Implicit array bounds checking on 64-bit architectures

Several programming languages guarantee that array subscripts are checked to ensure they are within the bounds of the array. While this guarantee improves the correctness and security of array-based code, it adds overhead to array references. This has been an obstacle to using higher-level languages, such as Java, for high-performance parallel computing, where the language specification requires that all array accesses must be checked to ensure they are within bounds. This is because, in practice, array-bounds checking in scientific applications may increase execution time by more than a factor of 2. Previous research has explored optimizations to statically eliminate bounds checks, but the dynamic nature of many scientific codes makes this difficult or impossible. Our approach is, instead, to create a compiler and operating system infrastructure that does not generate explicit bounds checks. It instead places arrays inside of Index Confinement Regions (ICRs), which are large, isolated, mostly unmapped virtual memory regions. Any array reference outside of its bounds will cause a protection violation; this provides implicit bounds checking. Our results show that when applying this infrastructure to high-performance computing programs written in Java, the overhead of bounds checking relative to a program with no bounds checks is reduced from an average of 63% to an average of 9%.

[1]  Tzi-cker Chiueh,et al.  Checking array bound violation using segmentation hardware , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[2]  David L. Black,et al.  The duality of memory and communication in the implementation of a multiprocessor operating system , 1987, SOSP '87.

[3]  Assaf Schuster,et al.  MultiView and Millipage — fine-grain sharing in page-based DSMs , 1999, OSDI '99.

[4]  Vivek Sarkar,et al.  ABCD: eliminating array bounds checks on demand , 2000, PLDI '00.

[5]  David Mosberger,et al.  IA-64 Linux Kernel: Design and Implementation , 2002 .

[6]  John Cocke,et al.  Optimization of range checking , 1982, SIGPLAN '82.

[7]  Hubertus Franke,et al.  Multiple page size support in the Linux kernel , 2002 .

[8]  K LowenthalDavid,et al.  Implicit array bounds checking on 64-bit architectures , 2006 .

[9]  Michael Wolfe,et al.  Elimination of redundant array subscript range checks , 1995, PLDI '95.

[10]  Frank Pfenning,et al.  Eliminating array bound checking through dependent types , 1998, PLDI.

[11]  Crispan Cowan,et al.  StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.

[12]  Mark D. Hill,et al.  A new page table for 64-bit address spaces , 1995, SOSP.

[13]  Songtao Xia,et al.  Towards array bound check elimination in Java TM virtual machine language , 1999, CASCON.

[14]  Samuel P. Midkiff,et al.  Java programming for high-performance numerical computing , 2000, IBM Syst. J..

[15]  Rajiv Gupta,et al.  Optimizing array bound checks using flow analysis , 1993, LOPL.

[16]  Samuel P. Midkiff,et al.  Automatic loop transformations and parallelization for Java , 2000, ICS '00.

[17]  Haoqiang Jin,et al.  Implementation of the NAS Parallel Benchmarks in Java , 2000 .

[18]  Martin C. Rinard,et al.  Symbolic bounds analysis of pointers, array indices, and accessed memory regions , 2005, TOPL.

[19]  Spiros Mancoridis,et al.  Using program transformation to secure C programs against buffer overflows , 2003, 10th Working Conference on Reverse Engineering, 2003. WCRE 2003. Proceedings..

[20]  Tzi-cker Chiueh,et al.  RAD: a compile-time solution to buffer overflow attacks , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[21]  Samuel P. Midkiff,et al.  Optimizing Array Reference Checking in Java Programs , 1998, IBM Syst. J..

[22]  Martin C. Rinard,et al.  Symbolic bounds analysis of pointers, array indices, and accessed memory regions , 2000, PLDI '00.