting all violations of temporal safety in C programs. Inspired by existing approaches, CETS maintains a unique identifier with each object, associates this metadata with the pointers in a disjoint metadata space to retain memory layout compatibility, and checks that the object is still allocated on pointer dereferences. A formal proof shows that this is sufficient to provide temporal safety even in the presence of arbitrary casts if the program contains no spatial safety violations. Our CETS prototype employs both temporal check removal optimizations and traditional compiler optimizations to achieve a runtime overhead of just 48% on average. When combined with a spatial-checking system, the average overall overhead is 116% for complete memory safety. Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Martin, and Steve Zdancewic. CETS: Compiler-Enforced Temporal Safety for C . In Proceedings of the ACM International Symposium on Memory Management (ISMM) , 2010. doi:http://dx.doi.org/10.1145/1806651.1806657 © ACM, 2010. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the ACM International Symposium on Memory Management , {VOL#, ISS#, (DATE)} http://doi.acm.org/10.1145/1806651.1806657 Conference Object The Pointers University of Pennsylvania: ScholaryCommons@Penn |
institution |
Open Polar |
collection |
University of Pennsylvania: ScholaryCommons@Penn |
op_collection_id |
ftunivpenn |
language |
unknown |
topic |
Computer Sciences |
spellingShingle |
Computer Sciences Nagarakatte, Santosh Martin, Milo Zhao, Jianzhou Zdancewic, Stephan A CETS: Compiler-Enforced Temporal Safety for C |
topic_facet |
Computer Sciences |
description |
Temporal memory safety errors, such as dangling pointer dereferences and double frees, are a prevalent source of software bugs in unmanaged languages such as C. Existing schemes that attempt to retrofit temporal safety for such languages have high runtime overheads and/or are incomplete, thereby limiting their effectiveness as debugging aids. This paper presents CETS, a compile-time transformation for detecting all violations of temporal safety in C programs. Inspired by existing approaches, CETS maintains a unique identifier with each object, associates this metadata with the pointers in a disjoint metadata space to retain memory layout compatibility, and checks that the object is still allocated on pointer dereferences. A formal proof shows that this is sufficient to provide temporal safety even in the presence of arbitrary casts if the program contains no spatial safety violations. Our CETS prototype employs both temporal check removal optimizations and traditional compiler optimizations to achieve a runtime overhead of just 48% on average. When combined with a spatial-checking system, the average overall overhead is 116% for complete memory safety. Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Martin, and Steve Zdancewic. CETS: Compiler-Enforced Temporal Safety for C . In Proceedings of the ACM International Symposium on Memory Management (ISMM) , 2010. doi:http://dx.doi.org/10.1145/1806651.1806657 © ACM, 2010. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the ACM International Symposium on Memory Management , {VOL#, ISS#, (DATE)} http://doi.acm.org/10.1145/1806651.1806657 |
format |
Conference Object |
author |
Nagarakatte, Santosh Martin, Milo Zhao, Jianzhou Zdancewic, Stephan A |
author_facet |
Nagarakatte, Santosh Martin, Milo Zhao, Jianzhou Zdancewic, Stephan A |
author_sort |
Nagarakatte, Santosh |
title |
CETS: Compiler-Enforced Temporal Safety for C |
title_short |
CETS: Compiler-Enforced Temporal Safety for C |
title_full |
CETS: Compiler-Enforced Temporal Safety for C |
title_fullStr |
CETS: Compiler-Enforced Temporal Safety for C |
title_full_unstemmed |
CETS: Compiler-Enforced Temporal Safety for C |
title_sort |
cets: compiler-enforced temporal safety for c |
publishDate |
2010 |
url |
https://repository.upenn.edu/handle/20.500.14332/6635 https://hdl.handle.net/20.500.14332/6635 |
genre |
The Pointers |
genre_facet |
The Pointers |
op_source |
576 Departmental Papers (CIS) published |
op_relation |
https://repository.upenn.edu/handle/20.500.14332/6635 |
op_doi |
https://doi.org/20.500.14332/6635 |
_version_ |
1789973809320689664 |