Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Certifying Compiler and Pointer Logic Zhaopeng Li Software Security Lab. Department of Computer Science and Technology, University of Science and Technology.

Published bySheila Sims Modified over 8 years ago

Similar presentations

Presentation on theme: "A Certifying Compiler and Pointer Logic Zhaopeng Li Software Security Lab. Department of Computer Science and Technology, University of Science and Technology."— Presentation transcript:

1 A Certifying Compiler and Pointer Logic Zhaopeng Li Software Security Lab. Department of Computer Science and Technology, University of Science and Technology of China October 8, 2008 Towards Building Trusted Software

2 Software Security Lab, USTC2 Outline Motivation Research Goals Our Work A Certifying Compiler PointerC Language Pointer Logic Summary Future Work

3 Software Security Lab, USTC3 Motivation Software Safety Problems C language Widely used & legacy C codes Not easy to write a safe code with pointers One Solution : Program Verification Program + Annotation + Proof

4 Software Security Lab, USTC4 Motivation (cont.) Hoare Logic Hoare triple : {P}C{Q} Hard to reason pointer programs Separation Logic Low-level code, or high-level code with restriction Separation Conjunction (P*Q) Example: A Hoare-like Logic for C Language? p l1l1

5 Software Security Lab, USTC5 Research Goals Verification for C pointer programs Design a C-like language Design a logic Design a certifying compiler Generate codes with proof Minimize Trusted Computing Base

6 Software Security Lab, USTC6 Outline Motivation Research Goals Our Work A Certifying Compiler PointerC Language Pointer Logic Summary Future Work

7 Software Security Lab, USTC7 Our Certifying Compiler Source-level Certifying System Pointer Logic VCGen Prover Code Compiler Proof Compiler Certifying Compiler Source Code + Specifications Source Code + Spec. + Proof Assem. Code + Assem. Spec. + Assem. Proof PointerC Language

8 Software Security Lab, USTC8 Our Certifying Compiler (cont.) Prototype plcc ver1.0 (2005.5-2006.9) plcc ver2.0 (2006.9-2007.12) Improvements Build-in theorem prover Support limited pointer arithmetic Support more data structures Doubly-linked list

9 Software Security Lab, USTC9 Supported Programs Singly-linked/doubly-linked list traversal/reversal delete/insert create/clear Binary Tree traversal/rotate delete/insert

10 Software Security Lab, USTC10 Evaluation

11 Software Security Lab, USTC11 PointerC Language PointerC: A subset of C language with pointer type Memory management : malloc/free Main Constrains: Pointer Arithmetic is limited No union type No type cast …

12 Software Security Lab, USTC12 Pointer Logic Motivation PointerC typing rules with side conditions A logic proof system is needed Reason about source programs with complex pointer aliasing Why not separation logic?   p : ptr(struct (…, x: int; …))   p -> x : int ( valid(p) )

13 Software Security Lab, USTC13 Pointer Logic (cont.) Why not separation logic? p … q = p->next; p->next = p->next->next; free(q); … List_delete.c … q = p->next; t = q->next; p->next = t; free(q); … List_delete_trans.c No Rule for this kind of statement! t q No rule for aliasing inference! NULL struct List{ int data; struct list* next;}

14 Software Security Lab, USTC14 Basic ideas Precise pointer information collection At each program point Pointer classification Valid pointer set Null pointer set Dangling pointer set Equality between valid pointers

15 Software Security Lab, USTC15 Specification The information is concise ! Pointer Information

16 Software Security Lab, USTC16 Specification (cont.) Compare with separation logic Access path is short Low-level address is used in assertion Addresses are used to associate different heaps

17 Software Security Lab, USTC17 Expressivity Current Application Singly-linked list Doubly-linked list Binary Tree Graph? Equality between pointers is not certain Unable to be expressed in current pointer logic Not well-supported in separation logic either

18 Software Security Lab, USTC18 Expressivity (cont.) Singly-linked list Flat version Inductive version Singly-linked list from separation logic Flat version p nil p,l 1,l 2, …,l n-1 are distinct!

19 Software Security Lab, USTC19 Inference Rule Hoare-logic-like rules {P}C{Q} Extend Hoare Logic Calculate pointer information Q using P

20 Software Security Lab, USTC20 Memory Leak p NULL Pointer Logic Separtion Logic Memory Leak! No rules for this case! Assignment Axiom of Hoare Logic! must using precise assertion to rule out this case!

21 Software Security Lab, USTC21 Comparison with Separation Logic Common features: Extension of Hoare logic Deal with pointer programs Differences: High-level vs low-level Pointer logic can deal with long access paths Precise information vs information hiding Rule out memory leak via different means

22 Software Security Lab, USTC22 Outline Motivation Research Goals Our Work A Certifying Compiler PointerC Language Pointer Logic Summary Future Work

23 Software Security Lab, USTC23 Summary A Certifying Compiler Theorem prover for pointer logic Generate codes with proof A Pointer Logic Verification for PointerC pointer programs Hoare-logic-like rules Compare with separation logic

24 Software Security Lab, USTC24 Future Work PointerC Language Extension More language features Unlimited pointer arithmetic Pointer Logic Extension Deal more data structures, such as DAG Pointer Logic for Java (static garbage detection etc.) Concurrent programming Realistic Certifying Compiler Verify some codes of mini-OS

25 Software Security Lab, USTC25 Thanks! Questions?

Download ppt "A Certifying Compiler and Pointer Logic Zhaopeng Li Software Security Lab. Department of Computer Science and Technology, University of Science and Technology."

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
Automatic Memory Management Noam Rinetzky Schreiber 123A 2015/seminar/seminar1415a.html.

Automatic Memory Management Noam Rinetzky Schreiber 123A /seminar/seminar1415a.html.
ICE1341 Programming Languages Spring 2005 Lecture #6 Lecture #6 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University.

ICE1341 Programming Languages Spring 2005 Lecture #6 Lecture #6 In-Young Ko iko.AT. icu.ac.kr iko.AT. icu.ac.kr Information and Communications University.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Analysis of programs with pointers. Simple example What are the dependences in this program? Problem: just looking at variable names will not give you.

Analysis of programs with pointers. Simple example What are the dependences in this program? Problem: just looking at variable names will not give you.
Automated Software Verification with a Permission-Based Logic 20 th June 2014, Zürich Malte Schwerhoff, ETH Zürich.

Automated Software Verification with a Permission-Based Logic 20 th June 2014, Zürich Malte Schwerhoff, ETH Zürich.
B. Sharma, S.D. Dhodapkar, S. Ramesh 1 Assertion Checking Environment (ACE) for Formal Verification of C Programs Babita Sharma, S.D.Dhodapkar RCnD, BARC,

B. Sharma, S.D. Dhodapkar, S. Ramesh 1 Assertion Checking Environment (ACE) for Formal Verification of C Programs Babita Sharma, S.D.Dhodapkar RCnD, BARC,
INF 212 ANALYSIS OF PROG. LANGS Type Systems Instructors: Crista Lopes Copyright © Instructors.

INF 212 ANALYSIS OF PROG. LANGS Type Systems Instructors: Crista Lopes Copyright © Instructors.
Ashish Kundu CS590F Purdue 02/12/07 Language-Based Information Flow Security Andrei Sabelfield, Andrew C. Myers Presentation: Ashish Kundu

Ashish Kundu CS590F Purdue 02/12/07 Language-Based Information Flow Security Andrei Sabelfield, Andrew C. Myers Presentation: Ashish Kundu
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
Copyright © 2006 Addison-Wesley. All rights reserved. 3.5 Dynamic Semantics Meanings of expressions, statements, and program units Static semantics – type.

Copyright © 2006 Addison-Wesley. All rights reserved. 3.5 Dynamic Semantics Meanings of expressions, statements, and program units Static semantics – type.
1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.
CS 355 – Programming Languages

CS 355 – Programming Languages
Establishing Local Temporal Heap Safety Properties with Applications to Compile-Time Memory Management Ran Shaham Eran Yahav Elliot Kolodner Mooly Sagiv.

Establishing Local Temporal Heap Safety Properties with Applications to Compile-Time Memory Management Ran Shaham Eran Yahav Elliot Kolodner Mooly Sagiv.
Proof-system search ( ` ) Interpretation search ( ² ) Main search strategy DPLL Backtracking Incremental SAT Natural deduction Sequents Resolution Main.

Proof-system search ( ` ) Interpretation search ( ² ) Main search strategy DPLL Backtracking Incremental SAT Natural deduction Sequents Resolution Main.
Facilitating Program Verification with Dependent Types Hongwei Xi Boston University.

Facilitating Program Verification with Dependent Types Hongwei Xi Boston University.
Typed Memory Management in a Calculus of Capabilities David Walker (with Karl Crary and Greg Morrisett)

Typed Memory Management in a Calculus of Capabilities David Walker (with Karl Crary and Greg Morrisett)
Reasons to study concepts of PL

Reasons to study concepts of PL
Programming Language Semantics Java Threads and Locks Informal Introduction The Java Specification Language Chapter 17.

Programming Language Semantics Java Threads and Locks Informal Introduction The Java Specification Language Chapter 17.

Similar presentations

Ads by Google