|
 ABSTRACT
Array bound checking refers to determining whether all array references in a program are within their declared ranges. This checking is critical for software verification and validation because subscripting arrays beyond their declared sizes may produce unexpected results, security holes, or failures. It is available in most commercial compilers but current implementations are not as efficient and effective as one may have hoped: (1) the execution times of array bound checked programs are increased by a factor of up to 5, (2) the compilation times are increased, which is detrimental to development and debugging, (3) the related error messages do not usually carry information to locate the faulty references, and (4) the consistency between actual array sizes and formal array declarations is not often checked.This article presents two optimization techniques that deal with Points 1, 2, and 3, and a new algorithm to tackle Point 4, which is not addressed by the current literature. The first optimization technique is based on the elimination of redundant tests, to provide very accurate information about faulty references during development and testing phases. The second one is based on the insertion of unavoidable tests to provide the smallest possible slowdown during the production phase. The new algorithm ensures the absence of bound violations in every array access in the called procedure with respect to the array declarations in the calling procedure. Our experiments suggest that the optimization of array bound checking depends on several factors, not only the percentage of removed checks, usually considered as the best improvement measuring metrics. The debugging capability and compile-time and run-time performances of our techniques are better than current implementations. The execution times of SPEC95 CFP benchmarks with range checking added by PIPS, our Fortran research compiler, are slightly longer, less than 20%, than that of unchecked programs. More problems due to functional and data recursion would have to be solved to extend these results from Fortran to other languages such as C, C++, or Java, but the issues addressed in this article are nevertheless relevant.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
 |
1
|
|
| |
2
|
Alfred V. Aho , Ravi Sethi , Jeffrey D. Ullman, Compilers: principles, techniques, and tools, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1986
|
| |
3
|
|
| |
4
|
Tal Lev-Ami , Thomas Reps , Mooly Sagiv , Reinhard Wilhelm, Putting static analysis to work for verification: A case study, Proceedings of the 2000 ACM SIGSOFT international symposium on Software testing and analysis, p.26-38, August 21-24, 2000, Portland, Oregon, United States
|
| |
5
|
|
| |
6
|
|
| |
7
|
ANSI. 1983. Programming Language FORTRAN, ANSI X3.9-1978, ISO 1539-1980. American National Standard Institute, New York, NY.
|
| |
8
|
|
| |
9
|
Todd M. Austin , Scott E. Breach , Gurindar S. Sohi, Efficient detection of all pointer and array access errors, Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation, p.290-301, June 20-24, 1994, Orlando, Florida, United States
|
| |
10
|
Rastislav Bodík , Rajiv Gupta , Vivek Sarkar, ABCD: eliminating array bounds checks on demand, Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation, p.321-333, June 18-21, 2000, Vancouver, British Columbia, Canada
|
| |
11
|
|
| |
12
|
|
| |
13
|
Cousot, P. and Cousot, R. 1976. Static determination of dynamic properties of programs. In Proceedings of the Second International Symposium on Programming. 106--130.
|
| |
14
|
Cousot, P. and Cousot, R. 1977. Static determination of dynamic properties of recursive programs. In Proceedings of the IFIP Conference on Formal Description of Programming Concepts. 237--277.
|
| |
15
|
|
| |
16
|
|
| |
17
|
|
| |
18
|
Delzanno, G., Jung, G., and Podelski, A. 2000. Static analysis of array bounds as infinite-state model checking. Unpublished article.
|
| |
19
|
|
| |
20
|
Evelyn Duesterwald , Rajiv Gupta , Mary Lou Soffa, A practical data flow framework for array reference analysis and its use in optimizations, Proceedings of the ACM SIGPLAN 1993 conference on Programming language design and implementation, p.68-77, June 21-25, 1993, Albuquerque, New Mexico, United States
|
| |
21
|
|
| |
22
|
|
| |
23
|
Feautrier, P. 1991. Dataflow analysis of array and scalar references. Int. J. Parall. Programm. 20, 1, 23--53.
|
| |
24
|
|
| |
25
|
|
| |
26
|
|
| |
27
|
|
| |
28
|
|
| |
29
|
Harrison, W. H. 1977. Compiler analysis of the value ranges for variables. IEEE Trans. Softw. Eng. SE-3, 3 (May), 243--250.
|
| |
30
|
Hasting, R. and Joyce, B. 1992. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter USENIX Conference. 125--136.
|
| |
31
|
|
| |
32
|
|
| |
33
|
|
| |
34
|
Jones, R. W. M. and Kelly, P. H. J. 1997. Backwards-compatible bounds checking for arrays and pointers in C programs. In Proceedings of the Third International Workshop on Automated Debugging.
|
| |
35
|
Karr, M. 1976. Affine relationship among variables of a program. Acta Informatica, 6, 133--151.
|
| |
36
|
|
| |
37
|
Sumant Kowshik , Dinakar Dhurjati , Vikram Adve, Ensuring code safety without runtime checks for real-time control systems, Proceedings of the 2002 international conference on Compilers, architecture, and synthesis for embedded systems, October 08-11, 2002, Grenoble, France
[doi> 10.1145/581630.581678]
|
| |
38
|
Leservot, A. 1996. Analyses interprocédurales du flot des données. Ph.D. dissertation. Université Paris VI, Paris, France.
|
| |
39
|
|
| |
40
|
Manjunathaiah, M. and Nicole, D. A. 1997. Precise analysis of array usage in scientific programs. Sci. Programm. 6, 229--242.
|
| |
41
|
|
| |
42
|
|
| |
43
|
|
| |
44
|
|
| |
45
|
José E. Moreira , Samuel P. Midkiff , Manish Gupta , Pedro V. Artigas , Peng Wu , George Almasi, The NINJA project, Communications of the ACM, v.44 n.10, p.102-109, Oct. 2001
[doi> 10.1145/383845.383867]
|
| |
46
|
|
| |
47
|
|
| |
48
|
|
| |
49
|
Nguyen, T. V. N. 2002. Efficient and effective software verifications for scientific applications using static analyses and code instrumentation. Ph.D. dissertation. Ecole des Mines de Paris, Paris, France.
|
| |
50
|
|
| |
51
|
|
| |
52
|
|
| |
53
|
|
| |
54
|
|
| |
55
|
Radu Rugina , Martin Rinard, Symbolic bounds analysis of pointers, array indices, and accessed memory regions, Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation, p.182-195, June 18-21, 2000, Vancouver, British Columbia, Canada
|
| |
56
|
|
| |
57
|
B. Schwarz , W. Kirchgässner , R. Landwehr, An optimizer for Ada - design, experiences and results, Proceedings of the ACM SIGPLAN 1988 conference on Programming Language design and Implementation, p.175-184, June 20-24, 1988, Atlanta, Georgia, United States
|
| |
58
|
|
| |
59
|
|
| |
60
|
|
| |
61
|
|
| |
62
|
|
| |
63
|
|
| |
64
|
Welsh, J. 1978. Economic range checks in Pascal. Soft.---Pract. Exper. 8, 85--97.
|
CITED BY 4
|
|
Nikolai Joukov , Aditya Kashyap , Gopalan Sivathanu , Erez Zadok, An electric fence for kernel buffers, Proceedings of the 2005 ACM workshop on Storage security and survivability, November 11-11, 2005, Fairfax, VA, USA
|
|
|
|
|
|
|
|
|
|
REVIEW
"Ambar Sarkar : Reviewer"
Array bound checking is an important step in software verification, and omitting this step often has consequences ranging from meaningless data to potential security violations. However, such checking is resource-intensive, and, according to the a
more...
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
D.2