Performance of Compiler-Assisted Memory Safety Checking

Abstract

Buffer overflows affect a large installed base of C code. This technical note describes the criteria for deploying a compiler-based memory safety checking tool and the performance that can be achieved with two such tools whose source code is freely available. The note then describes a modification to the LLVM compiler to enable hoisting bounds checks from loops and functions. This proof-of-concept prototype has been used to demonstrate how these optimizations can be performed reliably on bounds checks to improve their performance. However, the performance of bounds propagation is the dominant cost, and the overall runtime cost for bounds checking for C remains expensive, even after these optimizations are applied. Nevertheless, optimized bounds checks are adequate for non-performance-critical applications, and improvements in processor technology may allow optimized bounds checking to be used with performance-critical applications.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2014
Accession Number
ADA610094

Entities

People

  • David Keaton
  • Robert C. Seacord

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • C Programming Language
  • Compilers
  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Debugging
  • Denial Of Service Attack
  • Electronic Mail
  • Engineering
  • Failure Mode And Effect Analysis
  • Hash Tables
  • Language
  • Optimization
  • Programming Languages
  • Software Development

Fields of Study

  • Computer science

Readers

  • Computer Programming and Software Development.
  • Parallel and Distributed Computing.
  • Software Engineering.