Exploring effective uses of the tagged memory for reducing bounds checking overheads

• Published in: The Journal of supercomputing Vol. 79; no. 1; pp. 1032 - 1064
• Main Authors: Seo, Jiwon, Bang, Inyoung, Cho, Yungi, Shin, Jangseop, Hwang, Dongil, Kwon, Donghyun, Cho, Yeongpil, Paek, Yunheung
• Format: Journal Article
• Language: English
• Published: New York Springer US 2023; Springer Nature B.V
• Subjects: Compilers; Computer Science; Interpreters; Memory tasks; Processor Architectures; Programming Languages; Security; Spatial analysis; Spatial memory safety; Compiler analysis; Bounds checks; Software vulnerability; Tagged memory architecture
• ISSN: 0920-8542; 1573-0484
• DOI: 10.1007/s11227-022-04694-y

For spatial memory safety in C/C++ programs, bounds checking (BC) methods have been studied for decades. The practical use of BC has been deferred due to its inherently large performance overhead. Many efforts have been undertaken to reduce overhead by optimizing metadata management. However, BC’s performance is affected by another subtask, bounds comparison whose overhead is highly significant. To remedy this issue, we utilize the tagged memory (TM), a security architecture enabling efficient sanity checks by matching the tag IDs of pointers and the referent objects. We may replace expensive bounds comparisons with the lightweight tag matchings. However, due to physical limitation of TM for tag operations, this naive replacement scheme endangers security and even worsens the overhead of BC. Being aware of such downsides, we test a hybrid approach where we classify memory objects into two groups whose sanity is guaranteed by TM and bound comparison, respectively. For this, we perform compiler analysis and runtime profiling to comprehensively consider performance factors that influence the benefits and adverse effects of using TM. Our results exhibit that as long as TM is carefully orchestrated to work with conventional bound comparisons, it is effective to reduce the overall overhead.