sharing ghost variables in a collection of
play

Sharing Ghost Variables in a Collection of In a Reduced Product - PowerPoint PPT Presentation

Dec 20, 2023 •140 likes •458 views

Sharing Ghost Variables in a Collection of Abstract Domains Marc Chevalier J er ome Feret Problems Sharing Ghost Variables in a Collection of In a Reduced Product Abstract Domains Discussion Marc Chevalier J er ome Feret DI ENS,

  1. Sharing Ghost Variables in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Problems Sharing Ghost Variables in a Collection of In a Reduced Product Abstract Domains Discussion Marc Chevalier J´ erˆ ome Feret DI ENS, INRIA, PSL, Paris, France VMCAI 2020 1 / 22

  2. Sharing Ghost Variables in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Problems Problems In a Reduced Product Discussion In a Reduced Product Discussion 2 / 22

  3. Sharing Ghost Variables in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Problems Problems A Big Stack A Problem Ghost Variables to the Rescue Another Problem Building a Domain with Ghost Variables In a Reduced Product A Bigger Problem In a Reduced Product Discussion Discussion 3 / 22

  4. Sharing Ghost Variables A Big Stack in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret To certify software systems, we have to consider: Problems ◮ End-user software (more classical) A Big Stack A Problem Ghost Variables to the Rescue ◮ Libraries Another Problem Building a Domain with Ghost ◮ Runtime environment Variables A Bigger Problem ◮ Operating system (here I work) In a Reduced Product Discussion ◮ Hypervisor ◮ Hardware ◮ Physics The operating system layer is the place of terrible low level operations. 4 / 22

  5. Sharing Ghost Variables A Problem in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Problems int something_interesting = ...; A Big Stack 1 A Problem int low = something_interesting & 0x0000ffff; Ghost Variables to the Rescue 2 Another Problem int high = something_interesting >> 16; Building a Domain with Ghost 3 Variables ... // complex computations A Bigger Problem 4 In a Reduced Product int rebuilt = low | high << 16; 5 Discussion (With enough assumptions:) something interesting = rebuilt 5 / 22

  6. Sharing Ghost Variables Ghost Variables to the Rescue in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret int something_interesting = ...; 1 Problems int low = something_interesting & 0x0000ffff; 2 A Big Stack A Problem ... 3 Ghost Variables to the Rescue Another Problem Building a Domain with Ghost Variables A Bigger Problem In a Reduced Product low = S lice [0 , 15] → [0 , 15] ( low )[0 , 15] 0 Discussion 0 15 16 31 where ◮ S lice [0 , 15] → [0 , 15] ( low ) is a ghost variable. ◮ S lice [0 , 15] → [0 , 15] ( low ) := something interesting 6 / 22

  7. Sharing Ghost Variables Another Problem in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Problems A Big Stack int something_interesting_2 = ..., noise = ...; A Problem 1 Ghost Variables to the Rescue int noisy = something_interesting_2 + noise; 2 Another Problem Building a Domain with Ghost ... Variables 3 A Bigger Problem int clean = noisy - noise; 4 In a Reduced Product Discussion (With enough assumptions:) something interesting 2 = clean 7 / 22

  8. Sharing Ghost Variables Building a Domain with Ghost Variables in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Problems A Big Stack Theoretically: A Problem . Ghost Variables to the Rescue . . Parametric domain. Another Problem Building a Domain with Ghost Variables Slices D A Bigger Problem Slices In a Reduced Product Implementation: Discussion Dependency injection. Underlying domain (Objects, templates, functors...) 8 / 22

  9. Sharing Ghost Variables A Bigger Problem in a Collection of Abstract Domains Linear combinations of slices: Marc Chevalier J´ erˆ ome Feret int* p = ...; Slices of linear combinations: 1 Problems int* n = ...; 2 A Big Stack int* p = ...; A Problem 1 int* n2 = ....; Ghost Variables to the Rescue 3 int* q = ...; 2 Another Problem int l = p & 0xffff; 4 Building a Domain with Ghost int* r = p + q; Variables 3 int h = p << 16; A Bigger Problem 5 int l = r & 0xffff; 4 In a Reduced Product int a = l + n; 6 int h = r << 16; Discussion 5 int b = h + n2; 7 ... // kill r and p 6 ... // kill p, l and h 8 int* r2 = l | h >> 16; 7 int l2 = a - n; 9 int* p2 = r2 - q; 8 int h2 = b - n2; 10 int* p2 = l2 | h2 >> 16; 11 (It happens... really) Thus any domain should be aware of everybody helping variables. 9 / 22

  10. Sharing Ghost Variables in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Problems Problems In a Reduced Product Astr´ ee on the Inside The New Product in Action More? Some Legitimate Concerns: Soundness In a Reduced Product Some Legitimate Concerns: Termination Discussion Discussion 10 / 22

  11. Sharing Ghost Variables Astr´ ee on the Inside in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret . . Problems . In a Reduced Product Astr´ ee on the Inside Downsides The New Product in Action Struct domain More? ◮ Variables ids are handled by Some Legitimate Concerns: Soundness Some Legitimate Concerns: Struct domain: missing ids for Termination Pointers domain Discussion ghost variables. ◮ There is no way to add another Pointer-like domain. A product of numerical domains 11 / 22

  12. Sharing Ghost Variables Astr´ ee on the Inside – Reduced Product in a Collection of Abstract Domains Marc Chevalier J´ erˆ ome Feret Given ( D ♯ 1 , ⊆ ♯ 1 ) , ( D ♯ 2 , ⊆ ♯ 2 ), abstract domains for the same concrete Problems domain. In a Reduced Product Astr´ ee on the Inside The New Product in Action Product: D ♯ 1 × 2 = D ♯ 1 × D ♯ More? 2 with pointwise operations. Some Legitimate Concerns: Soundness γ 1 × 2 ( a 1 , a 2) = γ 1 ( a 1 ) ∩ γ 2 ( a 2 ) Some Legitimate Concerns: Termination Discussion ρ ( a 1 , a 2 ) = ( b 1 , b 2 ) with γ 1 × 2 ( a 1 , a 2) ⊆ γ 1 × 2 ( b 1 , b 2) (sound) b 1 ⊆ ♯ 1 a 1 ∧ b 2 ⊆ ♯ Morally: (better) 2 a 2 12 / 22

  13. Sharing Ghost Variables Astr´ ee on the Inside in a Collection of Abstract Domains . . Marc Chevalier . J´ erˆ ome Feret New combinator for pointers do- Problems mains: Struct domain In a Reduced Product Astr´ ee on the Inside ◮ Id translation by The New Product in Action More? Pointer-adapter. Pointer-adapter Some Legitimate Concerns: Soundness Some Legitimate Concerns: ◮ Can add domains for pointer Termination Discussion slices, linear combinations. . . . New combinator ◮ Cleaner interfaces. ◮ Each domain can ask Numerical-adapter Pointers everybody to store a ghost variable and do computations on it. Product of numerical domains 13 / 22

  14. Sharing Ghost Variables The New Product in Action in a Collection of Abstract Domains Marc Chevalier . J´ erˆ ome Feret . int a[4], *p, *q; . 1 Problems p = &a[0]; 2 In a Reduced Product q = p + 1; 3 Astr´ ee on the Inside Pointer-adapter The New Product in Action More? Before line 3: Some Legitimate Concerns: Soundness p points to a , with 0 offset. New combinator Some Legitimate Concerns: Termination Offset stored in ghost variable o p . Discussion ◮ Numerical: o p = 0 Numerical-adapter Pointers ◮ Pointers: p = a + o p Numerical domains 14 / 22

  15. Sharing Ghost Variables The New Product in Action in a Collection of Abstract Domains Marc Chevalier . J´ erˆ ome Feret . int a[4], *p, *q; . 1 Problems p = &a[0]; 2 In a Reduced Product q = p + 1; 3 Astr´ ee on the Inside Pointer-adapter The New Product in Action More? q ← p + 1: Some Legitimate Concerns: Soundness New combinator Some Legitimate Concerns: In numerical domains Termination Discussion p = ⊤ Numerical-adapter Pointers ⇓ q = ⊤ Numerical domains 14 / 22

  16. Sharing Ghost Variables The New Product in Action in a Collection of Abstract Domains Marc Chevalier . J´ erˆ ome Feret . int a[4], *p, *q; . 1 Problems p = &a[0]; 2 In a Reduced Product q = p + 1; 3 Astr´ ee on the Inside Pointer-adapter The New Product in Action More? q ← p + 1: Some Legitimate Concerns: Soundness New combinator Some Legitimate Concerns: In pointer domain Termination Discussion p = a + o p Numerical-adapter Pointers ⇓ Need new offset o q and according to the semantics: o q ← o p + 1 × 4 Numerical domains context 14 / 22

  17. Sharing Ghost Variables The New Product in Action in a Collection of Abstract Domains Marc Chevalier . J´ erˆ ome Feret . int a[4], *p, *q; . 1 Problems p = &a[0]; 2 In a Reduced Product q = p + 1; 3 Astr´ ee on the Inside Pointer-adapter The New Product in Action More? o q ← o p + 1 × 4: Some Legitimate Concerns: Soundness New combinator Some Legitimate Concerns: In numerical domains Termination Discussion o p = 0 Numerical-adapter Pointers ⇓ o q = 4 Numerical domains 14 / 22

  18. Sharing Ghost Variables The New Product in Action in a Collection of Abstract Domains Marc Chevalier . J´ erˆ ome Feret . int a[4], *p, *q; . 1 Problems p = &a[0]; 2 In a Reduced Product q = p + 1; 3 Astr´ ee on the Inside Pointer-adapter The New Product in Action More? o q ← o p + 1 × 4: Some Legitimate Concerns: Soundness New combinator Some Legitimate Concerns: In pointer domain Termination Discussion o p ∈ NUM Numerical-adapter Pointers ⇓ o q ∈ NUM Numerical domains 14 / 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Objectives Sharing of Key Programmes Sharing of Assessment Structure Collection of Feedback to

Objectives Sharing of Key Programmes Sharing of Assessment Structure Collection of Feedback to

Objectives Sharing of Key Programmes Sharing of Assessment Structure Collection of Feedback to improve current programmes/systems Outline of Briefing Content tent Detail ils Key Programmes PAL, CCE, 7 Habits, MDB Part 1 Assessment P2

278 views • 26 slides
Erin Murray The general first idea was to have a playful ghost flying around a building for

Erin Murray The general first idea was to have a playful ghost flying around a building for

Erin Murray The general first idea was to have a playful ghost flying around a building for their own enjoyment. The story of the ghost then became more prominent as I developed my storyboards. The ghost was looking for a place to haunt

336 views • 10 slides
The Ghost in the Machine Dawie van den Heever SSM with implants 2 SSM with implants 3 SSM

The Ghost in the Machine Dawie van den Heever SSM with implants 2 SSM with implants 3 SSM

1 The Ghost in the Machine Dawie van den Heever SSM with implants 2 SSM with implants 3 SSM with implants 4 ECG reconstruction &amp; classification 5 Robotic limbs 6 PANDAS 7 Ghost in the Shell 8 Ghost in the Machine 9

419 views • 17 slides
A GHOST FROM POSTSCRIPT for RUXCON 2017 A GHOST FROM POSTSCRIPT WHO ARE WE redrain

A GHOST FROM POSTSCRIPT for RUXCON 2017 A GHOST FROM POSTSCRIPT WHO ARE WE redrain

REDRAIN &amp; MIN(SPARK) ZHENG A GHOST FROM POSTSCRIPT for RUXCON 2017 A GHOST FROM POSTSCRIPT WHO ARE WE redrain min(spark) zheng Qihoo 360CERT CUHK PhD Alibaba Security Expert Low-level security researcher Pentester with interest in

818 views • 52 slides
Ghost Peaks: How to Fix a Haunting Problem Jacob A. Rebholz Teledyne Tekmar VOC Product Line

Ghost Peaks: How to Fix a Haunting Problem Jacob A. Rebholz Teledyne Tekmar VOC Product Line

Ghost Peaks: How to Fix a Haunting Problem Jacob A. Rebholz Teledyne Tekmar VOC Product Line Manager Outline of Topics What is a ghost peak? How to identify ghost peaks and their source How to correct various sources of

561 views • 43 slides
Piloting HCV GHOST in Michigan www.michigan.gov/hepatitis November 29, 2017 Joe Coyle, MPH

Piloting HCV GHOST in Michigan www.michigan.gov/hepatitis November 29, 2017 Joe Coyle, MPH

Piloting HCV GHOST in Michigan www.michigan.gov/hepatitis November 29, 2017 Joe Coyle, MPH Outline MDHHS HCV Surveillance Basics of HCV GHOST Example of GHOST in Action Implications for Public Health Surveillance MDHHS HCV

455 views • 34 slides
Ghost River State of the Watershed (2018) - Ghost Watershed Alliance Society Photo credit: R.

Ghost River State of the Watershed (2018) - Ghost Watershed Alliance Society Photo credit: R.

Ghost River State of the Watershed (2018) - Ghost Watershed Alliance Society Photo credit: R. Drury State of the Watershed Report Formal process by Alberta Government Followed Handbook for State of the Watershed Reporting Used

470 views • 44 slides
Groundwater data collection and sharing - Opportunities for Lake and River Basin Organisations

Groundwater data collection and sharing - Opportunities for Lake and River Basin Organisations

Groundwater data collection and sharing - Opportunities for Lake and River Basin Organisations in Africa - Dr Arnaud Sterckx Tunis, July 2019 Government of The Netherlands Why L/RBOs need to know about groundwater? There are

1.08k views • 17 slides
Sunglasses SM001 Collection SM005 Collection YPC001 Collection(swimming goggles) SR001

Sunglasses SM001 Collection SM005 Collection YPC001 Collection(swimming goggles) SR001

Sunglasses SM001 Collection SM005 Collection YPC001 Collection(swimming goggles) SR001 Collection SR002 Collection SR003 Collection SR004 Collection Optical-Anti blue glasses FU006 Collection FU002Collection FU004 Collection FU001

186 views • 17 slides
Stop or Continue Data Collection: A Nonignorable Missing Data Approach for Continuous Variables

Stop or Continue Data Collection: A Nonignorable Missing Data Approach for Continuous Variables

Stop or Continue Data Collection: A Nonignorable Missing Data Approach for Continuous Variables Thas Paiva Jerry Reiter Federal University of Minas Gerais, Brazil Duke University March 14, 2018 JOS and DC-AAPOR Workshop on Responsive and

566 views • 41 slides
Means Recall: We model a time series as a collection of random variables: x 1 , x 2 , x 3 , . .

Means Recall: We model a time series as a collection of random variables: x 1 , x 2 , x 3 , . .

Means Recall: We model a time series as a collection of random variables: x 1 , x 2 , x 3 , . . . , or more generally { x t , t T } . The mean function is x,t = E( x t ) = xf t ( x ) dx where the expectation is for the

269 views • 23 slides
Tap n Ghost A Compilation of Novel Attack Techniques against Smartphone Touchscreens Seita

Tap n Ghost A Compilation of Novel Attack Techniques against Smartphone Touchscreens Seita

Tap n Ghost A Compilation of Novel Attack Techniques against Smartphone Touchscreens Seita Maruyama 1 , Satohiro Wakabayashi 1 , Tatsuya Mori 1, 2 1 Waseda University, Japan 2 RIKEN AIP, Japan Tap n Ghost An attack against smartphones

508 views • 30 slides
Closures &amp; Scoping Variables Parameters Local variables Free variables

Closures &amp; Scoping Variables Parameters Local variables Free variables

CS152 Programming Language Paradigms Prof. Tom Austin, Fall 2016 Closures &amp; Scoping Variables Parameters Local variables Free variables Variables not defined in the current scope e.g. global variables #!/bin/bash Is x

569 views • 13 slides
Statistics (ILMS) data-base Data collection and sharing by ASEAN Member States For Better

Statistics (ILMS) data-base Data collection and sharing by ASEAN Member States For Better

ASEAN International Labour Migration Statistics (ILMS) data-base Data collection and sharing by ASEAN Member States For Better Migration Policies Regional Workshop on Strengthening the collection and use of international migration data in the

399 views • 18 slides
MA CHIA DATA COLLECTION &amp; SHARING PRACTICES Kathy Hines Senior Director of Partner

MA CHIA DATA COLLECTION &amp; SHARING PRACTICES Kathy Hines Senior Director of Partner

DE-IDENTIFICATION ASSESSMENT OF MA CHIA DATA COLLECTION &amp; SHARING PRACTICES Kathy Hines Senior Director of Partner Operations and Data Compliance, Massachusetts Center for Health Information and Analysis (MA CHIA) Samuel Chick Data &amp;

292 views • 17 slides
Ghost effect by curvature Providence, November 2011 M&amp;MOCS MATHEMATICS AND MECHANICS OF

Ghost effect by curvature Providence, November 2011 M&amp;MOCS MATHEMATICS AND MECHANICS OF

Ghost effect by curvature Providence, November 2011 M&amp;MOCS MATHEMATICS AND MECHANICS OF COMPLEX SYSTEMS Universit` a dellAquila - Italy Ghost effect by curvature p. 1/39 Joint project with : L. Arkeryd R. Marra A. Nouri

749 views • 39 slides
Finite element methods in scientifjc computing Wolfgang Bangerth, Colorado State University

Finite element methods in scientifjc computing Wolfgang Bangerth, Colorado State University

Finite element methods in scientifjc computing Wolfgang Bangerth, Colorado State University http://www.dealii.org/ Wolfgang Bangerth Lecture 1 http://www.dealii.org/ Wolfgang Bangerth Overview The numerical solution of partial differential

1.12k views • 89 slides
Prophecy Variables in Separation Logic (Extending Iris with Prophecy Variables) Ralf Jung,

Prophecy Variables in Separation Logic (Extending Iris with Prophecy Variables) Ralf Jung,

Prophecy Variables in Separation Logic (Extending Iris with Prophecy Variables) Ralf Jung, Rodolphe Lepigre, Gaurav Parthasarathy, Marianna Rapoport, Amin Timany, Derek Dreyer, Bart Jacobs MPI-SWS, KU Leuven, ETH Zrich, University of Waterloo

1.02k views • 52 slides
Gluon and Ghost Propagators from Schwinger-Dyson Equation and Lattice Simulations Joannis

Gluon and Ghost Propagators from Schwinger-Dyson Equation and Lattice Simulations Joannis

Gluon and Ghost Propagators from Schwinger-Dyson Equation and Lattice Simulations Joannis Papavassiliou Departament of Theoretical Physics and IFIC, University of Valencia CSIC, Spain Approaches to QCD, Oberwlz, Austria, 7-13th

458 views • 27 slides
Logic Against Ghosts: Comparison of two Proof Approaches for Linked Lists Allan Blanchard

Logic Against Ghosts: Comparison of two Proof Approaches for Linked Lists Allan Blanchard

Logic Against Ghosts: Comparison of two Proof Approaches for Linked Lists Allan Blanchard Nikolai Kosmatov Frdric Loulergue April 10, 2019 @ SAC-SVT 2019 0/18 - A.Blanchard, N.Kosmatov, F.Loulergue - April 10, 2019 Motivation

831 views • 31 slides
One-leg off-shell helicity amplitudes in high-energy factorization Piotr Kotko Institute of

One-leg off-shell helicity amplitudes in high-energy factorization Piotr Kotko Institute of

One-leg off-shell helicity amplitudes in high-energy factorization Piotr Kotko Institute of Nuclear Physics (Cracow) supported by LIDER/02/35/L-2/10/NCBiR/2011 based on A. van Hameren, P .K., K. Kutak, JHEP 1212 (2012) 029 Motivation Why

263 views • 12 slides
Coulomb gauge and Schwinger-Dyson equations Peter Watson Instit ut f ur Theoretische

Coulomb gauge and Schwinger-Dyson equations Peter Watson Instit ut f ur Theoretische

Coulomb gauge and Schwinger-Dyson equations Peter Watson Instit ut f ur Theoretische Physik Universit at T ubingen (supported by DFG contracts no. Re856/6-1 &amp; Re856/6-2) Collaborator: H. Reinhardt P. W. and H. Reinhardt,

152 views • 14 slides
Serving Two Masters An Empirical Study of Browser API Cooptation Pete Snyder, Chris Kanich

Serving Two Masters An Empirical Study of Browser API Cooptation Pete Snyder, Chris Kanich

Serving Two Masters An Empirical Study of Browser API Cooptation Pete Snyder, Chris Kanich University of Illinois at Chicago Less More Features Features Less More Features Features Managed Pointer Memory Arithmetic

1.18k views • 38 slides
Centralizing the Mink Survey at Centralizing the Mink Survey at the National Agricultural

Centralizing the Mink Survey at Centralizing the Mink Survey at the National Agricultural

Centralizing the Mink Survey at Centralizing the Mink Survey at the National Agricultural Statistics S Service i Roger Schou &amp; Emily Caron National Agricultural Statistics Service IBUC XIII IBUC XIII Baltimore, Maryland USA The Ghost

587 views • 20 slides

More recommend