research-article

Runtime checking C programs

Authors:

Daniel Quinlan,

Peter PirkelbauerAuthors Info & Claims

SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied Computing

Pages 2107 - 2114

https://doi.org/10.1145/2695664.2695906

Published: 13 April 2015 Publication History

Abstract

The C Programming Language is known for being an efficient language that can be compiled on almost any architecture and operating system. However the absence of dynamic safety checks and a relatively weak type system allows programmer oversights that are hard to spot. In this paper, we present RTC, a runtime monitoring tool that instruments unsafe code and monitors the program execution. RTC is built on top of the ROSE compiler infrastructure. RTC finds memory bugs and arithmetic overflows and underflows, and run-time type violations. Most of the instrumentations are directly added to the source file and only require a minimal runtime system. As a result, the instrumented code remains portable. In tests against known error detection benchmarks, RTC found 98% of all memory related bugs and had zero false positives. In performance tests conducted with well known algorithms, such as binary search and MD5, we determined that the unoptimized overhead rate is between a factor of 1.8 and a factor of 77 respectively.

References

[1]

Austin, T. M., Breach, S. E., Sohi, G. S.: Efficient detection of all pointer and array access errors. SIGPLAN Not. 29(6), 290--301 (jun 1994)

Digital Library

[2]

Burnim, J., Elmas, T., Necula, G., Sen, K.: NDSeq: runtime checking for nondeterministic sequential specifications of parallel correctness. In: PLDI '11: Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation. ACM (Jun 2011)

Digital Library

[3]

Burrows, M., Freund, S. N., Wiener, J. L.: Run-time type checking for binary programs. In: Proceedings of the 12th International Conference on Compiler Construction. pp. 90--105. CC'03, Springer-Verlag, Berlin, Heidelberg (2003)

Digital Library

[4]

Chen, S., Kozuch, M., Strigkos, T., Falsafi, B., Gibbons, P. B., Mowry, T. C., Ramachandran, V., Ruwase, O., Ryan, M., Vlachos, E.: Flexible Hardware Acceleration for Instruction-Grain Program Monitoring. Computer Architecture, 2008. ISCA '08. 35th International Symposium on pp. 377--388 (2008)

Digital Library

[5]

Devietti, J., Blundell, C., Martin, M. M. K., Zdancewic, S.: Hardbound: Architectural support for spatial safety of the c programming language. In: Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems. pp. 103--114. ASPLOS XIII, ACM, New York, NY, USA (2008)

Digital Library

[6]

El-Ghazawi, T., Carlson, W., Sterling, T., Yelick, K.: UPC Distributed Shared Memory Programming. Wiley Series on Parallel and Distributed Computing, Wiley, 1st edn. (2003)

Digital Library

[7]

Falsafi, B., Gibbons, P. B., Kozuch, M., Mowry, T. C.: Log-based architectures for general-purpose monitoring of deployed code. In: Proceedings of the 1st Workshop on Architectural and System Support for Improving Software Dependability (2006)

Digital Library

[8]

Goodstein, M. L., Vlachos, E., Chen, S., Gibbons, P. B., Kozuch, M. A., Mowry, T. C.: Buttery analysis: adapting dataflow analysis to dynamic parallel monitoring. In: ASPLOS XV: Proceedings of the fifteenth edition of ASPLOS on Architectural support for programming languages and operating systems. ACM (Mar 2010)

Digital Library

[9]

IBM: Rational PurifyPlus family. http://ibm.com/software/products/en/purifyplus/ (2014), accessed on March 12, 2014

[10]

Jim, T., Morrisett, J. G., Grossman, D., Hicks, M. W., Cheney, J., Wang, Y.: Cyclone: A safe dialect of c. In: Proceedings of the General Track of the Annual Conference on USENIX Annual Technical Conference. pp. 275--288. ATEC '02, USENIX Association, Berkeley, CA, USA (2002)

Digital Library

[11]

Kalajdzic, K., Bartocci, E., Smolka, S. A., Stoller, S. D., Grosu, R.: Runtime verification with particle filtering. In: Legay, A., Bensalem, S. (eds.) 4th International Conference on Runtime Verification (RV'13). Lecture Notes in Computer Science, vol. 8174, pp. 149--166. Springer Berlin Heidelberg (2013)

[12]

Kosmatov, N., Petiot, G., Signoles, J.: An optimized memory monitoring for runtime assertion checking of c programs. In: Legay, A., Bensalem, S. (eds.) 4th International Conference on Runtime Verification (RV'13), Lecture Notes in Computer Science, vol. 8174, pp. 167--182. Springer Berlin Heidelberg (2013)

[13]

Luecke, G. R., Coyle, J., Hoekstra, J., Kraeva, M., Xu, Y., Park, M. Y., Kleiman, E., Weiss, O., Wehe, A., Yahya, M.: The importance of run-time error detection. In: Parallel Tools Workshop. pp. 145--155 (2009)

[14]

Mekkat, V., Holey, A., Zhai, A.: Accelerating data race detection utilizing on-chip data-parallel cores. In: Legay, A., Bensalem, S. (eds.) 4th International Conference on Runtime Verification (RV'13). Lecture Notes in Computer Science, vol. 8174, pp. 201--218. Springer Berlin Heidelberg (2013)

[15]

Muzahid, A., Gracia, D. S., Qi, S., Torrellas, J.: SigRace: signature-based data race detection. ISCA pp. 337--348 (2009)

Digital Library

[16]

Nagarakatte, S., Martin, M. M. K., Zdancewic, S.: WatchdogLite: Hardware-Accelerated Compiler-Based Pointer Checking. In: CGO '14: Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization. ACM (Feb 2014)

Digital Library

[17]

Nagarakatte, S., Zhao, J., Martin, M. M. K., Zdancewic, S.: Softbound: Highly compatible and complete spatial memory safety for c. In: Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation. pp. 245--258. PLDI '09, ACM, New York, NY, USA (2009)

Digital Library

[18]

Necula, G. C., Condit, J., Harren, M., McPeak, S., Weimer, W.: Ccured: Type-safe retrofitting of legacy software. ACM Trans. Program. Lang. Syst. 27(3), 477--526 (may 2005)

Digital Library

[19]

Nethercote, N., Seward, J.: How to shadow every byte of memory used by a program. In: Proceedings of the 3rd International Conference on Virtual Execution Environments. pp. 65--74. VEE '07, ACM, New York, NY, USA (2007)

Digital Library

[20]

Nethercote, N., Seward, J.: Valgrind: A framework for heavyweight dynamic binary instrumentation. SIGPLAN Not. 42(6), 89--100 (jun 2007)

Digital Library

[21]

Norris, B., Demsky, B.: CDSchecker: Checking concurrent data structures written with C/C++ atomics. SIGPLAN Not. 48(10), 131--150 (oct 2013)

Digital Library

[22]

Parasoft Inc.: Insure++. http://www.parasoft.com/insure (2014), accessed on March 12, 2014

[23]

Pirkelbauer, P., Liao, C., Panas, T., Quinlan, D.: Runtime detection of C-style errors in UPC code. In: 5th Conference on Partitioned Global Address Space Models (PGAS). Galveston, TX (2011)

[24]

SANS Institute: CWE/SANS TOP 25 most dangerous software errors (2011), http://www.sans.org/top25-software-errors

[25]

Simpson, M. S., Barua, R. K.: Memsafe: ensuring the spatial and temporal memory safety of c at runtime. Software: Practice and Experience 43(1), 93--128 (2013)

Digital Library

[26]

Tassey, G.: The Economic Impacts of Inadequate Infrastructure for Software Testing. NIST Report 02-3 (2002)

[27]

Team, T. C.: (sep 2014), http://clang.llvm.org/docs/AddressSanitizer.html

[28]

Xu, W., DuVarney, D. C., Sekar, R.: An efficient and backwards-compatible transformation to ensure memory safety of c programs. In: Proceedings of the 12th ACM SIGSOFT Twelfth International Symposium on Foundations of Software Engineering. pp. 117--126. SIGSOFT '04/FSE-12, ACM, New York, NY, USA (2004)

Digital Library

[29]

Zhang, W., Lim, J., Olichandran, R., Scherpelz, J., Jin, G., Lu, S., Reps, T.: Conseq: Detecting concurrency bugs through sequential errors. In: Proceedings of the Sixteenth International Conference on Architectural Support for Programming Languages and Operating Systems. pp. 251--264. ASPLOS XVI, ACM, New York, NY, USA (2011)

Digital Library

[30]

Zhou, P., Qin, F., Liu, W., Zhou, Y., Torrellas, J.: iWatcher: efficient architectural support for software debugging. In: Computer Architecture, 2004. Proceedings. 31st Annual International Symposium on. pp. 224--235 (2004)

Digital Library

Cited By

Xing YChen ZXu SZhang Y(2023)CCMOP: A Runtime Verification Tool for C/C++ ProgramsRuntime Verification10.1007/978-3-031-44267-4_18(339-350)Online publication date: 1-Oct-2023
https://doi.org/10.1007/978-3-031-44267-4_18
Milewicz RPirkelbauer PSoundararajan PAhmed HSkjellum T(2021)Negative Perceptions About the Applicability of Source-to-Source Compilers in HPC: A Literature ReviewHigh Performance Computing10.1007/978-3-030-90539-2_16(233-246)Online publication date: 13-Nov-2021
https://doi.org/10.1007/978-3-030-90539-2_16
Lehr JHück AFischer MBischof C(2020)Compiler-Assisted Type-Safe CheckpointingHigh Performance Computing10.1007/978-3-030-59851-8_1(5-18)Online publication date: 20-Oct-2020
https://doi.org/10.1007/978-3-030-59851-8_1
Show More Cited By

Recommendations

Lightweight runtime checking of C programs with RTC

The C Programming Language is known for being an efficient language that can be compiled on almost any architecture and operating system. However the absence of dynamic safety checks and a relatively weak type system allows programmer oversights that ...
Runtime exception detection in Java programs using symbolic execution

Most of the runtime failures of a software system can be revealed during test execution only, which has a very high cost. In Java programs, runtime failures are manifested as unhandled runtime exceptions.

In this paper we present an approach and tool ...
Runtime organization for the Ada language system programs

The runtime organization provides the execution environment for generated code of a source program. The runtime organization includes the primitive data elements, such as scalar and composite data objects; system data elements, such as stack and heaps; ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied Computing

April 2015

2418 pages

ISBN:9781450331968

DOI:10.1145/2695664

Conference Chairs:
Roger L. Wainwright
University of Tulsa
,
Juan Manuel Corchado
University of Salamanca, Spain
,
Program Chairs:
Alessio Bechini
University of Pisa, Italy
,
Jiman Hong
Soongsil University, South Korea

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

SAC 2015

Sponsor:

SIGAPP

SAC 2015: Symposium on Applied Computing

April 13 - 17, 2015

Salamanca, Spain

Acceptance Rates

SAC '15 Paper Acceptance Rate 291 of 1,211 submissions, 24%;

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
221
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xing YChen ZXu SZhang Y(2023)CCMOP: A Runtime Verification Tool for C/C++ ProgramsRuntime Verification10.1007/978-3-031-44267-4_18(339-350)Online publication date: 1-Oct-2023
https://doi.org/10.1007/978-3-031-44267-4_18
Milewicz RPirkelbauer PSoundararajan PAhmed HSkjellum T(2021)Negative Perceptions About the Applicability of Source-to-Source Compilers in HPC: A Literature ReviewHigh Performance Computing10.1007/978-3-030-90539-2_16(233-246)Online publication date: 13-Nov-2021
https://doi.org/10.1007/978-3-030-90539-2_16
Lehr JHück AFischer MBischof C(2020)Compiler-Assisted Type-Safe CheckpointingHigh Performance Computing10.1007/978-3-030-59851-8_1(5-18)Online publication date: 20-Oct-2020
https://doi.org/10.1007/978-3-030-59851-8_1
Bartocci EFalcone YBonakdarpour BColombo CDecker NHavelund KJoshi YKlaedtke FMilewicz RReger GRosu GSignoles JThoma DZalinescu EZhang Y(2019)First international Competition on Runtime VerificationInternational Journal on Software Tools for Technology Transfer (STTT)10.1007/s10009-017-0454-521:1(31-70)Online publication date: 1-Feb-2019
https://dl.acm.org/doi/10.1007/s10009-017-0454-5
Bartocci EFalcone YReger G(2019)International Competition on Runtime Verification (CRV)Modeling Biomolecular Site Dynamics10.1007/978-3-030-17502-3_3(41-49)Online publication date: 4-Apr-2019
https://doi.org/10.1007/978-3-030-17502-3_3
Grieve ADavies MJones PZambreno J(2018)ARMOR: A Recompilation and Instrumentation-Free Monitoring Architecture for Detecting Memory ExploitsIEEE Transactions on Computers10.1109/TC.2018.280781867:8(1092-1104)Online publication date: 1-Aug-2018
https://doi.org/10.1109/TC.2018.2807818

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents