{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T14:29:33Z","timestamp":1754144973229,"version":"3.41.2"},"publisher-location":"New York, NY, USA","reference-count":56,"publisher":"ACM","funder":[{"name":"MOE AcRF Tier 2","award":["T2EP20222-0026"],"award-info":[{"award-number":["T2EP20222-0026"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,13]]},"DOI":"10.1145\/3735950.3735959","type":"proceedings-article","created":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T15:04:50Z","timestamp":1749827090000},"page":"94-108","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Fully Randomized Pointers"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-5960-0574","authenticated-orcid":false,"given":"Sai Dhawal","family":"Phaye","sequence":"first","affiliation":[{"name":"National University of Singapore, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0837-9671","authenticated-orcid":false,"given":"Gregory J.","family":"Duck","sequence":"additional","affiliation":[{"name":"National University of Singapore, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1188-7474","authenticated-orcid":false,"given":"Roland H. C.","family":"Yap","sequence":"additional","affiliation":[{"name":"National University of Singapore, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8742-134X","authenticated-orcid":false,"given":"Trevor E.","family":"Carlson","sequence":"additional","affiliation":[{"name":"National University of Singapore, Singapore, Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,6,13]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"crossref","unstructured":"Andrea A. Bittau B. Adam A. Mashtizadeh D. Mazi\u00e8res and D. Boneh. 2014. Hacking Blind. In Security and Privacy. IEEE.","DOI":"10.1109\/SP.2014.22"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"crossref","unstructured":"T. Austin S. Breach and G. Sohi. 1994. Efficient Detection of All Pointer and Array Access Errors. In Program Language Design and Implementation. ACM.","DOI":"10.1145\/178243.178446"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"crossref","unstructured":"J. Ba G. Duck and A. Roychoudhury. 2022. Efficient Greybox Fuzzing to Detect Memory Errors. In Automated Software Engineering. ACM.","DOI":"10.1145\/3551349.3561161"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"crossref","unstructured":"E. Berger and B. Zorn. 2006. DieHard: Probabilistic Memory Safety for Unsafe Languages. In Programming Language Design and Implementation. ACM.","DOI":"10.1145\/1133981.1134000"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2024716.2024718"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"crossref","unstructured":"D. Bruening and Q. Zhao. 2011. Practical Memory Checking with Dr. Memory. In Code Generation and Optimization. IEEE.","DOI":"10.1109\/CGO.2011.5764689"},{"volume-title":"SPEC CPU2017: Next-Generation Compute Benchmark. In International Conference on Performance Engineering. ACM.","author":"Bucek J.","key":"e_1_3_2_2_7_1","unstructured":"J. Bucek, K. Lange, and J. Kistowski. 2018. SPEC CPU2017: Next-Generation Compute Benchmark. In International Conference on Performance Engineering. ACM."},{"key":"e_1_3_2_2_8_1","unstructured":"Chromium. 2025. Memory safety in Chromium Security. https:\/\/www.chromium.org\/Home\/chromium-security\/memory-safety"},{"volume-title":"Security Symposium. USENIX.","author":"Cowan C.","key":"e_1_3_2_2_9_1","unstructured":"C. Cowan, S. Beattie, J. Johansen, and P. Wagle. 2003. PointGuard\u2122 : Protecting Pointers from Buffer Overflow Vulnerabilities. In Security Symposium. USENIX."},{"volume-title":"Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. In Security Symposium. USENIX.","author":"Dang T.","key":"e_1_3_2_2_10_1","unstructured":"T. Dang, P. Maniatis, and D. Wagner. 2017. Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. In Security Symposium. USENIX."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"crossref","unstructured":"S. Dinesh N. Burow D. Xu and M. Payer. 2020. RetroWrite : Statically Instrumenting COTS Binaries for Fuzzing and Sanitization. In Security and Privacy. IEEE.","DOI":"10.1109\/SP40000.2020.00009"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"crossref","unstructured":"G. Duck G. Xiang and A. Roychoudhury. 2020. Binary Rewriting without Control Flow Recovery. In Programming Language Design and Implementation. ACM.","DOI":"10.1145\/3385412.3385972"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"crossref","unstructured":"G. Duck and R. Yap. 2016. Heap Bounds Protection with Low Fat Pointers. In Compiler Construction. ACM.","DOI":"10.1145\/2892208.2892212"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"crossref","unstructured":"G. Duck and R. Yap. 2018. EffectiveSan: Type and Memory Error Detection using Dynamically Typed C\/C++. In Programming Language Design and Implementation. ACM.","DOI":"10.1145\/3192366.3192388"},{"volume-title":"Stack Bounds Protection with Low Fat Pointers. In Network and Distributed System Security Symposium. Internet Society.","author":"Duck G.","key":"e_1_3_2_2_15_1","unstructured":"G. Duck, R. Yap, and L. Cavallaro. 2017. Stack Bounds Protection with Low Fat Pointers. In Network and Distributed System Security Symposium. Internet Society."},{"volume-title":"European Conference on Computer Systems. ACM.","author":"Duck G.","key":"e_1_3_2_2_16_1","unstructured":"G. Duck, Y. Zhang, and R. Yap. 2022. Hardening Binaries against More Memory Errors. In European Conference on Computer Systems. ACM."},{"volume-title":"The Matter of Heartbleed. In Internet Measurement Conference. ACM.","author":"Durumeric Z.","key":"e_1_3_2_2_17_1","unstructured":"Z. Durumeric, F. Li, J. Kasten, J. Amann, J. Beekman, M. Payer, N. Weaver, D. Adrian, V. Paxson, M. Bailey, and J. Halderman. 2014. The Matter of Heartbleed. In Internet Measurement Conference. ACM."},{"key":"e_1_3_2_2_18_1","volume-title":"NOREBA: A Compiler-Informed Non-Speculative Out-of-Order Commit Processor. In Architectural Support for Programming Languages and Operating Systems. ACM.","author":"Hajiabadi A.","year":"2021","unstructured":"A. Hajiabadi, A. Diavastos, and T. Carlson. 2021. NOREBA: A Compiler-Informed Non-Speculative Out-of-Order Commit Processor. In Architectural Support for Programming Languages and Operating Systems. ACM."},{"key":"e_1_3_2_2_19_1","article-title":"SimPoint 3.0: Faster and More Flexible Program Phase Analysis","volume":"7","author":"Hamerly G.","year":"2005","unstructured":"G. Hamerly, E. Perelman, J. Lau, and B. Calder. 2005. SimPoint 3.0: Faster and More Flexible Program Phase Analysis. Journal of Instruction-Level Parallelism, 7 (2005), 09, 1\u201328.","journal-title":"Journal of Instruction-Level Parallelism"},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"crossref","unstructured":"N. Hasabnis A. Misra and R. Sekar. 2012. Light-weight Bounds Checking. In Code Generation and Optimization. ACM.","DOI":"10.1145\/2259016.2259034"},{"volume-title":"Purify: Fast Detection of Memory Leaks and Access Errors. In Winter Conference. USENIX.","author":"Hastings R.","key":"e_1_3_2_2_21_1","unstructured":"R. Hastings and B. Joyce. 1992. Purify: Fast Detection of Memory Leaks and Access Errors. In Winter Conference. USENIX."},{"key":"e_1_3_2_2_22_1","unstructured":"Intel Corporation. 2025. Intel 64 and IA-32 Architectures Software Developer\u2019s Manual."},{"key":"e_1_3_2_2_23_1","unstructured":"ISO. 2018. ISO\/IEC 9899:2018 Information technology \u2014 Programming languages \u2014 C. International Organization for Standardization."},{"volume-title":"FuZZan: Efficient Sanitizer Metadata Design for Fuzzing. In Annual Technical Conference. USENIX.","author":"Jeon Y.","key":"e_1_3_2_2_24_1","unstructured":"Y. Jeon, W. Han, N. Burow, and M. Payer. 2020. FuZZan: Efficient Sanitizer Metadata Design for Fuzzing. In Annual Technical Conference. USENIX."},{"volume-title":"Cyclone: A Safe Dialect of C. In Annual Technical Conference. USENIX.","author":"Jim T.","key":"e_1_3_2_2_25_1","unstructured":"T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. 2002. Cyclone: A Safe Dialect of C. In Annual Technical Conference. USENIX."},{"volume-title":"Backwards-compatible Bounds Checking for Arrays and Pointers in C Programs. In Workshop on Automated Debugging.","author":"Jones R.","key":"e_1_3_2_2_26_1","unstructured":"R. Jones and P. Kelly. 1997. Backwards-compatible Bounds Checking for Arrays and Pointers in C Programs. In Workshop on Automated Debugging."},{"key":"e_1_3_2_2_27_1","volume-title":"Spectre Attacks: Exploiting Speculative Execution. In Security and Privacy","author":"Kocher P.","year":"2019","unstructured":"P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, and Y. Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In Security and Privacy. IEEE."},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"crossref","unstructured":"M. LeMay J. Rakshit S. Deutsch D. Durham S. Ghosh A. Nori J. Gaur A. Weiler S. Sultana K. Grewal and S. Subramoney. 2021. Cryptographic Capability Computing. In Microarchitecture. ACM.","DOI":"10.1145\/3466752.3480076"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"crossref","unstructured":"Y. Li W. Tan Z. Lv S. Yang M. Payer Y. Liu and C. Zhang. 2022. PACMem: Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication. In Computer and Communications Security. ACM.","DOI":"10.1145\/3548606.3560598"},{"key":"e_1_3_2_2_30_1","volume-title":"Simulator: Version 20.0+.","author":"Lowe-Power J.","year":"2020","unstructured":"J. Lowe-Power, A. Ahmad, A. Akram, M. Alian, R. Amslinger, M. Andreozzi, A. Armejach, N. Asmussen, B. Beckmann, S. Bharadwaj, G. Black, G. Bloom, B. Bruce, D. Carvalho, J. Castrillon, L. Chen, N. Derumigny, S. Diestelhorst, W. Elsasser, C. Escuin, M. Fariborz, A. Farmahini-Farahani, P. Fotouhi, R. Gambord, J. Gandhi, D. Gope, T. Grass, A. Gutierrez, B. Hanindhito, A. Hansson, S. Haria, A. Harris, T. Hayes, A. Herrera, M. Horsnell, S. Jafri, R. Jagtap, H. Jang, R. Jeyapaul, T. Jones, M. Jung, S. Kannoth, H. Khaleghzadeh, Y. Kodama, T. Krishna, T. Marinelli, C. Menard, A. Mondelli, M. Moreto, T. M\u00fcck, O. Naji, K. Nathella, H. Nguyen, N. Nikoleris, L. Olson, M. Orr, B. Pham, P. Prieto, T. Reddy, A. Roelke, M. Samani, A. Sandberg, J. Setoain, B. Shingarov, M. Sinclair, T. Ta, R. Thakur, G. Travaglini, M. Upton, N. Vaish, I. Vougioukas, W. Wang, Z. Wang, N. Wehn, C. Weis, D. Wood, H. Yoon, and E. Zulian. 2020. The gem5 Simulator: Version 20.0+."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"e_1_3_2_2_32_1","volume-title":"Archipelago: Trading Address Space for Reliability and Security. In Architectural Support for Programming Languages and Operating Systems. ACM.","author":"Lvin V.","year":"2008","unstructured":"V. Lvin, G. Novark, E. Berger, and B. 2008. Archipelago: Trading Address Space for Reliability and Security. In Architectural Support for Programming Languages and Operating Systems. ACM."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"crossref","unstructured":"K. Memarian V. Gomes B. Davis S. Kell A. Richardson R. Watson and P. Sewell. 2019. Exploring C Semantics and Pointer Provenance. Principles of Programming Languages.","DOI":"10.1145\/3290380"},{"key":"e_1_3_2_2_34_1","unstructured":"Microsoft. 2025. Trends Challenges and Strategic Shifts in the Software Vulnerability Mitigation Landscape. https:\/\/github.com\/microsoft\/MSRC-Security-Research\/tree\/master\/presentations\/2019_02_BlueHatIL"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"crossref","unstructured":"S. Nagarakatte Z. Santosh M. Jianzhou M. Martin and S. Zdancewic. 2009. SoftBound: Highly Compatible and Complete Spatial Memory Safety for C. In Programming Language Design and Implementation. ACM.","DOI":"10.1145\/1542476.1542504"},{"volume-title":"CETS: Compiler Enforced Temporal Safety for C. In International Symposium on Memory Management. ACM.","author":"Nagarakatte S.","key":"e_1_3_2_2_36_1","unstructured":"S. Nagarakatte, J. Zhao, M. Martin, and S. Zdancewic. 2010. CETS: Compiler Enforced Temporal Safety for C. In International Symposium on Memory Management. ACM."},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"crossref","unstructured":"G. Necula S. McPeak and W. Weimer. 2002. CCured: Type-Safe Retrofitting of Legacy Code. In Principles of Programming Languages. ACM.","DOI":"10.1145\/503272.503286"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"e_1_3_2_2_39_1","unstructured":"NIST. 2025. Juliet Test Suite for C\/C++ v1.3. https:\/\/samate.nist.gov\/SARD\/testsuite.php"},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"crossref","unstructured":"G. Novark and E. Berger. 2010. DieHarder: Securing the Heap. In Computer and Communications Security. ACM.","DOI":"10.1145\/1866307.1866371"},{"key":"e_1_3_2_2_41_1","unstructured":"B. Perens. 1993. efence - Electric Fence Malloc Debugger (man page)."},{"volume-title":"PACMAN: Attacking ARM Pointer Authentication with Speculative Execution. In International Symposium on Computer Architecture. ACM.","author":"Ravichandran J.","key":"e_1_3_2_2_42_1","unstructured":"J. Ravichandran, W. Na, J. Lang, and M. Yan. 2022. PACMAN: Attacking ARM Pointer Authentication with Speculative Execution. In International Symposium on Computer Architecture. ACM."},{"key":"e_1_3_2_2_43_1","unstructured":"M. Rinard C. Cadar D. Dumitran D. Roy T. Leu and W. Beebee. 2004. Enhancing Server Availability and Security Through Failure-Oblivious Computing. In Operating Systems Design & Implementation. USENIX."},{"volume-title":"Network and Distributed System Security Symposium. Internet Society.","author":"Ruwase O.","key":"e_1_3_2_2_44_1","unstructured":"O. Ruwase and M. Lam. 2004. A Practical Dynamic Buffer Overflow Detector. In Network and Distributed System Security Symposium. Internet Society."},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"crossref","unstructured":"A. Sabu H. Patil W. Heirman and T. Carlson. 2022. LoopPoint: Checkpoint-driven Sampled Simulation for Multi-threaded Applications. In High-Performance Computer Architecture. IEEE.","DOI":"10.1109\/HPCA53966.2022.00051"},{"key":"e_1_3_2_2_46_1","article-title":"HeapCheck: Low-Cost Hardware Support for Memory Safety","volume":"19","author":"Saileshwar G.","year":"2022","unstructured":"G. Saileshwar, R. Boivie, T. Chen, B. Segal, and A. Buyuktosunoglu. 2022. HeapCheck: Low-Cost Hardware Support for Memory Safety. Transactions on Architecture and Code Optimization, 19, 1 (2022).","journal-title":"Transactions on Architecture and Code Optimization"},{"volume-title":"AddressSanitizer: A Fast Address Sanity Checker. In Annual Technical Conference. USENIX.","author":"Serebryany K.","key":"e_1_3_2_2_47_1","unstructured":"K. Serebryany, D. Bruening, A. Potapenko, and D. Vyukov. 2012. AddressSanitizer: A Fast Address Sanity Checker. In Annual Technical Conference. USENIX."},{"volume-title":"GWP-ASan: Sampling-Based Detection of Memory-Safety Bugs in Production. In International Conference on Software Engineering. ACM.","author":"Serebryany K.","key":"e_1_3_2_2_48_1","unstructured":"K. Serebryany, C. Kennelly, M. Phillips, M. Denton, M. Elver, A. Potapenko, M. Morehouse, V. Tsyrklevich, C. Holler, J. Lettner, D. Kilzer, and L. Brandt. 2024. GWP-ASan: Sampling-Based Detection of Memory-Safety Bugs in Production. In International Conference on Software Engineering. ACM."},{"key":"e_1_3_2_2_49_1","unstructured":"K. Serebryany E. Stepanov A. Shlyapnikov V. Tsyrklevich and D. Vyukov. 2018. Memory Tagging and how it Improves C\/C++ Memory Safety. In Hot Topics in Security. USENIX."},{"volume-title":"Annual Technical Conference. USENIX.","author":"Seward J.","key":"e_1_3_2_2_50_1","unstructured":"J. Seward and N. Nethercote. 2005. Using Valgrind to Detect Undefined Value Errors with Bit-Precision. In Annual Technical Conference. USENIX."},{"volume-title":"Practical Memory Safety with REST. In International Symposium on Computer Architecture. IEEE.","author":"Sinha K.","key":"e_1_3_2_2_51_1","unstructured":"K. Sinha and S. Sethumadhavan. 2018. Practical Memory Safety with REST. In International Symposium on Computer Architecture. IEEE."},{"volume-title":"DangSan: Scalable Use-after-free Detection. In European Conference on Computer Systems. ACM.","author":"Nigade E.","key":"e_1_3_2_2_52_1","unstructured":"E. Kouwe snd V. Nigade and C. Giuffrida. 2017. DangSan: Scalable Use-after-free Detection. In European Conference on Computer Systems. ACM."},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"crossref","unstructured":"D. Song J. Lettner P. Rajasekaran Y. Na S. Volckaert P. Larsen and M. Franz. 2019. SoK: Sanitizing for Security. In Security and Privacy. IEEE.","DOI":"10.1109\/SP.2019.00010"},{"key":"e_1_3_2_2_54_1","volume-title":"CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization. In Security and Privacy","author":"Watson R.","year":"2015","unstructured":"R. Watson, J. Woodruff, P. Neumann, S. Moore, J. Anderson, D. Chisnall, N. Dave, B. Davis, K. Gudka, B. Laurie, S. Murdoch, R. Norton, M. Roe, S. Son, and M. Vadera. 2015. CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization. In Security and Privacy. IEEE."},{"volume-title":"Network and Distributed System Security","author":"Younan Y.","key":"e_1_3_2_2_55_1","unstructured":"Y. Younan. 2015. FreeSentry: Protecting Against Use-after-free Vulnerabilities due to Dangling Pointers. In Network and Distributed System Security. Internet Society."},{"volume-title":"Capstone: A Capability-based Foundation for Trustless Secure Memory Access. In Security Symposium. USENIX.","author":"Yu J.","key":"e_1_3_2_2_56_1","unstructured":"J. Yu, C. Watt, A. Badole, T. Carlson, and P. Saxena. 2023. Capstone: A Capability-based Foundation for Trustless Secure Memory Access. In Security Symposium. USENIX."}],"event":{"name":"ISMM '25: 2025 ACM SIGPLAN International Symposium on Memory Management","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages"],"location":"Seoul Republic of Korea","acronym":"ISMM '25"},"container-title":["Proceedings of the 2025 ACM SIGPLAN International Symposium on Memory Management"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3735950.3735959","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,16]],"date-time":"2025-07-16T07:02:14Z","timestamp":1752649334000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3735950.3735959"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,13]]},"references-count":56,"alternative-id":["10.1145\/3735950.3735959","10.1145\/3735950"],"URL":"https:\/\/doi.org\/10.1145\/3735950.3735959","relation":{},"subject":[],"published":{"date-parts":[[2025,6,13]]},"assertion":[{"value":"2025-06-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}