Static detection of dynamic memory errors

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Static detection of dynamic memory errors

Full text

Pdf (1.17 MB)

Source

Conference on Programming Language Design and Implementation archive
Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation table of contents

Philadelphia, Pennsylvania, United States

Pages: 44 - 53

Year of Publication: 1996

ISBN:0-89791-795-2

Also published in ...

Author

David Evans

MIT Laboratory for Computer Science

Sponsor

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 7, Downloads (12 Months): 57, Citation Count: 69

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/231379.231389 What is a DOI?

ABSTRACT

Many important classes of bugs result from invalid assumptions about the results of functions and the values of parameters and global variables. Using traditional methods, these bugs cannot be detected efficiently at compile-time, since detailed cross-procedural analyses would be required to determine the relevant assumptions. In this work, we introduce annotations to make certain assumptions explicit at interface points. An efficient static checking tool that exploits these annotations can detect a broad class of errors including misuses of null pointers, uses of dead storage, memory leaks, and dangerous aliasing. This technique has been used successfully to fix memory management problems in a large program.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Hans-Juergen Boehm , Mark Weiser, Garbage collection in an uncooperative environment, Software—Practice & Experience, v.18 n.9, p.807-820, September 1988 [doi>10.1002/spe.4380180902]
	2	D. Evans, Using Specifications to Check Source Code, Massachusetts Institute of Technology, Cambridge, MA, 1994
	3	David Evans. LCLint User's Guide, Version 2.0. February 1996. (http ://larch-www. lcs.mit.edu:8001/!arch/!clint/guideO
	4	David Evans , John Guttag , James Horning , Yang Meng Tan, LCLint: a tool for using specifications to check code, Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software engineering, p.87-96, December 06-09, 1994, New Orleans, Louisiana, United States
	5	John V. Guttag , James J. Horning, Larch: languages and tools for formal specification, Springer-Verlag New York, Inc., New York, NY, 1993
	6	Laurie J. Hendren , Joseph Hummell , Alexandru Nicolau, Abstractions for recursive pointer data structures: improving the analysis and transformation of imperative programs, Proceedings of the ACM SIGPLAN 1992 conference on Programming language design and implementation, p.249-260, June 15-19, 1992, San Francisco, California, United States
	7	Posting in comp. os. linux, August 1994.
	8	Robert Strom and Nagui Halim. A new programming methodology for long-lived software systems. IBM-RC 9979, IBM T J. Watson Research Center, March 1983.
	9	Yang Meng Tan. Formal Specification Techniques for Promoting Software Modularity, Enhancing Software Documentation, and Testing Specifications, MIT/LCS/TR-619, MIT Laboratory for Computer Science, June 1994.
	10	Gray Watson. Debug Malloc Library, November 1994. (ftp ://ftp.letters.com/src/dmalloc/docs/dma!loc. ps)
	11	Benjamin Zorn and Paul Hilfinger. A memory allocation profiler for C and Lisp programs. (ffp'J/gatokoopor. dec.com:/pbu/mise/mprof-3.0.tar. Z)

CITED BY 69

	Jeffrey S. Foster , Tachio Terauchi , Alex Aiken, Flow-sensitive type qualifiers, ACM SIGPLAN Notices, v.37 n.5, May 2002
	Sanjeev Kumar , Kai Li, Dynamic memory management for programmable devices, ACM SIGPLAN Notices, v.38 n.2 supplement, February 2003
	Scott M. Pike , Bruce W. Weide , Joseph E. Hollingsworth, Checkmate: cornering C++ dynamic memory errors with checked pointers, ACM SIGCSE Bulletin, v.32 n.1, p.352-356, Mar. 2000
	Nurit Dor , Michael Rodeh , Mooly Sagiv, Detecting memory errors via static pointer analysis (preliminary experience), ACM SIGPLAN Notices, v.33 n.7, p.27-34, July 1998
	Thomas Ball , Sriram K. Rajamani, The SLAM project: debugging system software via static analysis, ACM SIGPLAN Notices, v.37 n.1, p.1-3, Jan. 2002
	Jeffrey S. Foster , Manuel Fähndrich , Alexander Aiken, A theory of type qualifiers, ACM SIGPLAN Notices, v.34 n.5, p.192-203, May 1999
	Satish Chandra , Thomas Reps, Physical type checking for C, ACM SIGSOFT Software Engineering Notes, v.24 n.5, p.66-75, Sept. 1999
	Daniel Jackson , Mandana Vaziri, Finding bugs with a constraint solver, ACM SIGSOFT Software Engineering Notes, v.25 n.5, p.14-25, Sept. 2000
	David L. Heine , Monica S. Lam, A practical flow-sensitive and context-sensitive C and C++ memory leak detector, ACM SIGPLAN Notices, v.38 n.5, May 2003
	Divya Arora , Anand Raghunathan , Srivaths Ravi , Niraj K. Jha, Architectural support for safe software execution on embedded processors, Proceedings of the 4th international conference on Hardware/software codesign and system synthesis, October 22-25, 2006, Seoul, Korea
	Edwin C. Chan , John T. Boyland , William L. Scherlis, Promises: limited specifications for analysis and manipulation, Proceedings of the 20th international conference on Software engineering, p.167-176, April 19-25, 1998, Kyoto, Japan
	Berhard Scholz , Johann Blieberger , Thomas Fahringer, Symbolic pointer analysis for detecting memory leaks, ACM SIGPLAN Notices, v.34 n.11, p.104-113, Nov. 1999
	David Evans , David Larochelle, Improving Security Using Extensible Lightweight Static Analysis, IEEE Software, v.19 n.1, p.42-51, January 2002
	Suan Hsi Yong , Susan Horwitz, Protecting C programs from attacks via invalid pointer dereferences, ACM SIGSOFT Software Engineering Notes, v.28 n.5, September 2003
	Michael D. Ernst , Jake Cockrell , William G. Griswold , David Notkin, Dynamically Discovering Likely Program Invariants to Support Program Evolution, IEEE Transactions on Software Engineering, v.27 n.2, p.99-123, February 2001
	Daniel C. DuVarney , V. N. Venkatakrishnan , Sandeep Bhatkar, SELF: a transparent security extension for ELF binaries, Proceedings of the 2003 workshop on New security paradigms, August 18-21, 2003, Ascona, Switzerland
	Dan Grossman , Greg Morrisett , Trevor Jim , Michael Hicks , Yanling Wang , James Cheney, Region-based memory management in cyclone, ACM SIGPLAN Notices, v.37 n.5, May 2002
	George C. Necula , Scott McPeak , Westley Weimer, CCured: type-safe retrofitting of legacy code, ACM SIGPLAN Notices, v.37 n.1, p.128-139, Jan. 2002
	Anders Møller , Michael I. Schwartzbach, The pointer assertion logic engine, ACM SIGPLAN Notices, v.36 n.5, p.221-231, May 2001
	Michael Siff , Satish Chandra , Thomas Ball , Krishna Kunchithapadam , Thomas Reps, Coping with type casts in C, ACM SIGSOFT Software Engineering Notes, v.24 n.6, p.180-198, Nov. 1999
	Michael D. Ernst , Jake Cockrell , William G. Griswold , David Notkin, Dynamically discovering likely program invariants to support program evolution, Proceedings of the 21st international conference on Software engineering, p.213-224, May 16-22, 1999, Los Angeles, California, United States
	Adrian Birka , Michael D. Ernst, A practical type system and language for reference immutability, ACM SIGPLAN Notices, v.39 n.10, October 2004
	Marsha Chechik , John Gannon, Automatic Analysis of Consistency between Requirements and Designs, IEEE Transactions on Software Engineering, v.27 n.7, p.651-672, July 2001
	Manuvir Das , Sorin Lerner , Mark Seigle, ESP: path-sensitive program verification in polynomial time, ACM SIGPLAN Notices, v.37 n.5, May 2002
	Luc Séméria , Koichi Sato , Giovanni De Micheli, Synthesis of hardware models in C with pointers and complex data structures, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.9 n.6, p.743-756, 12/1/2001
	Darrell Reimer , Edith Schonberg , Kavitha Srinivas , Harini Srinivasan , Julian Dolby , Aaron Kershenbaum , Larry Koved, Validating structural properties of nested objects, Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications, October 24-28, 2004, Vancouver, BC, CANADA
	Darko Kirovski , Milenko Drinić , Miodrag Potkonjak, Enabling trusted software integrity, ACM SIGPLAN Notices, v.37 n.10, October 2002
	Darrell Reimer , Edith Schonberg , Kavitha Srinivas , Harini Srinivasan , Bowen Alpern , Robert D. Johnson , Aaron Kershenbaum , Larry Koved, SABER: smart analysis based error reduction, ACM SIGSOFT Software Engineering Notes, v.29 n.4, July 2004
	David Koes , Mihai Budiu , Girish Venkataramani, Programmer specified pointer independence, Proceedings of the 2004 workshop on Memory system performance, June 08-08, 2004, Washington, D.C.
	David Hovemeyer , William Pugh, Finding bugs is easy, ACM SIGPLAN Notices, v.39 n.12, December 2004
	George C. Necula , Jeremy Condit , Matthew Harren , Scott McPeak , Westley Weimer, CCured: type-safe retrofitting of legacy software, ACM Transactions on Programming Languages and Systems (TOPLAS), v.27 n.3, p.477-526, May 2005
	Yichen Xie , Alex Aiken, Context- and path-sensitive memory leak detection, ACM SIGSOFT Software Engineering Notes, v.30 n.5, September 2005
	Pankaj Jalote, Efficient static analysis with path pruning using coverage data, ACM SIGSOFT Software Engineering Notes, v.30 n.4, July 2005
	Matthew S. Tschantz , Michael D. Ernst, Javari: adding reference immutability to Java, ACM SIGPLAN Notices, v.40 n.10, October 2005
	Trevor Parsons, A framework for detecting performance design and deployment antipatterns in component based enterprise systems, Proceedings of the 2nd international doctoral symposium on Middleware, p.1-5, November 28-December 02, 2005, Grenoble, France
	David Hovemeyer , Jaime Spacco , William Pugh, Evaluating and tuning a static analysis to find null pointer bugs, ACM SIGSOFT Software Engineering Notes, v.31 n.1, January 2006
	John Penix , Willem Visser , Seungjoon Park , Corina Pasareanu , Eric Engstrom , Aaron Larson , Nicholas Weininger, Verifying Time Partitioning in the DEOS Scheduling Kernel, Formal Methods in System Design, v.26 n.2, p.103-135, March 2005
	Jinlin Yang , David Evans , Deepali Bhardwaj , Thirumalesh Bhat , Manuvir Das, Perracotta: mining temporal API rules from imperfect traces, Proceeding of the 28th international conference on Software engineering, May 20-28, 2006, Shanghai, China
	Pankaj Jalote , Vipindeep Vangala , Taranbir Singh , Prateek Jain, Program partitioning: a framework for combining static and dynamic analysis, Proceedings of the 2006 international workshop on Dynamic systems analysis, May 23-23, 2006, Shanghai, China
	Milenko Drinic , Darko Kirovski, A Hardware-Software Platform for Intrusion Prevention, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.233-242, December 04-08, 2004, Portland, Oregon
	Trent Jaeger , Antony Edwards , Xiaolan Zhang, Gaining and maintaining confidence in operating systems security, Proceedings of the 10th workshop on ACM SIGOPS European workshop: beyond the PC, July 01-01, 2002, Saint-Emilion, France
	Gary T. Leavens , Jean-Raymond Abrial , Don Batory , Michael Butler , Alessandro Coglio , Kathi Fisler , Eric Hehner , Cliff Jones , Dale Miller , Simon Peyton-Jones , Murali Sitaraman , Douglas R. Smith , Aaron Stump, Roadmap for enhanced languages and methods to aid verification, Proceedings of the 5th international conference on Generative programming and component engineering, October 22-26, 2006, Portland, Oregon, USA
	Arash Baratloo , Navjot Singh , Timothy Tsai, Transparent run-time defense against stack smashing attacks, Proceedings of the Annual Technical Conference on 2000 USENIX Annual Technical Conference, p.21-21, June 18-23, 2000, San Diego, California
	Jongmoo Choi , Seungjae Baek , Sung Y. Shin, Design and implementation of a kernel resource protector for robustness of Linux module programming, Proceedings of the 2006 ACM symposium on Applied computing, April 23-27, 2006, Dijon, France
	David Evans , Michael Peck, Inculcating invariants in introductory courses, Proceeding of the 28th international conference on Software engineering, May 20-28, 2006, Shanghai, China
	Jeffrey S. Foster , Robert Johnson , John Kodumal , Alex Aiken, Flow-insensitive type qualifiers, ACM Transactions on Programming Languages and Systems (TOPLAS), v.28 n.6, p.1035-1087, November 2006
	David Hovemeyer , William Pugh, Finding more null pointer bugs, but not too many, Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, p.9-14, June 13-14, 2007, San Diego, California, USA
	Wei Le , Mary Lou Soffa, Refining buffer overflow detection via demand-driven path-sensitive analysis, Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, p.63-68, June 13-14, 2007, San Diego, California, USA
	Marina Polishchuk , Ben Liblit , Chloë W. Schulze, Dynamic heap type inference for program understanding and debugging, ACM SIGPLAN Notices, v.42 n.1, January 2007
	David Larochelle , David Evans, Statically detecting likely buffer overflow vulnerabilities, Proceedings of the 10th conference on USENIX Security Symposium, p.14-14, August 13-17, 2001, Washington, D.C.
	Umesh Shankar , Kunal Talwar , Jeffrey S. Foster , David Wagner, Detecting format string vulnerabilities with type qaualifiers, Proceedings of the 10th conference on USENIX Security Symposium, p.16-16, August 13-17, 2001, Washington, D.C.
	Trevor Jim , J. Greg Morrisett , Dan Grossman , Michael W. Hicks , James Cheney , Yanling Wang, Cyclone: A Safe Dialect of C, Proceedings of the General Track: 2002 USENIX Annual Technical Conference, p.275-288, June 10-15, 2002
	Huu Hai Nguyen , Martin Rinard, Detecting and eliminating memory leaks using cyclic memory allocation, Proceedings of the 6th international symposium on Memory management, October 21-22, 2007, Montreal, Quebec, Canada
	David Larochelle , David Evans, Statically detecting likely buffer overflow vulnerabilities, Proceedings of the 10th conference on USENIX Security Symposium, p.14-14, August 13-17, 2001, Washington, D.C.
	Umesh Shankar , Kunal Talwar , Jeffrey S. Foster , David Wagner, Detecting format string vulnerabilities with type qualifiers, Proceedings of the 10th conference on USENIX Security Symposium, p.16-16, August 13-17, 2001, Washington, D.C.
	Yichen Xie , Alex Aiken, Saturn: A scalable framework for error detection using Boolean satisfiability, ACM Transactions on Programming Languages and Systems (TOPLAS), v.29 n.3, p.16-es, May 2007
	Isil Dillig , Thomas Dillig , Alex Aiken, Static error detection using semantic inconsistency inference, ACM SIGPLAN Notices, v.42 n.6, June 2007
	Wei Le , Mary Lou Soffa, Marple: a demand-driven path-sensitive buffer overflow detector, Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering, November 09-14, 2008, Atlanta, Georgia
	Derek Rayside , Lucy Mendel, Object ownership profiling: a technique for finding and fixing memory leaks, Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering, November 05-09, 2007, Atlanta, Georgia, USA
	David Gay , Rob Ennals , Eric Brewer, Safe manual memory management, Proceedings of the 6th international symposium on Memory management, October 21-22, 2007, Montreal, Quebec, Canada
	David Aspinall , Martin Hofmann , Michal KoneČnÝ, A type system with usage aspects, Journal of Functional Programming, v.18 n.2, p.141-178, March 2008
	Yungbum Jung , Kwangkeun Yi, Practical memory leak detector based on parameterized procedural summaries, Proceedings of the 7th international symposium on Memory management, June 07-08, 2008, Tucson, AZ, USA
	Zakarya A. Alzamil, Application of redundant computation in program debugging, Journal of Systems and Software, v.81 n.11, p.2024-2033, November, 2008
	Syrine Tlili , Mourad Debbabi, Interprocedural and Flow-Sensitive Type Analysis for Memory and Type Safety of C Code, Journal of Automated Reasoning, v.42 n.2-4, p.265-300, April 2009
	Jon Rafkind , Adam Wick , John Regehr , Matthew Flatt, Precise garbage collection for C, Proceedings of the 2009 international symposium on Memory management, June 19-20, 2009, Dublin, Ireland
	Yoann Padioleau , Lin Tan , Yuanyuan Zhou, Listening to programmers Taxonomies and characteristics of comments in operating system code, Proceedings of the 2009 IEEE 31st International Conference on Software Engineering, p.331-341, May 16-24, 2009
	Mangala Gowri Nanda , Saurabh Sinha, Accurate Interprocedural Null-Dereference Analysis for Java, Proceedings of the 2009 IEEE 31st International Conference on Software Engineering, p.133-143, May 16-24, 2009
	Saurabh Sinha , Hina Shah , Carsten Görg , Shujuan Jiang , Mijung Kim , Mary Jean Harrold, Fault localization and repair for Java runtime exceptions, Proceedings of the eighteenth international symposium on Software testing and analysis, July 19-23, 2009, Chicago, IL, USA
	Ji Wang , Xiao-Dong Ma , Wei Dong , Hou-Feng Xu , Wan-Wei Liu, Demand-driven memory leak detection based on flow- and context-sensitive pointer analysis, Journal of Computer Science and Technology, v.24 n.2, p.347-356, March 2009