research-article

Flexible and efficient memory object metadata

Authors:

John CriswellAuthors Info & Claims

ISMM 2017: Proceedings of the 2017 ACM SIGPLAN International Symposium on Memory Management

Pages 36 - 46

https://doi.org/10.1145/3092255.3092268

Published: 18 June 2017 Publication History

Abstract

Compiler-based tools can protect software from attack and find bugs within programs. To support programs written in type-unsafe languages such as C, such tools need to add code into a program that must, at run-time, take a pointer into a memory object and locate metadata for that memory object. Current methods of locating metadata are either flexible (supporting metadata of varying sizes) at the expense of speed and scalability or are fast (e.g., by using shadow tables) at the cost of flexibility (metadata is small and must always be the same size).

This paper presents a new method of attaching metadata to memory objects, named Padding Area MetaData (PAMD), that is both flexible and efficient. Metadata can be any size, and different memory objects can have different sized metadata. While flexible, the algorithm for finding the metadata given a pointer into the memory object takes constant time. Our method extends Baggy Bounds with Accurate Checking (BBAC) which attaches constant-sized metadata to memory objects for performing precise dynamic bounds checks. Our design supports variable-sized metadata, and our implementation supports larger programs.

We evaluated the performance and scalability of PAMD using dynamic bounds checking as an exemplar of our method. Our results show that our method adds at most 33% overhead to an identical dynamic bounds checking tool that trades precision for performance by using a simple shadow table. Our results also show that our method, while having the same flexibility as splay trees, performs significantly faster and scales better as a program allocates more memory.

References

[1]

Database speed comparison. https://www.sqlite.org/speed.html.

[2]

The python benchmark suite. https://github.com/python/performance.

[3]

SAFECode. http://sva.cs.illinois.edu.

[4]

M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. Control-flow integrity principles, implementations, and applications. ACM Transactions on Information Systems Security, 13:4:1–4:40, November 2009.

Digital Library

[5]

P. Akritidis, C. Cadar, C. Raiciu, M. Costa, and M. Castro. Preventing memory error exploits with WIT. In SP ’08: Proceedings of the 2008 IEEE Symposium on Security and Privacy, pages 263–277, Washington, DC, USA, 2008. IEEE Computer Society.

Digital Library

[6]

P. Akritidis, M. Costa, M. Castro, and S. Hand. Baggy bounds checking: An efficient and backwards-compatible defense against out-ofbounds errors. In Proceedings of the Eighteenth Usenix Security Symposium, August 2009.

Digital Library

[7]

L. O. Anderson. Program Analysis and Specialization for the C Programming Language. PhD thesis, DIKU, University of Copenhagen, May 1994.

[8]

Z. Anderson, D. Gay, R. Ennals, and E. Brewer. SharC: Checking data sharing strategies for multithreaded c. In Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’08, pages 149–158, New York, NY, USA, 2008. ACM.

Digital Library

[9]

D. P. Bovet and M. Cesati. Understanding the LINUX Kernel. O’Reilly, Sebastopol, CA, 3rd edition, 2006.

Digital Library

[10]

J. Criswell, N. Geoffray, and V. Adve. Memory safety for low-level software/hardware interactions. In Proceedings of the Eighteenth Usenix Security Symposium, August 2009.

Digital Library

[11]

J. Criswell, A. Lenharth, D. Dhurjati, and V. Adve. Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems. In Proceedings of the ACM SIGOPS Symposium on Operating System Principles, Stevenson, WA, USA, October 2007.

Digital Library

[12]

D. Dhurjati and V. Adve. Backwards-compatible array bounds checking for C with very low overhead. In International Conference on Software Engineering, Shanghai, China, May 2006.

Digital Library

[13]

D. Dhurjati, S. Kowshik, and V. Adve. SAFECode: Enforcing alias analysis for weakly typed languages. In ACM SIGPLAN Conference on Programming Language Design and Implementation, Ottawa, Canada, June 2006.

Digital Library

[14]

B. Ding, Y. He, Y. Wu, A. Miller, and J. Criswell. Baggy bounds with accurate checking. In Software Reliability Engineering Workshops (ISSREW), 2012 IEEE 23rd International Symposium on, 2012.

Digital Library

[15]

J. L. Henning. Spec cpu2006 benchmark descriptions. ACM SIGARCH Computer Architecture News, 34(4):1–17, Sept. 2006.

Digital Library

[16]

A. Jaeger. Porting to 64-bit gnu/linux systems. In Proceedings of the GCC Developers Summit, pages 107–121, 2003.

[17]

T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In USENIX Annual Technical Conference, Monterey, CA, 2002.

Digital Library

[18]

R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in c programs. In Automated and Algorithmic Debugging, pages 13–26, 1997.

[19]

S. Kell. Towards a dynamic object model within unix processes. In 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!), Onward! 2015, pages 224–239, New York, NY, USA, 2015. ACM.

Digital Library

[20]

S. Kell. Dynamically diagnosing type errors in unsafe code. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, pages 800–819, New York, NY, USA, 2016. ACM.

Digital Library

[21]

L. C. Lam and T.-c. Chiueh. A general dynamic information flow tracking framework for security applications. In ACSAC ’06: Proceedings of the 22nd Annual Computer Security Applications Conference, pages 463–472, Washington, DC, USA, 2006. IEEE Computer Society.

Digital Library

[22]

C. Lattner and V. Adve. LLVM: A compilation framework for lifelong program analysis and transformation. In Proceedings of the Conference on Code Generation and Optimization, pages 75–88, San Jose, CA, USA, Mar 2004.

Digital Library

[23]

C. Lattner et al. LLVM Language Reference Manual. http://llvm.org/docs/LangRef.html.

[24]

C. Lattner, A. D. Lenharth, and V. S. Adve. Making context-sensitive points-to analysis with heap cloning practical for the real world. In ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 278–289, San Diego, CA, USA, June 2007.

Digital Library

[25]

M. K. McKusick, G. V. Neville-Neil, and R. N. M. Watson. The Design and Implementation of the FreeBSD Operating System. Pearson Education, second edition, 2015.

Digital Library

[26]

S. Nagarakatte, J. Zhao, M. M. Martin, and S. Zdancewic. SoftBound: Highly compatible and complete spatial memory safety for C. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’09, pages 245–258, New York, NY, USA, 2009. ACM.

Digital Library

[27]

A. Rogers, M. C. Carlisle, J. H. Reppy, and L. J. Hendren. Supporting dynamic data structures on distributed memory machines. ACM Trans. on Prog. Lang. and Sys., 17(2), Mar. 1995.

Digital Library

[28]

O. Ruwase and M. Lam. A practical dynamic buffer overflow detector. In In Proceedings of the Network and Distributed System Security (NDSS) Symposium, pages 159–169, San Diego, CA, USA, 2004.

[29]

S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic data race detector for multi-threaded programs. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles, SOSP ’97, pages 27–37, New York, NY, USA, 1997. ACM.

Digital Library

[30]

K. Serebryany, D. Bruening, A. Potapenko, and D. Vyukov. Addresssanitizer: A fast address sanity checker. In Presented as part of the 2012 USENIX Annual Technical Conference (USENIX ATC 12), pages 309–318, Boston, MA, 2012. USENIX.

Digital Library

[31]

D. D. Sleator and R. E. Tarjan. Self-adjusting binary trees. In Proc. of the ACM Symp. on Theory of computing, 1983.

Digital Library

Cited By

Jacobs AVolckaert SDoupé AMilburn A(2024)Not quite writeProceedings of the 18th USENIX Conference on Offensive Technologies10.5555/3696933.3696946(171-187)Online publication date: 12-Aug-2024
https://dl.acm.org/doi/10.5555/3696933.3696946
Herrera APayer MHosking A(2023)DatAFLow: Toward a Data-flow-guided FuzzerACM Transactions on Software Engineering and Methodology10.1145/358715932:5(1-7)Online publication date: 21-Jul-2023
https://dl.acm.org/doi/10.1145/3587159
Herrera APayer MHosking A(2023) DatAFLow: Toward a Data-Flow-Guided FuzzerACM Transactions on Software Engineering and Methodology10.1145/358715632:5(1-31)Online publication date: 21-Jul-2023
https://dl.acm.org/doi/10.1145/3587156
Show More Cited By

Index Terms

Flexible and efficient memory object metadata
1. Security and privacy
  1. Software and application security
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging
  2. Software organization and properties
    1. Contextual software domains
      1. Operating systems
        Memory management
        Allocation / deallocation strategies

Recommendations

Flexible and efficient memory object metadata
ISMM '17

Compiler-based tools can protect software from attack and find bugs within programs. To support programs written in type-unsafe languages such as C, such tools need to add code into a program that must, at run-time, take a pointer into a memory object ...
HWASanIO: Detecting C/C++ Intra-object Overflows with Memory Shading
SOAP 2023: Proceedings of the 12th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis

C/C++ are often used in high-performance areas with critical security demands, such as operating systems, browsers, and libraries. One major drawback from a security standpoint is their susceptibility to memory bugs, which are often hard to spot ...
A durable and energy efficient main memory using phase change memory technology
ISCA '09: Proceedings of the 36th annual international symposium on Computer architecture

Using nonvolatile memories in memory hierarchy has been investigated to reduce its energy consumption because nonvolatile memories consume zero leakage power in memory cells. One of the difficulties is, however, that the endurance of most nonvolatile ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ISMM 2017: Proceedings of the 2017 ACM SIGPLAN International Symposium on Memory Management

June 2017

127 pages

ISBN:9781450350440

DOI:10.1145/3092255

General Chair:
Christoph M. Kirsch
University of Salzburg, Austria
,
Program Chair:
Ben L. Titzer
Google, Germany

ACM SIGPLAN Notices Volume 52, Issue 9
ISMM '17
September 2017
127 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/3156685
Editor:
Matthew Fluet
Issue’s Table of Contents

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 June 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ISMM '17

Sponsor:

SIGPLAN

ISMM '17: International Symposium on Memory Management

June 18, 2017

Barcelona, Spain

Acceptance Rates

Overall Acceptance Rate 72 of 156 submissions, 46%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
366
Total Downloads

Downloads (Last 12 months)19
Downloads (Last 6 weeks)2

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Jacobs AVolckaert SDoupé AMilburn A(2024)Not quite writeProceedings of the 18th USENIX Conference on Offensive Technologies10.5555/3696933.3696946(171-187)Online publication date: 12-Aug-2024
https://dl.acm.org/doi/10.5555/3696933.3696946
Herrera APayer MHosking A(2023)DatAFLow: Toward a Data-flow-guided FuzzerACM Transactions on Software Engineering and Methodology10.1145/358715932:5(1-7)Online publication date: 21-Jul-2023
https://dl.acm.org/doi/10.1145/3587159
Herrera APayer MHosking A(2023) DatAFLow: Toward a Data-Flow-Guided FuzzerACM Transactions on Software Engineering and Methodology10.1145/358715632:5(1-31)Online publication date: 21-Jul-2023
https://dl.acm.org/doi/10.1145/3587156
Zhou JDu YShen ZMa LCriswell JWalls RCapkun SRoesner F(2020)SilhouetteProceedings of the 29th USENIX Conference on Security Symposium10.5555/3489212.3489281(1219-1236)Online publication date: 12-Aug-2020
https://dl.acm.org/doi/10.5555/3489212.3489281
DeLozier CLakshminarayanan KPokam GDevietti JLarus JCeze LStrauss K(2020)Hurdle: Securing Jump Instructions Against Code Reuse AttacksProceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3373376.3378506(653-666)Online publication date: 9-Mar-2020
https://dl.acm.org/doi/10.1145/3373376.3378506
Zhang TLee DJung CBahar IHerlihy MWitchel ELebeck A(2019)BOGOProceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3297858.3304017(631-644)Online publication date: 4-Apr-2019
https://dl.acm.org/doi/10.1145/3297858.3304017

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten