skip to main content
10.1145/3062341.3062376acmconferencesArticle/Chapter ViewAbstractPublication PagespldiConference Proceedingsconference-collections
research-article

Simple, fast, and safe manual memory management

Published: 14 June 2017 Publication History

Abstract

Safe programming languages are readily available, but many applications continue to be written in unsafe languages because of efficiency. As a consequence, many applications continue to have exploitable memory safety bugs. Since garbage collection is a major source of inefficiency in the implementation of safe languages, replacing it with safe manual memory management would be an important step towards solving this problem.
Previous approaches to safe manual memory management use programming models based on regions, unique pointers, borrowing of references, and ownership types. We propose a much simpler programming model that does not require any of these concepts. Starting from the design of an imperative type safe language (like Java or C#), we just add a delete operator to free memory explicitly and an exception which is thrown if the program dereferences a pointer to freed memory. We propose an efficient implementation of this programming model that guarantees type safety. Experimental results from our implementation based on the C# native compiler show that this design achieves up to 3x reduction in peak working set and run time.

References

[1]
Fundamentals of garbage collection.NET native and compilation.
[2]
Electric fence malloc debugger. http://elinux.org/ Electric_Fence.
[3]
How to use pageheap utility to detect memory errors. https://support.microsoft.com/en-us/ kb/264471.
[4]
Rust programming language. https://www. rust-lang.org.
[5]
P. Akritidis. Cling: A memory allocator to mitigate dangling pointers. In USENIX Security Symposium, pages 177–192, 2010.
[6]
D. F. Bacon, P. Cheng, and V. Rajan. The metronome: A simpler approach to garbage collection in real-time systems. In In 4 https://github.com/densh/scala-offheap Workshop on Java Technologies for Real-Time and Embedded Systems (JTRES), OTM Workshops, 2003.
[7]
H. G. Baker. Use-once variables and linear objects–storage management, reflection, and multi-threading. SIGPLAN Notices, 30(1):45–52, January 1995.
[8]
E. D. Berger and B. G. Zorn. Diehard: probabilistic memory safety for unsafe languages. In Acm sigplan notices, volume 41, pages 158–168. ACM, 2006.
[9]
C. Boyapati, A. Salcianu, W. Beebee, and M. Rinard. Ownership types for safe region-based memory management in realtime Java. In PLDI, 2003.
[10]
J. Boyland. Alias burying: Unique variables without destructive reads. Software – Practice and Experience, 31(6):533– 553, 2001.
[11]
D. Clarke and T. Wrigstad. External uniqueness is unique enough. In ECOOP, pages 176–200, July 2003.
[12]
D. G. Clarke, J. M. Potter, and J. Noble. Ownership types for flexible alias protection. In OOPSLA, October 1998.
[13]
C. Click, G. Tene, and M. Wolf. The pauseless gc algorithm. In Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments, pages 46–56. ACM, 2005.
[14]
U. Degenbaev, J. Eisinger, M. Ernst, R. McIlroy, and H. Payer. Idle time garbage collection scheduling. In PLDI, 2016.
[15]
D. Dhurjati and V. Adve. Efficiently detecting all dangling pointer uses in production servers. In DSN, June 2006.
[16]
D. Dhurjati, S. Kowshik, V. Adve, and C. Lattner. Memory safety without runtime checks or garbage collection. ACM SIGPLAN Notices, 38(7):69–80, 2003.
[17]
L. Gidra, G. Thomas, J. Sopena, M. Shapiro, and N. Nguyen. NumaGiC: a garbage collector for big data on big NUMA machines. In ASPLOS, 2015.
[18]
I. Gog, J. Giceva, M. Schwarzkopf, K. Vaswani, D. Vytiniotis, G. Ramalingam, M. Costa, D. G. Murray, S. Hand, and M. Isard. Broom: Sweeping out garbage collection from big data systems. In HotOS, 2015.
[19]
D. Grossman, G. Morrisett, and T. Jim. Region-based memory management in Cyclone. In PLDI, 2002.
[20]
M. Hertz and E. D. Berger. Quantifyng the performance of garbage collection vs. explicit memory management. In OOPSLA, 2005.
[21]
M. Hicks, G. Morrisett, D. Grossman, and T. Jim. Experience with safe manual memory-management in Cyclone. In ISMM, 2004.
[22]
J. Hogg. Islands: Aliasing protection in object-oriented languages. In OOPSLA, 1991.
[23]
R. Hundt. Loop recognition in C++/Java/Go/Scala. In Proceedings of Scala Days 2011, 2011.
[24]
H. Kermany and E. Petrank. The compressor: Concurrent, incremental, and parallel compaction. In Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’06, pages 354–363, 2006.
[25]
B. Lee, C. Song, Y. Jang, and T. Wang. Preventing use-afterfree with dangling pointer nullification. In NDSS, 2015.
[26]
V. B. Lvin, G. Novark, E. D. Berger, and B. G. Zorn. Archipelago: trading address space for reliability and security. In ASPLOS, 2008.
[27]
M. Maas, K. Asanovi´c, T. Harris, and J. Kubiatowicz. Taurus: A holistic language runtime system for coordinating distributed managed-language applications. In ASPLOS, 2016.
[28]
N. Minsky. Towards alias-free pointers. In ECOOP, pages 189–209, July 1996.
[29]
D. G. Murray, F. McSherry, R. Isaacs, M. Isard, P. Barham, and M. Abadi. Naiad: A timely dataflow system. In Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles, SOSP ’13, pages 439–455, 2013.
[30]
K. Naden, R. Bocchino, J. Aldrich, and K. Bierhoff. A type system for borrowing permissions. In POPL, 2012.
[31]
S. Nagarakatte, J. Zhao, M. M. K. Martin, and S. Zdancewic. CETS compiler-enforced temporal safety for c. In ISMM, 2010.
[32]
K. Nguyen, K. Wang, Y. Bu, L. Fang, J. Hu, and G. Xu. Facade: A compiler and runtime for (almost) object-bounded big data applications. In ASPLOS, 2015.
[33]
K. Nguyen, L. Fang, G. Xu, B. Demsky, S. Lu, S. Alamian, and O. Mutlu. Yak: A high performance big-data-friendly garbage collector. In OSDI, 2016.
[34]
G. Novark and E. D. Berger. Dieharder: securing the heap. In Proceedings of the 17th ACM conference on Computer and communications security, pages 573–584. ACM, 2010.
[35]
R. Sedgewick. Left-leaning red-black trees. In Dagstuhl Workshop on Data Structures, page 17, 2008.
[36]
F. Smith, D. Walker, and G. Morrisett. Alias types. In European Symposium on Programming (ESOP), 2000.
[37]
N. Swamy, M. Hicks, G. Morrisett, D. Grossman, and T. Jim. Safe manual memory-management in Cyclone. Science of Computer Programming, 62(2):122–14, October 2006.
[38]
G. Tene, B. Iyengar, and M. Wolk. C4: The continuously conucrrent compacting collector. In ISMM, 2011.
[39]
M. Tofte and J.-P. Talpin. Region-based memory management. Information and Computation, 132(2):109–176, February 1997.
[40]
P. Wadler. Linear types can change the world! In IFIP TC 2 Working Conference, 1990.
[41]
D. Walker and K. Watkins. On regions and linear types. In ICFP, 2001.
[42]
D. Walker, K. Crary, and G. Morrisett. Typed memory management in a calculus of capabilities. ACM Transactions on Programming Languages and Systems, 24(4):701–771, 2000.
[43]
Y. Younan. FreeSentry: protecting against user-after-free vulnerabilities due to dangling pointers. In NDSS, 2015.
[44]
B. G. Zorn. The measured cost of conservative garbage collection. Software – Practice and Experience, 23(7):733–756, 1993.

Cited By

View all
  • (2021)PyGuard: Finding and Understanding Vulnerabilities in Python Virtual Machines2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE52982.2021.00055(468-475)Online publication date: Oct-2021
  • (2020)Mitigating Data-only Attacks by Protecting Memory-resident Sensitive DataDigital Threats: Research and Practice10.1145/34194751:4(1-26)Online publication date: 22-Dec-2020
  • (2020)MarkUs: Drop-in use-after-free prevention for low-level languages2020 IEEE Symposium on Security and Privacy (SP)10.1109/SP40000.2020.00058(578-591)Online publication date: May-2020
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
PLDI 2017: Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation
June 2017
708 pages
ISBN:9781450349888
DOI:10.1145/3062341
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 June 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. garbage collection
  2. managed languages
  3. memory management
  4. type safety

Qualifiers

  • Research-article

Conference

PLDI '17
Sponsor:

Acceptance Rates

Overall Acceptance Rate 406 of 2,067 submissions, 20%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)54
  • Downloads (Last 6 weeks)7
Reflects downloads up to 30 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2021)PyGuard: Finding and Understanding Vulnerabilities in Python Virtual Machines2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE52982.2021.00055(468-475)Online publication date: Oct-2021
  • (2020)Mitigating Data-only Attacks by Protecting Memory-resident Sensitive DataDigital Threats: Research and Practice10.1145/34194751:4(1-26)Online publication date: 22-Dec-2020
  • (2020)MarkUs: Drop-in use-after-free prevention for low-level languages2020 IEEE Symposium on Security and Privacy (SP)10.1109/SP40000.2020.00058(578-591)Online publication date: May-2020
  • (2019)CHERIvokeProceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3352460.3358288(545-557)Online publication date: 12-Oct-2019
  • (2019)Position PaperProceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy10.1145/3337167.3337171(1-8)Online publication date: 23-Jun-2019
  • (2018)Applying the entity-component-system model to interaction programmingProceedings of the 30th Conference on l'Interaction Homme-Machine10.1145/3286689.3286703(42-51)Online publication date: 23-Oct-2018
  • (2018)SamplerProceedings of the 51st Annual IEEE/ACM International Symposium on Microarchitecture10.1109/MICRO.2018.00027(231-244)Online publication date: 20-Oct-2018
  • (2018)Code and Data Transformations to Address Garbage Collector Performance in Big Data Processing2018 IEEE 25th International Conference on High Performance Computing (HiPC)10.1109/HiPC.2018.00040(284-293)Online publication date: Dec-2018
  • (2017)Project snowflake: non-blocking safe manual memory management in .NETProceedings of the ACM on Programming Languages10.1145/31418791:OOPSLA(1-25)Online publication date: 12-Oct-2017
  • (2020)Mitigating Data-only Attacks by Protecting Memory-resident Sensitive DataDigital Threats: Research and Practice10.1145/34194751:4(1-26)Online publication date: 29-Dec-2020

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media