Umbra: Efficient and scalable memory shadowing

Shadow value tools use metadata to track properties of application data at the granularity of individual machine instructions. These tools provide effective means of monitoring and analyzing the runtime behavior of applications. However, the high runtime overhead stemming from fine-grained monitoring often limits the use of such tools. Furthermore, 64-bit architectures pose a new challenge to the building of efficient memory shadowing tools. Current tools are not able to efficiently monitor the full 64-bit address space due to limitations in their shadow metadata translation. This paper presents an efficient and scalable memory shadowing framework called Umbra. Employing a novel translation scheme, Umbra supports efficient mapping from application data to shadow metadata for both 32-bit and 64-bit applications. Umbra's translation scheme does not rely on any platform features and is not restricted to any specific shadow memory size. We also present several mapping optimizations and general dynamic instrumentation techniques that substantially reduce runtime overhead, and demonstrate their effectiveness on a real-world shadow value tool. We show that shadow memory translation overhead can be reduced to just 133% on average.