{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,29]],"date-time":"2026-03-29T06:25:55Z","timestamp":1774765555684,"version":"3.50.1"},"reference-count":58,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2024,4,17]],"date-time":"2024-04-17T00:00:00Z","timestamp":1713312000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["62172217"],"award-info":[{"award-number":["62172217"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Joint Research Funds of the National Natural Science Foundation of China"},{"DOI":"10.13039\/501100007538","name":"Civil Aviation Administration of China","doi-asserted-by":"crossref","award":["U1533130"],"award-info":[{"award-number":["U1533130"]}],"id":[{"id":"10.13039\/501100007538","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Softw. Eng. Methodol."],"published-print":{"date-parts":[[2024,5,31]]},"abstract":"C is a dominant programming language for implementing system and low-level embedded software. Unfortunately, the unsafe nature of its low-level control of memory often leads to memory errors. Dynamic analysis has been widely used to detect memory errors at runtime. However, existing monitoring algorithms for dynamic analysis are not yet satisfactory, as they cannot deterministically and completely detect some types of errors, such as segment confusion errors, sub-object overflows, use-after-frees and memory leaks.<\/jats:p>\n \n We propose a new monitoring algorithm, namely\n Smatus<\/jats:sc>\n , short for\n smart status<\/jats:italic>\n , that improves memory safety by performing comprehensive dynamic analysis. The key innovation is to maintain at runtime a small\n status node<\/jats:italic>\n for each memory object. A status node records the\n status value<\/jats:italic>\n and\n reference count<\/jats:italic>\n of an object, where the status value denotes the liveness and segment type of this object, and the reference count tracks the number of pointer variables pointing to this object.\n Smatus<\/jats:sc>\n maintains at runtime a pointer metadata for each pointer variable, to record not only the base and bound of a pointer\u2019s referent but also the address of the referent\u2019s status node. All the pointers pointing to the same referent share the same status node in their pointer metadata. A status node is\n smart<\/jats:italic>\n in the sense that it is automatically deleted when it becomes useless (indicated by its reference count reaching zero). To the best of our knowledge,\n Smatus<\/jats:sc>\n represents the most comprehensive approach of its kind.\n <\/jats:p>\n \n We have evaluated\n Smatus<\/jats:sc>\n by using a large set of programs including the NIST Software Assurance Reference Dataset, MSBench, MiBench, SPEC and stress testing benchmarks. In terms of effectiveness (detecting different types of memory errors),\n Smatus<\/jats:sc>\n outperforms state-of-the-art tools, Google\u2019s AddressSanitizer, SoftBoundCETS and Valgrind, as it is capable of detecting more errors. In terms of performance (the time and memory overheads),\n Smatus<\/jats:sc>\n outperforms SoftBoundCETS and Valgrind in terms of both lower time and memory overheads incurred, and is on par with AddressSanitizer in terms of the time and memory overhead tradeoff made (with much lower memory overheads incurred).\n <\/jats:p>","DOI":"10.1145\/3637227","type":"journal-article","created":{"date-parts":[[2023,12,11]],"date-time":"2023-12-11T11:26:45Z","timestamp":1702294005000},"page":"1-47","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["A Smart Status Based Monitoring Algorithm\u00a0for the Dynamic Analysis of Memory Safety"],"prefix":"10.1145","volume":"33","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4707-2402","authenticated-orcid":false,"given":"Zhe","family":"Chen","sequence":"first","affiliation":[{"name":"Nanjing University of Aeronautics and Astronautics, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-2899-2588","authenticated-orcid":false,"given":"Rui","family":"Yan","sequence":"additional","affiliation":[{"name":"Nanjing University of Aeronautics and Astronautics, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-8242-3241","authenticated-orcid":false,"given":"Yingzi","family":"Ma","sequence":"additional","affiliation":[{"name":"Nanjing University of Aeronautics and Astronautics, Nanjing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9510-6574","authenticated-orcid":false,"given":"Yulei","family":"Sui","sequence":"additional","affiliation":[{"name":"University of New South Wales, Sydney, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0380-3506","authenticated-orcid":false,"given":"Jingling","family":"Xue","sequence":"additional","affiliation":[{"name":"University of New South Wales, Sydney, Australia"}]}],"member":"320","published-online":{"date-parts":[[2024,4,17]]},"reference":[{"key":"e_1_3_2_2_2","first-page":"51","volume-title":"Proceedings of the 18th USENIX Security Symposium","author":"Akritidis Periklis","year":"2009","unstructured":"Periklis Akritidis, Manuel Costa, Miguel Castro, and Steven Hand. 2009. Baggy bounds checking: An efficient and backwards-compatible defense against out-of-bounds errors. In Proceedings of the 18th USENIX Security Symposium. 51\u201366."},{"key":"e_1_3_2_3_2","first-page":"213","volume-title":"Proceedings of the 9th International Symposium on Code Generation and Optimication (CGO \u201911)","author":"Bruening Derek","year":"2011","unstructured":"Derek Bruening and Qin Zhao. 2011. Practical memory checking with Dr. Memory. In Proceedings of the 9th International Symposium on Code Generation and Optimication (CGO \u201911). IEEE, Los Alamitos, CA, 213\u2013223."},{"key":"e_1_3_2_4_2","doi-asserted-by":"crossref","first-page":"381","DOI":"10.1145\/3196494.3196540","volume-title":"Proceedings of the 2018 on Asia Conference on Computer and Communications Security (AsiaCCS \u201918)","author":"Burow Nathan","year":"2018","unstructured":"Nathan Burow, Derrick McKee, Scott A. Carr, and Mathias Payer. 2018. CUP: Comprehensive user-space protection for C\/C++. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (AsiaCCS \u201918). ACM, New York, NY, 381\u2013392."},{"key":"e_1_3_2_5_2","volume-title":"The MiBench and SPEC Benchmark Suites","author":"Chen Zhe","year":"2021","unstructured":"Zhe Chen. 2021. The MiBench and SPEC Benchmark Suites. Retrieved December 17, 2023 from https:\/\/github.com\/drzchen\/movec-benchmarks"},{"key":"e_1_3_2_6_2","volume-title":"Movec: A Tool for the Monitoring and Verification of C Programs","author":"Chen Zhe","year":"2021","unstructured":"Zhe Chen. 2021. Movec: A Tool for the Monitoring and Verification of C Programs. Retrieved December 17, 2023 from https:\/\/github.com\/drzchen\/movec"},{"key":"e_1_3_2_7_2","volume-title":"Movec-MSBench: A Memory Safety Benchmark Suite, Version 2.0.1","author":"Chen Zhe","year":"2021","unstructured":"Zhe Chen. 2021. Movec-MSBench: A Memory Safety Benchmark Suite, Version 2.0.1. Retrieved December 17, 2023 from https:\/\/github.com\/drzchen\/movec-msbench"},{"key":"e_1_3_2_8_2","volume-title":"A Formal Operational Semantics of the Smatus Approach","author":"Chen Zhe","year":"2022","unstructured":"Zhe Chen. 2022. A Formal Operational Semantics of the Smatus Approach. Retrieved December 17, 2023 from https:\/\/github.com\/drzchen\/movec-proof"},{"issue":"7","key":"e_1_3_2_9_2","first-page":"989","article-title":"Model checking aircraft controller software: A case study","volume":"45","author":"Chen Zhe","year":"2015","unstructured":"Zhe Chen, Yi Gu, Zhiqiu Huang, Jun Zheng, Chang Liu, and Ziyi Liu. 2015. Model checking aircraft controller software: A case study. Software: Practice & Experience 45, 7 (2015), 989\u20131017.","journal-title":"Software: Practice & Experience"},{"key":"e_1_3_2_10_2","doi-asserted-by":"crossref","first-page":"189","DOI":"10.1145\/3183440.3195090","volume-title":"Proceedings of the 40th International Conference on Software Engineering (ICSE \u201918), Companion Volume","author":"Chen Zhe","year":"2018","unstructured":"Zhe Chen, Chuanqi Tao, Zhiyi Zhang, and Zhibin Yang. 2018. Beyond spatial and temporal memory safety. In Proceedings of the 40th International Conference on Software Engineering (ICSE \u201918), Companion Volume. ACM, New York, NY, 189\u2013190."},{"key":"e_1_3_2_11_2","doi-asserted-by":"crossref","first-page":"296","DOI":"10.1145\/3460319.3464807","volume-title":"Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA \u201921)","author":"Chen Zhe","year":"2021","unstructured":"Zhe Chen, Chong Wang, Junqi Yan, Yulei Sui, and Jingling Xue. 2021. Runtime detection of memory errors with smart status. In Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA \u201921). ACM, New York, NY, 296\u2013308."},{"key":"e_1_3_2_12_2","doi-asserted-by":"crossref","unstructured":"Zhe Chen Zhemin Wang Yunlong Zhu Hongwei Xi and Zhibin Yang. 2016. Parametric runtime verification of C programs. In Tools and Algorithms for the Construction and Analysis of Systems. Lecture Notes in Computer Science Vol. 9636. Springer 299\u2013315.","DOI":"10.1007\/978-3-662-49674-9_17"},{"key":"e_1_3_2_13_2","doi-asserted-by":"crossref","first-page":"341","DOI":"10.1145\/3293882.3330581","volume-title":"Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA \u201919)","author":"Chen Zhe","year":"2019","unstructured":"Zhe Chen, Junqi Yan, Shuanglong Kan, Ju Qian, and Jingling Xue. 2019. Detecting memory errors at runtime with source-level instrumentation. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA \u201919). ACM, New York, NY, 341\u2013351."},{"key":"e_1_3_2_14_2","doi-asserted-by":"crossref","first-page":"264","DOI":"10.1145\/3183440.3194962","volume-title":"Proceedings of the 40th International Conference on Software Engineering (ICSE \u201918), Companion Volume","author":"Chen Zhe","year":"2018","unstructured":"Zhe Chen, Junqi Yan, Wenming Li, Ju Qian, and Zhiqiu Huang. 2018. Runtime verification of memory safety via source transformation. In Proceedings of the 40th International Conference on Software Engineering (ICSE \u201918), Companion Volume. ACM, New York, NY, 264\u2013265."},{"key":"e_1_3_2_15_2","first-page":"287","volume-title":"Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA \u201913)","author":"DeLozier Christian","year":"2013","unstructured":"Christian DeLozier, Richard A. Eisenberg, Santosh Nagarakatte, Peter-Michael Osera, Milo M. K. Martin, and Steve Zdancewic. 2013. Ironclad C++: A library-augmented type-safe subset of C++. In Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA \u201913). ACM, New York, NY, 287\u2013304."},{"key":"e_1_3_2_16_2","first-page":"162","volume-title":"Proceedings of the 28th International Conference on Software Engineering (ICSE \u201906)","author":"Dhurjati Dinakar","year":"2006","unstructured":"Dinakar Dhurjati and Vikram S. Adve. 2006. Backwards-compatible array bounds checking for C with very low overhead. In Proceedings of the 28th International Conference on Software Engineering (ICSE \u201906). ACM, New York, NY, 162\u2013171."},{"key":"e_1_3_2_17_2","doi-asserted-by":"crossref","first-page":"132","DOI":"10.1145\/2892208.2892212","volume-title":"Proceedings of the 25th International Conference on Compiler Construction (CC \u201916)","author":"Duck Gregory J.","year":"2016","unstructured":"Gregory J. Duck and Roland H. C. Yap. 2016. Heap bounds protection with low fat pointers. In Proceedings of the 25th International Conference on Compiler Construction (CC \u201916). ACM, New York, NY, 132\u2013142."},{"issue":"5","key":"e_1_3_2_18_2","doi-asserted-by":"crossref","first-page":"277","DOI":"10.1134\/S0361768817050024","article-title":"Using static symbolic execution to detect buffer overflows","volume":"43","author":"Dudina I. A.","year":"2017","unstructured":"I. A. Dudina and A. A. Belevantsev. 2017. Using static symbolic execution to detect buffer overflows. Programming and Computer Software 43, 5 (2017), 277\u2013288.","journal-title":"Programming and Computer Software"},{"key":"e_1_3_2_19_2","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1109\/SecDev.2018.00015","volume-title":"Proceedings of the 2018 IEEE Cybersecurity Development Conference (SecDev \u201918)","author":"Elliott A. S.","year":"2018","unstructured":"A. S. Elliott, A. Ruef, M. Hicks, and D. Tarditi. 2018. Checked C: Making C safe by extension. In Proceedings of the 2018 IEEE Cybersecurity Development Conference (SecDev \u201918). IEEE, Los Alamitos, CA, 53\u201360."},{"key":"e_1_3_2_20_2","first-page":"3","volume-title":"Proceedings of the IEEE 4th Annual Workshop on Workload Characterization","author":"Guthaus Matthew R.","year":"2001","unstructured":"Matthew R. Guthaus, Jeffrey S. Ringenberg, Dan Ernst, Todd M. Austin, Trevor Mudge, and Richard B. Brown. 2001. MiBench: A free, commercially representative embedded benchmark suite. In Proceedings of the IEEE 4th Annual Workshop on Workload Characterization. IEEE, Los Alamitos, CA, 3\u201314."},{"key":"e_1_3_2_21_2","first-page":"135","volume-title":"Proceedings of the 10th Annual IEEE\/ACM International Symposium on Code Generation and Optimization (CGO \u201912)","author":"Hasabnis Niranjan","year":"2012","unstructured":"Niranjan Hasabnis, Ashish Misra, and R. Sekar. 2012. Light-weight bounds checking. In Proceedings of the 10th Annual IEEE\/ACM International Symposium on Code Generation and Optimization (CGO \u201912). ACM, New York, NY, 135\u2013144."},{"key":"e_1_3_2_22_2","first-page":"125","volume-title":"Proceedings of the Winter 1992 USENIX Conference","author":"Hastings Reed","year":"1992","unstructured":"Reed Hastings and Bob Joyce. 1992. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter 1992 USENIX Conference. 125\u2013138."},{"key":"e_1_3_2_23_2","first-page":"275","volume-title":"Proceedings of the 2002 USENIX Annual Technical Conference","author":"Jim Trevor","year":"2002","unstructured":"Trevor Jim, J. Gregory Morrisett, Dan Grossman, Michael W. Hicks, James Cheney, and Yanling Wang. 2002. Cyclone: A safe dialect of C. In Proceedings of the 2002 USENIX Annual Technical Conference. 275\u2013288."},{"key":"e_1_3_2_24_2","first-page":"13","volume-title":"Proceedings of the 3rd International Workshop on Automated Debugging (AADEBUG \u201997)","author":"Jones Richard W. M.","year":"1997","unstructured":"Richard W. M. Jones and Paul H. J. Kelly. 1997. Backwards-compatible bounds checking for arrays and pointers in C programs. In Proceedings of the 3rd International Workshop on Automated Debugging (AADEBUG \u201997). 13\u201326."},{"key":"e_1_3_2_25_2","first-page":"Article 22, 14","volume-title":"Proceedings of the 13th EuroSys Conference (EuroSys \u201918)","author":"Kroes Taddeus","year":"2018","unstructured":"Taddeus Kroes, Koen Koning, Erik van der Kouwe, Herbert Bos, and Cristiano Giuffrida. 2018. Delta pointers: Buffer overflow checks without the checks. In Proceedings of the 13th EuroSys Conference (EuroSys \u201918). ACM, New York, NY, Article 22, 14 pages."},{"key":"e_1_3_2_26_2","doi-asserted-by":"crossref","first-page":"272","DOI":"10.1145\/1453101.1453137","volume-title":"Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE \u201908)","author":"Le Wei","year":"2008","unstructured":"Wei Le and Mary Lou Soffa. 2008. Marple: A demand-driven path-sensitive buffer overflow detector. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE \u201908). ACM, New York, NY, 272\u2013282."},{"key":"e_1_3_2_27_2","first-page":"317","volume-title":"Proceedings of the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE \u201910)","author":"Li Lian","year":"2010","unstructured":"Lian Li, Cristina Cifuentes, and Nathan Keynes. 2010. Practical and effective symbolic analysis for buffer overflow detection. In Proceedings of the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE \u201910). ACM, New York, NY, 317\u2013326."},{"key":"e_1_3_2_28_2","first-page":"911","volume-title":"Proceedings of the 38th International Conference on Software Engineering (ICSE \u201916)","author":"Liu Tongping","year":"2016","unstructured":"Tongping Liu, Charlie Curtsinger, and Emery D. Berger. 2016. DoubleTake: Fast and precise error detection via evidence-based dynamic analysis. In Proceedings of the 38th International Conference on Software Engineering (ICSE \u201916). ACM, New York, NY, 911\u2013922."},{"key":"e_1_3_2_29_2","doi-asserted-by":"crossref","unstructured":"Alexey Loginov Suan Hsi Yong Susan Horwitz and Thomas W. Reps. 2001. Debugging via run-time type checking. In Fundamental Approaches to Software Engineering. Lecture Notes in Computer Science Vol. 2029. Springer 217\u2013232.","DOI":"10.1007\/3-540-45314-8_16"},{"key":"e_1_3_2_30_2","unstructured":"Santosh Nagarakatte Milo M. K. Martin and Steve Zdancewic. 2015. Everything you want to know about pointer-based checking. In 1st Summit on Advances in Programming Languages SNAPL 2015 LIPIcs Vol. 32. Schloss Dagstuhl\u2013Leibniz-Zentrum fuer Informatik 190\u2013208."},{"key":"e_1_3_2_31_2","doi-asserted-by":"crossref","first-page":"245","DOI":"10.1145\/1542476.1542504","volume-title":"Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201909)","author":"Nagarakatte Santosh","year":"2009","unstructured":"Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Martin, and Steve Zdancewic. 2009. SoftBound: Highly compatible and complete spatial memory safety for C. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201909). ACM, New York, NY, 245\u2013258."},{"key":"e_1_3_2_32_2","first-page":"31","volume-title":"Proceedings of the 9th International Symposium on Memory Management (ISMM \u201910)","author":"Nagarakatte Santosh","year":"2010","unstructured":"Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Martin, and Steve Zdancewic. 2010. CETS: Compiler enforced temporal safety for C. In Proceedings of the 9th International Symposium on Memory Management (ISMM \u201910). ACM, New York, NY, 31\u201340."},{"issue":"3","key":"e_1_3_2_33_2","doi-asserted-by":"crossref","first-page":"477","DOI":"10.1145\/1065887.1065892","article-title":"CCured: Type-safe retrofitting of legacy software","volume":"27","author":"Necula George C.","year":"2005","unstructured":"George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, and Westley Weimer. 2005. CCured: Type-safe retrofitting of legacy software. ACM Transactions on Programming Languages and Systems 27, 3 (2005), 477\u2013526.","journal-title":"ACM Transactions on Programming Languages and Systems"},{"key":"e_1_3_2_34_2","first-page":"128","volume-title":"Proceedings of the 29th SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL \u201902)","author":"Necula George C.","year":"2002","unstructured":"George C. Necula, Scott McPeak, and Westley Weimer. 2002. CCured: Type-safe retrofitting of legacy code. In Proceedings of the 29th SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL \u201902). ACM, New York, NY, 128\u2013139."},{"key":"e_1_3_2_35_2","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1145\/1254810.1254820","volume-title":"Proceedings of the 3rd International Conference on Virtual Execution Environments (VEE \u201907)","author":"Nethercote Nicholas","year":"2007","unstructured":"Nicholas Nethercote and Julian Seward. 2007. How to shadow every byte of memory used by a program. In Proceedings of the 3rd International Conference on Virtual Execution Environments (VEE \u201907). ACM, New York, NY, 65\u201374."},{"key":"e_1_3_2_36_2","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1145\/1250734.1250746","volume-title":"Proceedings of the ACM SIGPLAN 2007 Conference on Programming Language Design and Implementation (PLDI \u201907)","author":"Nethercote Nicholas","year":"2007","unstructured":"Nicholas Nethercote and Julian Seward. 2007. Valgrind: A framework for heavyweight dynamic binary instrumentation. In Proceedings of the ACM SIGPLAN 2007 Conference on Programming Language Design and Implementation (PLDI \u201907). ACM, New York, NY, 89\u2013100."},{"key":"e_1_3_2_37_2","doi-asserted-by":"crossref","first-page":"259","DOI":"10.1145\/1542476.1542505","volume-title":"Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201909)","author":"Oiwa Yutaka","year":"2009","unstructured":"Yutaka Oiwa. 2009. Implementation of the memory-safe full ANSI-C compiler. In Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201909). ACM, New York, NY, 259\u2013269."},{"issue":"1","key":"e_1_3_2_38_2","first-page":"87","article-title":"Low-cost, concurrent checking of pointer and array accesses in C programs","volume":"27","author":"Patil Harish","year":"1997","unstructured":"Harish Patil and Charles N. Fischer. 1997. Low-cost, concurrent checking of pointer and array accesses in C programs. Software: Practice and Experience 27, 1 (1997), 87\u2013110.","journal-title":"Software: Practice and Experience"},{"key":"e_1_3_2_39_2","doi-asserted-by":"crossref","unstructured":"Andrew Ruef Leonidas Lampropoulos Ian Sweet David Tarditi and Michael Hicks. 2019. Achieving safety incrementally with checked C. In Principles of Security and Trust. Lecture Notes in Computer Science Vol. 11426. Springer 76\u2013998.","DOI":"10.1007\/978-3-030-17138-4_4"},{"key":"e_1_3_2_40_2","first-page":"159","volume-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS \u201904)","author":"Ruwase Olatunji","year":"2004","unstructured":"Olatunji Ruwase and Monica S. Lam. 2004. A practical dynamic buffer overflow detector. In Proceedings of the Network and Distributed System Security Symposium (NDSS \u201904). 159\u2013169."},{"issue":"2","key":"e_1_3_2_41_2","first-page":"12","article-title":"ARM memory tagging extension and how it improves C\/C++ memory safety","volume":"44","author":"Serebryany Kostya","year":"2019","unstructured":"Kostya Serebryany. 2019. ARM memory tagging extension and how it improves C\/C++ memory safety. USENIX Magazine 44, 2 (2019), 12\u201316.","journal-title":"USENIX Magazine"},{"key":"e_1_3_2_42_2","volume-title":"Proceedings of the 2012 USENIX Annual Technical Conference","author":"Serebryany Konstantin","year":"2012","unstructured":"Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitriy Vyukov. 2012. AddressSanitizer: A fast address sanity checker. In Proceedings of the 2012 USENIX Annual Technical Conference. 309\u2013318."},{"key":"e_1_3_2_43_2","first-page":"17","volume-title":"Proceedings of the 2005 USENIX Annual Technical Conference","author":"Seward Julian","year":"2005","unstructured":"Julian Seward and Nicholas Nethercote. 2005. Using Valgrind to detect undefined value errors with bit-precision. In Proceedings of the 2005 USENIX Annual Technical Conference. 17\u201330."},{"key":"e_1_3_2_44_2","first-page":"199","volume-title":"Proceedings of the 10th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM \u201910)","author":"Simpson Matthew S.","year":"2010","unstructured":"Matthew S. Simpson and Rajeev Barua. 2010. MemSafe: Ensuring the spatial and temporal memory safety of C at runtime. In Proceedings of the 10th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM \u201910). IEEE, Los Alamitos, CA, 199\u2013208."},{"issue":"1","key":"e_1_3_2_45_2","first-page":"93","article-title":"MemSafe: Ensuring the spatial and temporal memory safety of C at runtime","volume":"43","author":"Simpson Matthew S.","year":"2013","unstructured":"Matthew S. Simpson and Rajeev Barua. 2013. MemSafe: Ensuring the spatial and temporal memory safety of C at runtime. Software: Practice and Experience 43, 1 (2013), 93\u2013128.","journal-title":"Software: Practice and Experience"},{"issue":"8","key":"e_1_3_2_46_2","doi-asserted-by":"crossref","first-page":"812","DOI":"10.1109\/TSE.2018.2869336","article-title":"Value-flow-based demand-driven pointer analysis for C and C++","volume":"46","author":"Sui Yulei","year":"2020","unstructured":"Yulei Sui and Jingling Xue. 2020. Value-flow-based demand-driven pointer analysis for C and C++. IEEE Transactions on Software Engineering 46, 8 (2020), 812\u2013835.","journal-title":"IEEE Transactions on Software Engineering"},{"key":"e_1_3_2_47_2","first-page":"254","volume-title":"Proceedings of the International Symposium on Software Testing and Analysis (ISSTA \u201912)","author":"Sui Yulei","year":"2012","unstructured":"Yulei Sui, Ding Ye, and Jingling Xue. 2012. Static memory leak detection using full-sparse value-flow analysis. In Proceedings of the International Symposium on Software Testing and Analysis (ISSTA \u201912). ACM, New York, NY, 254\u2013264."},{"issue":"2","key":"e_1_3_2_48_2","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1109\/TSE.2014.2302311","article-title":"Detecting memory leaks statically with full-sparse value-flow analysis","volume":"40","author":"Sui Yulei","year":"2014","unstructured":"Yulei Sui, Ding Ye, and Jingling Xue. 2014. Detecting memory leaks statically with full-sparse value-flow analysis. IEEE Transactions on Software Engineering 40, 2 (2014), 107\u2013122.","journal-title":"IEEE Transactions on Software Engineering"},{"key":"e_1_3_2_49_2","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1109\/SP.2013.13","volume-title":"Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP \u201913)","author":"Szekeres Laszlo","year":"2013","unstructured":"Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. SoK: Eternal war in memory. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP \u201913). IEEE, Los Alamitos, CA, 48\u201362."},{"key":"e_1_3_2_50_2","volume-title":"CWE-762: Mismatched Memory Management Routines (May 8, 2009)","author":"Corporation The MITRE","year":"2009","unstructured":"The MITRE Corporation. 2009. CWE-762: Mismatched Memory Management Routines (May 8, 2009). Retrieved December 17, 2023 from https:\/\/cwe.mitre.org\/data\/definitions\/762.html"},{"key":"e_1_3_2_51_2","volume-title":"CWE-590: Free of Memory Not on the Heap (February 24, 2020)","author":"Corporation The MITRE","year":"2020","unstructured":"The MITRE Corporation. 2020. CWE-590: Free of Memory Not on the Heap (February 24, 2020). Retrieved December 17, 2023 from https:\/\/cwe.mitre.org\/data\/definitions\/590.html"},{"key":"e_1_3_2_52_2","doi-asserted-by":"crossref","unstructured":"Kostyantyn Vorobyov Nikolai Kosmatov Julien Signoles and Arvid Jakobsson. 2017. Runtime detection of temporal memory errors. In Runtime Verification. Lecture Notes in Computer Science Vol. 10548. Springer 294\u2013311.","DOI":"10.1007\/978-3-319-67531-2_18"},{"key":"e_1_3_2_53_2","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1145\/3092255.3092269","volume-title":"Proceedings of the 2017 ACM SIGPLAN International Symposium on Memory Management (ISMM \u201917)","author":"Vorobyov Kostyantyn","year":"2017","unstructured":"Kostyantyn Vorobyov, Julien Signoles, and Nikolai Kosmatov. 2017. Shadow state encoding for efficient monitoring of block-level properties. In Proceedings of the 2017 ACM SIGPLAN International Symposium on Memory Management (ISMM \u201917). ACM, New York, NY, 47\u201358."},{"issue":"3","key":"e_1_3_2_54_2","first-page":"Article 17, 28","article-title":"Precise memory leak detection for Java software using container profiling","volume":"22","author":"Xu Guoqing","year":"2013","unstructured":"Guoqing Xu and Atanas Rountev. 2013. Precise memory leak detection for Java software using container profiling. ACM Transactions on Software Engineering and Methodology 22, 3 (2013), Article 17, 28 pages.","journal-title":"ACM Transactions on Software Engineering and Methodology"},{"key":"e_1_3_2_55_2","first-page":"117","volume-title":"Proceedings of the 12th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE \u201904)","author":"Xu Wei","year":"2004","unstructured":"Wei Xu, Daniel C. DuVarney, and R. Sekar. 2004. An efficient and backwards-compatible transformation to ensure memory safety of C programs. In Proceedings of the 12th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE \u201904). ACM, New York, NY, 117\u2013126."},{"key":"e_1_3_2_56_2","first-page":"88","volume-title":"Proceedings of the 25th IEEE International Symposium on Software Reliability Engineering (ISSRE \u201914)","author":"Ye Ding","year":"2014","unstructured":"Ding Ye, Yu Su, Yulei Sui, and Jingling Xue. 2014. WPBOUND: Enforcing spatial memory safety efficiently at runtime with weakest preconditions. In Proceedings of the 25th IEEE International Symposium on Software Reliability Engineering (ISSRE \u201914). IEEE, Los Alamitos, CA, 88\u201399."},{"key":"e_1_3_2_57_2","first-page":"307","volume-title":"Proceedings of the 11th ACM SIGSOFT Symposium on Foundations of Software Engineering and the 9th European Software Engineering Conference (ESEC\/FSE \u201903)","author":"Yong Suan Hsi","year":"2003","unstructured":"Suan Hsi Yong and Susan Horwitz. 2003. Protecting C programs from attacks via invalid pointer dereferences. In Proceedings of the 11th ACM SIGSOFT Symposium on Foundations of Software Engineering and the 9th European Software Engineering Conference (ESEC\/FSE \u201903). ACM, New York, NY, 307\u2013316."},{"key":"e_1_3_2_58_2","doi-asserted-by":"crossref","first-page":"367","DOI":"10.1145\/1993498.1993541","volume-title":"Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201911)","author":"Zeng Qiang","year":"2011","unstructured":"Qiang Zeng, Dinghao Wu, and Peng Liu. 2011. Cruiser: Concurrent heap buffer overflow monitoring using lock-free data structures. In Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI \u201911). ACM, New York, NY, 367\u2013377."},{"key":"e_1_3_2_59_2","first-page":"427","volume-title":"Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL \u201912)","author":"Zhao Jianzhou","year":"2012","unstructured":"Jianzhou Zhao, Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic. 2012. Formalizing the LLVM intermediate representation for verified program transformations. In Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL \u201912). ACM, New York, NY, 427\u2013440."}],"container-title":["ACM Transactions on Software Engineering and Methodology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3637227","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3637227","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:43:42Z","timestamp":1750290222000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3637227"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,17]]},"references-count":58,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,5,31]]}},"alternative-id":["10.1145\/3637227"],"URL":"https:\/\/doi.org\/10.1145\/3637227","relation":{},"ISSN":["1049-331X","1557-7392"],"issn-type":[{"value":"1049-331X","type":"print"},{"value":"1557-7392","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,4,17]]},"assertion":[{"value":"2022-12-11","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-11-29","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-04-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}