compiler verification meets cross language linking via
play

Compiler Verification meets Cross-Language Linking via Data - PowerPoint PPT Presentation

Jul 15, 2023 •337 likes •706 views

Compiler Verification meets Cross-Language Linking via Data Abstraction Peng Wang, MIT CSAIL Santiago Cuellar, Princeton University Adam Chlipala, MIT CSAIL Verified Compiler Program Verification Techniques

  1. Compiler Verification meets Cross-Language Linking via Data Abstraction Peng Wang, MIT CSAIL Santiago Cuellar, Princeton University Adam Chlipala, MIT CSAIL

  2. Verified Compiler Program Verification Techniques Source Program Semantics 2

  3. Verified Compiler Program Verification Techniques Source Program Semantics Semantic Preserving Compiler Target Program Semantics 2

  4. Cross-Language Development iPhoto.swift matrix.c iPhoto.S matrix.S malloc.S iPhoto.exe 3

  5. ListSet.ll: typedef /* ... */ ListSet; ListSet ListSet_new() { /* ... */ } void ListSet_delete(ListSet this) { /* ... */ } void ListSet_add(ListSet this, int key) { /* ... */ } int ListSet_size(ListSet this) { /* ... */ } CountUnique.hl: int countUnique(int[] arr) { Set set = new ListSet(); for (int i = 0; i < arr.length(); ++i) set.add(arr[i]); int ret = set.size(); delete set; return ret; } 4

  6. • Higher-level • Lower-level language: language: ‣ Memory of ADTs ‣ Memory of machine words ‣ Can call externally defined functions ‣ Assembly like ‣ Java/C++ like 5

  7. • Higher-level • Lower-level language: language: ‣ Memory of ADTs ‣ Memory of machine words ‣ Can call externally defined functions ‣ Assembly like ‣ Java/C++ like ‣ Expr/If/While/Call ‣ Function pointers 5

  8. • Higher-level • Lower-level language: language: ‣ Memory of ADTs ‣ Memory of machine words ‣ Can call externally defined functions ‣ Assembly like ‣ Java/C++ like ‣ Expr/If/While/Call ‣ Function pointers Cito Bedrock IL 5

  9. Cito Syntax Notation: Syntax: State: 6

  10. Bedrock IL Syntax Syntax: State: 7

  11. Bedrock IL Syntax Syntax: State: 7

  12. • Higher-level • Lower-level language: language: ‣ Memory of ADTs ‣ Memory of machine words ‣ Can call externally defined functions ‣ Assembly like ‣ Java/C++ like ‣ Expr/If/While/Call ‣ Function pointers Cito Bedrock IL 8

  13. • Higher-level • Lower-level language: language: ‣ Memory of ADTs ‣ Memory of machine words ‣ Can call externally defined functions ‣ Assembly like ‣ Java/C++ like ‣ Expr/If/While/Call ‣ Function pointers Cito Bedrock IL 8

  14. Semantics of Call • Environment ( Ψ ) : Function address → Function specification • Function specification: ‣ Operational : callee’s body ‣ Axiomatic : relation of pre-call and post-call state 9

  15. Operational vs. Axiomatic Operational Specification Axiomatic Specification ☹ Language dependent � Language independent ☹ Need to be provided � No annotation burden Suitable for intra -language calls Suitable for inter -language calls 10

  16. Operational vs. Axiomatic Operational Specification Axiomatic Specification ☹ Language dependent � Language independent ☹ Need to be provided � No annotation burden Suitable for intra -language calls Suitable for inter -language calls We allow both! 10

  17. Prove Semantic Preservation • Method 1 : Prove simulation between source’s and target’s operational semantics • Method 2 : Express semantic preservation in a program logic for the target language 11

  18. Prove Semantic Preservation • Method 1 : Prove simulation between source’s and target’s operational semantics • Method 2 : Express semantic preservation in a program logic for the target language 11

  19. Prove Semantic Preservation • Method 1 : Prove simulation between source’s and target’s operational semantics • Method 2 : Express semantic preservation in a program logic for the target language 11

  20. s state A state B compile ≈ ≈ t ∃ state b state a 12

  21. ∀ A,B,a,b,s,t. safe(A,s) ⇒ s state A state B compile ≈ ≈ t ∃ state b state a 12

  22. ∀ A,B,a,b,s,t. safe(A,s) ⇒ s state A state B compile ≈ ≈ t ∃ state b state a The main compiler correctness theorem 12

  23. ∀ A,B,a,b,s,t. safe(A,s) ⇒ s PARTIAL CORRECTNESS ONLY state A state B compile ≈ ≈ t ∃ state b state a The main compiler correctness theorem 12

  24. ListSet.ll: typedef /* ... */ ListSet; ListSet ListSet_new() { /* ... */ } void ListSet_delete(ListSet this) { /* ... */ } void ListSet_add(ListSet this, int key) { /* ... */ } int ListSet_size(ListSet this) { /* ... */ } CountUnique.hl: int countUnique(int[] arr) { Set set = new ListSet(); for (int i = 0; i < arr.length(); ++i) set.add(arr[i]); int ret = set.size(); delete set; return ret; } 13

  25. ListSet.ll: typedef /* ... */ ListSet; ListSet ListSet_new() { /* ... */ } void ListSet_delete(ListSet this) { /* ... */ } void ListSet_add(ListSet this, int key) { /* ... */ } int ListSet_size(ListSet this) { /* ... */ } Abstract Data Types (ADTs) are a natural interface between languages CountUnique.hl: int countUnique(int[] arr) { Set set = new ListSet(); for (int i = 0; i < arr.length(); ++i) set.add(arr[i]); int ret = set.size(); delete set; return ret; } 13

  26. ADT • ADT objects are blackboxes, assessed only by axiomatically specified methods • Object state is specified by a functional(mathematical) model • Methods can: ‣ return new object ‣ in-place modify arguments ‣ delete arguments • Example: Set ‣ model : mathematical set of integers ‣ {} new () {return set ∅ } ‣ {x is a set} delete (x) {x is deleted} ‣ {x is set s } size (x) {x is still set s , return | s |} ‣ {x is set s } add (x, w) {x is set s ∪ {w} } 14

  27. ADT • ADT objects are blackboxes, assessed only by axiomatically specified methods • Object state is specified by a functional(mathematical) model • Methods can: ‣ return new object ‣ in-place modify arguments ‣ delete arguments • Example: Set ‣ model : mathematical set of integers ‣ {} new () {return set ∅ } ‣ {x is a set} delete (x) {x is deleted} ‣ {x is set s } size (x) {x is still set s , return | s |} ‣ {x is set s } add (x, w) {x is set s ∪ {w} } 14

  28. CountUnique.v: ! ! ! ! ! ! Definition count := Steps: cmodule "count" {{ cfunction "count"("arr", "len") return "ret" 1. Write a Cito program "set" <-- Call "ListSet"!"new"();; "i" <- 0;; ! ! ! While ("i" < "len") { "e" <-- Call "ArraySeq"!"read" ("arr", "i");; Call "ListSet"!"add"("set", "e");; "i" <- "i" + 1 };; "ret" <-- Call "ListSet"!"size"("set");; Call "ListSet"!"delete"("set") end }}. ! ! ! ! ! ! 15

  29. ExampleADT.v: Inductive ADTModel := | Arr : list W -> ADTModel | FSet : MSet.t W -> ADTModel ... Definition ListSet_addSpec := PRE[I] exists s n, I = [ADT (FSet s), SCA n] POST[O, R] exists s n any, O = [(ADT (FSet s), Some (FSet (add n s))), (SCA n, None)] /\ R = SCA any. CountUnique.v: ! ! ! ! ! ! ! Definition imports := [ ! ("ArraySeq"!"read", ArraySeq_readSpec), ! ("ListSet"!"add", ListSet_addSpec), ... ] ! Definition count := Steps: ! cmodule "count" {{ ! cfunction "count"("arr", "len") return "ret" ! 1. Write a Cito program "set" <-- Call "ListSet"!"new"();; "i" <- 0;; ! ! ! 2. Provide ADT specifications ! ! ! ! ! While ("i" < "len") { ! "e" <-- Call "ArraySeq"!"read" ("arr", "i");; ! Call "ListSet"!"add"("set", "e");; "i" <- "i" + 1 ! };; ! "ret" <-- Call "ListSet"!"size"("set");; ! Call "ListSet"!"delete"("set") ! end ! }}. ! Compiler already usable, no Definition count_compil := compile count imports. ! Theorem count_ok : moduleOk count_compil. ! programmer annotation burden compile_ok. ! Qed. ! ! ! ! 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CROSS-LANGUAGE ENTITY LINKING PAUL MCNAMEE JAMES MAYFIELD* DOUGLAS W. OARD TAN XU KE WU

CROSS-LANGUAGE ENTITY LINKING PAUL MCNAMEE JAMES MAYFIELD* DOUGLAS W. OARD TAN XU KE WU

CROSS-LANGUAGE ENTITY LINKING PAUL MCNAMEE JAMES MAYFIELD* DOUGLAS W. OARD TAN XU KE WU VESELIN STOYANOV DAVID DOERMANN * TODAYS DESIGNATED BLOWHARD CROSS-LANGUAGE ENTITY LINKING KNOWLEDGE BASE QUERY !&quot; &quot; # $ % &amp; ' ( '#

452 views • 26 slides
Cross-Lingual Cross-Document Coreference with Entity Linking Sean Monahan, John Lehmann, Timothy

Cross-Lingual Cross-Document Coreference with Entity Linking Sean Monahan, John Lehmann, Timothy

Cross-Lingual Cross-Document Coreference with Entity Linking Sean Monahan, John Lehmann, Timothy Nyberg, Jesse Plymale, and Arnold Jung Language Computer Corporation 2435 North Central Expressway Richardson, TX, USA sean@languagecomputer.com

239 views • 10 slides
linking, cross-lingual entity linking) TAC 2011 Summarization Track Guided Summarization task

linking, cross-lingual entity linking) TAC 2011 Summarization Track Guided Summarization task

Overview of the TAC2011 Summarization (Guided, AESOP, MultiLing) RTE (within a corpus including novelty detection and ablation testing) Knowledge Base Population (monolingual entity linking, cross-lingual entity linking) TAC 2011 Summarization

596 views • 10 slides
Compiler verification for fun and profit Xavier Leroy Inria Paris-Rocquencourt FMCAD,

Compiler verification for fun and profit Xavier Leroy Inria Paris-Rocquencourt FMCAD,

Compiler verification for fun and profit Xavier Leroy Inria Paris-Rocquencourt FMCAD, 2014-10-22 X. Leroy (Inria) Compiler verification FMCAD14 1 / 52 Prologue: Can you trust your compiler? X. Leroy (Inria) Compiler verification

856 views • 70 slides
Cross-Lingual Cross-Document Coreference with Entity Linking Sean Monahan, John Lehmann, Timothy

Cross-Lingual Cross-Document Coreference with Entity Linking Sean Monahan, John Lehmann, Timothy

Cross-Lingual Cross-Document Coreference with Entity Linking Sean Monahan, John Lehmann, Timothy Nyberg, Jesse Plymale, Arnold Jung 2010 Entity Linking Task Link entity mentions in text to Knowledge Base (KB) Each entity mention is

390 views • 28 slides
Compiler CS 449 Executables and gcc Object Linking Preprocessed C source files source

Compiler CS 449 Executables and gcc Object Linking Preprocessed C source files source

Compiler CS 449 Executables and gcc Object Linking Preprocessed C source files source Executable .c cpp cc1 .o ld Preprocessor Compiler Linker Jonathan Misurda jmisurda@cs.pitt.edu Executables Older Executable Formats What

302 views • 3 slides
Verification of a Java Compiler in Isabelle Martin Strecker 7.1.2002 Java: Types, values,

Verification of a Java Compiler in Isabelle Martin Strecker 7.1.2002 Java: Types, values,

Verification of a Java Compiler in Isabelle Martin Strecker 7.1.2002 Java: Types, values, terms, ... Typing and operational semantics JVM Compiler Definition Proof Techniques Compilation and Bytecode Verification

643 views • 18 slides
Design Verification with e The language e Contains all the constructs necessary

Design Verification with e The language e Contains all the constructs necessary

Design Verification with e The language e Contains all the constructs necessary for a complete verification tool Allows objects in the verification environment to be extended Needs to express constraints Coverage

946 views • 80 slides
DYNAMIC LINKING CONSIDERED HARMFUL 1 WHY WE NEED LINKING Want to access code/data defined

DYNAMIC LINKING CONSIDERED HARMFUL 1 WHY WE NEED LINKING Want to access code/data defined

DYNAMIC LINKING CONSIDERED HARMFUL 1 WHY WE NEED LINKING Want to access code/data defined somewhere else (another file in our project, a library, etc) In compiler-speak, we want symbols with external linkage I only really care

563 views • 39 slides
Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler

Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler

Compiler Construction Chapter 11 1 Compiler Construction Compiler Construction A New Compiler Perhaps a new source language Perhaps a new target for an existing compiler Perhaps both 2 Compiler Construction Compiler Construction

661 views • 18 slides
Cross-Language Information Retrieval Carol Peters ISTI-CNR, Pisa Cross-Language Information

Cross-Language Information Retrieval Carol Peters ISTI-CNR, Pisa Cross-Language Information

Cross-Language Information Retrieval Carol Peters ISTI-CNR, Pisa Cross-Language Information Retrieval (CLIR) State-of-the-Art The basic cross-language text retrieval system technology now exists for bilingual and multilingual retrieval

117 views • 9 slides
Formal verification of an optimizing compiler or: a software-proof codesign approach to the

Formal verification of an optimizing compiler or: a software-proof codesign approach to the

Formal verification of an optimizing compiler or: a software-proof codesign approach to the development of trusted compilers Xavier Leroy INRIA Rocquencourt MEMOCODE 2007 X. Leroy (INRIA) Formal compiler verification MEMOCODE 2007 1 / 61

969 views • 62 slides
Formal verification of program obfuscations Sandrine Blazy joint work with Roberto Giacobazzi and

Formal verification of program obfuscations Sandrine Blazy joint work with Roberto Giacobazzi and

Formal verification of program obfuscations Sandrine Blazy joint work with Roberto Giacobazzi and Alix Trieu IFIP WG 2.11, 2015-11-10 1 Background: verifying a compiler Compiler + proof that the compiler does not introduce bugs CompCert, a

597 views • 21 slides
0 Correct Programming Compiler Compiler Hardware Language P Syntax PL compile P P PL HW

0 Correct Programming Compiler Compiler Hardware Language P Syntax PL compile P P PL HW

Bridging the Gap between Programming Languages and Hardware Weak Memory Models Anton Podkopaev Ori Lahav Viktor Vafeiadis 0 Correct Programming Compiler Compiler Hardware Language P Syntax PL compile P P PL HW PL HW is Memory Model

980 views • 74 slides
A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION

A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION

A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION CAPABILITIES Stefan Badelt , Seung Woo Shin, Robert F. Johnson, Qing Dong, Chris Thachuk, and Erik Winfree DNA and Natural Algorithms (DNA) Group,

320 views • 28 slides
SPL A Language and Compiler for DSP Algorithms Jiangxing Jong, Jeremy Johnson, Robert Johnson and

SPL A Language and Compiler for DSP Algorithms Jiangxing Jong, Jeremy Johnson, Robert Johnson and

A presentation by Samuel Husler about the paper: SPL A Language and Compiler for DSP Algorithms Jiangxing Jong, Jeremy Johnson, Robert Johnson and David Padua Overview Motivation The language SPL The SPL compiler Experiments

722 views • 36 slides
CSE443 Compilers Dr. Carl Alphonce alphonce@buffalo.edu 343 Davis Hall http:/

CSE443 Compilers Dr. Carl Alphonce alphonce@buffalo.edu 343 Davis Hall http:/

CSE443 Compilers Dr. Carl Alphonce alphonce@buffalo.edu 343 Davis Hall http:/ /www.cse.buffalo.edu/faculty/alphonce/SP17 /CSE443/index.php https:/ /piazza.com/class/iybn4ndqa1s3ei WW @ 4/5 handling of type checking in: 'assignable

519 views • 17 slides
Multidimensional Arrays CS 201 This slide set covers pointers and arrays in C++. You should read

Multidimensional Arrays CS 201 This slide set covers pointers and arrays in C++. You should read

Multidimensional Arrays CS 201 This slide set covers pointers and arrays in C++. You should read Chapter 8 from your Deitel &amp; Deitel book. Multidimensional arrays void foo() { // These are the necessary // declarations to represent

502 views • 11 slides
Your Chakra Is Not Aligned Hunting bugs in the Microsoft Edge Script Engine About Me Natalie

Your Chakra Is Not Aligned Hunting bugs in the Microsoft Edge Script Engine About Me Natalie

Your Chakra Is Not Aligned Hunting bugs in the Microsoft Edge Script Engine About Me Natalie Silvanovich AKA natashenka Project Zero member Previously did mobile security on Android and BlackBerry ECMAScript enthusiast

893 views • 39 slides
Structures, Strings, and Such What about arrays? Arrays are declared: 0 arr[0] int arr[8];

Structures, Strings, and Such What about arrays? Arrays are declared: 0 arr[0] int arr[8];

Structures, Strings, and Such What about arrays? Arrays are declared: 0 arr[0] int arr[8]; 0 arr[1] This declares an array of 8 0 arr[2] integers 0 arr[3] Memory allocated for it, but 5 0 arr[4] not initialized 0 arr[5]

149 views • 4 slides
Lists, Stacks and Queues The List ADT List ADT n A list is a dynamic ordered tuple of

Lists, Stacks and Queues The List ADT List ADT n A list is a dynamic ordered tuple of

Lists, Stacks and Queues The List ADT List ADT n A list is a dynamic ordered tuple of homogeneous elements A o , A 1 , A 2 , , A N-1 where A i is the i-th element of the list n The position of element A i is i; positions range from 0

437 views • 31 slides
Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 6 available Due last night

Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 6 available Due last night

Principles of Software Construction: Objects, Design, and Concurrency Part 4: et cetera A puzzling finale: What you see is what you get? Josh Bloch Charlie Garrod 17-214 1 Administrivia Homework 6 available Due last night Final

974 views • 61 slides
Data structures Exercise session Week 1 I. Introduction Two kinds of types in Java

Data structures Exercise session Week 1 I. Introduction Two kinds of types in Java

Data structures Exercise session Week 1 I. Introduction Two kinds of types in Java Primitive types int, char, boolean, fmoat, double, etc. Object types Integer, Character, String, etc. Java generics Before generics you had to

739 views • 20 slides
Towards Unbounded Heap Support for Predicate Analysis Using SMT Arrays Stephan Lukasczyk

Towards Unbounded Heap Support for Predicate Analysis Using SMT Arrays Stephan Lukasczyk

Towards Unbounded Heap Support for Predicate Analysis Using SMT Arrays Stephan Lukasczyk 20160923 University of Passau, 94032 Passau, Germany Motivation (or (= mallocOffset4 array[p]) (= (*signed_int@2 mallocOffset4) (*signed_int@1

357 views • 18 slides

More recommend