Runtime Checking C Programs

Published in 30th Annual ACM Symposium on Applied Computing, 2015

Recommended citation: Reed Milewicz, Rajesh Vanka, James Tuck, Daniel Quinlan, and Peter Pirkelbauer. Runtime checking C programs. In Proceedings of the 30th Annual ACM Symposium on Applied Computing, pages 2107–2114. ACM, 2015. http://academicpages.github.io/files/sac15.pdf

The C Programming Language is known for being an efficient language that can be compiled on almost any architecture and operating system. However the absence of dynamic safety checks and a relatively weak type system allows programmer oversights that are hard to spot. In this paper, we present RTC, a runtime monitoring tool that instruments unsafe code and monitors the program execution. RTC is built on top of the ROSE compiler infrastructure. RTC finds memory bugs and arithmetic overflows and underflows, and run-time type violations. Most of the instrumentations are directly added to the source file and only require a minimal runtime system. As a result, the instrumented code remains portable. In tests against known error detection benchmarks, RTC found 98% of all memory related bugs and had zero false positives. In performance tests conducted with well known algorithms, such as binary search and MD5, we determined that the unoptimized overhead rate is between a factor of 1.8 and a factor of 77 respectively.

Download paper here

Recommended citation: Reed Milewicz, Rajesh Vanka, James Tuck, Daniel Quinlan, and Peter Pirkelbauer. Runtime checking C programs. In Proceedings of the 30th Annual ACM Symposium on Applied Computing, pages 2107–2114. ACM, 2015.