Programming in C. Lecture 9: Tooling. Dr Neel Krishnaswami. Michaelmas Term
|
|
- Helena Doyle
- 6 years ago
- Views:
Transcription
1 Programming in C Lecture 9: Tooling Dr Neel Krishnaswami Michaelmas Term / 24
2 Undefined and Unspecified Behaviour 2 / 24
3 Undefined and Unspecified Behaviour We have seen that C is an unsafe language 2 / 24
4 Undefined and Unspecified Behaviour We have seen that C is an unsafe language Programming errors can arbitrarily corrupt runtime data structures... 2 / 24
5 Undefined and Unspecified Behaviour We have seen that C is an unsafe language Programming errors can arbitrarily corrupt runtime data structures leading to undefined behaviour 2 / 24
6 Undefined and Unspecified Behaviour We have seen that C is an unsafe language Programming errors can arbitrarily corrupt runtime data structures leading to undefined behaviour Enormous number of possible sources of undefined behavior (See 2 / 24
7 Undefined and Unspecified Behaviour We have seen that C is an unsafe language Programming errors can arbitrarily corrupt runtime data structures leading to undefined behaviour Enormous number of possible sources of undefined behavior (See What can we do about it? 2 / 24
8 Tooling and Instrumentation We have seen that C is an unsafe language Programming errors can arbitrarily corrupt runtime data structures leading to undefined behaviour There is a great deal of undefined behaviour 3 / 24
9 Tooling and Instrumentation We have seen that C is an unsafe language Programming errors can arbitrarily corrupt runtime data structures leading to undefined behaviour There is a great deal of undefined behaviour Add instrumentation to detect unsafe behaviour! 3 / 24
10 Tooling and Instrumentation We have seen that C is an unsafe language Programming errors can arbitrarily corrupt runtime data structures leading to undefined behaviour There is a great deal of undefined behaviour Add instrumentation to detect unsafe behaviour! We will look at 3 tools: ASan, UBSan, and Valgrind 3 / 24
11 ASan: Address Sanitizer 4 / 24
12 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: 4 / 24
13 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses 4 / 24
14 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() 4 / 24
15 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope 4 / 24
16 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope Double-frees or other invalid frees 4 / 24
17 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope Double-frees or other invalid frees Memory leaks 4 / 24
18 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope Double-frees or other invalid frees Memory leaks AddressSanitizer instruments code to detect these errors 4 / 24
19 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope Double-frees or other invalid frees Memory leaks AddressSanitizer instruments code to detect these errors Need to recompile 4 / 24
20 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope Double-frees or other invalid frees Memory leaks AddressSanitizer instruments code to detect these errors Need to recompile Adds runtime overhead 4 / 24
21 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope Double-frees or other invalid frees Memory leaks AddressSanitizer instruments code to detect these errors Need to recompile Adds runtime overhead Use it while developing 4 / 24
22 ASan: Address Sanitizer One of the leading causes of errors in C is memory corruption: Out-of-bounds array accesses Use pointer after call to free() Use stack variable after it is out of scope Double-frees or other invalid frees Memory leaks AddressSanitizer instruments code to detect these errors Need to recompile Adds runtime overhead Use it while developing Built into gcc and clang! 4 / 24
23 ASan Example #1 1 #include <stdlib.h> 2 #include <stdio.h> 3 4 #define N int main(void) { 7 char s[n] = " "; 8 for (int i = 0; i <= N; i++) 9 printf ("%c", s[i]); 0 printf("\n"); 1 return 0; 2 } 5 / 24
24 ASan Example #1 1 #include <stdlib.h> 2 #include <stdio.h> 3 4 #define N int main(void) { 7 char s[n] = " "; 8 for (int i = 0; i <= N; i++) 9 printf ("%c", s[i]); 0 printf("\n"); 1 return 0; 2 } Loop bound goes past the end of the array 5 / 24
25 ASan Example #1 1 #include <stdlib.h> 2 #include <stdio.h> 3 4 #define N int main(void) { 7 char s[n] = " "; 8 for (int i = 0; i <= N; i++) 9 printf ("%c", s[i]); 0 printf("\n"); 1 return 0; 2 } Loop bound goes past the end of the array Undefined behaviour! 5 / 24
26 ASan Example #1 1 #include <stdlib.h> 2 #include <stdio.h> 3 4 #define N int main(void) { 7 char s[n] = " "; 8 for (int i = 0; i <= N; i++) 9 printf ("%c", s[i]); 0 printf("\n"); 1 return 0; 2 } Loop bound goes past the end of the array Undefined behaviour! Compile with -fsanitize=address 5 / 24
27 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 6 / 24
28 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 1. array is allocated 6 / 24
29 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 1. array is allocated 2. array is freed 6 / 24
30 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 1. array is allocated 2. array is freed 3. array is dereferenced! 6 / 24
31 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 7 / 24
32 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 1. array is allocated 7 / 24
33 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 1. array is allocated 2. array is freed 7 / 24
34 ASan Example #2 1 #include <stdlib.h> 2 3 int main(void) { 4 int *a = 5 malloc(sizeof(int) * 100); 6 free(a); 7 return a[5]; // DOOM! 8 } 1. array is allocated 2. array is freed 3. array is dereferenced! 7 / 24
35 ASan Example #3 1 #include <stdlib.h> 2 3 int main(void) { 4 char *s = 5 malloc(sizeof(char) * 10); 6 free(s); 7 free(s); 8 printf("%s", s); 9 return 0; 0 } 8 / 24
36 ASan Example #3 1 #include <stdlib.h> 2 3 int main(void) { 4 char *s = 5 malloc(sizeof(char) * 10); 6 free(s); 7 free(s); 8 printf("%s", s); 9 return 0; 0 } 1. array is allocated 8 / 24
37 ASan Example #3 1 #include <stdlib.h> 2 3 int main(void) { 4 char *s = 5 malloc(sizeof(char) * 10); 6 free(s); 7 free(s); 8 printf("%s", s); 9 return 0; 0 } 1. array is allocated 2. array is freed 8 / 24
38 ASan Example #3 1 #include <stdlib.h> 2 3 int main(void) { 4 char *s = 5 malloc(sizeof(char) * 10); 6 free(s); 7 free(s); 8 printf("%s", s); 9 return 0; 0 } 1. array is allocated 2. array is freed 3. array is double-freed 8 / 24
39 ASan Limitations 9 / 24
40 ASan Limitations Must recompile code 9 / 24
41 ASan Limitations Must recompile code Adds considerable runtime overhead 9 / 24
42 ASan Limitations Must recompile code Adds considerable runtime overhead Does not catch all memory errors 9 / 24
43 ASan Limitations Must recompile code Adds considerable runtime overhead Does not catch all memory errors NEVER catches unitialized memory accesses 9 / 24
44 ASan Limitations Must recompile code Adds considerable runtime overhead Does not catch all memory errors NEVER catches unitialized memory accesses NEVER catches unitialized memory accesses 9 / 24
45 ASan Limitations Must recompile code Adds considerable runtime overhead Does not catch all memory errors NEVER catches unitialized memory accesses NEVER catches unitialized memory accesses Still: a must-use tool during development 9 / 24
46 UBSan: Undefined Behaviour Sanitizer 10 / 24
47 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: 10 / 24
48 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow 10 / 24
49 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers 10 / 24
50 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers Pointer arithmetic overflow 10 / 24
51 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers Pointer arithmetic overflow Dynamic arrays whose size is non-positive 10 / 24
52 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers Pointer arithmetic overflow Dynamic arrays whose size is non-positive Undefined Behaviour Sanitizer (UBSan) instruments code to detect these errors 10 / 24
53 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers Pointer arithmetic overflow Dynamic arrays whose size is non-positive Undefined Behaviour Sanitizer (UBSan) instruments code to detect these errors Need to recompile 10 / 24
54 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers Pointer arithmetic overflow Dynamic arrays whose size is non-positive Undefined Behaviour Sanitizer (UBSan) instruments code to detect these errors Need to recompile Adds runtime overhead 10 / 24
55 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers Pointer arithmetic overflow Dynamic arrays whose size is non-positive Undefined Behaviour Sanitizer (UBSan) instruments code to detect these errors Need to recompile Adds runtime overhead Use it while developing 10 / 24
56 UBSan: Undefined Behaviour Sanitizer There is lots of non-memory-related undefined behaviour in C: Signed integer overflow Dereferencing null pointers Pointer arithmetic overflow Dynamic arrays whose size is non-positive Undefined Behaviour Sanitizer (UBSan) instruments code to detect these errors Need to recompile Adds runtime overhead Use it while developing Built into gcc and clang! 10 / 24
57 UBSan Example #1 1 #include <limits.h> 2 3 int main(void) { 4 int n = INT_MAX; 5 int m = n + 1; 6 return 0; 7 } 11 / 24
58 UBSan Example #1 1 #include <limits.h> 2 3 int main(void) { 4 int n = INT_MAX; 5 int m = n + 1; 6 return 0; 7 } 1. Signed integer overflow is undefined 11 / 24
59 UBSan Example #1 1 #include <limits.h> 2 3 int main(void) { 4 int n = INT_MAX; 5 int m = n + 1; 6 return 0; 7 } 1. Signed integer overflow is undefined 2. So value of m is undefined 11 / 24
60 UBSan Example #1 1 #include <limits.h> 2 3 int main(void) { 4 int n = INT_MAX; 5 int m = n + 1; 6 return 0; 7 } 1. Signed integer overflow is undefined 2. So value of m is undefined 3. Compile with -fsanitize=address 11 / 24
61 UBSan Example #2 1 #include <limits.h> 2 3 int main(void) { 4 int n = 65 5 int m = n / (n - n); 6 return 0; 7 } 12 / 24
62 UBSan Example #2 1 #include <limits.h> 2 3 int main(void) { 4 int n = 65 5 int m = n / (n - n); 6 return 0; 7 } 1. Division-by-zero is undefined 12 / 24
63 UBSan Example #2 1 #include <limits.h> 2 3 int main(void) { 4 int n = 65 5 int m = n / (n - n); 6 return 0; 7 } 1. Division-by-zero is undefined 2. So value of m is undefined 12 / 24
64 UBSan Example #2 1 #include <limits.h> 2 3 int main(void) { 4 int n = 65 5 int m = n / (n - n); 6 return 0; 7 } 1. Division-by-zero is undefined 2. So value of m is undefined 3. Any possible behaviour is legal! 12 / 24
65 UBSan Example #3 1 #include <stdlib.h> 2 3 struct foo { 4 int a, b; 5 }; 6 7 int main(void) { 8 struct foo *x = NULL; 9 int m = x->a; 0 return 0; 1 } 13 / 24
66 UBSan Example #3 1 #include <stdlib.h> 2 3 struct foo { 4 int a, b; 5 }; 1. Accessing a null pointer is undefined 6 7 int main(void) { 8 struct foo *x = NULL; 9 int m = x->a; 0 return 0; 1 } 13 / 24
67 UBSan Example #3 1 #include <stdlib.h> 2 3 struct foo { 4 int a, b; 5 }; 6 7 int main(void) { 8 struct foo *x = NULL; 9 int m = x->a; 0 return 0; 1 } 1. Accessing a null pointer is undefined 2. So accessing fields of x is undefined 13 / 24
68 UBSan Example #3 1 #include <stdlib.h> 2 3 struct foo { 4 int a, b; 5 }; 6 7 int main(void) { 8 struct foo *x = NULL; 9 int m = x->a; 0 return 0; 1 } 1. Accessing a null pointer is undefined 2. So accessing fields of x is undefined 3. Any possible behaviour is legal! 13 / 24
69 UBSan Limitations 14 / 24
70 UBSan Limitations Must recompile code 14 / 24
71 UBSan Limitations Must recompile code Adds modest runtime overhead 14 / 24
72 UBSan Limitations Must recompile code Adds modest runtime overhead Does not catch all undefined behaviour 14 / 24
73 UBSan Limitations Must recompile code Adds modest runtime overhead Does not catch all undefined behaviour Still: a must-use tool during development 14 / 24
74 UBSan Limitations Must recompile code Adds modest runtime overhead Does not catch all undefined behaviour Still: a must-use tool during development Seriously consider using it in production 14 / 24
75 Valgrind 15 / 24
76 Valgrind UBSan and ASan require recompiling 15 / 24
77 Valgrind UBSan and ASan require recompiling UBSan and ASan don t catch accesses to unitialized memory 15 / 24
78 Valgrind UBSan and ASan require recompiling UBSan and ASan don t catch accesses to unitialized memory Enter Valgrind! 15 / 24
79 Valgrind UBSan and ASan require recompiling UBSan and ASan don t catch accesses to unitialized memory Enter Valgrind! Instruments binaries to detect numerous errors 15 / 24
80 Valgrind Example 1 #include <stdio.h> 2 3 int main(void) { 4 char s[10]; 5 for (int i = 0; i < 10; i++) 6 printf("%c", s[i]); 7 printf("\n"); 8 return 0; 9 } 16 / 24
81 Valgrind Example 1 #include <stdio.h> 2 3 int main(void) { 4 char s[10]; 5 for (int i = 0; i < 10; i++) 6 printf("%c", s[i]); 7 printf("\n"); 8 return 0; 9 } 1. Accessing elements of s is undefined 16 / 24
82 Valgrind Example 1 #include <stdio.h> 2 3 int main(void) { 4 char s[10]; 5 for (int i = 0; i < 10; i++) 6 printf("%c", s[i]); 7 printf("\n"); 8 return 0; 9 } 1. Accessing elements of s is undefined 2. Program prints unitialized memory 16 / 24
83 Valgrind Example 1 #include <stdio.h> 2 3 int main(void) { 4 char s[10]; 5 for (int i = 0; i < 10; i++) 6 printf("%c", s[i]); 7 printf("\n"); 8 return 0; 9 } 1. Accessing elements of s is undefined 2. Program prints unitialized memory 3. Any possible behaviour is legal! 16 / 24
84 Valgrind Example 1 #include <stdio.h> 2 3 int main(void) { 4 char s[10]; 5 for (int i = 0; i < 10; i++) 6 printf("%c", s[i]); 7 printf("\n"); 8 return 0; 9 } 1. Accessing elements of s is undefined 2. Program prints unitialized memory 3. Any possible behaviour is legal! 4. Invoke valgrind with binary name 16 / 24
85 Valgrind Limitations 17 / 24
86 Valgrind Limitations Adds very substantial runtime overhead 17 / 24
87 Valgrind Limitations Adds very substantial runtime overhead Not built into GCC/clang (plus or minus?) 17 / 24
88 Valgrind Limitations Adds very substantial runtime overhead Not built into GCC/clang (plus or minus?) As usual, does not catch all undefined behaviour 17 / 24
89 Valgrind Limitations Adds very substantial runtime overhead Not built into GCC/clang (plus or minus?) As usual, does not catch all undefined behaviour Still: a must-use tool during testing 17 / 24
90 Assessed Exercise See Head of Department s Announcement To be completed by noon on Monday 22 January 2018 Viva examinations on Thursday 25 January 2018 Viva examinations on Friday 26 January 2018 Download the starter pack from: This should contain eight files: server.c client.c rfc0791.txt rfc0793.txt message1 message2 message3 message4 18 / 24
91 Exercise aims Demonstrate an ability to: Understand (simple) networking code Use control flow, functions, structures and pointers Use libraries, including reading and writing files Understand a specification Compile and test code Comprehending man pages Task is split into three parts: Comprehension and debugging Preliminary analysis Completed code and testing 19 / 24
92 Exercise submission Assessment is in the form of a tick There will be a short viva; remember to sign up! Submission is via to c-tick@cl.cam.ac.uk Your submission should include seven files, packed in to a ZIP file called crsid.zip and attached to your submission answers.txt client1.c summary.c message1.txt server1.c extract.c message2.jpg 20 / 24
93 Hints: IP header Version IHL Type of Service Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address Destination Address Options Padding / 24
94 Hints: IP header (in C) 1 #include <stdint.h> 2 3 struct ip { 4 uint8_t hlenver; 5 uint8_t tos; 6 uint16_t len; 7 uint16_t id; 8 uint16_t off; 9 uint8_t ttl; 10 uint8_t p; 11 uint16_t sum; 12 uint32_t src; 13 uint32_t dst; 14 }; #define IP_HLEN(lenver) (lenver & 0x0f) 17 #define IP_VER(lenver) (lenver >> 4) 22 / 24
95 Hints: network byte order The IP network is big-endian; x86 is little-endian; ARM can be either Reading multi-byte values requires possible conversion The BSD API specifies: uint16_t ntohs(uint16_t netshort) uint32_t ntohl(uint32_t netlong) uint16_t htons(uint16_t hostshort) uint32_t htonl(uint32_t hostlong) which encapsulate the notions of host and network and their interconversion (which may be a no-op) 23 / 24
Class Information ANNOUCEMENTS
Class Information ANNOUCEMENTS Third homework due TODAY at 11:59pm. Extension? First project has been posted, due Monday October 23, 11:59pm. Midterm exam: Friday, October 27, in class. Don t forget to
More informationCSCI-243 Exam 1 Review February 22, 2015 Presented by the RIT Computer Science Community
CSCI-243 Exam 1 Review February 22, 2015 Presented by the RIT Computer Science Community http://csc.cs.rit.edu History and Evolution of Programming Languages 1. Explain the relationship between machine
More informationDynamic code analysis tools
Dynamic code analysis tools Stewart Martin-Haugh (STFC RAL) Berkeley Software Technical Interchange meeting Stewart Martin-Haugh (STFC RAL) Dynamic code analysis tools 1 / 16 Overview Introduction Sanitizer
More informationECE 15B COMPUTER ORGANIZATION
ECE 15B COMPUTER ORGANIZATION Lecture 13 Strings, Lists & Stacks Announcements HW #3 Due next Friday, May 15 at 5:00 PM in HFH Project #2 Due May 29 at 5:00 PM Project #3 Assigned next Thursday, May 19
More informationEL2310 Scientific Programming
Lecture 11: Structures and Memory (yaseminb@kth.se) Overview Overview Lecture 11: Structures and Memory Structures Continued Memory Allocation Lecture 11: Structures and Memory Structures Continued Memory
More informationMemory Analysis tools
Memory Analysis tools PURIFY The Necessity TOOL Application behaviour: Crashes intermittently Uses too much memory Runs too slowly Isn t well tested Is about to ship You need something See what your code
More informationCSC C69: OPERATING SYSTEMS
CSC C69: OPERATING SYSTEMS Tutorial 1 Thursday, Jan 17, 2013 TA: Ioan Stefanovici (ioan@cs.toronto.edu) HOW DO YOU SUCCEED IN THIS COURSE? Show up to lectures & tutorials (way too much material) Work on
More informationAdvanced Debugging and the Address Sanitizer
Developer Tools #WWDC15 Advanced Debugging and the Address Sanitizer Finding your undocumented features Session 413 Mike Swingler Xcode UI Infrastructure Anna Zaks LLVM Program Analysis 2015 Apple Inc.
More informationMemory Corruption 101 From Primitives to Exploit
Memory Corruption 101 From Primitives to Exploit Created by Nick Walker @ MWR Infosecurity / @tel0seh What is it? A result of Undefined Behaviour Undefined Behaviour A result of executing computer code
More informationProgramming in C and C++
Programming in C and C++ Types, Variables, Expressions and Statements Neel Krishnaswami and Alan Mycroft Course Structure Basics of C: Types, variables, expressions and statements Functions, compilation
More informationNew features in AddressSanitizer. LLVM developer meeting Nov 7, 2013 Alexey Samsonov, Kostya Serebryany
New features in AddressSanitizer LLVM developer meeting Nov 7, 2013 Alexey Samsonov, Kostya Serebryany Agenda AddressSanitizer (ASan): a quick reminder New features: Initialization-order-fiasco Stack-use-after-scope
More informationUse Dynamic Analysis Tools on Linux
Use Dynamic Analysis Tools on Linux FTF-SDS-F0407 Gene Fortanely Freescale Software Engineer Catalin Udma A P R. 2 0 1 4 Software Engineer, Digital Networking TM External Use Session Introduction This
More informationC Programming. Course Outline. C Programming. Code: MBD101. Duration: 10 Hours. Prerequisites:
C Programming Code: MBD101 Duration: 10 Hours Prerequisites: You are a computer science Professional/ graduate student You can execute Linux/UNIX commands You know how to use a text-editing tool You should
More informationUndefined Behaviour in C
Undefined Behaviour in C Report Field of work: Scientific Computing Field: Computer Science Faculty for Mathematics, Computer Science and Natural Sciences University of Hamburg Presented by: Dennis Sobczak
More informationTI2725-C, C programming lab, course
Valgrind tutorial Valgrind is a tool which can find memory leaks in your programs, such as buffer overflows and bad memory management. This document will show per example how Valgrind responds to buggy
More informationRecitation: C Review. TA s 20 Feb 2017
15-213 Recitation: C Review TA s 20 Feb 2017 Agenda Logistics Attack Lab Conclusion C Assessment C Programming Style C Exercise Cache Lab Overview Appendix: Valgrind Clang / LLVM Cache Structure Logistics
More informationA program execution is memory safe so long as memory access errors never occur:
A program execution is memory safe so long as memory access errors never occur: Buffer overflows, null pointer dereference, use after free, use of uninitialized memory, illegal free Memory safety categories
More informationDeep C (and C++) by Olve Maudal
Deep C (and C++) by Olve Maudal http://www.noaanews.noaa.gov/stories2005/images/rov-hercules-titanic.jpg Programming is hard. Programming correct C and C++ is particularly hard. Indeed, it is uncommon
More informationRecitation #11 Malloc Lab. November 7th, 2017
18-600 Recitation #11 Malloc Lab November 7th, 2017 1 2 Important Notes about Malloc Lab Malloc lab has been updated from previous years Supports a full 64 bit address space rather than 32 bit Encourages
More informationContents of Lecture 3
Contents of Lecture 3 Repetition of matrices double a[3][4]; double* b; double** c; Terminology Linkage Types Conversions Jonas Skeppstedt (js@cs.lth.se) Lecture 3 2014 1 / 33 A global matrix: double a[3][4]
More informationQuiz 0 Review Session. October 13th, 2014
Quiz 0 Review Session October 13th, 2014 Topics (non-exhaustive) Binary. ASCII. Algorithms. Pseudocode. Source code. Compiler. Object code. Scratch. Statements. Boolean expressions. Conditions. Loops.
More informationCSC 1600 Memory Layout for Unix Processes"
CSC 16 Memory Layout for Unix Processes" 1 Lecture Goals" Behind the scenes of running a program" Code, executable, and process" Memory layout for UNIX processes, and relationship to C" : code and constant
More informationDAY 3. CS3600, Northeastern University. Alan Mislove
C BOOTCAMP DAY 3 CS3600, Northeastern University Slides adapted from Anandha Gopalan s CS132 course at Univ. of Pittsburgh and Pascal Meunier s course at Purdue Memory management 2 Memory management Two
More information18-642: Code Style for Compilers
18-642: Code Style for Compilers 9/25/2017 1 Anti-Patterns: Coding Style: Language Use Code compiles with warnings Warnings are turned off or over-ridden Insufficient warning level set Language safety
More informationCS 261 Fall C Introduction. Variables, Memory Model, Pointers, and Debugging. Mike Lam, Professor
CS 261 Fall 2017 Mike Lam, Professor C Introduction Variables, Memory Model, Pointers, and Debugging The C Language Systems language originally developed for Unix Imperative, compiled language with static
More informationLecture 03 Bits, Bytes and Data Types
Lecture 03 Bits, Bytes and Data Types Computer Languages A computer language is a language that is used to communicate with a machine. Like all languages, computer languages have syntax (form) and semantics
More informationDeep C by Olve Maudal
Deep C by Olve Maudal http://www.noaanews.noaa.gov/stories2005/images/rov-hercules-titanic.jpg Programming is hard. Programming correct C is particularly hard. Indeed, it is uncommon to see a screenful
More informationHacking in C. Pointers. Radboud University, Nijmegen, The Netherlands. Spring 2019
Hacking in C Pointers Radboud University, Nijmegen, The Netherlands Spring 2019 Allocation of multiple variables Consider the program main(){ char x; int i; short s; char y;... } What will the layout of
More informationLecture 2: C Programm
0 3 E CS 1 Lecture 2: C Programm ing C Programming Procedural thought process No built in object abstractions data separate from methods/functions Low memory overhead compared to Java No overhead of classes
More informationProgramming in C and C++
Programming in C and C++ 10. C Semantics: Undefined Behaviour & Optimization Issues Dr. Anil Madhavapeddy University of Cambridge (based on previous years thanks to Alan Mycroft, Alastair Beresford and
More informationLecture 4: Outline. Arrays. I. Pointers II. III. Pointer arithmetic IV. Strings
Lecture 4: Outline I. Pointers A. Accessing data objects using pointers B. Type casting with pointers C. Difference with Java references D. Pointer pitfalls E. Use case II. Arrays A. Representation in
More informationData Type Fall 2014 Jinkyu Jeong
Data Type Fall 2014 Jinkyu Jeong (jinkyu@skku.edu) 1 Syntax Rules Recap. keywords break double if sizeof void case else int static... Identifiers not#me scanf 123th printf _id so_am_i gedd007 Constants
More informationNETWORK AND SYSTEM PROGRAMMING
NETWORK AND SYSTEM PROGRAMMING LAB 09 Network Byte Ordering, inet_aton, inet_addr, inet_ntoa Functions Objectives: To learn byte order conversion To understand inet-aton, inet_addr, inet_ntoa Functions
More informationCS61, Fall 2012 Section 2 Notes
CS61, Fall 2012 Section 2 Notes (Week of 9/24-9/28) 0. Get source code for section [optional] 1: Variable Duration 2: Memory Errors Common Errors with memory and pointers Valgrind + GDB Common Memory Errors
More informationPointers and Memory Management
Pointers and Memory Management Timo Karvi 2013 Timo Karvi () Pointers and Memory Management 2013 1 / 58 Memory and C I In most modern computers, main memory is divided into bytes, with each byte capable
More informationLecture Notes on Types in C
Lecture Notes on Types in C 15-122: Principles of Imperative Computation Frank Pfenning, Rob Simmons Lecture 20 April 2, 2013 1 Introduction In lecture 18, we emphasized the things we lost by going to
More informationHacking in C. Memory layout. Radboud University, Nijmegen, The Netherlands. Spring 2018
Hacking in C Memory layout Radboud University, Nijmegen, The Netherlands Spring 2018 A short recap The & operator gives us the address of data Inverse of & is the * operator (dereferencing) 2 A short recap
More informationCSci 4061 Introduction to Operating Systems. Programs in C/Unix
CSci 4061 Introduction to Operating Systems Programs in C/Unix Today Basic C programming Follow on to recitation Structure of a C program A C program consists of a collection of C functions, structs, arrays,
More informationProgramming in C. 3. Pointers and Structures. Dr. Neel Krishnaswami University of Cambridge
Programming in C 3. Pointers and Structures Dr. Neel Krishnaswami University of Cambridge (based on notes from and with thanks to Anil Madhavapeddy, Alan Mycroft, Alastair Beresford and Andrew Moore) Michaelmas
More informationLecture 07 Debugging Programs with GDB
Lecture 07 Debugging Programs with GDB In this lecture What is debugging Most Common Type of errors Process of debugging Examples Further readings Exercises What is Debugging Debugging is the process of
More informationAnnouncements. assign0 due tonight. Labs start this week. No late submissions. Very helpful for assign1
Announcements assign due tonight No late submissions Labs start this week Very helpful for assign1 Goals for Today Pointer operators Allocating memory in the heap malloc and free Arrays and pointer arithmetic
More informationINITIALISING POINTER VARIABLES; DYNAMIC VARIABLES; OPERATIONS ON POINTERS
INITIALISING POINTER VARIABLES; DYNAMIC VARIABLES; OPERATIONS ON POINTERS Pages 792 to 800 Anna Rakitianskaia, University of Pretoria INITIALISING POINTER VARIABLES Pointer variables are declared by putting
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2012 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Prior experience in programming languages C++ programming? Java programming? C programming? Other languages?
More informationRuntime Defenses against Memory Corruption
CS 380S Runtime Defenses against Memory Corruption Vitaly Shmatikov slide 1 Reading Assignment Cowan et al. Buffer overflows: Attacks and defenses for the vulnerability of the decade (DISCEX 2000). Avijit,
More informationIdentifying Memory Corruption Bugs with Compiler Instrumentations. 이병영 ( 조지아공과대학교
Identifying Memory Corruption Bugs with Compiler Instrumentations 이병영 ( 조지아공과대학교 ) blee@gatech.edu @POC2014 How to find bugs Source code auditing Fuzzing Source Code Auditing Focusing on specific vulnerability
More informationDynamic Memory CMSC 104 Spring 2014, Section 02, Lecture 24 Jason Tang
Dynamic Memory CMSC 104 Spring 2014, Section 02, Lecture 24 Jason Tang Topics Memory Lifetime Dynamic Memory Allocation Dynamic Memory Deallocation Variable Lifetime (Review) Lifetime refers to when the
More information18-600: Recitation #3
18-600: Recitation #3 Bomb Lab & GDB Overview September 12th, 2017 1 Today X86-64 Overview Bomb Lab Introduction GDB Tutorial 2 3 x86-64: Register Conventions Arguments passed in registers: %rdi, %rsi,
More informationCOMP 2355 Introduction to Systems Programming
COMP 2355 Introduction to Systems Programming Christian Grothoff christian@grothoff.org http://grothoff.org/christian/ 1 Pointers Pointers denote addresses in memory In C types, the * represents the use
More informationLecture Notes on Polymorphism
Lecture Notes on Polymorphism 15-122: Principles of Imperative Computation Frank Pfenning Lecture 21 November 9, 2010 1 Introduction In this lecture we will start the transition from C0 to C. In some ways,
More informationSOFTWARE Ph.D. Qualifying Exam Spring Consider the following C program which consists of two function definitions including the main function.
(i) (5 pts.) SOFTWARE Ph.D. Qualifying Exam Spring 2018 Consider the following C program which consists of two function definitions including the main function. #include int g(int z) { int y
More informationCMSC 341 Lecture 2 Dynamic Memory and Pointers
CMSC 341 Lecture 2 Dynamic Memory and Pointers Park Sects. 01 & 02 Based on earlier course slides at UMBC Today s Topics Stack vs Heap Allocating and freeing memory new and delete Memory Leaks Valgrind
More informationRecitation: Cache Lab & C
15-213 Recitation: Cache Lab & C Jack Biggs 16 Feb 2015 Agenda Buffer Lab! C Exercises! C Conventions! C Debugging! Version Control! Compilation! Buffer Lab... Is due soon. So maybe do it soon Agenda Buffer
More informationAGENDA Binary Operations CS 3330 Samira Khan
AGENDA Binary Operations CS 3330 Logistics Review from last Lecture Samira Khan University of Virginia Jan 31, 2017 Binary Operations Logical Operations Bitwise Operations Examples 2 Feedbacks Quizzes
More informationRecitation 2/18/2012
15-213 Recitation 2/18/2012 Announcements Buflab due tomorrow Cachelab out tomorrow Any questions? Outline Cachelab preview Useful C functions for cachelab Cachelab Part 1: you have to create a cache simulator
More informationHigh-performance computing and programming Intro to C on Unix/Linux. Uppsala universitet
High-performance computing and programming Intro to C on Unix/Linux IT Uppsala universitet What is C? An old imperative language that remains rooted close to the hardware C is relatively small and easy
More informationProgramming refresher and intro to C programming
Applied mechatronics Programming refresher and intro to C programming Sven Gestegård Robertz sven.robertz@cs.lth.se Department of Computer Science, Lund University 2018 Outline 1 C programming intro 2
More informationCSCI-1200 Data Structures Spring 2016 Lecture 6 Pointers & Dynamic Memory
Announcements CSCI-1200 Data Structures Spring 2016 Lecture 6 Pointers & Dynamic Memory There will be no lecture on Tuesday, Feb. 16. Prof. Thompson s office hours are canceled for Monday, Feb. 15. Prof.
More informationMemory Management. CSC215 Lecture
Memory Management CSC215 Lecture Outline Static vs Dynamic Allocation Dynamic allocation functions malloc, realloc, calloc, free Implementation Common errors Static Allocation Allocation of memory at compile-time
More informationIMPORTANT QUESTIONS IN C FOR THE INTERVIEW
IMPORTANT QUESTIONS IN C FOR THE INTERVIEW 1. What is a header file? Header file is a simple text file which contains prototypes of all in-built functions, predefined variables and symbolic constants.
More informationC Introduction. Comparison w/ Java, Memory Model, and Pointers
CS 261 Fall 2018 Mike Lam, Professor C Introduction Comparison w/ Java, Memory Model, and Pointers Please go to socrative.com on your phone or laptop, choose student login and join room LAMJMU The C Language
More informationDEBUGGING: DYNAMIC PROGRAM ANALYSIS
DEBUGGING: DYNAMIC PROGRAM ANALYSIS WS 2017/2018 Martina Seidl Institute for Formal Models and Verification System Invariants properties of a program must hold over the entire run: integrity of data no
More informationC Tutorial. Pointers, Dynamic Memory allocation, Valgrind, Makefile - Abhishek Yeluri and Yashwant Reddy Virupaksha
C Tutorial Pointers, Dynamic Memory allocation, Valgrind, Makefile - Abhishek Yeluri and Yashwant Reddy Virupaksha CS 370 - Operating Systems - Spring 2019 1 Outline What is a pointer? & and * operators
More informationCOMP26120: Linked List in C (2018/19) Lucas Cordeiro
COMP26120: Linked List in C (2018/19) Lucas Cordeiro lucas.cordeiro@manchester.ac.uk Linked List Lucas Cordeiro (Formal Methods Group) lucas.cordeiro@manchester.ac.uk Office: 2.28 Office hours: 10-11 Tuesday,
More informationMalloc Lab & Midterm Solutions. Recitation 11: Tuesday: 11/08/2016
Malloc Lab & Midterm Solutions Recitation 11: Tuesday: 11/08/2016 Malloc 2 Important Notes about Malloc Lab Malloc lab has been updated from previous years Supports a full 64 bit address space rather than
More informationCopyright 2015 MathEmbedded Ltd.r. Finding security vulnerabilities by fuzzing and dynamic code analysis
Finding security vulnerabilities by fuzzing and dynamic code analysis Security Vulnerabilities Top code security vulnerabilities don t change much: Security Vulnerabilities Top code security vulnerabilities
More informationCS24 Week 2 Lecture 1
CS24 Week 2 Lecture 1 Kyle Dewey Overview C Review Void pointers Allocation structs void* (Void Pointers) void* Like any other pointer, it refers to some memory address However, it has no associated type,
More informationOSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1
OSI Network Layer Network Fundamentals Chapter 5 Version 4.0 1 Objectives Identify the role of the Network Layer, as it describes communication from one end device to another end device. Examine the most
More informationLecture 19 Notes Data Structures in C
Lecture 19 Notes Data Structures in C 15-122: Principles of Imperative Computation (Fall 2015) Rob Simmons In this lecture, we will begin our transition to C. In many ways, the lecture is therefore about
More informationProgramming in C S c o t t S c h r e m m e r
Programming in C S c o t t S c h r e m m e r Outline Introduction Data Types and structures Pointers, arrays and dynamic memory allocation Functions and prototypes input/output comparisons compiling/makefiles/debugging
More informationo Code, executable, and process o Main memory vs. virtual memory
Goals for Today s Lecture Memory Allocation Prof. David August COS 217 Behind the scenes of running a program o Code, executable, and process o Main memory vs. virtual memory Memory layout for UNIX processes,
More informationStructures, Unions Alignment, Padding, Bit Fields Access, Initialization Compound Literals Opaque Structures Summary. Structures
Structures Proseminar C Grundlagen und Konzepte Michael Kuhn Research Group Scientific Computing Department of Informatics Faculty of Mathematics, Informatics und Natural Sciences University of Hamburg
More informationData Structures in C. C Programming and Software Tools. N.C. State Department of Computer Science
Data Structures in C C Programming and Software Tools N.C. State Department of Computer Science Data Structures in C The combination of pointers, structs, and dynamic memory allocation allows for creation
More informationExercise Session 2 Simon Gerber
Exercise Session 2 Simon Gerber CASP 2014 Exercise 2: Binary search tree Implement and test a binary search tree in C: Implement key insert() and lookup() functions Implement as C module: bst.c, bst.h
More informationECE 250 / CS 250 Computer Architecture. C to Binary: Memory & Data Representations. Benjamin Lee
ECE 250 / CS 250 Computer Architecture C to Binary: Memory & Data Representations Benjamin Lee Slides based on those from Alvin Lebeck, Daniel Sorin, Andrew Hilton, Amir Roth, Gershon Kedem Administrivia
More informationECE4110 Internetwork Programming. Introduction and Overview
ECE4110 Internetwork Programming Introduction and Overview 1 EXAMPLE GENERAL NETWORK ALGORITHM Listen to wire Are signals detected Detect a preamble Yes Read Destination Address No data carrying or noise?
More informationCSE 333 Lecture 2 Memory
CSE 333 Lecture 2 Memory John Zahorjan Department of Computer Science & Engineering University of Washington Today s goals - some terminology - review of memory resources - reserving memory - type checking
More informationCS 314 Principles of Programming Languages. Lecture 11
CS 314 Principles of Programming Languages Lecture 11 Zheng Zhang Department of Computer Science Rutgers University Wednesday 12 th October, 2016 Zheng Zhang 1 eddy.zhengzhang@cs.rutgers.edu Class Information
More information18-642: Code Style for Compilers
18-642: Code Style for Compilers 9/6/2018 2017-2018 Philip Koopman Programming can be fun, so can cryptography; however they should not be combined. Kreitzberg and Shneiderman 2017-2018 Philip Koopman
More informationLecture 05 Integer overflow. Stephen Checkoway University of Illinois at Chicago
Lecture 05 Integer overflow Stephen Checkoway University of Illinois at Chicago Unsafe functions in libc strcpy strcat gets scanf family (fscanf, sscanf, etc.) (rare) printffamily (more about these later)
More informationIn Java we have the keyword null, which is the value of an uninitialized reference type
+ More on Pointers + Null pointers In Java we have the keyword null, which is the value of an uninitialized reference type In C we sometimes use NULL, but its just a macro for the integer 0 Pointers are
More informationLecture 20 C s Memory Model
Lecture 20 C s Memory Model 15-122: Principles of Imperative Computation (Spring 2018) Frank Pfenning, Rob Simmons 1 The C0 and C Memory Model When we talk about memory in C0, C1, and C, that memory is
More information[0569] p 0318 garbage
A Pointer is a variable which contains the address of another variable. Declaration syntax: Pointer_type *pointer_name; This declaration will create a pointer of the pointer_name which will point to the
More informationProgramming in C++ 5. Integral data types
Programming in C++ 5. Integral data types! Introduction! Type int! Integer multiplication & division! Increment & decrement operators! Associativity & precedence of operators! Some common operators! Long
More informationPointer Casts and Data Accesses
C Programming Pointer Casts and Data Accesses For this assignment, you will implement a C function similar to printf(). While implementing the function you will encounter pointers, strings, and bit-wise
More informationLecture 14 Notes. Brent Edmunds
Lecture 14 Notes Brent Edmunds October 5, 2012 Table of Contents 1 Sins of Coding 3 1.1 Accessing Undeclared Variables and Pointers...................... 3 1.2 Playing With What Isn t Yours..............................
More informationFinding Bugs Using Xcode Runtime Tools
Session Developer Tools #WWDC17 Finding Bugs Using Xcode Runtime Tools 406 Kuba Mracek, Program Analysis Engineer Vedant Kumar, Compiler Engineer 2017 Apple Inc. All rights reserved. Redistribution or
More information6.S096: Introduction to C/C++
6.S096: Introduction to C/C++ Frank Li, Tom Lieber, Kyle Murray Lecture 4: Data Structures and Debugging! January 17, 2012 Today Memory Leaks and Valgrind Tool Structs and Unions Opaque Types Enum and
More informationKey C Topics: Tutorial Pointers, Dynamic Memory allocation, Valgrind and Makefile CS370
Key C Topics: Tutorial Pointers, Dynamic Memory allocation, Valgrind and Makefile CS370 Outline Pointers in C & and * operators Pointers with Arrays and Strings Dynamic memory allocation malloc() and free()
More informationLecture 20 Notes C s Memory Model
Lecture 20 Notes C s Memory Model 15-122: Principles of Imperative Computation (Fall 2015) Frank Pfenning, Rob Simmons 1 The C0 and C Memory Model When we talk about memory in C0, C1, and C, that memory
More informationProgramming in C. Lecture 5: Aliasing, Graphs, and Deallocation. Dr Neel Krishnaswami. Michaelmas Term University of Cambridge
Programming in C Lecture 5: Aliasing, Graphs, and Deallocation Dr Neel Krishnaswami University of Cambridge Michaelmas Term 2017-2018 1 / 20 The C API for Dynamic Memory Allocation void *malloc(size_t
More informationCS61C : Machine Structures
inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture 3 Introduction to C (pt 2) 2010-06-23! C help session: Tonight 7:00-9:00pm @ 306 Soda!!!Instructor Paul Pearce! The typical! development
More informationSolution Manual for Data Structures and Problem Solving Using C++ 2nd edition by Mark A. Weiss
Solution Manual for Data Structures and Problem Solving Using C++ 2nd edition by Mark A. Weiss Link full download: https://getbooksolutions.com/download/solutions-manual-fordata-structures-and-problem-solving-using-c-2nd-edition-by-weiss/
More informationC++ Undefined Behavior
C++ Undefined Behavior What is it, and why should I care? A presentation originally by Marshal Clow Original: https://www.youtube.com/watch?v=uhclkb1vkay Original Slides: https://github.com/boostcon/cppnow_presentations_2014/blob/master/files/undefined-behavior.pdf
More informationECE 598 Advanced Operating Systems Lecture 12
ECE 598 Advanced Operating Systems Lecture 12 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 1 March 2018 Announcements Next homework will be due after break. Midterm next Thursday
More informationCS 61c: Great Ideas in Computer Architecture
Arrays, Strings, and Some More Pointers June 24, 2014 Review of Last Lecture C Basics Variables, functioss, control flow, types, structs Only 0 and NULL evaluate to false Pointers hold addresses Address
More informationCS 61C: Great Ideas in Computer Architecture. C Arrays, Strings, More Pointers
CS 61C: Great Ideas in Computer Architecture C Arrays, Strings, More Pointers Instructor: Justin Hsia 6/20/2012 Summer 2012 Lecture #3 1 Review of Last Lecture C Basics Variables, Functions, Flow Control,
More informationLinux Programming
Linux Programming CMPT 433 Slides #6 Dr. B. Fraser 18-05-22 1 Topics 1) How can we do multitasking? 2) How can our multiple tasks communicate? 3) How can we communicate over the network? 18-05-22 2 Concurrency:
More information15-122: Principles of Imperative Computation, Spring Written Homework 12. Due: Sunday 15 th April, 2018 by 10pm. Name: Andrew ID: Section:
15-122: Principles of Imperative Computation, Spring 2018 Written Homework 12 Due: Sunday 15 th April, 2018 by 10pm Name: Andrew ID: Section: This written homework provides practice with C features such
More informationLecture 3: C Programm
0 3 E CS 1 Lecture 3: C Programm ing Reading Quiz Note the intimidating red border! 2 A variable is: A. an area in memory that is reserved at run time to hold a value of particular type B. an area in memory
More informationCS C Primer. Tyler Szepesi. January 16, 2013
January 16, 2013 Topics 1 Why C? 2 Data Types 3 Memory 4 Files 5 Endianness 6 Resources Why C? C is exteremely flexible and gives control to the programmer Allows users to break rigid rules, which are
More information