Practical memory checking with Dr. Memory
Derek Bruening,Qin Zhao +1 more
- pp 213-223
TLDR
Dr. Memory is presented, a memory checking tool that operates on both Windows and Linux applications that handles the complex and not fully documented Windows environment, and avoids reporting false positive memory leaks that plague traditional leak locating algorithms.Abstract:
Memory corruption, reading uninitialized memory, using freed memory, and other memory-related errors are among the most difficult programming bugs to identify and fix due to the delay and non-determinism linking the error to an observable symptom. Dedicated memory checking tools are invaluable for finding these errors. However, such tools are difficult to build, and because they must monitor all memory accesses by the application, they incur significant overhead. Accuracy is another challenge: memory errors are not always straightforward to identify, and numerous false positive error reports can make a tool unusable. A third obstacle to creating such a tool is that it depends on low-level operating system and architectural details, making it difficult to port to other platforms and difficult to target proprietary systems like Windows. This paper presents Dr. Memory, a memory checking tool that operates on both Windows and Linux applications. Dr. Memory handles the complex and not fully documented Windows environment, and avoids reporting false positive memory leaks that plague traditional leak locating algorithms. Dr. Memory employs efficient instrumentation techniques; a direct comparison with the state-of-the-art Valgrind Memcheck tool reveals that Dr. Memory is twice as fast as Memcheck on average and up to four times faster on individual benchmarks.read more
Citations
More filters
Proceedings Article
AddressSanitizer: a fast address sanity checker
TL;DR: The paper presents AddressSanitizer, a new memory error detector that achieves efficiency without sacrificing comprehensiveness, and has found over 300 previously unknown bugs in the Chromium browser and many bugs in other software.
Proceedings ArticleDOI
MemorySanitizer: fast detector of uninitialized memory use in C++
TL;DR: MemorySanitizer is a dynamic tool that detects uses of uninitialized memory in C and C++ and relies on bit-precise shadow memory at run-time, based on compile time instrumentation over dynamic binary instrumentation.
Proceedings ArticleDOI
SoK: Sanitizing for Security
Dokyung Song,Julian Lettner,Prabhu Rajasekaran,Yeoul Na,Stijn Volckaert,Per Larsen,Michael Franz +6 more
TL;DR: This work provides a systematic overview of sanitizers with an emphasis on their role in finding security issues, taxonomize the available tools and the security vulnerabilities they cover, describe their performance and compatibility properties, and highlight various trade-offs.
Proceedings ArticleDOI
Transparent dynamic instrumentation
TL;DR: This paper identifies a necessary set of transparency requirements for running mainstream Windows and Linux applications, and believes this will provide a guideline for better design and implementation of transparent dynamic instrumentation, as well as other similar process virtualization systems using software code caches.
Proceedings ArticleDOI
Static memory leak detection using full-sparse value-flow analysis
Yulei Sui,Ding Ye,Jingling Xue +2 more
TL;DR: Saber is the first to use a full-sparse value-flow analysis for leak detection in C programs, and is effective at detecting 211 leaks in the 15 SPEC2000 C programs and five applications, while keeping the false positive rate at 18.5%.
References
More filters
Journal ArticleDOI
Pin: building customized program analysis tools with dynamic instrumentation
Chi-Keung Luk,Robert Cohn,Robert Muth,Harish Patil,Artur Klauser,Geoff Lowney,Steven Wallace,Vijay Janapa Reddi,Kim Hazelwood +8 more
TL;DR: The goals are to provide easy-to-use, portable, transparent, and efficient instrumentation, and to illustrate Pin's versatility, two Pintools in daily use to analyze production software are described.
Proceedings ArticleDOI
Valgrind: a framework for heavyweight dynamic binary instrumentation
TL;DR: Valgrind is described, a DBI framework designed for building heavyweight DBA tools that can be used to build more interesting, heavyweight tools that are difficult or impossible to build with other DBI frameworks such as Pin and DynamoRIO.
Proceedings ArticleDOI
ATOM: a system for building customized program analysis tools
Amitabh Srivastava,Alan Eustace +1 more
TL;DR: ATOM as mentioned in this paper is a single framework for building a wide range of customized program analysis tools, including block counting, profiling, dynamic memory recording, instruction and data cache simulation, pipeline simulation, evaluating branch prediction, and instruction scheduling.
Dissertation
Efficient, transparent, and comprehensive runtime code manipulation
TL;DR: D DynamoRIO is presented, a fully-implemented runtime code manipulation system that supports code transformations on any part of a program, while it executes, with zero to thirty percent time and memory overhead on both Windows and Linux.
Proceedings Article
Using Valgrind to detect undefined value errors with bit-precision
TL;DR: Memcheck detects a wide range of memory errors in programs as they run, and improves on that of previous tools by being accurate to the level of individual bits, giving Memcheck a low false positive and false negative rate.