1,056 research outputs found
Establishing local temporal heap safety properties with applications to compile-time memory management
AbstractWe present a framework for statically reasoning about temporal heap safety properties. We focus on local temporal heap safety properties, in which the verification process may be performed for a program object independently of other program objects. We apply our framework to produce new conservative static algorithms for compile-time memory management, which prove for certain program points that a memory object or a heap reference will not be needed further. These algorithms can be used for reducing space consumption of Java programs. We have implemented a prototype of our framework, and used it to verify compile-time memory management properties for several small, but interesting example programs, including JavaCard programs
Heap Abstractions for Static Analysis
Heap data is potentially unbounded and seemingly arbitrary. As a consequence,
unlike stack and static memory, heap memory cannot be abstracted directly in
terms of a fixed set of source variable names appearing in the program being
analysed. This makes it an interesting topic of study and there is an abundance
of literature employing heap abstractions. Although most studies have addressed
similar concerns, their formulations and formalisms often seem dissimilar and
some times even unrelated. Thus, the insights gained in one description of heap
abstraction may not directly carry over to some other description. This survey
is a result of our quest for a unifying theme in the existing descriptions of
heap abstractions. In particular, our interest lies in the abstractions and not
in the algorithms that construct them.
In our search of a unified theme, we view a heap abstraction as consisting of
two features: a heap model to represent the heap memory and a summarization
technique for bounding the heap representation. We classify the models as
storeless, store based, and hybrid. We describe various summarization
techniques based on k-limiting, allocation sites, patterns, variables, other
generic instrumentation predicates, and higher-order logics. This approach
allows us to compare the insights of a large number of seemingly dissimilar
heap abstractions and also paves way for creating new abstractions by
mix-and-match of models and summarization techniques.Comment: 49 pages, 20 figure
Heap Reference Analysis Using Access Graphs
Despite significant progress in the theory and practice of program analysis,
analysing properties of heap data has not reached the same level of maturity as
the analysis of static and stack data. The spatial and temporal structure of
stack and static data is well understood while that of heap data seems
arbitrary and is unbounded. We devise bounded representations which summarize
properties of the heap data. This summarization is based on the structure of
the program which manipulates the heap. The resulting summary representations
are certain kinds of graphs called access graphs. The boundedness of these
representations and the monotonicity of the operations to manipulate them make
it possible to compute them through data flow analysis.
An important application which benefits from heap reference analysis is
garbage collection, where currently liveness is conservatively approximated by
reachability from program variables. As a consequence, current garbage
collectors leave a lot of garbage uncollected, a fact which has been confirmed
by several empirical studies. We propose the first ever end-to-end static
analysis to distinguish live objects from reachable objects. We use this
information to make dead objects unreachable by modifying the program. This
application is interesting because it requires discovering data flow
information representing complex semantics. In particular, we discover four
properties of heap data: liveness, aliasing, availability, and anticipability.
Together, they cover all combinations of directions of analysis (i.e. forward
and backward) and confluence of information (i.e. union and intersection). Our
analysis can also be used for plugging memory leaks in C/C++ languages.Comment: Accepted for printing by ACM TOPLAS. This version incorporates
referees' comment
HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement
Widespread use of memory unsafe programming languages (e.g., C and C++)
leaves many systems vulnerable to memory corruption attacks. A variety of
defenses have been proposed to mitigate attacks that exploit memory errors to
hijack the control flow of the code at run-time, e.g., (fine-grained)
randomization or Control Flow Integrity. However, recent work on data-oriented
programming (DOP) demonstrated highly expressive (Turing-complete) attacks,
even in the presence of these state-of-the-art defenses. Although multiple
real-world DOP attacks have been demonstrated, no efficient defenses are yet
available. We propose run-time scope enforcement (RSE), a novel approach
designed to efficiently mitigate all currently known DOP attacks by enforcing
compile-time memory safety constraints (e.g., variable visibility rules) at
run-time. We present HardScope, a proof-of-concept implementation of
hardware-assisted RSE for the new RISC-V open instruction set architecture. We
discuss our systematic empirical evaluation of HardScope which demonstrates
that it can mitigate all currently known DOP attacks, and has a real-world
performance overhead of 3.2% in embedded benchmarks
Porting to Morello:An In-depth Study on Compiler Behaviors, CERT Guideline Violations, and Security Implications
As the need for secure systems grows, the exploration of secure hardware like Morello, based on the Capability Hardware Enhanced RISC Instructions (CHERI) architecture, becomes crucial. As Morello navigates towards market induction, establishing systematic approaches for transitioning software to its pure capability mode emerges as a crucial research endeavor. This paper investigates two main areas: a comparison with CERT guidelines and an exploitation analysis on the Morello platform. The comparison aims to identify potential developer-induced vulnerabilities and compiler limitations, elucidating how the Morello-llvm compiler behaves when there are CERT rule violations. Our exploitation analysis explores the limitations of the Morello-llvm compiler toolchain and the developer errors that could bypass Morelloās advanced security features. The findings highlight that despite advancements in toolchains, developer-induced vulnerabilities remain a significant issue, emphasizing the importance of adhering to established programming standards like CERT guidelines
Porting to Morello:An In-depth Study on Compiler Behaviors, CERT Guideline Violations, and Security Implications
As the need for secure systems grows, the exploration of secure hardware like Morello, based on the Capability Hardware Enhanced RISC Instructions (CHERI) architecture, becomes crucial. As Morello navigates towards market induction, establishing systematic approaches for transitioning software to its pure capability mode emerges as a crucial research endeavor. This paper investigates two main areas: a comparison with CERT guidelines and an exploitation analysis on the Morello platform. The comparison aims to identify potential developer-induced vulnerabilities and compiler limitations, elucidating how the Morello-llvm compiler behaves when there are CERT rule violations. Our exploitation analysis explores the limitations of the Morello-llvm compiler toolchain and the developer errors that could bypass Morelloās advanced security features. The findings highlight that despite advancements in toolchains, developer-induced vulnerabilities remain a significant issue, emphasizing the importance of adhering to established programming standards like CERT guidelines
The Need for Autonomy and Real-Time in Mobile Robotics: A Case Study of XO/2 and Pygmalion
Starting from a user point of view the paper discusses the requirements of a development environment (operating system and programming language) for mechatronic systems, especially mobile robots. We argue that user requirements from research, education, ergonomics and applications impose a certain functionality on the embedded operating system and programming language, and that a deadline-driven real-time operating system helps to fulfil these requirements. A case study of the operating system XO/2, its programming language Oberon-2 and the mobile robot Pygmalion is presented. XO/2 explicitly addresses issues like scalabilty, safety and abstraction, previously found to be relevant for many user scenarios
PLACES'10: The 3rd Workshop on Programmng Language Approaches to concurrency and Communication-Centric Software
Paphos, Cyprus. March 201
- ā¦