Memory Overflow Protection for Embedded Systems using Run-time Checks, Reuse and Compression

Out-of-memory errors are a serious source of unreliability in embedded systems. This is because embedded systems typically do not have hard disks and hence, no swap-space and in case of an out-of-memory error the application simply crashes. Further, in most cases protection from virtual memory is absent. Thus, the fact that a segment has exceeded its bound is not even detected and no pre-crash remedial action is possible. This work improves reliability in two ways. First, it proposes a low-overhead scheme of run-time checks which enables detection of out-of-memory errors and hence, allows the designer to incorporate system-specific remedial action. Second, it proposes five techniques to grow the stack or heap, after it is out of memory, into previously un-utilized space such as dead variables and space freed by compressing live variables. These techniques can avoid the out-of-memory error if the space recovered is enough to complete execution

Memory overflow protection for embedded systems using run-time checks, reuse and compression

Embedded systems usually lack virtual memory and are vulnerable to memory overflow since they lack a mechanism to detect overflow or use swap space thereafter. We present a method to detect memory overflows using compiler-inserted software run-time checks. Its overheads in runtime and energy are 1.35 % and 1.12 % respectively. Detection of overflow allows system-specific remedial action. We also present techniques to grow the stack or heap segment after they overflow, into previously un-utilized space such as dead variables, free holes in the heap and space freed by compressing live variables. These may avoid the out-of-memory error if the space recovered is enough to complete execution. The reuse methods are able to grow the stack or heap beyond its overflow by an amount that varies widely by application – the amount of recovered space ranges from 0.7 % to 93.5 % of the combined stack and heap size

Runtime Enforcement of Memory Safety for the C Programming Language

Memory access violations are a leading source of unreliability in C programs. Although the low-level features of the C programming language, like unchecked pointer arithmetic and explicit memory management, make it a desirable language for many programming tasks, their use often results in hard-to-detect memory errors. As evidence of this problem, a variety of methods exist for retrofitting C with software checks to detect memory errors at runtime. However, these techniques generally suffer from one or more practical drawbacks that have thus far limited their adoption. These weaknesses include the inability to detect all spatial and temporal violations, the use of incompatible metadata, the need for manual code modifications, and the tremendous runtime cost of providing complete safety. This dissertation introduces MemSafe, a compiler analysis and transformation for ensuring the memory safety of C programs at runtime while avoiding the above drawbacks. MemSafe makes several novel contributions that improve upon previous work and lower the runtime cost of achieving memory safety. These include (1) a method for modeling temporal errors as spatial errors, (2) a hybrid metadata representation that combines the most salient features of both object- and pointer-based approaches, and (3) a data-flow representation that simplifies optimizations for removing unneeded checks and unused metadata. Experimental results indicate that MemSafe is capable of detecting memory safety violations in real-world programs with lower runtime overhead than previous methods. Results show that MemSafe detects all known memory errors in multiple versions of two large and widely-used open source applications as well as six programs from a benchmark suite specifically designed for the evaluation of error detection tools. MemSafe enforces complete safety with an average overhead of 88% on 30 widely-used performance evaluation benchmarks. In comparison with previous work, MemSafe's average runtime overhead for one common benchmark suite (29%) is a fraction of that associated with the previous technique (133%) that, until now, had the lowest overhead among all existing complete and automatic methods that are capable of detecting both spatial and temporal violations