[llvm-commits] CVS: llvm-www/pubs/2009-06-PLDI-SoftBound.html 2009-06-PLDI-SoftBound.pdf

Chris Lattner sabre at nondot.org
Fri Jun 26 13:42:49 PDT 2009 


Changes in directory llvm-www/pubs:

2009-06-PLDI-SoftBound.html added (r1.1)
2009-06-PLDI-SoftBound.pdf added (r1.1)
---
Log message:

add a PLDI'09 paper that uses llvm.


---
Diffs of the changes:  (+84 -0)

 2009-06-PLDI-SoftBound.html |   84 ++++++++++++++++++++++++++++++++++++++++++++
 2009-06-PLDI-SoftBound.pdf  |    0 
 2 files changed, 84 insertions(+)


Index: llvm-www/pubs/2009-06-PLDI-SoftBound.html
diff -c /dev/null llvm-www/pubs/2009-06-PLDI-SoftBound.html:1.1
*** /dev/null	Fri Jun 26 15:41:57 2009
--- llvm-www/pubs/2009-06-PLDI-SoftBound.html	Fri Jun 26 15:41:46 2009
***************
*** 0 ****
--- 1,84 ----
+ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+ <html>
+ <head>
+   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+   <link rel="stylesheet" href="../llvm.css" type="text/css" media="screen">
+   <title>SoftBound: Highly Compatible and Complete Spatial Memory Safety for C</title>
+ </head>
+ <body>
+ 
+ <div class="pub_title">
+ SoftBound: Highly Compatible and Complete Spatial Memory Safety for C
+ </div>
+ <div class="pub_author">
+   <a href="http://www.cis.upenn.edu/~santoshn">Santosh Nagarakatte</a>,
+   Jianzhou Zhao, 
+   <a href="http://www.cis.upenn.edu/~milom">Milo M K Martin</a> and
+   <a href="http://www.cis.upenn.edu/~stevez">Steve Zdancewic</a>
+ </div>
+ 
+ <h2>Abstract:</h2>
+ <blockquote>
+ The serious bugs and security vulnerabilities facilitated by C/C++'s
+ lack of bounds checking are well known, yet C and C++ remain in
+ widespread use.  Unfortunately, C's arbitrary pointer arithmetic,
+ conflation of pointers and arrays, and programmer-visible memory layout
+ make retrofitting C/C++ with spatial safety guarantees extremely
+ challenging.  Existing approaches suffer from incompleteness, have high
+ runtime overhead, or require non-trivial changes to the C source code.
+ Thus far, these deficiencies have prevented widespread adoption of such
+ techniques.
+ 
+ This paper proposes SoftBound, a compile-time transformation for
+ enforcing spatial safety of C.  Inspired by HardBound, a
+ previously proposed hardware-assisted approach, SoftBound similarly
+ records base and bound information for every pointer as disjoint
+ metadata.  This decoupling enables SoftBound to provide
+ spatial safety without requiring changes to C source code.  Unlike
+ HardBound, SoftBound is a software-only approach and performs
+ metadata manipulation only when loading or storing pointer values.  A
+ formal proof shows that this is sufficient to provide spatial safety
+ even in the presence of arbitrary casts.  SoftBound's full checking
+ mode provides complete spatial violation detection with 67%
+ runtime overhead on average.  To further reduce overheads, SoftBound has a store-only checking mode that successfully detects all the
+ security vulnerabilities in a test suite at the cost of only
+ 21% runtime overhead on average.
+ </blockquote>
+ 
+ <h2>Published:</h2>
+ <blockquote>
+ "SoftBound: Highly Compatible and Complete Spatial Memory Safety for C"<br>
+ Santosh Nagarakatte, Jianzhou Zhao, Milo M K Martin and Steve Zdancewic.<br>
+ <i>
+ Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI09) 
+ </i>, Dublin, Ireland, June 2009.
+ </blockquote>
+ <h2>Download:</h2>
+ <h3>Paper:</h3>
+ <ul>
+   <li><a href="2009-06-PLDI-SoftBound.pdf">
+   SoftBound: Highly Compatible and Complete Spatial Memory Safety for C
+   </a> (PDF)</li>
+ </ul>
+ 
+ <h2>BibTeX Entry:</h2>
+ <pre>
+ @inproceedings{SoftBound:PLDI09,
+  author = {Santosh Nagarakatte and Jianzhou Zhao and Milo M.K. Martin and Steve Zdancewic},
+  title = {SoftBound: Highly Compatible and Complete Spatial Safety for C},
+  booktitle = {Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation},
+  month = {June},
+  year = {2009},
+  location = {Dublin, Ireland},
+ }
+ </pre>
+ 
+ <!-- *********************************************************************** -->
+ <hr>
+   <a href="http://jigsaw.w3.org/css-validator/check/referer"><img
+   src="http://jigsaw.w3.org/css-validator/images/vcss" alt="Valid CSS!"></a>
+   <a href="http://validator.w3.org/check/referer"><img
+   src="http://www.w3.org/Icons/valid-html401" alt="Valid HTML 4.01!" /></a>
+ 
+ </body>
+ </html>


Index: llvm-www/pubs/2009-06-PLDI-SoftBound.pdf

More information about the llvm-commits mailing list