talx86 a realistic typed assembly language talx86 a
play

TALx86: A Realistic Typed Assembly Language TALx86: A Realistic - PowerPoint PPT Presentation

Jun 09, 2023 •236 likes •447 views

TALx86: A Realistic Typed Assembly Language TALx86: A Realistic Typed Assembly Language Dan Grossman, Fred Smith Cornell University Joint work with: Greg Morrisett, Karl Crary (CMU), Neal Glew, Richard Samuels, Dave Walker, Stephanie Weirich,

  1. TALx86: A Realistic Typed Assembly Language TALx86: A Realistic Typed Assembly Language Dan Grossman, Fred Smith Cornell University Joint work with: Greg Morrisett, Karl Crary (CMU), Neal Glew, Richard Samuels, Dave Walker, Stephanie Weirich, Steve Zdancewic

  2. Everyone wants extensibility: Everyone wants extensibility: • Web browser • applets, plug-ins • OS Kernel • packet filters, device drivers • “Active” networks • service routines • Databases • extensible ADTs 1 May 1999 2 www.cs.cornell.edu/talc

  3. The Language Approach The Language Approach Extension is written in a “safe” language: • Java, Modula-3, ML, Scheme • Key point: language provides abstractions • ADTs, closures, objects, modules, etc. • Can be used to build fine-grained capabilities Host ensures code respects abstractions: • Static checking (verification) • Inserting dynamic checks (code-rewriting) 1 May 1999 3 www.cs.cornell.edu/talc

  4. Example: Your Web Browser Example: Your Web Browser JVM verifier System Interface Low-Level IL Java Source Browser javac Optimizer JVM bytecode System Binary Binary 1 May 1999 4 www.cs.cornell.edu/talc

  5. JVM Pros & Cons JVM Pros & Cons Pros: • Portability • Hype: $, tools, libraries, books, training Cons: • Performance • unsatisfying, even with off-line compilation • Only really suitable for Java (or slight variants): • relatively high-level instructions tailored to Java • type system is Java specific • and... 1 May 1999 5 www.cs.cornell.edu/talc

  6. Large Trusted Computing Base Large Trusted Computing Base No complete JVM verifier System formal model Interface Must insert right Low-Level IL checks Browser Good code ⇒ Optimizer big optimizer ⇒ bugs in optimizer System Binary Lots of “native” methods Binary (i.e., not-safe code) 1 May 1999 6 www.cs.cornell.edu/talc

  7. Ideally: Ideally: trusted computing base System Your favorite verifier Interface language System Binary Low-Level IL optimizer machine code 1 May 1999 7 www.cs.cornell.edu/talc

  8. The Types Way The Types Way trusted computing base System Your safe verifier Interface language System Typed Binary Low-Level IL • Verifier is a type-checker Typed • Type system flexible and optimizer expressive • A useful instantiation of the TAL “proof carrying code” framework 1 May 1999 8 www.cs.cornell.edu/talc

  9. TALx86 in a Nutshell TALx86 in a Nutshell • Most of the IA32 80x86 flat model assembly language • Memory management primitives • Sound type system • Types for code, stacks, structs • Other advanced features • Future work (what we can’t do yet) 1 May 1999 9 www.cs.cornell.edu/talc

  10. TALx86 Basics: TALx86 Basics: Primitive types: (e.g., int) Code types: {r 1 : τ 1 ,…,r n : τ n } • “I’m code that requires register r i to have type τ i before you can jump to me.” • Code blocks are annotated with their types • Think pre-condition • Verify block assuming pre-condition 1 May 1999 10 www.cs.cornell.edu/talc

  11. Sample Loop Sample Loop C: TAL sketch: <n and retn addr as input> int sum(int n){ int s=0; sum: <type> while(!n) { <initialize s> s+=n; loop: <type> --n; <add to s, decrement n> } return n; test: <type> } <return if n is 0> 1 May 1999 11 www.cs.cornell.edu/talc

  12. Verification Verification sum: {ecx:int, ebx:{edx:int}} {ecx:int, ebx:{edx:int}, eax:int} mov eax,0 OK: sub-type of type labeling test jmp test loop:{ecx:int, ebx:{edx:int}, eax:int} {ecx:int, ebx:{edx:int}, eax:int} add eax,ecx {ecx:int, ebx:{edx:int}, eax:int} dec ecx OK: sub-type of type labeling next block test:{ecx:int, ebx:{edx:int}, eax:int} cmp ecx,0 {ecx:int, ebx:{edx:int}, eax:int} jne loop OK: sub-type of type labeling loop mov edx,eax {ecx:int, ebx:{edx:int}, eax:int, edx:int} OK: sub-type of {edx:int} -- type of ebx jmp ebx 1 May 1999 12 www.cs.cornell.edu/talc

  13. Stacks & Procedures Stacks & Procedures Stack Types (lists): σ ::= nil | τ :: σ | ρ where ρ is a stack type variable. Examples using C calling convention: int square(int); int mult(int,int); ∀ρ 1 {esp: τ 1 ::int:: ρ 1 } ∀ρ 2 {esp: τ 2 ::int::int:: ρ 2 } where where τ 1 ={eax: int, esp: int:: ρ 1 } τ 2 ={eax: int, esp: int::int:: ρ 2 } 1 May 1999 13 www.cs.cornell.edu/talc

  14. Stacks & Verification Stacks & Verification square: ∀ρ 1 {esp: τ 1 ::int:: ρ 1 } ρ 1 where τ 1 ={eax: int, esp: int:: ρ 1 } push [esp+4] push [esp+8] call mult [with ρ 2 = τ 1 ::int:: ρ 1 ] int τ aft ={eax:int, esp: int::int:: τ 1 ::int:: ρ 1 } add esp,8 τ 1 retn int mult: ∀ρ 2 {esp: τ 2 ::int::int:: ρ 2 } where τ 2 ={eax: int, esp: int::int:: ρ 2 } int {esp: τ 2 ::int::int:: τ 1 ::int:: ρ 1 } where τ 2 ={eax: int, esp: int::int:: τ 1 ::int:: ρ 1 } τ aft 1 May 1999 14 www.cs.cornell.edu/talc

  15. Important Properties Important Properties • Abstraction “Because the type of the rest of the stack is abstract the callee cannot read/write this portion of the stack” • Flexibility Can encode and enforce many calling conventions (stack shape on return, callee-save, tail calls, etc.) 1 May 1999 15 www.cs.cornell.edu/talc

  16. Callee- -Save Example Save Example Callee mult: ∀α ∀ρ 2 {ebp: α, esp: τ 2 ::int::int:: ρ 2 } where τ 2 ={ebp: α, eax: int, esp: int::int:: ρ 2 } 1 May 1999 16 www.cs.cornell.edu/talc

  17. Structs Structs • Goals: • Prevent reading uninitialized fields • Permit flexible scheduling of initialization • MALLOC “instruction” returns uninitialized record • Type of struct tracks initialization of fields • Example: {ecx: int} MALLOC eax,8 [int,int] ; eax : ^*[int u , int u ] mov [eax+0], ecx ; eax : ^*[int rw ,int u ] mov ecx, [eax+4] ; type error! 1 May 1999 17 www.cs.cornell.edu/talc

  18. Much, much more Much, much more • Arrays (see next slide) • Tagged Unions • Displays, Exceptions [TIC’98] • Static Data • Modules and Interfaces [POPL’99] • Run-time code generation [PEPM’99 Jim, Hornof] 1 May 1999 18 www.cs.cornell.edu/talc

  19. Mis- -features features Mis • MALLOC and garbage collection in trusted computing base [POPL’99] • No way to express aliasing • No array bounds check elimination [Walker] • Object/class support too primitive [Glew] 1 May 1999 19 www.cs.cornell.edu/talc

  20. Summary and Conclusions Summary and Conclusions • We can type real machine code Potential for performance + flexibility + safety • Challenge: Finding generally useful abstractions • Lots of work remains http://www.cs.cornell.edu/talc 1 May 1999 20 www.cs.cornell.edu/talc

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

FROM SYSTEM F TO TYPED ASSEMBLY LANGUAGE Greg Morrisett, David Walker, Karl Crary &amp; Neal

FROM SYSTEM F TO TYPED ASSEMBLY LANGUAGE Greg Morrisett, David Walker, Karl Crary &amp; Neal

FROM SYSTEM F TO TYPED ASSEMBLY LANGUAGE Greg Morrisett, David Walker, Karl Crary &amp; Neal Glew TOPLAS 1999 Presentation by: Drew Zagieboylo/Matthew Milano TYPED ASSEMBLY LANGUAGE TYPED ASSEMBLY LANGUAGE TYPED ASSEMBLY LANGUAGE TYPED

654 views • 32 slides
Scalable Certification for Scalable Certification for Typed Assembly Language Typed Assembly

Scalable Certification for Scalable Certification for Typed Assembly Language Typed Assembly

Scalable Certification for Scalable Certification for Typed Assembly Language Typed Assembly Language Dan Grossman (with Greg Morrisett) Cornell University 2000 ACM SIGPLAN Workshop on Types in Compilation AFTER AF Types After After

253 views • 22 slides
Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language

Construction of a Semantic Model Construction of a Semantic Model for a Typed Assembly Language Gang Tan, Andrew Appel, Kedar Swadi and Dinghao Wu Princeton University Jan 11, 2004 Extensible systems Extensible systems code extensions host

228 views • 22 slides
Assembly Language Introduction Learning Objectives Explain what assembly language is

Assembly Language Introduction Learning Objectives Explain what assembly language is

Assembly Language Introduction Learning Objectives Explain what assembly language is Define Registers Instruction Operands Produce assembly from C 9/22/2015 CS61 Fall 2015 1 What is assembly? Yet another layer

450 views • 7 slides
Overview of Assembly Language Chapter 9 S. Dandamudi Outline Assembly language

Overview of Assembly Language Chapter 9 S. Dandamudi Outline Assembly language

Overview of Assembly Language Chapter 9 S. Dandamudi Outline Assembly language Overview of assembly statements language instructions Arithmetic Data allocation Conditional Where are the operands? Logical

1.01k views • 79 slides
Assembly Language Assembly Language: Human Readable Machine Language Computers like ones and

Assembly Language Assembly Language: Human Readable Machine Language Computers like ones and

Assembly Language Assembly Language: Human Readable Machine Language Computers like ones and zeroes 0001110010000110 Humans like symbols R0,R17 ; increment index reg. ADD An assembler is a program that translates symbols for

149 views • 12 slides
Assembly Language Assembler translates the assembly language source into binary instructions in

Assembly Language Assembler translates the assembly language source into binary instructions in

Figure 1: Assemblers process Assembly Language Assembler translates the assembly language source into binary instructions in an object file . Programs usually contain multiple assembly/HLL source files, called modules , each com- piled

481 views • 5 slides
lecture 8 MIPS assembly language 1 - what is an assembly language? - addressing and Memory -

lecture 8 MIPS assembly language 1 - what is an assembly language? - addressing and Memory -

lecture 8 MIPS assembly language 1 - what is an assembly language? - addressing and Memory - instruction formats (R, I, J) February 3, 2016 http://www.asciitable.com/ ASCII: 8 bit (one byte) code In fact, it only uses 7 of the 8

526 views • 36 slides
Assembly Language CS2253 Owen Kaser, UNBSJ Assembly Language Some insane machine-code

Assembly Language CS2253 Owen Kaser, UNBSJ Assembly Language Some insane machine-code

Assembly Language CS2253 Owen Kaser, UNBSJ Assembly Language Some insane machine-code programming Assembly language as an alternative Assembler directives Mnemonics for instructions Machine-Code Programming (or, Why Assemblers

783 views • 52 slides
Assembly basics CS 2XA3 Term I, 2020/21 Outline What is Assembly Language ? Assemblers Why

Assembly basics CS 2XA3 Term I, 2020/21 Outline What is Assembly Language ? Assemblers Why

Assembly basics CS 2XA3 Term I, 2020/21 Outline What is Assembly Language ? Assemblers Why Assembly? NASM Character and String Literals Integer literals Labels and Names Statements Program structure Input/Output Compiling+linking What

670 views • 28 slides
Generic Programming in a Dependently Typed Language Generic proofs for generic programs Peter

Generic Programming in a Dependently Typed Language Generic proofs for generic programs Peter

Generic Programming in a Dependently Typed Language Generic proofs for generic programs Peter Morris pwm@cs.nott.ac.uk University of Nottingham Generic Programming in a Dependently Typed Language p. 1/12 This talk We introduce a

599 views • 45 slides
We focus on embedding a typed object language into a typed metalanguage. The benefit of types in

We focus on embedding a typed object language into a typed metalanguage. The benefit of types in

Finally Tagless, Partially Evaluated Tagless Staged Interpreters for Simpler Typed Languages Jacques Carette 1 , Oleg Kiselyov 2 , and Chung-chieh Shan 3 1 McMaster University carette@mcmaster.ca 2 FNMOC oleg@pobox.com 3 Rutgers University

649 views • 16 slides
Cavity Preparation/Assembly Techniques and Impact on Q Realistic Q-factors in a Module, Review

Cavity Preparation/Assembly Techniques and Impact on Q Realistic Q-factors in a Module, Review

Cavity Preparation/Assembly Techniques and Impact on Q Realistic Q-factors in a Module, Review of Modules P. Kneisel Jefferson Lab March 18, 2005 ERL 2005, Jefferson Lab Why Surface Treatment? Damage layer influences cavity Performance 40

741 views • 52 slides
High-Level Languages Languages Assembly vs Machine Code Assembly vs high-level language

High-Level Languages Languages Assembly vs Machine Code Assembly vs high-level language

High-Level Languages Languages Assembly vs Machine Code Assembly vs high-level language Why Learn New Language availability special features porting maintenance more tools required for job cost Why Design a

1.36k views • 54 slides
Assembly Language for Intel- -Based Based Assembly Language for Intel th Edition Computers, 4 th

Assembly Language for Intel- -Based Based Assembly Language for Intel th Edition Computers, 4 th

Assembly Language for Intel- -Based Based Assembly Language for Intel th Edition Computers, 4 th Edition Computers, 4 Kip R. Irvine Chapter 3: Assembly Language Fundamentals (c) Pearson Education, 2002. Chapter Overview Chapter Overview

1.03k views • 47 slides
i 1 / 61 Introduction and Context 2 / 61 3 / 61 3 / 61 3 / 61 3 / 61 Exotic design rules,

i 1 / 61 Introduction and Context 2 / 61 3 / 61 3 / 61 3 / 61 3 / 61 Exotic design rules,

Representing and Computing with Types in Dynamically Typed Languages Extending Dynamic Language Expressivity to Accommodate Rationally Typed Sequences Jim Edward Newton Thesis defense for the title: Doctorat de lUniversit e Sorbonne

2k views • 178 slides
Project TALC Interviews with Developers of Evidence-Based Programs for Teen Pregnancy Prevention

Project TALC Interviews with Developers of Evidence-Based Programs for Teen Pregnancy Prevention

A WORD FROM THE EXPERTS Project TALC Interviews with Developers of Evidence-Based Programs for Teen Pregnancy Prevention 1 This webinar was developed by Child Trends under contract #GS-10F-0030R for the Office of Adolescent Health; US

306 views • 15 slides
Lua Code: Security Overview and Practical Approaches to Static Analysis Andrei Costin

Lua Code: Security Overview and Practical Approaches to Static Analysis Andrei Costin

IEEE SPW: LangSec'17 (San Jose, CA) Lua Code: Security Overview and Practical Approaches to Static Analysis Andrei Costin ancostin@jyu.fi, andrei@firmware.re University of Jyvaskyla, Finland Agenda Introduction Contributions

374 views • 23 slides
Dependence and Data Flow Models (c) 2007 Mauro Pezz &amp; Michal Young Ch 6, slide 1 Why Data

Dependence and Data Flow Models (c) 2007 Mauro Pezz &amp; Michal Young Ch 6, slide 1 Why Data

Dependence and Data Flow Models (c) 2007 Mauro Pezz &amp; Michal Young Ch 6, slide 1 Why Data Flow Models? Why Data Flow Models? Models from Chapter 5 emphasized control Models from Chapter 5 emphasized control Control flow

375 views • 33 slides
Behavior-Based Detection The old way match syntactic signatures: One-to- one &lt; 50%

Behavior-Based Detection The old way match syntactic signatures: One-to- one &lt; 50%

Behavior-Based Detection The old way match syntactic signatures: One-to- one &lt; 50% detection The new way examine underlying behavior: One-to- many 1 Specifying Behaviors NtOpenKey \CurrentVersion\Run NtDeleteValueKey

1.58k views • 102 slides
ITS INCORPORATION INTO SPARSE UNMIXING FOR MINERAL IDENTIFICATION Thanh Bui 1,2 , Beate Orberger

ITS INCORPORATION INTO SPARSE UNMIXING FOR MINERAL IDENTIFICATION Thanh Bui 1,2 , Beate Orberger

BUILDING A HYPERSPECTRAL LIBRARY AND ITS INCORPORATION INTO SPARSE UNMIXING FOR MINERAL IDENTIFICATION Thanh Bui 1,2 , Beate Orberger 3,4 , Simon B. Blancher 1 , Ali Mohammad- Djafari 4 , Henry Pilliere 5 , Anne Salaun 1 , Xavier Bourrat 6 ,

659 views • 30 slides
Minerals 1 Minerals Minerals are: Naturally occurring, Inorganic, Solid, Have

Minerals 1 Minerals Minerals are: Naturally occurring, Inorganic, Solid, Have

Minerals 1 Minerals Minerals are: Naturally occurring, Inorganic, Solid, Have a definite chemical composition, and Have a definite crystal structure Mineral: Quartz, Pyrite Not Mineral: cement, steel 2 Minerals

475 views • 23 slides
Non-Homogeneous Hidden Markov Chain Models for Wavelet-Based Hyperspectral Image Processing

Non-Homogeneous Hidden Markov Chain Models for Wavelet-Based Hyperspectral Image Processing

Non-Homogeneous Hidden Markov Chain Models for Wavelet-Based Hyperspectral Image Processing Marco F. Duarte Mario Parente Hyperspectral Imaging One signal/image per band Hyperspectral datacube Spectrum at each pixel represents

415 views • 27 slides
and -XRD for the characterization and degradation of chrome yellow pigments: a focus on

and -XRD for the characterization and degradation of chrome yellow pigments: a focus on

Synchrotron radiation-based -XANES and -XRD for the characterization and degradation of chrome yellow pigments: a focus on paintings by Vincent van Gogh Letizia Monico CNR-ISTM (Perugia, Italy) University of Antwerp (Belgium) Darkening of

558 views • 27 slides

More recommend