{"title":"A Case Study of Performance Degradation Attributable to Run-Time Bounds Checks on C++ Vector Access.","authors":"David Flater, William F Guthrie","doi":"10.6028/jres.118.012","DOIUrl":null,"url":null,"abstract":"<p><p>Programmers routinely omit run-time safety checks from applications because they assume that these safety checks would degrade performance. The simplest example is the use of arrays or array-like data structures that do not enforce the constraint that indices must be within bounds. This report documents an attempt to measure the performance penalty incurred by two different implementations of bounds-checking in C and C++ using a simple benchmark and a desktop PC with a modern superscalar CPU. The benchmark consisted of a loop that wrote to array elements in sequential order. With this configuration, relative to the best performance observed for any access method in C or C++, mean degradation of only (0.881 ± 0.009) % was measured for a standard bounds-checking access method in C++. This case study showed the need for further work to develop and refine measurement methods and to perform more comparisons of this type. Comparisons across different use cases, configurations, programming languages, and environments are needed to determine under what circumstances (if any) the performance advantage of unchecked access is actually sufficient to outweigh the negative consequences for security and software quality. </p>","PeriodicalId":17039,"journal":{"name":"Journal of Research of the National Institute of Standards and Technology","volume":"118 ","pages":"260-79"},"PeriodicalIF":1.5000,"publicationDate":"2013-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4487316/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Research of the National Institute of Standards and Technology","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.6028/jres.118.012","RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2013/1/1 0:00:00","PubModel":"eCollection","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Programmers routinely omit run-time safety checks from applications because they assume that these safety checks would degrade performance. The simplest example is the use of arrays or array-like data structures that do not enforce the constraint that indices must be within bounds. This report documents an attempt to measure the performance penalty incurred by two different implementations of bounds-checking in C and C++ using a simple benchmark and a desktop PC with a modern superscalar CPU. The benchmark consisted of a loop that wrote to array elements in sequential order. With this configuration, relative to the best performance observed for any access method in C or C++, mean degradation of only (0.881 ± 0.009) % was measured for a standard bounds-checking access method in C++. This case study showed the need for further work to develop and refine measurement methods and to perform more comparisons of this type. Comparisons across different use cases, configurations, programming languages, and environments are needed to determine under what circumstances (if any) the performance advantage of unchecked access is actually sufficient to outweigh the negative consequences for security and software quality.
程序员通常会在应用程序中省略运行时安全检查,因为他们认为这些安全检查会降低性能。最简单的例子就是使用数组或类似数组的数据结构,而不执行索引必须在边界内的约束。本报告记录了在 C 和 C++ 中使用两种不同的边界检查实现所造成的性能损失,并使用了一个简单的基准和一台配备现代超标量 CPU 的台式 PC。该基准测试包括一个按顺序写入数组元素的循环。在这种配置下,相对于在 C 或 C++ 中观察到的任何访问方法的最佳性能,在 C++ 中测量到的标准边界检验访问方法的平均性能下降率仅为(0.881 ± 0.009)%。这项案例研究表明,有必要进一步开发和完善测量方法,并进行更多此类比较。需要对不同的使用案例、配置、编程语言和环境进行比较,以确定在什么情况下(如果有的话),未检查访问的性能优势实际上足以抵消对安全性和软件质量造成的负面影响。
期刊介绍:
The Journal of Research of the National Institute of Standards and Technology is the flagship publication of the National Institute of Standards and Technology. It has been published under various titles and forms since 1904, with its roots as Scientific Papers issued as the Bulletin of the Bureau of Standards.
In 1928, the Scientific Papers were combined with Technologic Papers, which reported results of investigations of material and methods of testing. This new publication was titled the Bureau of Standards Journal of Research.
The Journal of Research of NIST reports NIST research and development in metrology and related fields of physical science, engineering, applied mathematics, statistics, biotechnology, information technology.