skip to main content
10.1145/780732.780743acmconferencesArticle/Chapter ViewAbstractPublication PagescpsweekConference Proceedingsconference-collections
Article

Memory safety without runtime checks or garbage collection

Published: 11 June 2003 Publication History

Abstract

Traditional approaches to enforcing memory safety of programs rely heavily on runtime checks of memory accesses and on garbage collection, both of which are unattractive for embedded applications. The long-term goal of our work is to enable 100% static enforcement of memory safety for embedded programs through advanced compiler techniques and minimal semantic restrictions on programs. The key result of this paper is a compiler technique that ensures memory safety of dynamically allocated memory without programmer annotations, runtime checks, or garbage collection, and works for a large subclass of type-safe C programs. The technique is based on a fully automatic pool allocation (i.e., region-inference) algorithm for C programs we developed previously, and it ensures safety of dynamically allocated memory while retaining explicit deallocation of individual objects within regions (to avoid garbage collection). For a diverse set of embedded C programs (and using a previous technique to avoid null pointer checks), we show that we are able to statically ensure the safety of pointer and dynamic memory usage in all these programs. We also describe some improvements over our previous work in static checking of array accesses. Overall, we achieve 100% static enforcement of memory safety without new language syntax for a significant subclass of embedded C programs, and the subclass is much broader if array bounds checks are ignored. Overall, these techniques greatly expand the class of embedded programs for which 100% static enforcement of memory safety is possible, and furthermore can be achieved without new language support.

References

[1]
T. M. Austin, S. E. Breach, and G. S. Sohi. Efficient detection of all pointer and array access errors. In Proc. SIGPLAN '94 Conf. on Programming Language Design and Implementation, Orlando, FL, June 1994.
[2]
D. Bacon, P. Cheng, and V. Rajan. A real-time garbage collector with low overhead and consisitent utilization. In Proc. 30th ACM Symp. Principles of Programming Languages (POPL03), Jan. 2003.
[3]
R. Bodik, R. Gupta, and V. Sarkar. ABCD: eliminating array bounds checks on demand. In SIGPLAN Conf. on Prog. Lang. Design and Implementation, June 2000.
[4]
G. Bollella and J. Gosling. The real-time specification for Java. Computer, 33(6):47--54, 2000.
[5]
C. Boyapati, A. Salcianu, W. Beebee, and M. Rinard. Ownership types for safe region-based memory management in real-time java. In SIGPLAN Conference on Programming Language Design and Implementation, 2003.
[6]
K. Crary, D. Walker, and G. Morrisett. Typed memory management in a calculus of capabilities. In Conference Record of POPL 99: The 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, San Antonio, Texas, pages 262--275, New York, NY, 1999.
[7]
R. DeLine and M. Fahndrich. Enforcing high-level protocols in low-level software. In Proc. SIGPLAN Conf. on Programming Language Design and Implementation, Snowbird, UT, June 2001.
[8]
M. Fahndrich and R. DeLine. Adoption and focus: Practical linear types for imperative programming. In Proc. SIGPLAN Conference on Programming Language Design and Implementation, June 2002.
[9]
D. Gay and A. Aiken. Memory management with explicit regions. In SIGPLAN Conference on Programming Language Design and Implementation, pages 313--323, Montreal, Canada, June 1998.
[10]
J. Gosling, B. Joy, G. Steele, and G. Bracha. The Java Language Specification. Sun Microsystems, 2000.
[11]
D. Grossman, G. Morrisett, T. Jim, M. Hicks, Y. Wang, and J. Cheney. Region-based memory management in cyclone. In Proc. SIGPLAN Conf. on Programming Language Design and Implementation, June 2002.
[12]
M. R. Guthaus, J. S. Ringenberg, D. Ernst, T. M. Austin, T. Mudge, and R. B. Brown. Mibench: A free, commercially representative embedded benchmark suite. In IEEE 4th Annual Workshop on Workload Characterization, Austin, TX, Dec. 2001.
[13]
T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of c. In Proc. USENIX Annual Technical Conference, June 2002.
[14]
W. Kelly, V. Maslov, W. Pugh, E. Rosser, T. Shpeisman, and D. Wonnacott. The Omega Library Interface Guide. Technical report, Computer Science Dept., U. Maryland, College Park, Apr. 1996.
[15]
S. Kowshik, D. Dhurjati, and V. Adve. Ensuring code safety without runtime checks for real-time control systems. In Proc. 2002 Conference on Compilers, Architecture and Synthesis for Embedded Systems, Grenoble, Oct 2002.
[16]
C. Lattner. LLVM: An infrastructure for multi-stage optimization. Master's thesis, Computer Science Dept., University of Illinois at Urbana-Champaign, Urbana, IL, Dec 2002. See http://llvm.cs.uiuc.edu.
[17]
C. Lattner and V. Adve. Automatic Pool Allocation for Disjoint Data Structures. In Proc. ACM SIGPLAN Workshop on Memory System Performance, Berlin, Germany, Jun 2002.
[18]
C. Lattner and V. Adve. Data structure analysis: An efficient context-sensitive heap analysis. Tech. Report UIUCDCS-R-2003-2340, Computer Science Dept., Univ. of Illinois at Urbana-Champaign, Apr 2003.
[19]
C. Lee, M. Potkonjak, and W. H. Mangione-Smith. Mediabench: A tool for evaluating and synthesizing multimedia and communicatons systems. In International Symposium on Microarchitecture, pages 330--335, 1997.
[20]
P. Levis and D. Culler. Mate: A tiny virtual machine for sensor networks. In International Conference on Architectural Support for Programming Languages and Operating Systems, San Jose, CA, USA, Oct. 2002.
[21]
G. C. Necula. Proof-carrying code. In Proc. of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Langauges (POPL '97), Paris, Jan. 1997.
[22]
G. C. Necula, S. McPeak, and W. Weimer. Ccured: Type-safe retrofitting of legacy code. In Proc. 29th ACM Symp. Principles of Programming Languages (POPL02), London, Jan. 2002.
[23]
L. Sha. Dependable system upgrades. In Proceedings of IEEE Real Time System Symposium, 1998.
[24]
L. Sha. Using simplicity to control complexity. IEEE Software, July/August 2001.
[25]
M. Tofte and L. Birkedal. A region inference algorithm. ACM Trans. Prog. Lang. Sys., 20(1), 1998.
[26]
M. Tofte and J.-P. Talpin. Region-based memory management. Information and Computation, pages 132(2):109--176, Feb. 1997.
[27]
D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed System Security Symposium, pages 3--17, San Diego, CA, February 2000.
[28]
D. Walker and G. Morrisett. Alias types for recursive data structures. Lecture Notes in Comp. Sci., vol. 2071, 2001.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
LCTES '03: Proceedings of the 2003 ACM SIGPLAN conference on Language, compiler, and tool for embedded systems
June 2003
304 pages
ISBN:1581136471
DOI:10.1145/780732
  • cover image ACM SIGPLAN Notices
    ACM SIGPLAN Notices  Volume 38, Issue 7
    Special Issue: Proceedings of the 2003 ACM SIGPLAN conference on Language, compiler, and tool support for embedded systems (San Diego, CA).
    July 2003
    293 pages
    ISSN:0362-1340
    EISSN:1558-1160
    DOI:10.1145/780731
    Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2003

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. automatic pool allocation
  2. compilers
  3. embedded systems
  4. programming languages
  5. region management
  6. security
  7. static analysis

Qualifiers

  • Article

Conference

LCTES03
Sponsor:

Acceptance Rates

LCTES '03 Paper Acceptance Rate 29 of 128 submissions, 23%;
Overall Acceptance Rate 116 of 438 submissions, 26%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)56
  • Downloads (Last 6 weeks)7
Reflects downloads up to 13 Jan 2025

Other Metrics

Citations

Cited By

View all

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media