{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T16:37:50Z","timestamp":1773247070496,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":49,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,10,12]],"date-time":"2019-10-12T00:00:00Z","timestamp":1570838400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Arm Limited"},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["FA8750-10- C-0237"],"award-info":[{"award-number":["FA8750-10- C-0237"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100000266","name":"Engineering and Physical Sciences Research Council","doi-asserted-by":"publisher","award":["EP\/K026399\/1, EP\/P020011\/1, and EP\/K008528\/1"],"award-info":[{"award-number":["EP\/K026399\/1, EP\/P020011\/1, and EP\/K008528\/1"]}],"id":[{"id":"10.13039\/501100000266","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100006785","name":"Google","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100006785","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100006602","name":"Air Force Research Laboratory","doi-asserted-by":"publisher","award":["HR0011-18-C-0016"],"award-info":[{"award-number":["HR0011-18-C-0016"]}],"id":[{"id":"10.13039\/100006602","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,10,12]]},"DOI":"10.1145\/3352460.3358288","type":"proceedings-article","created":{"date-parts":[[2019,10,11]],"date-time":"2019-10-11T11:16:45Z","timestamp":1570792605000},"page":"545-557","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":48,"title":["CHERIvoke"],"prefix":"10.1145","author":[{"given":"Hongyan","family":"Xia","sequence":"first","affiliation":[{"name":"University of Cambridge"}]},{"given":"Jonathan","family":"Woodruff","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Sam","family":"Ainsworth","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Nathaniel W.","family":"Filardo","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Michael","family":"Roe","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Alexander","family":"Richardson","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Peter","family":"Rugg","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Peter G.","family":"Neumann","sequence":"additional","affiliation":[{"name":"SRI International"}]},{"given":"Simon W.","family":"Moore","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Robert N. M.","family":"Watson","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]},{"given":"Timothy M.","family":"Jones","sequence":"additional","affiliation":[{"name":"University of Cambridge"}]}],"member":"320","published-online":{"date-parts":[[2019,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2015. Electric Fence. https:\/\/elinux.org\/index.php?title=Electric_Fence"},{"key":"e_1_3_2_1_2_1","volume-title":"Cling: A Memory Allocator to Mitigate Dangling Pointers. In USENIX Security.","author":"Akritidis Periklis","year":"2010","unstructured":"Periklis Akritidis. 2010. Cling: A Memory Allocator to Mitigate Dangling Pointers. In USENIX Security."},{"key":"e_1_3_2_1_3_1","volume-title":"Zorn","author":"Berger Emery D.","year":"2006","unstructured":"Emery D. Berger and Benjamin G. Zorn. 2006. DieHard: Probabilistic Memory Safety for Unsafe Languages. In PLDI."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"crossref","unstructured":"Hans-J. Boehm. 1996. Simple Garbage-Collector-Safety. In PLDI.","DOI":"10.1145\/231379.231394"},{"key":"e_1_3_2_1_5_1","article-title":"A Proposal for Garbage-Collector-Safe C Compilation","volume":"4","author":"Boehm J.","year":"1992","unstructured":"Hans-J. Boehm and David Chase. 1992. A Proposal for Garbage-Collector-Safe C Compilation. Journal of C Language Translation 4, 2 (1992).","journal-title":"Journal of C Language Translation"},{"key":"e_1_3_2_1_6_1","volume-title":"Garbage Collection in an Uncooperative Environment. Softw. Pract. Exper. 18, 9","author":"Boehm Hans-Juergen","year":"1988","unstructured":"Hans-Juergen Boehm and Mark Weiser. 1988. Garbage Collection in an Uncooperative Environment. Softw. Pract. Exper. 18, 9 (1988)."},{"key":"e_1_3_2_1_7_1","volume-title":"Undangle: Early Detection of Dangling Pointers in Use-after-free and Double-free Vulnerabilities. In ISSTA.","author":"Caballero Juan","year":"2012","unstructured":"Juan Caballero, Gustavo Grieco, Mark Marron, and Antonio Nappa. 2012. Undangle: Early Detection of Dangling Pointers in Use-after-free and Double-free Vulnerabilities. In ISSTA."},{"key":"e_1_3_2_1_8_1","unstructured":"Oliver Chang. 2016. Racing MIDI messages in Chrome. https:\/\/googleprojectzero.blogspot.com\/2016\/02\/racing-midi-messages-in-chrome.html"},{"key":"e_1_3_2_1_9_1","unstructured":"Oliver Chang. 2016. Racing MIDI messages in Chrome. https:\/\/googleprojectzero.blogspot.com\/2016\/02\/racing-midi-messages-in-chrome.html."},{"key":"e_1_3_2_1_10_1","volume-title":"Iyer","author":"Chen Shuo","year":"2005","unstructured":"Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer. 2005. Non-control-data Attacks Are Realistic Threats. In SSYM."},{"key":"e_1_3_2_1_11_1","unstructured":"The MITRE Corporation. 2018. CWE-416: Use After Free. https:\/\/cwe.mitre.org\/data\/definitions\/416.html"},{"key":"e_1_3_2_1_12_1","volume-title":"Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. In USENIX Security.","author":"Dang Thurston H.Y.","year":"2017","unstructured":"Thurston H.Y. Dang, Petros Maniatis, and David Wagner. 2017. Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. In USENIX Security."},{"key":"e_1_3_2_1_13_1","volume-title":"Khilan Gudka, Alexandre Joannou, Ben Laurie, A. Theodore Markettos, J. Edward Maste, Alfredo Mazzinghi, Edward Tomasz Napierala","author":"Davis Brooks","year":"2019","unstructured":"Brooks Davis, Robert N. M. Watson, Alexander Richardson, Peter G. Neumann, Simon W. Moore, John Baldwin, David Chisnall, James Clarke, Nathaniel Wesley Filardo, Khilan Gudka, Alexandre Joannou, Ben Laurie, A. Theodore Markettos, J. Edward Maste, Alfredo Mazzinghi, Edward Tomasz Napierala, Robert M. Norton, Michael Roe, Peter Sewell, Stacey Son, and Jonathan Woodruff. 2019. CheriABI: Enforcing Valid Pointer Provenance and Minimizing Pointer Privilege in the POSIX C Run-Time Environment. In ASPLOS."},{"key":"e_1_3_2_1_14_1","volume-title":"Van Horn","author":"Dennis Jack B.","year":"1966","unstructured":"Jack B. Dennis and Earl C. Van Horn. 1966. Programming semantics for multi-programmed computations. Commun. ACM 9, 3 (1966)."},{"key":"e_1_3_2_1_15_1","unstructured":"Dinakar Dhurjati and Vikram Adve. 2006. Efficiently Detecting All Dangling Pointer Uses in Production Servers. In DSN."},{"key":"e_1_3_2_1_16_1","unstructured":"R. Kent Dybvig David Eby and Carl Bruggeman. 1994. Don't stop the BIBOP: Flexible and Efficient Storage Management for Dynamically-Typed Languages. Technical Report 400. Indiana University School of Informatics Computing and Engineering."},{"key":"e_1_3_2_1_17_1","volume-title":"Detlefs","author":"Ellis John R.","year":"1994","unstructured":"John R. Ellis and David L. Detlefs. 1994. Safe, Efficient Garbage Collection for C++. In CTEC."},{"key":"e_1_3_2_1_18_1","unstructured":"Matthew Gretton-Dann. 2018. Arm A-Profile Architecture Developments 2018: Armv8.5-A. https:\/\/community.arm.com\/developer\/ip-products\/processors\/b\/processors-ip-blog\/posts\/arm-a-profile-architecture-2018-developments-armv85a"},{"key":"e_1_3_2_1_19_1","unstructured":"Richard Grisenthwaite. 2019. Supporting the UK in becoming a leading global player in cybersecurity. https:\/\/community.arm.com\/blog\/company\/b\/blog\/posts\/supporting-the-uk-in-becoming-a-leading-global-player-in-cybersecurity"},{"key":"e_1_3_2_1_20_1","unstructured":"Richard H. Gumpertz. 1981. Error Detection with Memory Tags. Ph.D. Dissertation. Carnegie Mellon University."},{"key":"e_1_3_2_1_21_1","volume-title":"SPEC CPU2006 Benchmark Descriptions. SIGARCH Comput. Archit. News 34","author":"Henning John L.","year":"2006","unstructured":"John L. Henning. 2006. SPEC CPU2006 Benchmark Descriptions. SIGARCH Comput. Archit. News 34, 4 (2006)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"A. Joannou J. Woodruff R. Kovacsics S. W. Moore A. Bradbury H. Xia R. N. M. Watson D. Chisnall M. Roe B. Davis E. Napierala J. Baldwin K. Gudka P. G. Neumann A. Mazzinghi A. Richardson S. Son and A. T. Markettos. 2017. Efficient Tagged Memory. In ICCD.","DOI":"10.1109\/ICCD.2017.112"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"Piyus Kedia Manuel Costa Matthew Parkinson Kapil Vaswani Dimitrios Vytiniotis and Aaron Blankstein. 2017. Simple Fast and Safe Manual Memory Management. In PLDI.","DOI":"10.1145\/3062341.3062376"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"crossref","DOI":"10.1109\/JSSC.2015.2456902","article-title":"SPARC M7: A 20 nm 32-Core 64 MB L3 Cache Processor","volume":"51","author":"Konstadinidis G. K.","year":"2016","unstructured":"G. K. Konstadinidis, H. P. Li, F. Schumacher, V. Krishnaswamy, H. Cho, S. Dash, R. P. Masleid, C. Zheng, Y. D. Lin, P. Loewenstein, H. Park, V. Srinivasan, D. Huang, C. Hwang, W. Hsu, C. McAllister, J. Brooks, H. Pham, S. Turullols, Y. Yanggong, R. Golla, A. P. Smith, and A. Vahidsafa. 2016. SPARC M7: A 20 nm 32-Core 64 MB L3 Cache Processor. IEEE J. of Solid-State Circuits 51, 1 (2016).","journal-title":"IEEE J. of Solid-State Circuits"},{"key":"e_1_3_2_1_25_1","unstructured":"Doug Lea. 2000. A Memory Allocator. (2000). http:\/\/g.oswego.edu\/dl\/html\/malloc.html"},{"key":"e_1_3_2_1_26_1","unstructured":"Byoungyoung Lee Chengyu Song Yeongjin Jang Tielei Wang Taesoo Kim Long Lu and Wenke Lee. 2015. Preventing Use-after-free with Dangling Pointers Nullification.. In NDSS."},{"key":"e_1_3_2_1_27_1","unstructured":"Daiping Liu Mingwei Zhang and Haining Wang. 2018. A Robust and Efficient Defense Against Use-after-Free Exploits via Concurrent Pointer Sweeping. In CCS."},{"key":"e_1_3_2_1_28_1","unstructured":"Kangjie Lu Marie-Therese Walter David Pfaff Stefan Nuernberger Wenke Lee and Michael Backes. 2017. Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying. In NDSS."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Alyssa Milburn Herbert Bos and Cristiano Giuffrida. 2017. SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities. In NDSS.","DOI":"10.14722\/ndss.2017.23183"},{"key":"e_1_3_2_1_30_1","unstructured":"S. S. Nagaraju C. Craioveanu E. Florio and M. Miller. 2013. Software vulnerability exploitation trends. Technical Report. Microsoft."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2366231.2337181"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1806651.1806657"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065887.1065892"},{"key":"e_1_3_2_1_34_1","volume-title":"Berger","author":"Novark Gene","year":"2010","unstructured":"Gene Novark and Emery D. Berger. 2010. DieHarder: Securing the Heap. In CCS."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","unstructured":"Yutaka Oiwa. 2009. Implementation of the Memory-safe Full ANSI-C Compiler. In PLDI.","DOI":"10.1145\/1542476.1542505"},{"key":"e_1_3_2_1_36_1","unstructured":"Oracle 2016. Oracle's SPARC T7 and SPARC M7 Server Architecture. Oracle."},{"key":"e_1_3_2_1_37_1","unstructured":"Konstantin Serebryany Derek Bruening Alexander Potapenko and Dmitry Vyukov. 2012. AddressSanitizer: A Fast Address Sanity Checker. In USENIX ATC."},{"key":"e_1_3_2_1_38_1","volume-title":"Memory Tagging and how it improves C\/C++ memory safety. CoRR abs\/1802.09517","author":"Serebryany Kostya","year":"2018","unstructured":"Kostya Serebryany, Evgenii Stepanov, Aleksey Shlyapnikov, Vlad Tsyrklevich, and Dmitry Vyukov. 2018. Memory Tagging and how it improves C\/C++ memory safety. CoRR abs\/1802.09517 (2018)."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Sam Silvestro Hongyu Liu Corey Crosser Zhiqiang Lin and Tongping Liu. 2017. FreeGuard: A Faster Secure Heap Allocator. In CCS.","DOI":"10.1145\/3133956.3133957"},{"key":"e_1_3_2_1_40_1","unstructured":"Jr. Steele Guy Lewis. 1977. Data representations in PDP-10 MACLISP. Technical Report AIM-420. MIT."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"crossref","unstructured":"Erik van der Kouwe Vinod Nigade and Cristiano Giuffrida. 2017. DangSan: Scalable Use-after-free Detection. In EuroSys.","DOI":"10.1145\/3064176.3064211"},{"key":"e_1_3_2_1_42_1","volume-title":"Khilan Gudka, Ben Laurie, Steven J. Murdoch","author":"Watson Robert N. M.","year":"2015","unstructured":"Robert N. M. Watson, Jonathan Woodruff, Peter G. Neumann, Simon W. Moore, Jonathan Anderson, David Chisnall, Nirav Dave, Brook s Davis, Khilan Gudka, Ben Laurie, Steven J. Murdoch, Robert Norton, Michael Roe, Stacey Son, and Munraj Vadera. 2015. CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization. In IEEE S&P."},{"key":"e_1_3_2_1_43_1","unstructured":"Thomas Willhalm Roman Dementiev and Patrick Fay. 2012. Intel Performance Counter Monitor - A Better Way to Measure CPU Utilization. Intel."},{"key":"e_1_3_2_1_44_1","volume-title":"Simon Moore, Anthony Fox","author":"Woodruff Jonathan","year":"2019","unstructured":"Jonathan Woodruff, Alexandre Joannou, Hongyan Xia, Brooks Davis, Peter G Neumann, Robert Nicholas Maxwell Watson, Simon Moore, Anthony Fox, Robert Norton, and David Chisnall. 2019. Cheri concentrate: Practical compressed capabilities. IEEE Trans. Comput. (2019)."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"crossref","unstructured":"Jonathan Woodruff Robert N.M. Watson David Chisnall Simon W. Moore Jonathan Anderson Brooks Davis Ben Laurie Peter G. Neumann Robert Norton and Michael Roe. 2014. The CHERI Capability Model: Revisiting RISC in an Age of Risk. In ISCA.","DOI":"10.1109\/ISCA.2014.6853201"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Wen Xu Juanru Li Junliang Shu Wenbo Yang Tianyi Xie Yuanyuan Zhang and Dawu Gu. 2015. From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel. In CCS.","DOI":"10.1145\/2810103.2813637"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"Wen Xu Juanru Li Junliang Shu Wenbo Yang Tianyi Xie Yuanyuan Zhang and Dawu Gu. 2015. From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel. In CCS.","DOI":"10.1145\/2810103.2813637"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Yves Younan. 2015. FreeSentry: protecting against use-after-free vulnerabilities due to dangling pointers. In NDSS.","DOI":"10.14722\/ndss.2015.23190"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3297858.3304017"}],"event":{"name":"MICRO '52: The 52nd Annual IEEE\/ACM International Symposium on Microarchitecture","location":"Columbus OH USA","acronym":"MICRO '52","sponsor":["SIGMICRO ACM Special Interest Group on Microarchitectural Research and Processing","IEEE CS"]},"container-title":["Proceedings of the 52nd Annual IEEE\/ACM International Symposium on Microarchitecture"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3352460.3358288","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3352460.3358288","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3352460.3358288","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,29]],"date-time":"2025-07-29T22:25:37Z","timestamp":1753827937000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3352460.3358288"}},"subtitle":["Characterising Pointer Revocation using CHERI Capabilities for Temporal Memory Safety"],"short-title":[],"issued":{"date-parts":[[2019,10,12]]},"references-count":49,"alternative-id":["10.1145\/3352460.3358288","10.1145\/3352460"],"URL":"https:\/\/doi.org\/10.1145\/3352460.3358288","relation":{},"subject":[],"published":{"date-parts":[[2019,10,12]]},"assertion":[{"value":"2019-10-12","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}