Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO) (2013)
Shenzhen, China China
Feb. 23, 2013 to Feb. 27, 2013
R. E. Rodrigues , Dept. of Comput. Sci., Fed. Univ. of Minas Gerais (UFMG), Belo Horizonte, Brazil
Victor Hugo Sperle Campos , Dept. of Comput. Sci., Fed. Univ. of Minas Gerais (UFMG), Belo Horizonte, Brazil
Fernando Magno Quintao Pereira , Dept. of Comput. Sci., Fed. Univ. of Minas Gerais (UFMG), Belo Horizonte, Brazil
The integer primitive type has upper and lower bounds in many programming languages, including C, and Java. These limits might lead programs that manipulate large integer numbers to produce unexpected results due to overflows. There exists a plethora of works that instrument programs to track the occurrence of these overflows. In this paper we present an algorithm that uses static range analysis to avoid this instrumentation whenever possible. Our range analysis contains novel techniques, such as a notion of “future” bounds to handle comparisons between variables. We have used this algorithm to avoid some checks created by a dynamic instrumentation library that we have implemented in LLVM. This framework has been used to detect overflows in hundreds of C/C++ programs. As a testimony of its effectiveness, our range analysis has been able to avoid 25% of all the overflow checks necessary to secure the C programs in the LLVM test suite. This optimization has reduced the runtime overhead of instrumentation by 50%.
Instruments, Algorithm design and analysis, Computer languages, Lattices, Abstracts, Runtime, Heuristic algorithms
R. E. Rodrigues, V. H. Sperle Campos and F. Magno Quintao Pereira, "A fast and low-overhead technique to secure programs against integer overflows," 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO), Shenzhen, 2013, pp. 1-11.