Enhancing Availability and Security Through Failure-Oblivious Computing

We present a new technique, failure-oblivious computing, that enables programs to continue to execute through memory errors without memory corruption. Our safe compiler for C inserts checks that dynamically detect invalid memory accesses. Instead of terminating the execution or throwing an exception, the generated code simply discards invalid writes and manufactures values to return for invalid reads, enabling the program to continue its normal execution. We have applied failure-oblivious computing to a set of widely-used programs that are part of the Linux-based opensource interactive computing environment. Our results show that our techniques 1) make these programs invulnerable to known security attacks that exploit memory errors, and 2) enable the programs to continue to operate successfully to service legitimate requests and satisfy the needs of their users even after attacks trigger their memory errors.