[llvm-commits] CVS: llvm-www/pubs/2009-06-PLDI-SoftBound.html 2009-06-PLDI-SoftBound.pdf
Chris Lattner
sabre at nondot.org
Fri Jun 26 13:42:49 PDT 2009
Changes in directory llvm-www/pubs:
2009-06-PLDI-SoftBound.html added (r1.1)
2009-06-PLDI-SoftBound.pdf added (r1.1)
---
Log message:
add a PLDI'09 paper that uses llvm.
---
Diffs of the changes: (+84 -0)
2009-06-PLDI-SoftBound.html | 84 ++++++++++++++++++++++++++++++++++++++++++++
2009-06-PLDI-SoftBound.pdf | 0
2 files changed, 84 insertions(+)
Index: llvm-www/pubs/2009-06-PLDI-SoftBound.html
diff -c /dev/null llvm-www/pubs/2009-06-PLDI-SoftBound.html:1.1
*** /dev/null Fri Jun 26 15:41:57 2009
--- llvm-www/pubs/2009-06-PLDI-SoftBound.html Fri Jun 26 15:41:46 2009
***************
*** 0 ****
--- 1,84 ----
+ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+ <html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ <link rel="stylesheet" href="../llvm.css" type="text/css" media="screen">
+ <title>SoftBound: Highly Compatible and Complete Spatial Memory Safety for C</title>
+ </head>
+ <body>
+
+ <div class="pub_title">
+ SoftBound: Highly Compatible and Complete Spatial Memory Safety for C
+ </div>
+ <div class="pub_author">
+ <a href="http://www.cis.upenn.edu/~santoshn">Santosh Nagarakatte</a>,
+ Jianzhou Zhao,
+ <a href="http://www.cis.upenn.edu/~milom">Milo M K Martin</a> and
+ <a href="http://www.cis.upenn.edu/~stevez">Steve Zdancewic</a>
+ </div>
+
+ <h2>Abstract:</h2>
+ <blockquote>
+ The serious bugs and security vulnerabilities facilitated by C/C++'s
+ lack of bounds checking are well known, yet C and C++ remain in
+ widespread use. Unfortunately, C's arbitrary pointer arithmetic,
+ conflation of pointers and arrays, and programmer-visible memory layout
+ make retrofitting C/C++ with spatial safety guarantees extremely
+ challenging. Existing approaches suffer from incompleteness, have high
+ runtime overhead, or require non-trivial changes to the C source code.
+ Thus far, these deficiencies have prevented widespread adoption of such
+ techniques.
+
+ This paper proposes SoftBound, a compile-time transformation for
+ enforcing spatial safety of C. Inspired by HardBound, a
+ previously proposed hardware-assisted approach, SoftBound similarly
+ records base and bound information for every pointer as disjoint
+ metadata. This decoupling enables SoftBound to provide
+ spatial safety without requiring changes to C source code. Unlike
+ HardBound, SoftBound is a software-only approach and performs
+ metadata manipulation only when loading or storing pointer values. A
+ formal proof shows that this is sufficient to provide spatial safety
+ even in the presence of arbitrary casts. SoftBound's full checking
+ mode provides complete spatial violation detection with 67%
+ runtime overhead on average. To further reduce overheads, SoftBound has a store-only checking mode that successfully detects all the
+ security vulnerabilities in a test suite at the cost of only
+ 21% runtime overhead on average.
+ </blockquote>
+
+ <h2>Published:</h2>
+ <blockquote>
+ "SoftBound: Highly Compatible and Complete Spatial Memory Safety for C"<br>
+ Santosh Nagarakatte, Jianzhou Zhao, Milo M K Martin and Steve Zdancewic.<br>
+ <i>
+ Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI09)
+ </i>, Dublin, Ireland, June 2009.
+ </blockquote>
+ <h2>Download:</h2>
+ <h3>Paper:</h3>
+ <ul>
+ <li><a href="2009-06-PLDI-SoftBound.pdf">
+ SoftBound: Highly Compatible and Complete Spatial Memory Safety for C
+ </a> (PDF)</li>
+ </ul>
+
+ <h2>BibTeX Entry:</h2>
+ <pre>
+ @inproceedings{SoftBound:PLDI09,
+ author = {Santosh Nagarakatte and Jianzhou Zhao and Milo M.K. Martin and Steve Zdancewic},
+ title = {SoftBound: Highly Compatible and Complete Spatial Safety for C},
+ booktitle = {Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation},
+ month = {June},
+ year = {2009},
+ location = {Dublin, Ireland},
+ }
+ </pre>
+
+ <!-- *********************************************************************** -->
+ <hr>
+ <a href="http://jigsaw.w3.org/css-validator/check/referer"><img
+ src="http://jigsaw.w3.org/css-validator/images/vcss" alt="Valid CSS!"></a>
+ <a href="http://validator.w3.org/check/referer"><img
+ src="http://www.w3.org/Icons/valid-html401" alt="Valid HTML 4.01!" /></a>
+
+ </body>
+ </html>
Index: llvm-www/pubs/2009-06-PLDI-SoftBound.pdf
More information about the llvm-commits
mailing list