Memory safety without runtime checks or garbage collection

Dinakar Dhurjati, Sumant Kowshik, Vikram Adve, Chris Lattner

Research output: Contribution to journalConference article

Abstract

Traditional approaches to enforcing memory safety of programs rely heavily on runtime checks of memory accesses and on garbage collection, both of which are unattractive for embedded applications. The long-term goal of our work is to enable 100% static enforcement of memory safety for embedded programs through advanced compiler techniques and minimal semantic restrictions on programs. The key result of this paper is a compiler technique that ensures memory safety of dynamically allocated memory without programmer annotations, runtime checks, or garbage collection, and works for a large subclass of type-safe C programs. The technique is based on a fully automatic pool allocation (i.e., region-inference) algorithm for C programs we developed previously, and it ensures safety of dynamically allocated memory while retaining explicit deallocation of individual objects within regions (to avoid garbage collection). For a diverse set of embedded C programs (and using a previous technique to avoid null pointer checks), we show that we are able to statically ensure the safety of pointer and dynamic memory usage in all these programs. We also describe some improvements over our previous work in static checking of array accesses. Overall, we achieve 100% static enforcement of memory safety without new language syntax for a significant subclass of embedded C programs, and the subclass is much broader if array bounds checks are ignored.

Original languageEnglish (US)
Pages (from-to)69-80
Number of pages12
JournalACM SIGPLAN Notices
Volume38
Issue number7
DOIs
StatePublished - Jul 2003
EventProceedings of the 2003 ACM SIGPLAN Conference on Languages, Compilers, and Tools for Embedded Systems - San Diego, CA, United States
Duration: Jun 11 2003Jun 13 2003

Fingerprint

Data storage equipment
Semantics

Keywords

  • Automatic pool allocation
  • Compilers
  • Embedded systems
  • Programming languages
  • Region management
  • Security
  • Static analysis

ASJC Scopus subject areas

  • Software
  • Computer Graphics and Computer-Aided Design

Cite this

Memory safety without runtime checks or garbage collection. / Dhurjati, Dinakar; Kowshik, Sumant; Adve, Vikram; Lattner, Chris.

In: ACM SIGPLAN Notices, Vol. 38, No. 7, 07.2003, p. 69-80.

Research output: Contribution to journalConference article

Dhurjati, Dinakar ; Kowshik, Sumant ; Adve, Vikram ; Lattner, Chris. / Memory safety without runtime checks or garbage collection. In: ACM SIGPLAN Notices. 2003 ; Vol. 38, No. 7. pp. 69-80.
@article{2787e213adff4192aff26ecf889107a8,
title = "Memory safety without runtime checks or garbage collection",
abstract = "Traditional approaches to enforcing memory safety of programs rely heavily on runtime checks of memory accesses and on garbage collection, both of which are unattractive for embedded applications. The long-term goal of our work is to enable 100{\%} static enforcement of memory safety for embedded programs through advanced compiler techniques and minimal semantic restrictions on programs. The key result of this paper is a compiler technique that ensures memory safety of dynamically allocated memory without programmer annotations, runtime checks, or garbage collection, and works for a large subclass of type-safe C programs. The technique is based on a fully automatic pool allocation (i.e., region-inference) algorithm for C programs we developed previously, and it ensures safety of dynamically allocated memory while retaining explicit deallocation of individual objects within regions (to avoid garbage collection). For a diverse set of embedded C programs (and using a previous technique to avoid null pointer checks), we show that we are able to statically ensure the safety of pointer and dynamic memory usage in all these programs. We also describe some improvements over our previous work in static checking of array accesses. Overall, we achieve 100{\%} static enforcement of memory safety without new language syntax for a significant subclass of embedded C programs, and the subclass is much broader if array bounds checks are ignored.",
keywords = "Automatic pool allocation, Compilers, Embedded systems, Programming languages, Region management, Security, Static analysis",
author = "Dinakar Dhurjati and Sumant Kowshik and Vikram Adve and Chris Lattner",
year = "2003",
month = "7",
doi = "10.1145/780731.780743",
language = "English (US)",
volume = "38",
pages = "69--80",
journal = "ACM SIGPLAN Notices",
issn = "1523-2867",
publisher = "Association for Computing Machinery (ACM)",
number = "7",

}

TY - JOUR

T1 - Memory safety without runtime checks or garbage collection

AU - Dhurjati, Dinakar

AU - Kowshik, Sumant

AU - Adve, Vikram

AU - Lattner, Chris

PY - 2003/7

Y1 - 2003/7

N2 - Traditional approaches to enforcing memory safety of programs rely heavily on runtime checks of memory accesses and on garbage collection, both of which are unattractive for embedded applications. The long-term goal of our work is to enable 100% static enforcement of memory safety for embedded programs through advanced compiler techniques and minimal semantic restrictions on programs. The key result of this paper is a compiler technique that ensures memory safety of dynamically allocated memory without programmer annotations, runtime checks, or garbage collection, and works for a large subclass of type-safe C programs. The technique is based on a fully automatic pool allocation (i.e., region-inference) algorithm for C programs we developed previously, and it ensures safety of dynamically allocated memory while retaining explicit deallocation of individual objects within regions (to avoid garbage collection). For a diverse set of embedded C programs (and using a previous technique to avoid null pointer checks), we show that we are able to statically ensure the safety of pointer and dynamic memory usage in all these programs. We also describe some improvements over our previous work in static checking of array accesses. Overall, we achieve 100% static enforcement of memory safety without new language syntax for a significant subclass of embedded C programs, and the subclass is much broader if array bounds checks are ignored.

AB - Traditional approaches to enforcing memory safety of programs rely heavily on runtime checks of memory accesses and on garbage collection, both of which are unattractive for embedded applications. The long-term goal of our work is to enable 100% static enforcement of memory safety for embedded programs through advanced compiler techniques and minimal semantic restrictions on programs. The key result of this paper is a compiler technique that ensures memory safety of dynamically allocated memory without programmer annotations, runtime checks, or garbage collection, and works for a large subclass of type-safe C programs. The technique is based on a fully automatic pool allocation (i.e., region-inference) algorithm for C programs we developed previously, and it ensures safety of dynamically allocated memory while retaining explicit deallocation of individual objects within regions (to avoid garbage collection). For a diverse set of embedded C programs (and using a previous technique to avoid null pointer checks), we show that we are able to statically ensure the safety of pointer and dynamic memory usage in all these programs. We also describe some improvements over our previous work in static checking of array accesses. Overall, we achieve 100% static enforcement of memory safety without new language syntax for a significant subclass of embedded C programs, and the subclass is much broader if array bounds checks are ignored.

KW - Automatic pool allocation

KW - Compilers

KW - Embedded systems

KW - Programming languages

KW - Region management

KW - Security

KW - Static analysis

UR - http://www.scopus.com/inward/record.url?scp=1442288714&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=1442288714&partnerID=8YFLogxK

U2 - 10.1145/780731.780743

DO - 10.1145/780731.780743

M3 - Conference article

AN - SCOPUS:1442288714

VL - 38

SP - 69

EP - 80

JO - ACM SIGPLAN Notices

JF - ACM SIGPLAN Notices

SN - 1523-2867

IS - 7

ER -