Behave or be watched

Akshay Kumar, Peter Goodman, Ashvin Goel, Angela Demke Brown
2013 Proceedings of the 9th Workshop on Hot Topics in Dependable Systems - HotDep '13  
Finding, understanding, and fixing bugs in an operating system is challenging. Dynamic binary translation (DBT) systems provide a powerful facility for building program analysis and debugging tools. However, DBT abstractions are too low-level and provide limited contextual information for instrumentation tools. We introduce behavioral watchpoints, a new software-based watchpoint framework that simplifies the implementation of DBT-based program analysis and debugging tools. Behavioral
more » ... extend the traditional approach of using a DBT system by providing context-specific information at the instruction level and specializing instrumentation to individual data structures. We describe four applications developed using our watchpoint framework: detecting buffer overflows, detecting read-before-write and memory freeing bugs, detecting memory leaks and enforcing fine-grained memory access policies. We implemented behavioral watchpoints using Granary, a new DBT framework. We show that the overheads are reasonable for their intended use in analyzing and debugging kernel modules.
doi:10.1145/2524224.2524234 dblp:conf/hotdep/KumarGGB13 fatcat:rrt6rn5m75e3xe4sorbjrrugba