Validation of Memory Accesses Through Symbolic Analyses

International audienceThe C programming language does not prevent out-of- bounds memory accesses. There exist several techniques to secure C programs; however, these methods tend to slow down these programs substantially, because they populate the binary code with runtime checks. To deal with this prob- lem, we have designed and tested two static analyses - sym- bolic region and range analysis - which we combine to re- move the majority of these guards. In addition to the analy- ses themselves, we bring two other contributions. First, we describe live range splitting strategies that improve the effi- ciency and the precision of our analyses. Secondly, we show how to deal with integer overflows, a phenomenon that can compromise the correctness of static algorithms that validate memory accesses. We validate our claims by incorporating our findings into AddressSanitizer. We generate SPEC CINT 2006 code that is 17% faster and 9% more energy efficient than the code produced originally by this tool. Furthermore, our approach is 50% more effective than Pentagons, a state- of-the-art analysis to sanitize memory accesses

AN E-BICATEGORY OF E-CATEGORIES EXEMPLIFYING A TYPE-THEORETIC APPROACH TO BICATEGORIES

Abstract. A type-theoretic formalisation of bicategories is introduced, and it is shown that small E-categories, together with their functor categories, form such an E-bicategory. This is carried out using only basic recursive definitions, in the version of predicative type theory with a hierarchy of universes implemented by Agda. This relates to earlier work by Huet and Saïbi, who constructed a large category of small categories in Coq, but with the use of inductive families. The construction presented here may be considered more natural, particularly from the point of view of higher-dimensional category theory. This paper presents a formalisation of some parts of category theory, including a first step towards higher-dimensional category theory. The formalisation is carried out in Agda, a type-theoretic framework with a hierarchy of universes implemented at Chalmers University of Technology, Gothenburg. Agda and Alfa (the version with a graphical interface) are intended to replace the earlier ALF system (see [2, 3, 11]). Further, not all features of the framework were used; restricting mysel