Abstract
Compiler-based tools can protect software from attack and find bugs within programs. To support programs written in type-unsafe languages such as C, such tools need to add code into a program that must, at run-time, take a pointer into a memory object and locate metadata for that memory object. Current methods of locating metadata are either flexible (supporting metadata of varying sizes) at the expense of speed and scalability or are fast (e.g., by using shadow tables) at the cost of flexibility (metadata is small and must always be the same size).
This paper presents a new method of attaching metadata to memory objects, named Padding Area MetaData (PAMD), that is both flexible and efficient. Metadata can be any size, and different memory objects can have different sized metadata. While flexible, the algorithm for finding the metadata given a pointer into the memory object takes constant time. Our method extends Baggy Bounds with Accurate Checking (BBAC) which attaches constant-sized metadata to memory objects for performing precise dynamic bounds checks. Our design supports variable-sized metadata, and our implementation supports larger programs.
We evaluated the performance and scalability of PAMD using dynamic bounds checking as an exemplar of our method. Our results show that our method adds at most 33% overhead to an identical dynamic bounds checking tool that trades precision for performance by using a simple shadow table. Our results also show that our method, while having the same flexibility as splay trees, performs significantly faster and scales better as a program allocates more memory.
- Database speed comparison. https://www.sqlite.org/speed.html.Google Scholar
- The python benchmark suite. https://github.com/python/performance.Google Scholar
- SAFECode. http://sva.cs.illinois.edu.Google Scholar
- M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. Control-flow integrity principles, implementations, and applications. ACM Transactions on Information Systems Security, 13:4:1–4:40, November 2009. Google Scholar
Digital Library
- P. Akritidis, C. Cadar, C. Raiciu, M. Costa, and M. Castro. Preventing memory error exploits with WIT. In SP ’08: Proceedings of the 2008 IEEE Symposium on Security and Privacy, pages 263–277, Washington, DC, USA, 2008. IEEE Computer Society. Google Scholar
Digital Library
- P. Akritidis, M. Costa, M. Castro, and S. Hand. Baggy bounds checking: An efficient and backwards-compatible defense against out-ofbounds errors. In Proceedings of the Eighteenth Usenix Security Symposium, August 2009. Google Scholar
Digital Library
- L. O. Anderson. Program Analysis and Specialization for the C Programming Language. PhD thesis, DIKU, University of Copenhagen, May 1994.Google Scholar
- Z. Anderson, D. Gay, R. Ennals, and E. Brewer. SharC: Checking data sharing strategies for multithreaded c. In Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’08, pages 149–158, New York, NY, USA, 2008. ACM. Google Scholar
Digital Library
- D. P. Bovet and M. Cesati. Understanding the LINUX Kernel. O’Reilly, Sebastopol, CA, 3rd edition, 2006. Google Scholar
Digital Library
- J. Criswell, N. Geoffray, and V. Adve. Memory safety for low-level software/hardware interactions. In Proceedings of the Eighteenth Usenix Security Symposium, August 2009. Google Scholar
Digital Library
- J. Criswell, A. Lenharth, D. Dhurjati, and V. Adve. Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems. In Proceedings of the ACM SIGOPS Symposium on Operating System Principles, Stevenson, WA, USA, October 2007. Google Scholar
Digital Library
- D. Dhurjati and V. Adve. Backwards-compatible array bounds checking for C with very low overhead. In International Conference on Software Engineering, Shanghai, China, May 2006. Google Scholar
Digital Library
- D. Dhurjati, S. Kowshik, and V. Adve. SAFECode: Enforcing alias analysis for weakly typed languages. In ACM SIGPLAN Conference on Programming Language Design and Implementation, Ottawa, Canada, June 2006. Google Scholar
Digital Library
- B. Ding, Y. He, Y. Wu, A. Miller, and J. Criswell. Baggy bounds with accurate checking. In Software Reliability Engineering Workshops (ISSREW), 2012 IEEE 23rd International Symposium on, 2012. Google Scholar
Digital Library
- J. L. Henning. Spec cpu2006 benchmark descriptions. ACM SIGARCH Computer Architecture News, 34(4):1–17, Sept. 2006. Google Scholar
Digital Library
- A. Jaeger. Porting to 64-bit gnu/linux systems. In Proceedings of the GCC Developers Summit, pages 107–121, 2003.Google Scholar
- T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In USENIX Annual Technical Conference, Monterey, CA, 2002. Google Scholar
Digital Library
- R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in c programs. In Automated and Algorithmic Debugging, pages 13–26, 1997.Google Scholar
- S. Kell. Towards a dynamic object model within unix processes. In 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!), Onward! 2015, pages 224–239, New York, NY, USA, 2015. ACM. Google Scholar
Digital Library
- S. Kell. Dynamically diagnosing type errors in unsafe code. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, pages 800–819, New York, NY, USA, 2016. ACM. Google Scholar
Digital Library
- L. C. Lam and T.-c. Chiueh. A general dynamic information flow tracking framework for security applications. In ACSAC ’06: Proceedings of the 22nd Annual Computer Security Applications Conference, pages 463–472, Washington, DC, USA, 2006. IEEE Computer Society. Google Scholar
Digital Library
- C. Lattner and V. Adve. LLVM: A compilation framework for lifelong program analysis and transformation. In Proceedings of the Conference on Code Generation and Optimization, pages 75–88, San Jose, CA, USA, Mar 2004. Google Scholar
Digital Library
- C. Lattner et al. LLVM Language Reference Manual. http://llvm.org/docs/LangRef.html.Google Scholar
- C. Lattner, A. D. Lenharth, and V. S. Adve. Making context-sensitive points-to analysis with heap cloning practical for the real world. In ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 278–289, San Diego, CA, USA, June 2007. Google Scholar
Digital Library
- M. K. McKusick, G. V. Neville-Neil, and R. N. M. Watson. The Design and Implementation of the FreeBSD Operating System. Pearson Education, second edition, 2015. Google Scholar
Digital Library
- S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. SoftBound: Highly compatible and complete spatial memory safety for C. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’09, pages 245–258, New York, NY, USA, 2009. ACM. Google Scholar
Digital Library
- A. Rogers, M. C. Carlisle, J. H. Reppy, and L. J. Hendren. Supporting dynamic data structures on distributed memory machines. ACM Trans. on Prog. Lang. and Sys., 17(2), Mar. 1995. Google Scholar
Digital Library
- O. Ruwase and M. Lam. A practical dynamic buffer overflow detector. In In Proceedings of the Network and Distributed System Security (NDSS) Symposium, pages 159–169, San Diego, CA, USA, 2004.Google Scholar
- S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic data race detector for multi-threaded programs. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles, SOSP ’97, pages 27–37, New York, NY, USA, 1997. ACM. Google Scholar
Digital Library
- K. Serebryany, D. Bruening, A. Potapenko, and D. Vyukov. Addresssanitizer: A fast address sanity checker. In Presented as part of the 2012 USENIX Annual Technical Conference (USENIX ATC 12), pages 309–318, Boston, MA, 2012. USENIX. Google Scholar
Digital Library
- D. D. Sleator and R. E. Tarjan. Self-adjusting binary trees. In Proc. of the ACM Symp. on Theory of computing, 1983. Google Scholar
Digital Library
Index Terms
Flexible and efficient memory object metadata
Recommendations
Flexible and efficient memory object metadata
ISMM 2017: Proceedings of the 2017 ACM SIGPLAN International Symposium on Memory ManagementCompiler-based tools can protect software from attack and find bugs within programs. To support programs written in type-unsafe languages such as C, such tools need to add code into a program that must, at run-time, take a pointer into a memory object ...
HWASanIO: Detecting C/C++ Intra-object Overflows with Memory Shading
SOAP 2023: Proceedings of the 12th ACM SIGPLAN International Workshop on the State Of the Art in Program AnalysisC/C++ are often used in high-performance areas with critical security demands, such as operating systems, browsers, and libraries. One major drawback from a security standpoint is their susceptibility to memory bugs, which are often hard to spot ...
Energy efficient Phase Change Memory based main memory for future high performance systems
IGCC '11: Proceedings of the 2011 International Green Computing Conference and WorkshopsPhase Change Memory (PCM) has recently attracted a lot of attention as a scalable alternative to DRAM for main memory systems. As the need for high-density memory increases, DRAM has proven to be less attractive from the point of view of scaling and ...






Comments