on the use of underspecified data type semantics for type
play

On the Use of Underspecified Data-Type Semantics for Type Safety in - PowerPoint PPT Presentation

Apr 21, 2023 •148 likes •559 views

Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion On the Use of Underspecified Data-Type Semantics for Type Safety in Low-Level Code Hendrik Tews 1 , Marcus V olp 1 , Tjark Weber 2 1 Technische Universit at

  1. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion On the Use of Underspecified Data-Type Semantics for Type Safety in Low-Level Code Hendrik Tews 1 , Marcus V¨ olp 1 , Tjark Weber 2 1 Technische Universit¨ at Dresden, Germany 2 Uppsala University, Sweden Systems Software Verification Conference, November 29, 2012 Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 1 / 30

  2. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Motivation Find a common denominator in ◮ Gurevich and Huggins ASM semantics of C ◮ Norrish’s C++ semantics in HOL4 ◮ C semantics in l4.verified ◮ C++ semantics in VFiasco/Robin Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 2 / 30

  3. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Motivation Find a common denominator in ◮ Gurevich and Huggins ASM semantics of C ◮ Norrish’s C++ semantics in HOL4 ◮ C semantics in l4.verified ◮ C++ semantics in VFiasco/Robin They all encode typed values in an untyped, byte-wise organised memory to byte : V → byte list from byte : byte list ⇀ V ◮ V are the values of some type ◮ from byte might fail on byte lists that do note represent a value from V ◮ the object encoding and the domain of from byte is usually not specified Underspecified data-type semantics refers to this kind of semantics Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 2 / 30

  4. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Motivation Find a common denominator in ◮ Gurevich and Huggins ASM semantics of C ◮ Norrish’s C++ semantics in HOL4 ◮ C semantics in l4.verified ◮ C++ semantics in VFiasco/Robin They all encode typed values in an untyped, byte-wise organised memory to byte : V → byte list from byte : byte list ⇀ V ◮ V are the values of some type ◮ from byte might fail on byte lists that do note represent a value from V ◮ the object encoding and the domain of from byte is usually not specified Underspecified data-type semantics refers to this kind of semantics Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 2 / 30

  5. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Summary of the talk / paper Underspecified data-type semantics can detect type errors ◮ from byte fails on objects of the wrong type Main questions ◮ Which type errors can be detected? ◮ Under which preconditions? This paper makes progress on the topic, providing partial answers ◮ describe external state-dependent encodings for detecting most subtle type errors ◮ trade-off between ◮ complexity of the object encodings ◮ and the different kinds of type errors ◮ sufficient conditions on the encoding functions for detecting certain type errors Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 3 / 30

  6. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Summary of the talk / paper Underspecified data-type semantics can detect type errors ◮ from byte fails on objects of the wrong type Main questions ◮ Which type errors can be detected? ◮ Under which preconditions? This paper makes progress on the topic, providing partial answers ◮ describe external state-dependent encodings for detecting most subtle type errors ◮ trade-off between ◮ complexity of the object encodings ◮ and the different kinds of type errors ◮ sufficient conditions on the encoding functions for detecting certain type errors Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 3 / 30

  7. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Outline ◮ Introduction ◮ Background / Basics ◮ Type Errors ◮ Stronger Object Encodings ◮ Type Sensitivity ◮ Conclusion Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 4 / 30

  8. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Underspecification A function f is underspecified if ◮ its precise mapping on values is not known ◮ for partial f : its domain is not known Technically, ◮ let F be a suitable set of candidate functions ◮ choose f ∈ F arbitrarily but fixed ◮ ⊢ P ( f ) only if ⊢ ∀ f ∈ F . P ( f ) Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 5 / 30

  9. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion How to detect type errors with underspecified data-type semantics Consider bool s 1 : false ← → 0x00 true ← → 0x01 dom ( from byte 1 ) = { 0x00 , 0x01 } s 2 : false ← → 0x02 true ← → 0x03 dom ( from byte 2 ) = { 0x02 , 0x03 } ◮ S = { s 1 , s 2 } ◮ from byte can read whatever to byte wrote, because the choice s ∈ S is fixed boolean b = true; *(p + x) = y ◮ if y writes something > 0x02 , from byte 1 will fail ◮ otherwise from byte 2 will fail ◮ proof assistant cannot prove normal program termination S detects type errors Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 6 / 30

  10. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Type checking capabilities can easily get lost Consider unsigned and void * . Assume ◮ unsigned can represent everything from 0 to 2 32 − 1 ◮ you can cast between unsigned and void * without loosing bits ◮ void * fits in 4 bytes from byte void ∗ must be total on lists of length 4 ◮ because of cardinality reasons ◮ every 4 bytes form a valid object representation ◮ no type checking Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 7 / 30

  11. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion What is all this good for? type checkers can automatically detect all type errors . . . while underspecified data-type semantics can detect some type errors only during verification . . . but not for low-level code, which ◮ contains its own memory allocation ◮ must break the type system for specific hardware registers ◮ manages the virtual address mapping of itself For low level code ◮ type correctness depends on functional correctness ◮ simple type correctness properties are undecidable ◮ there exists no static type checker Verification of low-level code necessarily includes some type checking Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 8 / 30

  12. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion What is all this good for? type checkers can automatically detect all type errors . . . while underspecified data-type semantics can detect some type errors only during verification . . . but not for low-level code, which ◮ contains its own memory allocation ◮ must break the type system for specific hardware registers ◮ manages the virtual address mapping of itself For low level code ◮ type correctness depends on functional correctness ◮ simple type correctness properties are undecidable ◮ there exists no static type checker Verification of low-level code necessarily includes some type checking Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 8 / 30

  13. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion What is all this good for? type checkers can automatically detect all type errors . . . while underspecified data-type semantics can detect some type errors only during verification . . . but not for low-level code, which ◮ contains its own memory allocation ◮ must break the type system for specific hardware registers ◮ manages the virtual address mapping of itself For low level code ◮ type correctness depends on functional correctness ◮ simple type correctness properties are undecidable ◮ there exists no static type checker Verification of low-level code necessarily includes some type checking Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 8 / 30

  14. Introduction Basics Type Errors Stronger Encodings Type Sensitivity Conclusion Background for this talk statement and expression semantics typed values (e.g., −559038737 ) int s.to_byte data−type semantics s.from_byte byte lists (e.g., [0xde, 0xad, 0xbe, 0xef]) memory model Tews, V¨ olp, Weber Underspecified Data-Type Semantics SSV 2012 9 / 30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Operational Aspects of Type Systems Inter-Derivable Semantics of Type Checking and Gradual Types

Operational Aspects of Type Systems Inter-Derivable Semantics of Type Checking and Gradual Types

Operational Aspects of Type Systems Inter-Derivable Semantics of Type Checking and Gradual Types for Object Ownership Ilya Sergey 14 November 2012 Types A type - is a set of data instances and operations on them true , false boolean =

1.27k views • 86 slides
A General Framework for the Semantics of Type Theory Taichi Uemura ILLC, University of Amsterdam

A General Framework for the Semantics of Type Theory Taichi Uemura ILLC, University of Amsterdam

A General Framework for the Semantics of Type Theory Taichi Uemura ILLC, University of Amsterdam 9 July, 2019. CT CwF-semantics of Type Theory Semantics of type theories based on categories with families (CwF) (Dybjer 1996). Martin-L of

747 views • 32 slides
Formal Semantics in Modern Type Theories (and Event Semantics in MTT-Framework) Zhaohui Luo

Formal Semantics in Modern Type Theories (and Event Semantics in MTT-Framework) Zhaohui Luo

Formal Semantics in Modern Type Theories (and Event Semantics in MTT-Framework) Zhaohui Luo Royal Holloway University of London This talk I. Formal semantics in Modern Type Theories: overview MTT-semantics is both model-theoretic and

564 views • 30 slides
A General Framework for the Semantics of Type Theory Taichi Uemura ILLC, University of Amsterdam

A General Framework for the Semantics of Type Theory Taichi Uemura ILLC, University of Amsterdam

A General Framework for the Semantics of Type Theory Taichi Uemura ILLC, University of Amsterdam 16 August, 2019. HoTT 2019 CwF-semantics of Type Theory Semantics of type theories based on categories with families (CwF) (Dybjer 1996).

542 views • 29 slides
INF 212/CS 253 Type Systems Instructors: Harry Xu Crista Lopes What is a Data Type? A type

INF 212/CS 253 Type Systems Instructors: Harry Xu Crista Lopes What is a Data Type? A type

INF 212/CS 253 Type Systems Instructors: Harry Xu Crista Lopes What is a Data Type? A type is a collection of computational entities that share some common property Programming languages are designed to help programmers organize

803 views • 32 slides
Formalising semantics of dependent type theory in dependent type theory (work in progress)

Formalising semantics of dependent type theory in dependent type theory (work in progress)

Formalising semantics of dependent type theory in dependent type theory (work in progress) Peter LeFanu Lumsdaine joint work with H akon Gylterud, Erik Palmgren DMV Hamburg, 25 September 2015 1 / 19 Modelling DTT Early models of

389 views • 19 slides
Type Systems Lecture 7 Dec. 1st, 2004 Sebastian Maneth

Type Systems Lecture 7 Dec. 1st, 2004 Sebastian Maneth

Type Systems Lecture 7 Dec. 1st, 2004 Sebastian Maneth http://lampwww.epfl.ch/teaching/typeSystems/2004 Today Featherweight Java 1. Recall Syntax of FJ 2. Static Semantics 3. Dynamic Semantics (Evaluation) 4. Type

692 views • 46 slides
Type Checking Grammar Rule Semantic Rule var-decl id : type-exp Insert (id.name, type-exp .

Type Checking Grammar Rule Semantic Rule var-decl id : type-exp Insert (id.name, type-exp .

Type Checking Grammar Rule Semantic Rule var-decl id : type-exp Insert (id.name, type-exp . type ) type-exp int type-exp . type := integer type-exp bool type-exp . type := boolean type-exp 1 array type-exp 1 . type := [num] of

613 views • 7 slides
How willing are you to be wrong? Type I and Type II Errors Type 1, Type II Errors and Power

How willing are you to be wrong? Type I and Type II Errors Type 1, Type II Errors and Power

How willing are you to be wrong? Type I and Type II Errors Type 1, Type II Errors and Power Distribution of means for reference data Distribution of a.k.a. Ho means for my data 5% of the data (the upper tail) is shaded, we will allow the

320 views • 14 slides
SMD Type Raised SMD Type Solderless Type Thru-Hole Type 05/03/09 2 MiniGrid and SMT

SMD Type Raised SMD Type Solderless Type Thru-Hole Type 05/03/09 2 MiniGrid and SMT

E-tec test & production sockets 05/03/09 1 Ball / Land Grid Array Sockets type SMD Type Raised SMD Type Solderless Type Thru-Hole Type 05/03/09 2 MiniGrid and SMT solderball adapter for BGA, LGA & CGA sockets The main features of

691 views • 11 slides
VHDL VHDL - Flaxer Eli Ch 4 - 1 Object & Type Outline Keyword Identifiers &

VHDL VHDL - Flaxer Eli Ch 4 - 1 Object & Type Outline Keyword Identifiers &

Chapter 4 Data Object and Type VHDL VHDL - Flaxer Eli Ch 4 - 1 Object & Type Outline Keyword Identifiers & Comment Data Object Data Type Scalar Type Composite Type Pointer Type Incomplete Types File

413 views • 14 slides
Abstract Data Type Map Map ADT Another fundamental abstract data type is the map (also The most

Abstract Data Type Map Map ADT Another fundamental abstract data type is the map (also The most

CS206 CS206 Abstract Data Type Map Map ADT Another fundamental abstract data type is the map (also The most important map methods are: called dictionary, in particular in Python). dict() Create new map. A map implements a mapping from

313 views • 3 slides
5 CONVERSION FUNCTIONS Data type conversion Implicit data type Explicit data type conversion

5 CONVERSION FUNCTIONS Data type conversion Implicit data type Explicit data type conversion

www.itsci.mju.ac.th/sayan LEC 04: SQL FUNCTIONS SAYAN UNANKARD 1/2558 5 CONVERSION FUNCTIONS Data type conversion Implicit data type Explicit data type conversion conversion 2 IMPLICIT DATA TYPE CONVERSION Oracle server

1.07k views • 70 slides
Chapter 6 Data Types Introduction Type Nomenclature Primitive Types Type

Chapter 6 Data Types Introduction Type Nomenclature Primitive Types Type

Chapter 6 Data Types Introduction Type Nomenclature Primitive Types Type constructors Ordinal Types Structured Types Type Checking Type conversion CSCI325 Chapter 6 Dr Ahmed Rafea 1 Introduction Evolution

367 views • 24 slides
Type u A type is a collection of values and operations on those values. u Example u Integer type

Type u A type is a collection of values and operations on those values. u Example u Integer type

10/11/17 CSCI 2320 Principles of Programming Languages Types & Type System Reading: Ch 5 & 6 (Tucker & Noonan) Type u A type is a collection of values and operations on those values. u Example u Integer type has values ..., -2, -1,

301 views • 12 slides
Data types and data structures Book definition An abstract data type is a programmer-defined data

Data types and data structures Book definition An abstract data type is a programmer-defined data

CS206 CS206 Data types and data structures Book definition An abstract data type is a programmer-defined data type that A data type (also called abstract data type or ADT) defines specifies a set of data values and a collection of well-defined

36 views • 3 slides
Speeding Up Crossbar Resistive Memory by Exploiting In-memory Data Patterns Wen Wen Lei Zhao,

Speeding Up Crossbar Resistive Memory by Exploiting In-memory Data Patterns Wen Wen Lei Zhao,

March 12, 2018 Speeding Up Crossbar Resistive Memory by Exploiting In-memory Data Patterns Wen Wen Lei Zhao, Youtao Zhang, Jun Yang Ex Execut utive Sum ummary Problems: performance and reliability of write operations The large sneaky

560 views • 37 slides
On Standard SBL-Algebras with Added Involutive Negations Zuzana Hanikov a Petr Savick y

On Standard SBL-Algebras with Added Involutive Negations Zuzana Hanikov a Petr Savick y

Overview Main result Summary On Standard SBL-Algebras with Added Involutive Negations Zuzana Hanikov a Petr Savick y Institute of Computer Science Academy of Sciences of the Czech Republic Logic Colloquium 2008, University of Bern

970 views • 20 slides
Constraint Satisfaction Problem s C t i t S ti f ti P bl Reading: Chapter 6 (3 rd ed );

Constraint Satisfaction Problem s C t i t S ti f ti P bl Reading: Chapter 6 (3 rd ed );

Constraint Satisfaction Problem s C t i t S ti f ti P bl Reading: Chapter 6 (3 rd ed ); Chapter 5 (2 nd ed ) Chapter 6 (3 ed.); Chapter 5 (2 ed.) For next week: Tuesday: Chapter 7 Tuesday: Chapter 7 Thursday: Chapter 8 Outline

788 views • 77 slides
Walk Modularity: Graph partitioning based on a generalization of modularity David Mehrle 1 Amy

Walk Modularity: Graph partitioning based on a generalization of modularity David Mehrle 1 Amy

Background Walk Modularity Example Graphs Benchmark Test Conclusions Walk Modularity: Graph partitioning based on a generalization of modularity David Mehrle 1 Amy Strosser 1 Carnegie Mellon University Mount St. Marys University

617 views • 24 slides
Status Quo and (current) limitations of Library Linked Data Asuncin Gmez-Prez 1 , Philipp

Status Quo and (current) limitations of Library Linked Data Asuncin Gmez-Prez 1 , Philipp

Status Quo and (current) limitations of Library Linked Data Asuncin Gmez-Prez 1 , Philipp Cimiano 2 and Daniel Vila-Suero 1 1 Facultad de Informtica, Universidad Politcnica de Madrid Campus de Montegancedo sn, 28660 Boadilla del Monte,

816 views • 29 slides
Lecture 9: Neural Networks (Part 1) Feb 25th, 2020 Lecturer: Steven Wu Scribe: Steven Wu We have

Lecture 9: Neural Networks (Part 1) Feb 25th, 2020 Lecturer: Steven Wu Scribe: Steven Wu We have

CSCI 5525 Machine Learning Fall 2019 Lecture 9: Neural Networks (Part 1) Feb 25th, 2020 Lecturer: Steven Wu Scribe: Steven Wu We have just learned about kernel functions that allow us to implicitly lift the raw feature vector x to expanded

371 views • 5 slides
A Sundaram type bijection for SO (2 k + 1): vacillating tableaux and pairs consisting of a

A Sundaram type bijection for SO (2 k + 1): vacillating tableaux and pairs consisting of a

A Sundaram type bijection for SO (2 k + 1): vacillating tableaux and pairs consisting of a standard Young tableau and an orthogonal Littlewood-Richardson tableau Judith Jagenteufel 31 st Conference on Formal Power Series and Algebraic

619 views • 19 slides
How to run a successful Black Friday sale PREPARE FOR THE PEAK SALES SEASON WITH SPECIAL OFFER

How to run a successful Black Friday sale PREPARE FOR THE PEAK SALES SEASON WITH SPECIAL OFFER

How to run a successful Black Friday sale PREPARE FOR THE PEAK SALES SEASON WITH SPECIAL OFFER VOUCHERS Save the date u Friday 27 th November 2020 u 1 Day, 4 Days, 1 Week, 1 Month! u Buyers react to digital promotions within a short period

365 views • 10 slides

More recommend