practical memory leak detector based on parameterized
play

Practical Memory Leak Detector Based on Parameterized Procedural - PowerPoint PPT Presentation

Mar 03, 2024 •429 likes •748 views

Practical Memory Leak Detector Based on Parameterized Procedural Summaries Yungbum Jung, Kwangkeun Yi { dreameye, kwang } @ropas.snu.ac.kr Programming Research Lab. Seoul National University Korea June 8, 2008 International Symposium on

  1. Practical Memory Leak Detector Based on Parameterized Procedural Summaries Yungbum Jung, Kwangkeun Yi { dreameye, kwang } @ropas.snu.ac.kr Programming Research Lab. Seoul National University Korea June 8, 2008 International Symposium on Memory Management

  2. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Leaks Detected Leaks on Exception p1 = malloc(); if(p1 == NULL) return 0; p2 = malloc(); if(p2 == NULL) return 0; ret Omission in Freeing Procedure VB texture Proxy1D s = allocS(); PB Proxy2D ... Proxy3D freeS(s); shared return; Default1D DisplayList Default2D TextObjectList Default3D TextObjects next Programming Research Lab. Seoul National University, Korea 2

  3. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Analysis Overview Static analysis for detecting memory leaks • Procedural Summaries 1. Summarizing callee procedures in reverse topological order of static call graph • How to analyze a procedure without knowing the input memory? • What can be memory leak related behaviours? 2. Instantiation at the call sites: context-sensitivity • Unsound Decisions for cost-accuracy balance • Reducing costs • Improving accuracy Programming Research Lab. Seoul National University, Korea 3

  4. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Analysis Overview Static analysis for detecting memory leaks • Procedural Summaries 1. Summarizing callee procedures in reverse topological order of static call graph • How to analyze a procedure without knowing the input memory? Access Path • What can be memory leak related behaviours? 8 Summary Categories 2. Instantiation at the call sites: context-sensitivity • Unsound Decisions for cost-accuracy balance • Reducing costs • Improving accuracy Programming Research Lab. Seoul National University, Korea 4

  5. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Memory Leaks A procedure leaks a heap memory whenever • the memory is allocated while the procedure active • the memory is neither recycled nor visible after return Detecting memory leaks needs three information • allocated addresses int *p = malloc(); • aliases between addresses int *x = p; • freed addresses free(x); Programming Research Lab. Seoul National University, Korea 5

  6. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Exploring Unknown Input Memory We collect three information without knowing the input memory 1. Only locations accessed by the procedure are important 2. C procedures access the input memory through either arguments or global variables 3. We can determine the “access path” with which those locations are accessed ( arg i | ret | global )( * | .f ) ∗ Programming Research Lab. Seoul National University, Korea 6

  7. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Example of Explorations Exploring Unknown Memory List * next(List *head) { List * cur = head->next; free(head); return cur; } Programming Research Lab. Seoul National University, Korea 7

  8. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Example of Explorations Exploring Unknown Memory List * next(List *head) { �→ head α List * cur = head->next; α .next �→ β free(head); �→ cur β return cur; } Symbolic addresses α and β represent some addresses that already existed before the procedure is called = α arg * β = arg *.next Programming Research Lab. Seoul National University, Korea 8

  9. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Example of Explorations Exploring Unknown Memory List * next(List *head) { head �→ α List * cur = head->next; α .next �→ β free(head); cur �→ β return cur; } The symbolic address α is freed � Alloc, Free � = � ∅ , { α }� Programming Research Lab. Seoul National University, Korea 9

  10. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Example of Explorations Exploring Unknown Memory List * next(List *head) { �→ head α List * cur = head->next; α .next �→ β free(head); cur �→ β return cur; �→ β ret } Return address ret contains return value Programming Research Lab. Seoul National University, Korea 10

  11. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Example of Explorations Exploring Unknown Memory List * next(List *head) { �→ head α List * cur = head->next; α .next �→ β free(head); �→ cur β return cur; ret �→ β } This procedure • frees α accessed from the argument with arg* • returns β accessed from the argument with arg*.next Programming Research Lab. Seoul National University, Korea 11

  12. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Memory Leak Related Behaviours How can procedures affect leak detections? No Effects Effects void local() { int *foo(int *p) { int *p = malloc(); free(p); free(p); return malloc(); } } The foo procedure frees an address pointed to by the argument and returns an allocated address Programming Research Lab. Seoul National University, Korea 12

  13. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Memory Leak Related Behaviours? Procedure fcall calls the function pointer High-order Effects of Procedure void fcall(int *a, void (*fp)(int *)) { fp(a); } p = malloc(); no leak! fcall(p, free); We can not summarize all memory leak related behaviours Programming Research Lab. Seoul National University, Korea 13

  14. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion 8 Summary Categories • To detect more leaks • To avoid false positives • To capture interprocedural aliasing free global argument return allocation - - Alloc2Arg Alloc2Ret global - - Glob2Arg Glob2Ret argument Arg2Free Arg2Glob Arg2Arg Arg2Ret Programming Research Lab. Seoul National University, Korea 14

  15. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Examples of Summary Categories(1/2) Allocation - Alloc2Arg, Alloc2Ret List *f(int **p) { * * arg List *cur = malloc(); cur->next = malloc(); *p = malloc(); next * return cur; ret } existed before the procedure is called done by the procedure Programming Research Lab. Seoul National University, Korea 15

  16. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Examples of Summary Categories(2/2) Free & Globalization - Arg2Free, Glob2Ret * Node gNode; arg Node *g(int *p) { free(p); return &gNode; * ret global } Programming Research Lab. Seoul National University, Korea 16

  17. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Examples of Summary Categories(2/2) Free & Globalization - Arg2Free, Glob2Ret * Node gNode; arg Node *g(int *p) { free(p); return &gNode; * ret global } No Leaks void f() { Node *node; int *p = malloc(); node = g(p); node->next = malloc(); } Programming Research Lab. Seoul National University, Korea 17

  18. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Summarization from Memory From List *next(List *head) { �→ head α List *cur = head->next; α .next �→ β free(head); �→ cur β return cur; ret �→ β } To * Arg2Free α = arg * arg = β arg *.next next Arg2Ret β = ret * * ret Programming Research Lab. Seoul National University, Korea 18

  19. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Summary Instantiation * foo(Node *x, Node *y) { arg1 free(y->next); * next free(x); arg2 } Node *a = malloc(); �→ ℓ 1 a Node *b = a; �→ b ℓ 1 a->next = malloc(); ℓ 1 .next �→ ℓ 2 foo(a,b); Programming Research Lab. Seoul National University, Korea 19

  20. Introduction Estimating Memory-Effects Procedural Summary Experiment Results Unsound Decisions Conclusion Summary Instantiation * foo(Node *x, Node *y) { arg1 free(y->next); free(x); * next arg2 } Node *a = malloc(); �→ a ℓ 1 Node *b = a; �→ ℓ 1 b a->next = malloc(); ℓ 1 .next �→ ℓ 2 foo(a,b); Parameterized addresses are instantiated * a � 1 * next b � 1 � 2 Programming Research Lab. Seoul National University, Korea 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Memory Leak A bug in a program that prevents it from C++: Memory Problems freeing up memory

Memory Leak A bug in a program that prevents it from C++: Memory Problems freeing up memory

Memory Leak A bug in a program that prevents it from C++: Memory Problems freeing up memory that it no longer needs. As a result, the program grabs more and more memory until it finally crashes or because there is no more memory left.

230 views • 6 slides
Direct Hydrocarbon Leak Detections based on Nanocomposite Sensors Private and Confidential

Direct Hydrocarbon Leak Detections based on Nanocomposite Sensors Private and Confidential

November 2017 Direct Hydrocarbon Leak Detections based on Nanocomposite Sensors Private and Confidential Contents Needs for Leak Detection Sensors Review of Leak Detection Systems Husky Leak N. Battleford, SK; July 2016 Platform

635 views • 24 slides
The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water

The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water

The Water Detective Q-Leak is a sensitive leakage detector which can be placed anywhere water leakage can occur . To prevent leakage-related damages it sends an alert whenever water is detected. The device also visualizes its status on the online

234 views • 10 slides
Conco System s The Practical Application of Tracer Gas Leak Detection for Air Cooled Condensers

Conco System s The Practical Application of Tracer Gas Leak Detection for Air Cooled Condensers

Conco System s The Practical Application of Tracer Gas Leak Detection for Air Cooled Condensers Andrew H. Leavitt Conco Systems, Inc. Tracer Gas Leak Detection Focusing On: Air inleakage Impact on system Limitations of air removal

691 views • 31 slides
Become A Guru How T o Solve A Memory Leak In Under 10 Minutes Confidential - do not distribute

Become A Guru How T o Solve A Memory Leak In Under 10 Minutes Confidential - do not distribute

Become A Guru How T o Solve A Memory Leak In Under 10 Minutes Confidential - do not distribute What You Will Learn A methodology for approaching memory leaks Understanding the generational heap Understanding generational aging to

667 views • 33 slides
www.thomas-leak-detection.com Leak Detection Class I Presentation EN 2014-02-19 Part1.docx ABOUT

www.thomas-leak-detection.com Leak Detection Class I Presentation EN 2014-02-19 Part1.docx ABOUT

Class I Leak Detection Systems - Highest level of monitoring and prevention of double walled tanks and pipes, according EU Standard EN 13160-2 Advantages Working Principle Product Overview www.thomas-leak-detection.com Leak

206 views • 16 slides
Combating the Advanced Memory Exploitation Techniques: Detecting ROP with Memory Information Leak

Combating the Advanced Memory Exploitation Techniques: Detecting ROP with Memory Information Leak

Combating the Advanced Memory Exploitation Techniques: Detecting ROP with Memory Information Leak nEINEI, Research Scientist @ McAfee Labs Chong Xu, Director of IPS Research @ McAfee Labs CanSecWest2014 March 20, 2014 Bio nEINEI

546 views • 31 slides
Model Checking of Parameterized Systems on Weak Memory David Declerck Laboratoire de Recherche

Model Checking of Parameterized Systems on Weak Memory David Declerck Laboratoire de Recherche

Model Checking of Parameterized Systems on Weak Memory David Declerck Laboratoire de Recherche en Informatique Universit e Paris-Sud October 3rd, 2017 Work supported by French ANR project PARDI (DS0703) David Declerck A Backward

327 views • 10 slides
Abstractions for Practical Systems Caching and the memory hierarchy Operating systems and the

Abstractions for Practical Systems Caching and the memory hierarchy Operating systems and the

CS 240 Stage 3 Abstractions for Practical Systems Caching and the memory hierarchy Operating systems and the process model Virtual memory Dynamic memory allocation Victory lap Memory Hierarchy: Cache Memory hierarchy Cache basics Locality

1.02k views • 49 slides
Soil Gas Sampling with a Helium Leak Detection Shroud Bruce Godfrey & Stefan DAngona

Soil Gas Sampling with a Helium Leak Detection Shroud Bruce Godfrey & Stefan DAngona

Soil Gas Sampling with a Helium Leak Detection Shroud Bruce Godfrey & Stefan DAngona Introduction a. Leak Detection Options b. Helium Leak Detection c. Leak Tracer System Design d. Use and experience Why Leak Check? Proof of Sample

569 views • 16 slides
Pipeline leak detection eLearning Part 1 of 2 Please turn on your speakers Historical

Pipeline leak detection eLearning Part 1 of 2 Please turn on your speakers Historical

Pipeline leak detection eLearning Part 1 of 2 Please turn on your speakers Historical development Leak detection system requirements Causes of leaks Leak detection options Non-continuous leak detection Continuous external leak detection

806 views • 49 slides
Optical Leak Testing Technology October 9th, 2014 Hermetic Leak Test Methods Helium Mass

Optical Leak Testing Technology October 9th, 2014 Hermetic Leak Test Methods Helium Mass

Optical Leak Testing Technology October 9th, 2014 Hermetic Leak Test Methods Helium Mass Spectrometry (Fine) Bubble Leak testing (Gross) Dye Penetrant (Gross) (Destructive) Residual Gas Analysis (Destructive) Cumulative Helium Leak Detection

326 views • 31 slides
Parameterized Hardware Accelerators for Lattice-Based Cryptography and Their Application to the

Parameterized Hardware Accelerators for Lattice-Based Cryptography and Their Application to the

Parameterized Hardware Accelerators for Lattice-Based Cryptography and Their Application to the HW/SW Co-Design of qTESLA Wen Wang , Shanquan Tian, Bernhard Jungk, Nina Bindel, Patrick Longa, and Jakub Szefer CHES 2020 September 14, 2020

711 views • 69 slides
Practical Memory Safety with REST KANAD SINHA & SIMHA SETHUMADHAVAN COLUMBIA UNIVERSITY Is

Practical Memory Safety with REST KANAD SINHA & SIMHA SETHUMADHAVAN COLUMBIA UNIVERSITY Is

Practical Memory Safety with REST KANAD SINHA & SIMHA SETHUMADHAVAN COLUMBIA UNIVERSITY Is memory safety relevant? In 2017, 55% of remote-code execution causing bugs in Microsoft due to memory errors Is memory safety relevant? Yes!

827 views • 47 slides
Parameterized Complexity of Integer Linear Programming (ILP) Sebastian Ordyniak Parameterized

Parameterized Complexity of Integer Linear Programming (ILP) Sebastian Ordyniak Parameterized

Parameterized Complexity of Integer Linear Programming (ILP) Sebastian Ordyniak Parameterized Graph Algorithms & Data Reduction (Shonan Meeting 144, 2019) 1 / 62 Integer Linear Programming (ILP) archetypical problem for NP -complete

1.25k views • 88 slides
1 Sensors Intrude on Privacy Accelerometers can leak keystrokes [1], gyroscopes can leak

1 Sensors Intrude on Privacy Accelerometers can leak keystrokes [1], gyroscopes can leak

1 Sensors Intrude on Privacy Accelerometers can leak keystrokes [1], gyroscopes can leak voice [2], etc. What is the threat from devices never intended to be sensors in the first place? Accelerometers: [1] Marquardt et al., CCS '11,

705 views • 29 slides
Securing Real-Time Microcontroller Systems through Customized Memory View Switching Wh What are

Securing Real-Time Microcontroller Systems through Customized Memory View Switching Wh What are

Slide-deck for Graduate Computer Security (CS563) Fall 2018 University of Illinois Prof. Adam Bates Securing Real-Time Microcontroller Systems through Customized Memory View Switching Wh What are Real-ti time Mi Microcontrollers?

235 views • 19 slides
On the Memory Consumption of Probabilistic Pushdown Automata Tom Brzdil 1 Javier Esparza 2

On the Memory Consumption of Probabilistic Pushdown Automata Tom Brzdil 1 Javier Esparza 2

On the Memory Consumption of Probabilistic Pushdown Automata Tom Brzdil 1 Javier Esparza 2 Stefan Kiefer 3 1 Masaryk University, Brno (Czech Republic) 2 TU Mnchen (Germany) 3 University of Oxford (UK) FSTTCS (Kanpur, India), 15 December,

743 views • 40 slides
Pointer Analysis CSE 501 Spring 15 Course Outline Sta8c

Pointer Analysis CSE 501 Spring 15 Course Outline Sta8c

Pointer Analysis CSE 501 Spring 15 Course Outline Sta8c analysis Dataflow and abstract interpreta8on We are here Applica8ons Beyond

515 views • 36 slides
Learning Phonology LINGUIST 397LH Oiry/Hartman Learning phonology

Learning Phonology LINGUIST 397LH Oiry/Hartman Learning phonology

Learning Phonology LINGUIST 397LH Oiry/Hartman Learning phonology Language learning starts in the womb. Auditory system is fully developed by the

766 views • 42 slides
Computer Graphics - Texturing - Philipp Slusallek Pascal Grittmann Overview Last time

Computer Graphics - Texturing - Philipp Slusallek Pascal Grittmann Overview Last time

Computer Graphics - Texturing - Philipp Slusallek Pascal Grittmann Overview Last time Shading BRDFs Today Texture definition Image textures Procedural textures Texture mapping Next lecture Alias &

941 views • 70 slides
Procedural Generation Lauri Kongas What is procedural generation? Procedural Generation It is

Procedural Generation Lauri Kongas What is procedural generation? Procedural Generation It is

Procedural Generation Lauri Kongas What is procedural generation? Procedural Generation It is the algorithmic creation of data Procedural Generation It is the algorithmic creation of data Almost anything can be created procedurally

863 views • 83 slides
Programming Distributed Memory Sytems Using OpenMP Rudolf Eigenmann, Ayon Basumallik, Seung-Jai

Programming Distributed Memory Sytems Using OpenMP Rudolf Eigenmann, Ayon Basumallik, Seung-Jai

Programming Distributed Memory Sytems Using OpenMP Rudolf Eigenmann, Ayon Basumallik, Seung-Jai Min, School of Electrical and Computer Engineering, Purdue University, http://www.ece.purdue.edu/ParaMount Is OpenMP a useful programming model

798 views • 30 slides
Securing Real-Time Microcontroller Systems through Customized Memory View Switching + * Chung

Securing Real-Time Microcontroller Systems through Customized Memory View Switching + * Chung

Securing Real-Time Microcontroller Systems through Customized Memory View Switching + * Chung Hwan Kim , Taegyu Kim, Hongjun Choi, Zhongshu Gu , By0ungyoung Lee, Xiangyu Zhang, Dongyan Xu + * Security of Real-time Microcontrollers

543 views • 18 slides

More recommend