Limits...
A Case Study of Performance Degradation Attributable to Run-Time Bounds Checks on C++ Vector Access.

Flater D, Guthrie WF - J Res Natl Inst Stand Technol (2013)

Bottom Line: Programmers routinely omit run-time safety checks from applications because they assume that these safety checks would degrade performance.The simplest example is the use of arrays or array-like data structures that do not enforce the constraint that indices must be within bounds.Comparisons across different use cases, configurations, programming languages, and environments are needed to determine under what circumstances (if any) the performance advantage of unchecked access is actually sufficient to outweigh the negative consequences for security and software quality.

View Article: PubMed Central - PubMed

Affiliation: National Institute of Standards and Technology, Gaithersburg, MD 20899.

ABSTRACT
Programmers routinely omit run-time safety checks from applications because they assume that these safety checks would degrade performance. The simplest example is the use of arrays or array-like data structures that do not enforce the constraint that indices must be within bounds. This report documents an attempt to measure the performance penalty incurred by two different implementations of bounds-checking in C and C++ using a simple benchmark and a desktop PC with a modern superscalar CPU. The benchmark consisted of a loop that wrote to array elements in sequential order. With this configuration, relative to the best performance observed for any access method in C or C++, mean degradation of only (0.881 ± 0.009) % was measured for a standard bounds-checking access method in C++. This case study showed the need for further work to develop and refine measurement methods and to perform more comparisons of this type. Comparisons across different use cases, configurations, programming languages, and environments are needed to determine under what circumstances (if any) the performance advantage of unchecked access is actually sufficient to outweigh the negative consequences for security and software quality.

No MeSH data available.


Disassembly of vector.at(i) loop from bench_C++_O3.
© Copyright Policy - open-access
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC4487316&req=5

f9-jres.118.012: Disassembly of vector.at(i) loop from bench_C++_O3.

Mentions: Figure 9 shows the annotated disassembly for the “big” half of the C++ vector.at(i) benchmark from bench_C++_O3. Only plain 32-bit assignments were used, so this loop made four times as many iterations as the other. The safety check is present inside the loop, albeit simplified: it was implemented using an equality comparison, rather than a greater-or-equals comparison as specified in the source for at().5 This presumably was an optimization for the case where the loop counter only increments by 1.


A Case Study of Performance Degradation Attributable to Run-Time Bounds Checks on C++ Vector Access.

Flater D, Guthrie WF - J Res Natl Inst Stand Technol (2013)

Disassembly of vector.at(i) loop from bench_C++_O3.
© Copyright Policy - open-access
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC4487316&req=5

f9-jres.118.012: Disassembly of vector.at(i) loop from bench_C++_O3.
Mentions: Figure 9 shows the annotated disassembly for the “big” half of the C++ vector.at(i) benchmark from bench_C++_O3. Only plain 32-bit assignments were used, so this loop made four times as many iterations as the other. The safety check is present inside the loop, albeit simplified: it was implemented using an equality comparison, rather than a greater-or-equals comparison as specified in the source for at().5 This presumably was an optimization for the case where the loop counter only increments by 1.

Bottom Line: Programmers routinely omit run-time safety checks from applications because they assume that these safety checks would degrade performance.The simplest example is the use of arrays or array-like data structures that do not enforce the constraint that indices must be within bounds.Comparisons across different use cases, configurations, programming languages, and environments are needed to determine under what circumstances (if any) the performance advantage of unchecked access is actually sufficient to outweigh the negative consequences for security and software quality.

View Article: PubMed Central - PubMed

Affiliation: National Institute of Standards and Technology, Gaithersburg, MD 20899.

ABSTRACT
Programmers routinely omit run-time safety checks from applications because they assume that these safety checks would degrade performance. The simplest example is the use of arrays or array-like data structures that do not enforce the constraint that indices must be within bounds. This report documents an attempt to measure the performance penalty incurred by two different implementations of bounds-checking in C and C++ using a simple benchmark and a desktop PC with a modern superscalar CPU. The benchmark consisted of a loop that wrote to array elements in sequential order. With this configuration, relative to the best performance observed for any access method in C or C++, mean degradation of only (0.881 ± 0.009) % was measured for a standard bounds-checking access method in C++. This case study showed the need for further work to develop and refine measurement methods and to perform more comparisons of this type. Comparisons across different use cases, configurations, programming languages, and environments are needed to determine under what circumstances (if any) the performance advantage of unchecked access is actually sufficient to outweigh the negative consequences for security and software quality.

No MeSH data available.