Memory safety violations such as buffer overflows are a threat to security to this day. A common solution to ensure memory safety for C is code instrumentation. However, this often causes high execution-time overhead and is therefore rarely used in production. Static analyses can reduce this overhead by proving some memory accesses in bounds at compile time. In practice, however, static analyses may fail to verify in-bounds accesses due to over-approximation. Therefore, it is important to additionally optimize the checks that reside in the program. In this article, we present PICO, an approach to eliminate and replace in-bounds checks. PICO exactly captures the spatial memory safety of accesses using Presburger formulas to either verify them statically or substitute existing checks with more efficient ones. Thereby, PICO can generate checks of which each covers multiple accesses and place them at infrequently executed locations. We evaluate our LLVM-based PICO prototype with the well-known SoftBound instrumentation on SPEC benchmarks commonly used in related work. PICO reduces the execution-time overhead introduced by SoftBound by 36% on average (and the code-size overhead by 24%). Our evaluation shows that the impact of substituting checks dominates that of removing provably redundant checks.

中文翻译：

---

微微

直到今天，诸如缓冲区溢出之类的内存安全违规仍是对安全的威胁。确保 C 的内存安全的一个常见解决方案是代码检测。但是，这通常会导致高执行时间开销，因此很少在生产中使用。静态分析可以通过在编译时证明一些内存访问在界限内来减少这种开销。然而，在实践中，由于过度近似，静态分析可能无法验证边界访问。因此，额外优化驻留在程序中的检查非常重要。在本文中，我们介绍 PICO，一种消除和替换边界检查。PICO 使用 Presburger 公式准确捕获访问的空间内存安全性，以静态验证它们或用更有效的检查替换现有检查。因此，PICO 可以生成检查，每个检查都涵盖多个访问，并将它们放置在不经常执行的位置。我们使用著名的 SoftBound 仪器在相关工作中常用的 SPEC 基准上评估我们基于 LLVM 的 PICO 原型。PICO 将 SoftBound 引入的执行时间开销平均减少了 36%（代码大小开销减少了 24%）。我们的评估表明，替换检查的影响优于删除可证明冗余检查的影响。