lightweight verification of array indexing
play

Lightweight Verification of Array Indexing Martin Kellogg* , - PowerPoint PPT Presentation

Oct 03, 2022 •405 likes •751 views

Lightweight Verification of Array Indexing Martin Kellogg* , Vlastimil Dort**, Suzanne Millstein*, Michael D. Ernst* * University of Washington, Seattle ** Charles University, Prague The problem: unsafe array indexing In unsafe

  1. Lightweight Verification of Array Indexing Martin Kellogg* , Vlastimil Dort**, Suzanne Millstein*, Michael D. Ernst* * University of Washington, Seattle ** Charles University, Prague

  2. The problem: unsafe array indexing ● In unsafe languages (C): buffer overflow! ● In managed languages (Java, C#, etc.): exception, program crashes 2

  3. The state of the art Strength of guarantees Practical for developers 3

  4. The state of the art Coq KeY Clousot Strength of guarantees Practical for developers 4

  5. The state of the art Coq KeY Clousot Strength of guarantees Coverity FindBugs Practical for developers 5

  6. The state of the art Coq KeY Clousot The Index Checker (this talk) Strength of guarantees Coverity FindBugs Practical for developers 6

  7. Problems with complex analyses - false positives - annotation burden - complex analyses are hard to predict 7

  8. Problems with complex analyses - false positives ● bounds checking is hard → complex analysis ● complex analysis → harder to implement ● harder to implement → more false positives - annotation burden - complex analyses are hard to predict 8

  9. Problems with complex analyses - false positives ● bounds checking is hard → complex analysis ● complex analysis → harder to implement ● harder to implement → more false positives - annotation burden ● complex analysis → complex annotations - complex analyses are hard to predict 9

  10. Problems with complex analyses - false positives ● bounds checking is hard → complex analysis ● complex analysis → harder to implement ● harder to implement → more false positives - annotation burden ● complex analysis → complex annotations complex analyses are hard to predict - 10

  11. Insight: Fundamental problem is complex analyses! 11

  12. Cooperating simple analyses Solve all three problems: 12

  13. Cooperating simple analyses Solve all three problems: ● simpler implementation → fewer false positives 13

  14. Cooperating simple analyses Solve all three problems: ● simpler implementation → fewer false positives ● simpler abstractions → easier to write annotations 14

  15. Cooperating simple analyses Solve all three problems: ● simpler implementation → fewer false positives ● simpler abstractions → easier to write annotations ● simpler analysis → simpler to predict 15

  16. Proving an array access safe T[] a = …; int i = …; ... a[i] ... We need to show that: ● i is an index for a 16

  17. Proving an array access safe T[] a = …; int i = …; ... a[i] ... We need to show that: ● i is an index for a ● i ≥ 0 ● i < a.length 17

  18. Proving an array access safe T[] a = …; int i = …; ... a[i] ... We need to show that: ● i is an index for a A lower bound on i ● i ≥ 0 An upper bound on i ● i < a.length 18

  19. A type system for lower bounds T @LowerBoundUnknown int i ↑ ↑ i ≥ -1 @GTENegativeOne int i ↑ ↑ i ≥ 0 @NonNegative int i ↑ ↑ i ≥ 1 @Positive int i 19

  20. A type system for lower bounds T @LowerBoundUnknown int i ↑ ↑ i ≥ -1 @GTENegativeOne int i ↑ ↑ i ≥ 0 @NonNegative int i ↑ ↑ i ≥ 1 @Positive int i 20

  21. A type system for upper bounds if (i >= 0 && i < a. length ) { a[i] = ... } 21

  22. A type system for upper bounds if (i >= 0 && i < a. length ) { a[i] = ... } i < a.length @LTLengthOf (“a”) int i 22

  23. Type systems Linear inequalities Minimum lengths i < j a.length > 10 Negative indices Lower bounds | i | < a.length i ≥ 0 Equal lengths Upper bounds a.length = b.length i < a.length 23

  24. Type systems Linear inequalities Minimum lengths i < j a.length > 10 Negative indices Lower bounds | i | < a.length i ≥ 0 Equal lengths Upper bounds a.length = b.length i < a.length 24

  25. A type system for minimum array lengths if (a. length >= 3) { a[2] = ...; } 25

  26. A type system for minimum array lengths if (a. length >= 3) { a[2] = ...; } a.length ≥ i T @MinLen (i) [] a 26

  27. Evaluation Three case studies: ● Google Guava (two packages) ● JFreeChart ● plume-lib Comparison to existing tools: ● FindBugs, KeY, Clousot 27

  28. Case Studies Guava JFreeChart plume-lib Total Lines of code 10,694 94,233 14,586 119,503 Bugs found 5 64 20 89 Annotations 510 2,938 241 3,689 False positives 138 386 43 567 Java casts 222 2,740 219 3,181 28

  29. Comparison to other tools: confirmed bugs Approach Bug finder Verif. w/ solver Abs. interpret. Types Tool Index Checker FindBugs KeY Clousot True Positives False Negatives Time (100k LoC) 29

  30. Comparison to other tools: confirmed bugs Approach Bug finder Verif. w/ solver Abs. interpret. Types Tool Index Checker FindBugs KeY Clousot True Positives False Negatives Time (100k LoC) ~10 minutes ~1 minute cannot scale ~200 minutes 30

  31. Comparison to other tools: confirmed bugs Approach Bug finder Verif. w/ solver Abs. interpret. Types Tool Index Checker FindBugs KeY Clousot True Positives 18/18 0/18 9/18 16/18 False Negatives 0/18 18/18 1/18 2/18 Time (100k LoC) ~10 minutes ~1 minute cannot scale ~200 minutes 31

  32. Using the Index Checker ● Distributed with Checker Framework www.checkerframework.org 32

  33. Contributions ● A methodology: simple, cooperative type systems ● An analysis: abstractions for array indexing ● An implementation and evaluation for Java ● Verifying the absence of array bounds errors in real codebases (and finding bugs in the process!) 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

L10 June 26, 2017 1 Lecture 10: Array Indexing, Slicing, and Broadcasting CSCI 1360E:

L10 June 26, 2017 1 Lecture 10: Array Indexing, Slicing, and Broadcasting CSCI 1360E:

L10 June 26, 2017 1 Lecture 10: Array Indexing, Slicing, and Broadcasting CSCI 1360E: Foundations for Informatics and Analytics 1.1 Overview and Objectives Most of this lecture will be a review of basic indexing and slicing operations, albeit

514 views • 13 slides
L9 June 25, 2018 1 Lecture 9: Array Indexing, Slicing, and Broadcasting CSCI 1360E: Foundations

L9 June 25, 2018 1 Lecture 9: Array Indexing, Slicing, and Broadcasting CSCI 1360E: Foundations

L9 June 25, 2018 1 Lecture 9: Array Indexing, Slicing, and Broadcasting CSCI 1360E: Foundations for Informatics and Analytics 1.1 Overview and Objectives Most of this lecture will be a review of basic indexing and slicing operations, albeit

620 views • 13 slides
Two Birds, One Stone: A Fast, yet Lightweight, Indexing Scheme for Modern Database Systems Jia Yu

Two Birds, One Stone: A Fast, yet Lightweight, Indexing Scheme for Modern Database Systems Jia Yu

Two Birds, One Stone: A Fast, yet Lightweight, Indexing Scheme for Modern Database Systems Jia Yu and Mohamed Sarwat Arizona State University Motivation Tree index Fast index search Large storage overhead: 5% - 15% additional

371 views • 23 slides
C: Array layout and indexing CS 251 Fall 2019 CS 240 Spring 2020 Principles of Programming

C: Array layout and indexing CS 251 Fall 2019 CS 240 Spring 2020 Principles of Programming

ex C: Array layout and indexing CS 251 Fall 2019 CS 240 Spring 2020 Principles of Programming Languages Foundations of Computer Systems Ben Wood Ben Wood int val[5]; +0 +4 +8 +12 +16 Representing Write x86 code to load val[i] into

213 views • 4 slides
GLAD: Groningen Lightweight Authorship Detection PAN, Authorship verification, 2015 Manuela

GLAD: Groningen Lightweight Authorship Detection PAN, Authorship verification, 2015 Manuela

GLAD: Groningen Lightweight Authorship Detection PAN, Authorship verification, 2015 Manuela Hrlinmann, Benno Weck, Esther van den Berg, Simon uster, Malvina Nissim The challenge given: a set of Known documents written by the same Author

579 views • 34 slides
Preventing errors before they happen: Lightweight verification via pluggable type-checking

Preventing errors before they happen: Lightweight verification via pluggable type-checking

print( @Readonly Object x) { List&lt; @NonNull String&gt; lst; } Preventing errors before they happen: Lightweight verification via pluggable type-checking Michael D. Ernst University of Washington (Seattle, WA, USA) University of Buenos

600 views • 48 slides
Representing Data Structures Multidimensional arrays Structs Array Layout and Indexing int

Representing Data Structures Multidimensional arrays Structs Array Layout and Indexing int

Representing Data Structures Multidimensional arrays Structs Array Layout and Indexing int val[5]; +0 +4 +8 +12 +16 Write x86 code to load val[i] into %rax. 1. Assume: Base address of val is in %rdi i is in %rsi 2. Assume:

457 views • 14 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
Program Verification using Constraint Handling Rules and Array Constraint Generalizations

Program Verification using Constraint Handling Rules and Array Constraint Generalizations

Program Verification using Constraint Handling Rules and Array Constraint Generalizations Emanuele De Angelis 1 , 3 , Fabio Fioravanti 1 , Alberto Pettorossi 2 , and Maurizio Proietti 3 1 University of Chieti-Pescara G. dAnnunzio, Italy 2

508 views • 36 slides
Distributed Indexing Indexing, session 8 CS6200: Information Retrieval Slides by: Jesse Anderton

Distributed Indexing Indexing, session 8 CS6200: Information Retrieval Slides by: Jesse Anderton

Distributed Indexing Indexing, session 8 CS6200: Information Retrieval Slides by: Jesse Anderton Distributing Indexing The scale of web indexing makes it infeasible to maintain an index on a single computer. Instead, we distribute the task

383 views • 36 slides
The Calculus of Computation: Decision Procedures with 11. Arrays Applications to Verification

The Calculus of Computation: Decision Procedures with 11. Arrays Applications to Verification

The Calculus of Computation: Decision Procedures with 11. Arrays Applications to Verification by Aaron Bradley Zohar Manna Springer 2007 11- 1 11- 2 (2) Array Property Fragment of T A Array Property Fragment of T A Decidable fragment of T A

425 views • 6 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
Indexing Presentation - The Basics Attached is the slide deck for a short presentation on indexing

Indexing Presentation - The Basics Attached is the slide deck for a short presentation on indexing

Steve Stedman Freelance SQL Server Consultant http://stevestedman.com Indexing Presentation - The Basics Attached is the slide deck for a short presentation on indexing that was created to educate software developers on the basics of indexing.

173 views • 4 slides
(from Chapters 10/11 of the text) document.write(theArray[ii] + &lt;br/&gt;&quot; ); }

(from Chapters 10/11 of the text) document.write(theArray[ii] + &lt;br/&gt;&quot; ); }

Everything you ever wanted to know about arrays function initializeArrays() IT350 Web and Internet Programming { var n1 = new Array( 5 ); // allocate 5-element Array var n2 = new Array(); // allocate empty Array for ( var i = 0; i

210 views • 8 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

479 views • 12 slides
x86 ARRAYS RECALL ARRAYS char foo[80]; An array of 80 characters int bar[40]; An array of

x86 ARRAYS RECALL ARRAYS char foo[80]; An array of 80 characters int bar[40]; An array of

x86 ARRAYS RECALL ARRAYS char foo[80]; An array of 80 characters int bar[40]; An array of 40 integers 2 ARRAY ALLOCATION Basic Principle T A[L]; A is an array of data type T and length L Contiguously allocated region of L *

520 views • 22 slides
Stuck-At and Transition N-Detect fault coverage of Pseudo Random and Deterministic Patterns

Stuck-At and Transition N-Detect fault coverage of Pseudo Random and Deterministic Patterns

EMBEDDEDTESTEMBEDDEDTESTEMBEDDEDTESTEMBEDDED TESTEMBEDDEDTESTEMBEDDED STEMBEDDEDTESTEMBED EMBEDDEDTESTEMBEDDEDTEST STEMBEDDEDTESTEM EMBEDDEDTESTEMBEDDEDTESTEMBEDDEDTESTE EMBEDDEDTESTEMBEDDEDTESTEMBED Stuck-At and Transition N-Detect fault

519 views • 12 slides
Overview Motivation ATPG Systems ECE 553: TESTING AND Fault simulation effort

Overview Motivation ATPG Systems ECE 553: TESTING AND Fault simulation effort

10/2/2014 Overview Motivation ATPG Systems ECE 553: TESTING AND Fault simulation effort Test generation effort TESTABLE DESIGN OF Testability measures Purpose and origins Purpose and origins DIGITAL SYSTES

318 views • 9 slides
Compaction Section 1.6 Craig 1 Outline 1. Compaction 2. Theory of Compaction 3. Properties

Compaction Section 1.6 Craig 1 Outline 1. Compaction 2. Theory of Compaction 3. Properties

V Compaction Section 1.6 Craig 1 Outline 1. Compaction 2. Theory of Compaction 3. Properties and Structure of Compacted Fine-Grained Soils 4. Suggested Homework 5. References 2 2.1 Compaction and Objectives Compaction Many types

582 views • 27 slides
Algebraic Data Types Christine Rizkallah CSE, UNSW Term 3 2020 1 Composite Data Types as

Algebraic Data Types Christine Rizkallah CSE, UNSW Term 3 2020 1 Composite Data Types as

Composite Data Types as Algebra, Logic Recursive Types Algebraic Data Types Christine Rizkallah CSE, UNSW Term 3 2020 1 Composite Data Types as Algebra, Logic Recursive Types Composite Data Types Most of the types we have seen so far are

683 views • 28 slides
Higgs Doublet and Complex Singlet and U(1) Extensions to the MSSM Valerie Plaus University

Higgs Doublet and Complex Singlet and U(1) Extensions to the MSSM Valerie Plaus University

Higgs Doublet and Complex Singlet and U(1) Extensions to the MSSM Valerie Plaus University of Wisconsin-Madison Outline Doublet Extensions to MSSM Nelson-Randall Model Examples Conclusions Valerie Plaus, UW-Madison 2 Beyond Singlets:

680 views • 30 slides
61A Lecture 21 Midterm 2 is on Monday 10/28 7pm-9pm Topics and locations:

61A Lecture 21 Midterm 2 is on Monday 10/28 7pm-9pm Topics and locations:

Announcements Project 3 is due Thursday 10/24 @ 11:59pm Extra reader office hours this week: Tuesday 6-7:30 in Soda 405 Wednesday 5:30-7 in Soda 405 Thursday 5:30-7 in Soda 320 61A Lecture 21 Midterm 2 is on Monday 10/28

184 views • 4 slides
ROM P P ETRI ETRI N N ETS ETS TO TO P AR TIAL D D IF NTIAL E E QUATI TIONS ARTIAL IFFERENTIAL AND

ROM P P ETRI ETRI N N ETS ETS TO TO P AR TIAL D D IF NTIAL E E QUATI TIONS ARTIAL IFFERENTIAL AND

CFSB W ORKSHOP , B ALLIOL C OLLEGE , M ARCH 19 TH 2012 PN &amp; BioModel Engineering F RO ROM P P ETRI ETRI N N ETS ETS TO TO P AR TIAL D D IF NTIAL E E QUATI TIONS ARTIAL IFFERENTIAL AND BE AND BEYOND - B IO - IO M OD EL E E NGIN RING FO FOR

1.09k views • 91 slides
Effects of volcanism on tropical variability Motivation Results Conclusions Nicola Maher

Effects of volcanism on tropical variability Motivation Results Conclusions Nicola Maher

Effects of volcanism Nicola Maher Introduction Effects of volcanism on tropical variability Motivation Results Conclusions Nicola Maher Matthew England, Alex Sen Gupta and Shayne McGregor Climate Change Research Centre, UNSW and ARC CoE

713 views • 25 slides

More recommend