Memory Leak Detection in IoT Program Based on an Abstract Memory Model SeqMM

Memory Leak Detection in IoT Program Based on an Abstract Memory Model SeqMM

Leak detection

Digital storage

C (programming language)

Internet of things

Static analysis

Data flow analysis

With the rapid growth of the Internet-of-Things (IoT), security issues for the IoT are becoming increasingly serious. Memory leaks are a common and harmful software defect for IoT programs running on resource-limited devices. Static analysis is an effective method for memory leak detection, however, because the existing methods cannot fully describe the memory state of IoT programs at run time, false positives and false negatives frequently occur. To improve the precision of memory leak detection, we propose an abstract memory model SeqMM to describe sequential storage structures. SeqMM differs from other abstract memory models in its ability to handle both points-To analysis and numerical analysis of pointers, which contributes to eliminating false positives in defect detection. In addition, based on the analysis of the sequential storage structure, we introduce the analysis of its operations in C programs, including transfer operations and predicate operations. Moreover, we present a memory leak detection algorithm by determining the state of the program points related to allocated memory blocks. The experimental results of five real projects indicate that the false positive rates of DTSCSeqMM, Klocwork12 and DTSCRSTVL are 29.0%, 15.0% and 40.6% respectively, and the corresponding false negative rates are 0%, 22.7% and 13.6%. 2013 IEEE.

158904-158916

7

Dong, Yukun

Yin, Wenjing

Wang, Shudong

Zhang, Li

Sun, Lin

IEEE Access

2019

journalArticle

21693536

10.1109/ACCESS.2019.2951168

http://dx.doi.org/10.1109/ACCESS.2019.2951168