PICO: A Presburger In-bounds Check Optimization for Compiler-based Memory Safety Instrumentations
Memory safety violations such as buffer overflows are a threat to security to this day. A common solution to ensure memory safety for C is code instrumentation. However, this often causes high execution-time overhead and is therefore rarely used in production. Static analyses can reduce this overhea...
Gespeichert in:
| Veröffentlicht in: | ACM transactions on architecture and code optimization 2021-12, Vol.18 (4), p.1-27 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 27 |
|---|---|
| container_issue | 4 |
| container_start_page | 1 |
| container_title | ACM transactions on architecture and code optimization |
| container_volume | 18 |
| creator | Jung, Tina Ritter, Fabian Hack, Sebastian |
| description | Memory safety violations such as buffer overflows are a threat to security to this day. A common solution to ensure memory safety for C is code instrumentation. However, this often causes high execution-time overhead and is therefore rarely used in production.
Static analyses can reduce this overhead by proving some memory accesses in bounds at compile time. In practice, however, static analyses may fail to verify in-bounds accesses due to over-approximation. Therefore, it is important to additionally optimize the checks that reside in the program.
In this article, we present PICO, an approach to eliminate
and
replace in-bounds checks. PICO exactly captures the spatial memory safety of accesses using Presburger formulas to either verify them statically or substitute existing checks with more efficient ones. Thereby, PICO can generate checks of which each covers multiple accesses and place them at infrequently executed locations.
We evaluate our LLVM-based PICO prototype with the well-known SoftBound instrumentation on SPEC benchmarks commonly used in related work. PICO reduces the execution-time overhead introduced by SoftBound by 36% on average (and the code-size overhead by 24%). Our evaluation shows that the impact of substituting checks dominates that of removing provably redundant checks. |
| doi_str_mv | 10.1145/3460434 |
| format | Article |
| fullrecord | <record><control><sourceid>crossref</sourceid><recordid>TN_cdi_crossref_primary_10_1145_3460434</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10_1145_3460434</sourcerecordid><originalsourceid>FETCH-LOGICAL-c187t-83e81a31478ebea8c07731d767d635717eb274e64fa6ae5fbea502153811f6fd3</originalsourceid><addsrcrecordid>eNo1jssKwjAQRYMo-MTPcFWd6Uwy6VKKLxB0oeuStgkoitK48e9V1NW5i8PlKDVGmCKynhEbYOKW6qFmTigTav-3Nqar-jGeAdIsBeip9n6T74aqE9wl-tGPA3VcLg75OtnuVpt8vk0qtPJILHmLjpDF-tI7W4EIYS1GakNaUHyZCnvDwRnndXg7GlLUZBGDCTUN1OT7WzW3GBsfintzurrmWSAUn_jiF08vcWwysw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>PICO: A Presburger In-bounds Check Optimization for Compiler-based Memory Safety Instrumentations</title><source>ACM Digital Library Complete</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Jung, Tina ; Ritter, Fabian ; Hack, Sebastian</creator><creatorcontrib>Jung, Tina ; Ritter, Fabian ; Hack, Sebastian</creatorcontrib><description>Memory safety violations such as buffer overflows are a threat to security to this day. A common solution to ensure memory safety for C is code instrumentation. However, this often causes high execution-time overhead and is therefore rarely used in production.
Static analyses can reduce this overhead by proving some memory accesses in bounds at compile time. In practice, however, static analyses may fail to verify in-bounds accesses due to over-approximation. Therefore, it is important to additionally optimize the checks that reside in the program.
In this article, we present PICO, an approach to eliminate
and
replace in-bounds checks. PICO exactly captures the spatial memory safety of accesses using Presburger formulas to either verify them statically or substitute existing checks with more efficient ones. Thereby, PICO can generate checks of which each covers multiple accesses and place them at infrequently executed locations.
We evaluate our LLVM-based PICO prototype with the well-known SoftBound instrumentation on SPEC benchmarks commonly used in related work. PICO reduces the execution-time overhead introduced by SoftBound by 36% on average (and the code-size overhead by 24%). Our evaluation shows that the impact of substituting checks dominates that of removing provably redundant checks.</description><identifier>ISSN: 1544-3566</identifier><identifier>EISSN: 1544-3973</identifier><identifier>DOI: 10.1145/3460434</identifier><language>eng</language><ispartof>ACM transactions on architecture and code optimization, 2021-12, Vol.18 (4), p.1-27</ispartof><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c187t-83e81a31478ebea8c07731d767d635717eb274e64fa6ae5fbea502153811f6fd3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Jung, Tina</creatorcontrib><creatorcontrib>Ritter, Fabian</creatorcontrib><creatorcontrib>Hack, Sebastian</creatorcontrib><title>PICO: A Presburger In-bounds Check Optimization for Compiler-based Memory Safety Instrumentations</title><title>ACM transactions on architecture and code optimization</title><description>Memory safety violations such as buffer overflows are a threat to security to this day. A common solution to ensure memory safety for C is code instrumentation. However, this often causes high execution-time overhead and is therefore rarely used in production.
Static analyses can reduce this overhead by proving some memory accesses in bounds at compile time. In practice, however, static analyses may fail to verify in-bounds accesses due to over-approximation. Therefore, it is important to additionally optimize the checks that reside in the program.
In this article, we present PICO, an approach to eliminate
and
replace in-bounds checks. PICO exactly captures the spatial memory safety of accesses using Presburger formulas to either verify them statically or substitute existing checks with more efficient ones. Thereby, PICO can generate checks of which each covers multiple accesses and place them at infrequently executed locations.
We evaluate our LLVM-based PICO prototype with the well-known SoftBound instrumentation on SPEC benchmarks commonly used in related work. PICO reduces the execution-time overhead introduced by SoftBound by 36% on average (and the code-size overhead by 24%). Our evaluation shows that the impact of substituting checks dominates that of removing provably redundant checks.</description><issn>1544-3566</issn><issn>1544-3973</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><recordid>eNo1jssKwjAQRYMo-MTPcFWd6Uwy6VKKLxB0oeuStgkoitK48e9V1NW5i8PlKDVGmCKynhEbYOKW6qFmTigTav-3Nqar-jGeAdIsBeip9n6T74aqE9wl-tGPA3VcLg75OtnuVpt8vk0qtPJILHmLjpDF-tI7W4EIYS1GakNaUHyZCnvDwRnndXg7GlLUZBGDCTUN1OT7WzW3GBsfintzurrmWSAUn_jiF08vcWwysw</recordid><startdate>20211201</startdate><enddate>20211201</enddate><creator>Jung, Tina</creator><creator>Ritter, Fabian</creator><creator>Hack, Sebastian</creator><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20211201</creationdate><title>PICO</title><author>Jung, Tina ; Ritter, Fabian ; Hack, Sebastian</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c187t-83e81a31478ebea8c07731d767d635717eb274e64fa6ae5fbea502153811f6fd3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Jung, Tina</creatorcontrib><creatorcontrib>Ritter, Fabian</creatorcontrib><creatorcontrib>Hack, Sebastian</creatorcontrib><collection>CrossRef</collection><jtitle>ACM transactions on architecture and code optimization</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Jung, Tina</au><au>Ritter, Fabian</au><au>Hack, Sebastian</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>PICO: A Presburger In-bounds Check Optimization for Compiler-based Memory Safety Instrumentations</atitle><jtitle>ACM transactions on architecture and code optimization</jtitle><date>2021-12-01</date><risdate>2021</risdate><volume>18</volume><issue>4</issue><spage>1</spage><epage>27</epage><pages>1-27</pages><issn>1544-3566</issn><eissn>1544-3973</eissn><abstract>Memory safety violations such as buffer overflows are a threat to security to this day. A common solution to ensure memory safety for C is code instrumentation. However, this often causes high execution-time overhead and is therefore rarely used in production.
Static analyses can reduce this overhead by proving some memory accesses in bounds at compile time. In practice, however, static analyses may fail to verify in-bounds accesses due to over-approximation. Therefore, it is important to additionally optimize the checks that reside in the program.
In this article, we present PICO, an approach to eliminate
and
replace in-bounds checks. PICO exactly captures the spatial memory safety of accesses using Presburger formulas to either verify them statically or substitute existing checks with more efficient ones. Thereby, PICO can generate checks of which each covers multiple accesses and place them at infrequently executed locations.
We evaluate our LLVM-based PICO prototype with the well-known SoftBound instrumentation on SPEC benchmarks commonly used in related work. PICO reduces the execution-time overhead introduced by SoftBound by 36% on average (and the code-size overhead by 24%). Our evaluation shows that the impact of substituting checks dominates that of removing provably redundant checks.</abstract><doi>10.1145/3460434</doi><tpages>27</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1544-3566 |
| ispartof | ACM transactions on architecture and code optimization, 2021-12, Vol.18 (4), p.1-27 |
| issn | 1544-3566 1544-3973 |
| language | eng |
| recordid | cdi_crossref_primary_10_1145_3460434 |
| source | ACM Digital Library Complete; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals |
| title | PICO: A Presburger In-bounds Check Optimization for Compiler-based Memory Safety Instrumentations |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-02T19%3A07%3A25IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=PICO:%20A%20Presburger%20In-bounds%20Check%20Optimization%20for%20Compiler-based%20Memory%20Safety%20Instrumentations&rft.jtitle=ACM%20transactions%20on%20architecture%20and%20code%20optimization&rft.au=Jung,%20Tina&rft.date=2021-12-01&rft.volume=18&rft.issue=4&rft.spage=1&rft.epage=27&rft.pages=1-27&rft.issn=1544-3566&rft.eissn=1544-3973&rft_id=info:doi/10.1145/3460434&rft_dat=%3Ccrossref%3E10_1145_3460434%3C/crossref%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |