The invention relates in general to the field of computerized method, systems and program products for performing safety check operations. In particular, embodiments of the invention allow for deferred safety check operations.
More and more elaborated approaches are being developed to defend against memory corruption vulnerabilities, starting with solutions providing some form of memory safety. The latter are implemented using inline reference monitors (IRMs), that is, they instrument a target program with inline checks, which ensure that required safety properties are satisfied at runtime. Unfortunately, such checks often incur a high overhead. Furthermore, it is extremely difficult to reduce this overhead through implementation optimizations alone.
IRMs have initially been used for interpreted languages such as Java, and dot NET (“.NET”) before spreading to intermediate languages and mobile applications. To advance the implementation of inline reference monitors, Prolog and aspect-oriented programming have been proposed.
In addition to the standard approaches of storing pointer-related metadata, fat pointers and separate metadata tables, recent research has investigated low-fat pointers that encode metadata within the native pointer to make it compatible with metadata-unaware code. In terms of object-related metadata, metalloc is a heap allocator that has been designed with fast lookup of metadata for heap objects in mind.
Speculative Execution is a known approach employed by CPUs: before a branch condition is actually evaluated, the execution pipeline is already filled with the instructions of the path taken according to the branch predictor. If the branch prediction turns out wrong, the results of the speculative execution are thrown away. This concept may be extended to the operating system: an endolithic OS kernel offers execution as a service by speculatively executing application process slices inside a kernel thread. Supervision of this execution allows automatic remediation in case of a fault.