Sulong, and Thanks for All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model

  • Manuel Rigger (Speaker)

Activity: Talk or presentationContributed talkscience-to-science

Description

In C, memory errors, such as buffer overflows, are among the most dangerous software errors; as we show, they are still on the rise. Current dynamic bug-finding tools that try to detect such errors are based on the low-level execution model of the underlying machine. They insert additional checks in an ad-hoc fashion, which makes them prone to omitting checks for corner cases. To address this, we devised a novel approach to finding bugs during the execution of a program. At the core of this approach is an interpreter written in a high-level language that performs automatic checks (such as bounds, NULL, and type checks). By mapping data structures in C to those of the high-level language, accesses are automatically checked and bugs discovered. We have implemented this approach and show that our tool (called Safe Sulong) can find bugs that state-of-the-art tools overlook, such as out-of-bounds accesses to the main function arguments.
Period27 Mar 2018
Event titleASPLOS '18 Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems Pages 377-391
Event typeConference
LocationUnited StatesShow on map

Fields of science

  • 102029 Practical computer science
  • 102009 Computer simulation
  • 102 Computer Sciences
  • 102011 Formal languages
  • 102022 Software development
  • 102013 Human-computer interaction
  • 102024 Usability research

JKU Focus areas

  • Computation in Informatics and Mathematics
  • Engineering and Natural Sciences (in general)

Documents & Links