A Survey on Dynamic Memory Safety Analysis

PhD Qualifying Examination


Title: "A Survey on Dynamic Memory Safety Analysis"

by

Mr. Hao LING


Abstract:

Memory errors remain a critical threat to programming languages like modern C
and C++, which are widely used but do not guarantee strict memory safety. For
example, out-of-bounds write, the most typical memory error, ranked as the most
dangerous software weakness from 2021 to 2023. As programs continue to grow,
manual code review becomes inadequate. Therefore, developers seek automated
solutions to detect and eliminate memory vulnerabilities hidden in their
programs.

Dynamic memory safety analysis, the sharp weapon for detecting invalid memory
operations by executing programs, is widely used by global-scale enterprises
like Google. The analysis exposes memory errors and provides proof-of-concept
(POC) for further analysis. Existing works focus on two questions: How to
perceive silent errors during execution?, and How to find test cases that
expose bugs?. Memory sanitizers and fuzz testing (Fuzzing) are representative
solutions for these questions. Memory sanitizers automatically generate
assertions to validate memory operations, and fuzzing conducts high-intensity
program testing with automatic test case generation.

However, dynamic analysis needs extra metadata and instructions to model the
memory, which results in significant runtime overhead. Developers spend
significant amounts of time conducting the analysis, which diminishes the
effectiveness of the analysis in today's fast-paced software iteration.
Moreover, beyond the program itself, dynamic analysis also needs to model and
communicate with the runtime environment, thereby presenting difficulties in
deploying across diverse environments. This article presents a systematic
overview of dynamic memory safety analysis, discussing the highlights and
limitations of existing efforts. We hope the survey can inspire future work to
improve the effectiveness of memory error hunting.


Date:                   Thursday, 2 November 2023

Time:                   2:00pm - 4:00pm

Venue:                  Room 5562
                        lifts 27/28

Committee Members:      Prof. Charles Zhang (Supervisor)
                        Dr. Shuai Wang (Chairperson)
                        Dr. Lionel Parreaux
                        Dr. Jiasi Shen


**** ALL are Welcome ****
Privacy Sitemap
A Survey on Dynamic Memory Safety Analysis

About

People

Research

Academics

Admissions
