DangSan: Scalable use-after-free detection

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review


Use-after-free vulnerabilities due to dangling pointers are an important and growing threat to systems security. While various solutions exist to address this problem, none of them is sufficiently practical for real-world adoption. Some can be bypassed by attackers, others cannot support complex multithreaded applications prone to dangling pointers, and the remainder have prohibitively high overhead. One major source of overhead is the need to synchronize threads on every pointer write due to pointer tracking. In this paper, we present DangSan, a use-after-free detection system that scales efficiently to large numbers of pointer writes as well as to many concurrent threads. To significantly reduce the overhead of existing solutions, we observe that pointer tracking is write-intensive but requires very few reads. Moreover, there is no need for strong consistency guarantees as inconsistencies can be reconciled at read (i.e., object deallocation) time. Building on these intuitions, DangSan's design mimics that of log-structured file systems, which are ideally suited for similar workloads. Our results show that DangSan can run heavily multithreaded applications, while introducing only half the overhead of previous multithreaded use-after-free detectors.

Original languageEnglish
Title of host publicationProceedings of the 12th European Conference on Computer Systems, EuroSys 2017
PublisherAssociation for Computing Machinery, Inc
Number of pages15
ISBN (Electronic)9781450349383
Publication statusPublished - 23 Apr 2017
Event12th European Conference on Computer Systems, EuroSys 2017 - Belgrade, Serbia
Duration: 23 Apr 201726 Apr 2017


Conference12th European Conference on Computer Systems, EuroSys 2017


  • Dangling pointers
  • LLVM
  • Use-after-free


Dive into the research topics of 'DangSan: Scalable use-after-free detection'. Together they form a unique fingerprint.

Cite this