TECHNOLOGIES FOR ROOT CAUSE IDENTIFICATION OF USE-AFTER-FREE MEMORY CORRUPTION BUGS

US 20160283302A1
Filed: 03/27/2015
Published: 09/29/2016
Est. Priority Date: 03/27/2015
Status: Active Grant

First Claim

Patent Images

1. A computing device for identification of a potential root cause of a use-after-free memory corruption bug of a program, the computing device comprising:

a replay module to replay execution of the program based on an execution log of the program, wherein the execution log comprises an ordered set of executed instructions of the program that resulted in the use-after-free memory corruption bug;

a corruption candidate identification module to (i) compare a use-after-free memory address access of the program to a memory address associated with an occurrence of the use-after-free memory corruption bug in response to detection of the use-after-free memory address access and (ii) record, to a candidate list, the use-after-free memory address access of the program as a candidate for a root cause of the use-after-free memory corruption bug in response to detection of a match between the use-after-free memory address access of the program and the memory address associated with the occurrence of the use-after-free memory corruption bug.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies for identification of a potential root cause of a use-after-free memory corruption bug of a program include a computing device to replay execution of the execution of the program based on an execution log of the program. The execution log comprises an ordered set of executed instructions of the program that resulted in the use-after-free memory corruption bug. The computing device compares a use-after-free memory address access of the program to a memory address associated with an occurrence of the use-after-free memory corruption bug in response to detecting the use-after-free memory address access and records the use-after-free memory address access of the program as a candidate for a root cause of the use-after-free memory corruption bug to a candidate list in response to detecting a match between the use-after-free memory address access of the program and the memory address associated with the occurrence of the use-after-free memory corruption bug.

Citations

25 Claims

1. A computing device for identification of a potential root cause of a use-after-free memory corruption bug of a program, the computing device comprising:
- a replay module to replay execution of the program based on an execution log of the program, wherein the execution log comprises an ordered set of executed instructions of the program that resulted in the use-after-free memory corruption bug;
  
  a corruption candidate identification module to (i) compare a use-after-free memory address access of the program to a memory address associated with an occurrence of the use-after-free memory corruption bug in response to detection of the use-after-free memory address access and (ii) record, to a candidate list, the use-after-free memory address access of the program as a candidate for a root cause of the use-after-free memory corruption bug in response to detection of a match between the use-after-free memory address access of the program and the memory address associated with the occurrence of the use-after-free memory corruption bug.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computing device of claim 1, further comprising a candidate filtering module to filter the candidate list to reduce a number of candidates in the candidate list.
  - 3. The computing device of claim 2, wherein to filter the candidate list comprises to:
    - select a candidate from the candidate list;
      
      remove one or more instructions associated with the selected candidate from the execution of the program to generate a modified program;
      
      replay the modified program; and
      
      remove the selected candidate from the candidate list in response to a determination that replay of the modified program results in the use-after-free memory corruption bug.
  - 4. The computing device of claim 3, wherein the one or more instructions consists of a single instruction of the program.
  - 5. The computing device of claim 3, wherein the one or more instructions consists of a most recent branch instruction of the program.
  - 6. The computing device of claim 3, wherein the one or more instructions consists of an instruction that corresponds with the selected candidate memory access.
  - 7. The computing device of claim 3, wherein the one or more instructions comprises a set of instructions of the program.
  - 8. The computing device of claim 7, wherein the set of instructions comprises a set of instructions defined between a most recent branch instruction and an instruction that corresponds with the selected candidate memory access.
  - 9. The computing device of claim 1, further comprising a memory allocation module to compile the program with a least recently used (LRU) memory allocator,wherein to replay the execution of the program comprises to replay the execution of the program in response to compilation of the program with the LRU memory allocator.
  - 10. The computing device of claim 9, wherein to compile the program comprises to overload a memory allocator of the program.
  - 11. The computing device of claim 1, wherein to replay the execution of the program comprises to replay the execution of the program with a binary instrumentation technology.

12. One or more machine-readable storage media comprising a plurality of instructions stored thereon that, in response to execution by a computing device, cause the computing device to:
- replay execution of the program based on an execution log of the program, wherein the execution log comprises an ordered set of executed instructions of the program that result in the use-after-free memory corruption bug;
  
  compare a use-after-free memory address access of the program to a memory address associated with an occurrence of the use-after-free memory corruption bug in response to detecting the use-after-free memory address access; and
  
  record, to a candidate list, the use-after-free memory address access of the program as a candidate for the root cause of the use-after-free memory corruption bug in response to detecting a match between the use-after-free memory address access of the program and the memory address associated with the occurrence of the use-after-free memory corruption bug.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The one or more machine-readable storage media of claim 12, wherein the plurality of instructions further cause the computing device to:
    - select a candidate from the candidate list;
      
      remove one or more instructions associated with the selected candidate from the execution of the program to generate a modified program;
      
      replay the modified program; and
      
      remove the selected candidate from the candidate list in response to a determination that replay of the modified program results in the use-after-free memory corruption bug.
  - 14. The one or more machine-readable storage media of claim 13, wherein the one or more instructions consists of a most recent branch instruction from the program.
  - 15. The one or more machine-readable storage media of claim 13, wherein the one or more instructions consists of an instruction that corresponds with the selected candidate memory access.
  - 16. The one or more machine-readable storage media of claim 13, wherein the one or more instructions comprises a set of instructions defined between a most recent branch instruction and an instruction corresponding with the selected candidate memory access.
  - 17. The one or more machine-readable storage media of claim 12, wherein the plurality of instructions further cause the computing device to compile the program with a least recently used (LRU) memory allocator,wherein to replay the execution of the program comprises to replay the execution of the program in response to compiling the program with the LRU memory allocator.

18. A method for identifying a potential root cause of a use-after-free memory corruption bug of a program, the method comprising:
- replaying, by a computing device, execution of the program based on an execution log of the program, wherein the execution log comprises an ordered set of executed instructions of the program that result in the use-after-free memory corruption bug;
  
  comparing, by the computing device, a use-after-free memory address access of the program to a memory address associated with an occurrence of the use-after-free memory corruption bug in response to detecting the use-after-free memory address access;
  
  recording, by the computing device and to a candidate list, the use-after-free memory address access of the program as a candidate for the root cause of the use-after-free memory corruption bug in response to detecting a match between the use-after-free memory address access of the program and the memory address associated with the occurrence of the use-after-free memory corruption bug.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18, further comprising filtering the candidate list to reduce a number of candidates in the candidate list.
  - 20. The method of claim 19, wherein filtering the candidate list comprises:
    - selecting a candidate from the candidate list;
      
      removing one or more instructions associated with the selected candidate from the execution of the program to generate a modified program;
      
      replaying the modified program; and
      
      removing the selected candidate from the candidate list in response to determining that replaying the modified program results in the use-after-free memory corruption bug.
  - 21. The method of claim 18, further comprising compiling, by the computing device, the program with a least recently used (LRU) memory allocator,wherein replaying the execution of the program comprises replaying the execution of the program in response to compiling the program with the LRU memory allocator.

22. A computing device for recording execution of a program, the computing device comprising:
- a memory recording module to record execution of the program to an execution log; and
  
  a memory corruption detection module to (i) monitor the execution of the program for an occurrence of a use-after-free memory corruption bug and (ii) record a memory address associated with the occurrence of the use-after-free memory corruption bug to a memory log.
- View Dependent Claims (23, 24, 25)
- - 23. The computing device of claim 22, wherein to monitor the execution of the program comprises to monitor the execution of the program for an occurrence of a memory corruption detection interrupt triggered as a result of the occurrence of the use-after-free memory corruption bug.
  - 24. The computing device of claim 22, wherein to record the memory address comprises to identify the memory address based on a number of instructions of the program executed prior to a memory corruption instruction associated with the occurrence of the use-after-free memory corruption bug.
  - 25. The computing device of claim 22, further comprising a memory allocation module to compile the program with a least recently used (LRU) memory allocator,wherein to record the execution of the program comprises to record the execution of the program in response to compilation of the program with the LRU memory allocator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Gottschlich, Justin E., Pokam, Gilles A., Pereira, Cristiano L.

Granted Patent

US 9,864,649 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 11/073   in a memory management cont...

G06F 11/079   Root cause analysis, i.e. e...

G06F 11/3636   by tracing the execution of...

G06F 11/3668   Software testing software t...

TECHNOLOGIES FOR ROOT CAUSE IDENTIFICATION OF USE-AFTER-FREE MEMORY CORRUPTION BUGS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNOLOGIES FOR ROOT CAUSE IDENTIFICATION OF USE-AFTER-FREE MEMORY CORRUPTION BUGS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links