Modular verification of assembly code with stack-based control abstractions

Modular verification of assembly code with stack-based control abstractions (2006)

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Xinyu Feng , Zhong Shao Alex

Venue:	In PLDI’06
Citations:	20 - 8 self

BibTeX

@INPROCEEDINGS{Feng06modularverification,
    author = {Xinyu Feng and Zhong Shao Alex},
    title = {Modular verification of assembly code with stack-based control abstractions},
    booktitle = {In PLDI’06},
    year = {2006},
    pages = {401--414}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Runtime stacks are critical components of any modern software— they are used to implement powerful control structures such as function call/return, stack cutting and unwinding, coroutines, and thread context switch. Stack operations, however, are very hard to reason about: there are no known formal specifications for certifying C-style setjmp/longjmp, stack cutting and unwinding, or weak continuations (in C--). In many proof-carrying code (PCC) systems, return code pointers and exception handlers are treated as general first-class functions (as in continuation-passing style) even though both should have more limited scopes. In this paper we show that stack-based control abstractions follow a much simpler pattern than general first-class code pointers. We present a simple but flexible Hoare-style framework for modular verification of assembly code with all kinds of stackbased control abstractions, including function call/return, tail call, setjmp/longjmp, weak continuation, stack cutting, stack unwinding, multi-return function call, coroutines, and thread context switch. Instead of presenting a specific logic for each control structure, we develop all reasoning systems as instances of a generic framework. This allows program modules and their proofs developed in different PCC systems to be linked together. Our system is fully mechanized. We give the complete soundness proof and a full verification of several examples in the Coq proof assistant. 1.

Citations

1219	An axiomatic basis for computer programming - Hoare - 1969
765	The temporal logic of actions - Lamport
611	Systematic Software Development Using VDM - Jones - 1990
595	Compiling with Continuations - Appel - 1992
583	Separation logic: A logic for shared mutable data structures. Symp. on Logic in - Reynolds - 1994
557	From system F to typed assembly language - Morrisett, Walker, et al. - 1999
490	A syntactic approach to type soundness - Wright, Felleisen - 1994
245	The Design and Implementation of a Certifying Compiler - Necula, Lee - 2004
213	Foundational proof-carrying code - Appel - 2001
181	The C Programming Language, Second Edition - Kernighan, Ritchie - 1988
170	A type system for Java bytecode subroutines - Stata, Abadi - 1998
137	The Java virtual machine specification, second edition - Lindholm, Yellin - 1999
136	Stack-based typed assembly language - Morrisett, Crary, et al. - 2002
128	Compiling with Proofs - Necula - 1998
126	Tentative steps toward a development method for interfering programs - Jones
120	A Certifying Compiler for Java - Colby, Lee, et al. - 2000
119	Rabbit: A compiler for Scheme - Steele - 1978
84	A syntactic approach to foundational proof carrying code - Hamid, Shao, et al. - 2002
75	Toward a foundational typed assembly language - Crary - 2003
72	Automated proofs of object code for a widely used microprocessor - Boyer, Yu - 1996
65	Ten years of Hoare's logic, a survey, part I - Apt - 1981
63	Design of a separable transition-diagram compiler - Conway - 1963
53	Proper tail recursion and space efficiency - Clinger - 1998
45	A single intermediate language that supports multiple implementations of exceptions (abstract - RAMSEY, JONES
40	Certified assembly programming with embedded code pointers - Ni, Shao - 2006
26	Building certified libraries for PCC: Dynamic storage allocation - Yu, Hamid, et al.
22	The logical approach to stack typing - Ahmed, Walker - 2003
21	A typed, compositional logic for a stack-based abstract machine - Benton - 2005
19	Predicate transformer semantics of a higher-order imperative language with record subtyping - Naumann - 1997
17	Oheimb. Hoare logic for Java - von
15	Certifying compilation for a language with stack allocation - Spalding, Walker - 2005
14	A typed interface for garbage collection - Vanderwaart, Crary - 2003
13	Z.: Verification of safety properties for concurrent assembly code - Yu, Shao - 2004
13	Modular verification of concurrent assembly code with dynamic thread creation and termination - Feng, Shao - 2005
11	Implementing zero overhead exception handling - Drew, Gough, et al. - 1995
11	C Interfaces and Implementation - Hanson - 1997
10	Implementation of exception handling - Chase - 1994
7	Linear continuation-passing. Higher Order Symbol - Berdine, O’hearn, et al. - 2002
6	Multi-return function call - SHIVERS, FISHER
2	A translation from typed assembly languages to certified assembly programming - Ni, Shao - 2006
2	Implementation of exception handling, Part I,” The - Chase - 1994
1	the CALL rule can be derived from the JAL rule). Proof. Unfolding the definition of the interpretation function, we know that, given 4. ΨL ⊆ Ψ; 5. p (H,R); 6. WFST(n,g,(H,R),Ψ); we need to prove a. p ′ (H,R{$ra❀fret}); and b. WFST(n + 1,g ′ ,(H,R{$ra❀fret - unknown authors
1	That is, the RET rule can be derived from an instantiation of the JR rule, where rs is instantiated to $ra. Proof. Given [[(p,g)]] Ψ (H,R) and our assumption, we know that 1. p (H,R); 2. g (H,R) (H,R); and 3. WFST(n,g,(H,R),Ψ) for some n. By 2, 3 and the - unknown authors
1	Design of a separable transition-diagram compiler - Design, Impl - 2000
1	von Oheimb. Hoare logic for Java - unknown authors