Oct 18 2017 cs.PL
We give the easily recognizable name "cinnamon" and "cinnamon programming" to a new computation model intended to form a theoretical foundation for Control Network Programming (CNP). CNP has established itself as a programming paradigm combining declarative and imperative features, built-in search engine, powerful tools for search control that allow easy, intuitive, visual development of heuristic, nondeterministic, and randomized solutions. We define rigorously the syntax and semantics of the new model of computation, at the same time trying to keep clear the intuition behind and to include enough examples. The purposely simplified theoretical model is then compared to both WHILE-programs (thus demonstrating its Turing-completeness), and the "real" CNP. Finally, future research possibilities are mentioned that would eventually extend the cinnamon programming into the directions of nondeterminism, randomness, and fuzziness.
Oct 18 2017 cs.PL
Low-level programming languages such as C and C++ are vulnerable to errors related to the misuse of memory. Such errors include bounds overflows, sub-object bounds overflows, use-after-free, "reuse"-after-free and type confusion. These errors account for many of the exploits in programs implemented in such unsafe languages. Most bug detection tools (sanitizers) tend to focus only on detecting specific classes of errors, e.g. bounds overflow or type confusion only. In this paper, we present a new type confusion and memory error sanitizer based on dynamically checking the "effective type" (a.k.a. the dynamic type) of C/C++ objects at runtime. We show that this "effective type sanitizer" (EffectiveSan) can detect the memory misuse errors mentioned above, all while using the same underlying methodology (dynamic typing). Our approach uses a combination of low-fat pointers, type meta data and type check instrumentation. We also have a novel approach to preventing sub-object bound overflow errors leveraging on the C/C++ types. We show EffectiveSan finds type confusion, (sub-)object bounds overflow, and use-after-free bugs in the SPEC2006 benchmark suite.