GIANTSAN : Efficient Memory Sanitization with Segment Folding

Memory safety sanitizers, the sharp weapon for detecting invalid memory operations during execution, employ runtime metadata to model the memory and help find memory errors hidden in the programs. However, location-based methods, the most widely deployed memory sanitization methods thanks to their high compatibility, face the low protection density issue: the number of bytes safeguarded by one metadata is limited. As a result, numerous memory accesses require loading excessive metadata, leading to a high runtime overhead. To address this issue, we propose a new shadow encoding with segment folding to increase the protection density. Specifically, we characterize neighboring bytes with identical metadata by building novel summaries, called folded segments, on those bytes to reduce unnecessary metadata loadings. The new encoding uses less metadata to safeguard large memory regions, speeding up memory sanitization. We implement our designed technique as GIANTSAN. Our evaluation using the SPEC CPU 2017 benchmark shows that GIANTSAN outperforms the state-of-the-art methods with 59.10% and 38.52% less runtime overhead than ASan and ASan-, respectively. Moreover, under the same redzone setting, GIANTSAN detects 463 fewer false negative cases than ASan and ASan- in testing the real-world project PHP. © 2024 Copyright held by the owner/author(s). Publication rights licensed to ACM.