skip to main content
10.1145/1111037.1111066acmconferencesArticle/Chapter ViewAbstractPublication PagespoplConference Proceedingsconference-collections
Article

Certified assembly programming with embedded code pointers

Published: 11 January 2006 Publication History

Abstract

Embedded code pointers (ECPs) are stored handles of functions and continuations commonly seen in low-level binaries as well as functional or higher-order programs. ECPs are known to be very hard to support well in Hoare-logic style verification systems. As a result, existing proof-carrying code (PCC) systems have to either sacrifice the expressiveness or the modularity of program specifications, or resort to construction of complex semantic models. In Reynolds's LICS'02 paper, supporting ECPs is listed as one of the main open problems for separation logic.In this paper we present a simple and general technique for solving the ECP problem for Hoare-logic-based PCC systems. By adding a small amount of syntax to the assertion language, we show how to combine semantic consequence relation with syntactic proof techniques. The result is a new powerful framework that can perform modular reasoning on ECPs while still retaining the expressiveness of Hoare logic. We show how to use our techniques to support polymorphism, closures, and other language extensions and how to solve the ECP problem for separation logic. Our system is fully mechanized. We give its complete soundness proof and a full verification of Reynolds's CPS-style "list-append" example in the Coq proof assistant.

References

[1]
A. Ahmed, L. Jia, and D. Walker. Reasoning about hierarchical storage. In Proc. 18th IEEE Symposium on Logic in Computer Science, pages 33--44, June 2003.
[2]
A. Ahmed and D. Walker. The logical approach to stack typing. In Proceedings of the 2003 ACM SIGPLAN international workshop on Types in languages design and implementation, pages 74--85. ACM Press, 2003.
[3]
A. J. Ahmed. Semantics of Types for Mutable State. PhD thesis, Princeton University, 2004.
[4]
A. W. Appel. Foundational proof-carrying code. In Proc. 16th Annual IEEE Symposium on Logic in Computer Science, pages 247--258, June 2001.
[5]
A. W. Appel and A. P. Felty. A semantic model of types and machine instructions for proof-carrying code. In Proc. 27th ACM Symposium on Principles of Programming Languages, pages 243--253, Jan. 2000.
[6]
A. W. Appel and D. McAllester. An indexed model of recursive types for foundational proof-carrying code. ACM Transactions on Programming Languages and Systems, 23(5):657--683, Sept. 2001.
[7]
M. Berger, K. Honda, and N. Yoshida. A logical analysis of aliasing in imperative higher-order functions. In Proc. 10th ACM SIGPLAN International Conference on Functional Programming, pages 280--293, Sept. 2005.
[8]
R. S. Boyer and Y. Yu. Automated proofs of object code for a widely used microprocessor. J. ACM, 43(1):166--192, 1996.
[9]
B.-Y. E. Chang, G. C. Necular, and R. R. Schneck. Extensible code verification. Unpublished manuscript, 2003.
[10]
J. Chen, D. Wu, A. W. Appel, and H. Fang. A provably sound tal for back-end optimization. In Proc. 2003 ACM Conference on Programming Language Design and Implementation, pages 208--219. ACM Press, 2003.
[11]
C. Colby, P. Lee, G. Necula, F. Blau, M. Plesko, and K. Cline. A certifying compiler for Java. In Proc. 2000 ACM Conference on Programming Language Design and Implementation, pages 95--107, New York, 2000. ACM Press.
[12]
K. Crary. Toward a foundational typed assembly language. In Proc. 30th ACM Symposium on Principles of Programming Languages, page 198, Jan. 2003.
[13]
K. Crary and J. C. Vanderwaart. An expressive, scalable type theory for certified code. In Proc. 7th ACM SIGPLAN International Conference on Functional Programming, pages 191--205, 2002.
[14]
N. G. de Bruijn. Lambda calculus notation with nameless dummies. Indagationes Mathematicae, 34:381--392, 1972.
[15]
X. Feng and Z. Shao. Modular verification of concurrent assembly code with dynamic thread creation and termination. In Proc. 2005 International Conference on Functional Programming, pages 254--267, Sept. 2005.
[16]
R. W. Floyd. Assigning meaning to programs. Communications of the ACM, Oct. 1967.
[17]
M. Gordon. A mechanized Hoare logic of state transitions. In A. W. Roscoe, editor, A Classical Mind--Essays in Honour of C.A.R. Hoare, pages 143--160. Prentice Hall, 1994.
[18]
J. Gosling, B. Joy, and G. Steele. The Java Language Specification. Addison-Wesley, 1996.
[19]
N. A. Hamid and Z. Shao. Interfacing hoare logic and type systems for foundational proof-carrying code. In Proc. 17th International Conference on Theorem Proving in Higher Order Logics, volume 3223 of LNCS, pages 118--135. Springer-Verlag, Sept. 2004.
[20]
N. A. Hamid, Z. Shao, V. Trifonov, S. Monnier, and Z. Ni. A syntactic approach to foundational proof-carrying code. In Proc. 17th Annual IEEE Symposium on Logic in Computer Science, pages 89--100, July 2002.
[21]
H. Herbelin, F. Kirchner, B. Monate, and J. Narboux. Faq about coq. http://pauillac.inria.fr/coq/doc/faq.html#htoc38.
[22]
C. A. R. Hoare. An axiomatic basis for computer programming. Communications of the ACM, Oct. 1969.
[23]
K. Honda and N. Yoshida. A compositional logic for polymorphic higher-order functions. In Proc. 6th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming, pages 191--202, Aug. 2004.
[24]
K. Honda, N. Yoshida, and M. Berger. An observationally complete program logic for imperative higher-order functions. In Proc. 20th IEEE Symposium on Logic in Computer Science, June 2005.
[25]
R. Milner, M. Tofte, R. Harper, and D. MacQueen. The Definition of Standard ML (Revised). MIT Press, Cambridge, Massachusetts, 1997.
[26]
Y. Minamide, G. Morrisett, and R. Harper. Typed closure conversion. In Proc. 23rd ACM Symposium on Principles of Programming Languages, pages 271--283. ACM Press, 1996.
[27]
G. Morrisett, D. Walker, K. Crary, and N. Glew. From System F to typed assembly language. In Proc. 25th ACM Symposium on Principles of Programming Languages, pages 85--97. ACM Press, Jan. 1998.
[28]
D. A. Naumann. Predicate transformer semantics of a higher-order imperative language with record subtyping. Science of Computer Programming, 41(1):1--51, 2001.
[29]
G. Necula. Proof-carrying code. In Proc. 24th ACM Symposium on Principles of Programming Languages, pages 106--119, New York, Jan. 1997. ACM Press.
[30]
G. Necula. Compiling with Proofs. PhD thesis, School of Computer Science, Carnegie Mellon Univ., Sept. 1998.
[31]
G. C. Necula and R. R. Schneck. A sound framework for untrustred verification-condition generators. In Proceedings of IEEE Symposium on Logic in Computer Science, pages 248--260. IEEE Computer Society, July 2003.
[32]
Z. Ni and Z. Shao. Implementation for certified assembly programming with embedded code pointers. http://flint.cs.yale.edu/publications/xcap.html, Oct. 2005.
[33]
P. W. O'Hearn and R. D. Tennent. Algol-Like Languages. Birkhauser, Boston, 1997.
[34]
C. Paulin-Mohring. Inductive definitions in the system Coq--rules and properties. In M. Bezem and J. Groote, editors, Proc. TLCA, volume 664 of LNCS. Springer-Verlag, 1993.
[35]
F. Pfenning. Automated theorem proving. http://www-2.cs.cmu.edu/~fp/courses/atp/, Apr. 2004.
[36]
F. Pfenning and C. Elliott. Higher-order abstract syntax. In Proc. 1988 ACM Conference on Programming Language Design and Implementation, pages 199--208. ACM Press, 1988.
[37]
J. Reynolds. Separation logic: a logic for shared mutable data structures. In Proc. 17th Annual IEEE Symposium on Logic in Computer Science, 2002.
[38]
Z. Shao, B. Saha, V. Trifonov, and N. Papaspyrou. A type system for certified binaries. In Proc. 29th ACM Symposium on Principles of Programming Languages, pages 217--232. ACM Press, Jan. 2002.
[39]
G. Tan. A Compositional Logic for Control Flow and its Application in Foundational Proof-Carrying Code. PhD thesis, Princeton University, 2005.
[40]
The Coq Development Team. The Coq proof assistant reference manual. The Coq release v8.0, Oct. 2005.
[41]
A. K. Wright and M. Felleisen. A syntactic approach to type soundness. Information and Computation, 115(1):38--94, 1994.
[42]
H. Xi and F. Pfenning. Dependent types in practical programming. In Proc. 26th ACM Symposium on Principles of Programming Languages, pages 214--227. ACM Press, 1999.
[43]
D. Yu, N. A. Hamid, and Z. Shao. Building certified libraries for PCC: Dynamic storage allocation. Science of Computer Programming, 50(1-3):101--127, Mar. 2004.
[44]
D. Yu and Z. Shao. Verification of safety properties for concurrent assembly code. In Proc. 2004 International Conference on Functional Programming, Sept. 2004.
[45]
Y. Yu . Automated Proofs of Object Code For A Widely Used Microprocessor. PhD thesis, University of Texas at Austin, 1992.

Cited By

View all
  • (2024)Verifying Programs with Logic and Extended Proof Rules: Deep Embedding vs. Shallow EmbeddingJournal of Automated Reasoning10.1007/s10817-024-09706-568:3Online publication date: 10-Aug-2024
  • (2023)VMSL: A Separation Logic for Mechanised Robust Safety of Virtual Machines Communicating above FF-AProceedings of the ACM on Programming Languages10.1145/35912797:PLDI(1438-1462)Online publication date: 6-Jun-2023
  • (2023)Leveraging Rust Types for Program SynthesisProceedings of the ACM on Programming Languages10.1145/35912787:PLDI(1414-1437)Online publication date: 6-Jun-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
POPL '06: Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
January 2006
432 pages
ISBN:1595930272
DOI:10.1145/1111037
  • cover image ACM SIGPLAN Notices
    ACM SIGPLAN Notices  Volume 41, Issue 1
    Proceedings of the 2006 POPL Conference
    January 2006
    421 pages
    ISSN:0362-1340
    EISSN:1558-1160
    DOI:10.1145/1111320
    Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 January 2006

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. embedded code pointers
  2. higher-order functions
  3. hoare logic
  4. proof-carrying code

Qualifiers

  • Article

Conference

POPL06

Acceptance Rates

Overall Acceptance Rate 824 of 4,130 submissions, 20%

Upcoming Conference

POPL '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)10
  • Downloads (Last 6 weeks)1
Reflects downloads up to 06 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Verifying Programs with Logic and Extended Proof Rules: Deep Embedding vs. Shallow EmbeddingJournal of Automated Reasoning10.1007/s10817-024-09706-568:3Online publication date: 10-Aug-2024
  • (2023)VMSL: A Separation Logic for Mechanised Robust Safety of Virtual Machines Communicating above FF-AProceedings of the ACM on Programming Languages10.1145/35912797:PLDI(1438-1462)Online publication date: 6-Jun-2023
  • (2023)Leveraging Rust Types for Program SynthesisProceedings of the ACM on Programming Languages10.1145/35912787:PLDI(1414-1437)Online publication date: 6-Jun-2023
  • (2023)Beyond Backtracking: Connections in Fine-Grained Concurrent Separation LogicProceedings of the ACM on Programming Languages10.1145/35912757:PLDI(1340-1364)Online publication date: 6-Jun-2023
  • (2023)Search-Based Regular Expression Inference on a GPUProceedings of the ACM on Programming Languages10.1145/35912747:PLDI(1317-1339)Online publication date: 6-Jun-2023
  • (2023)Reliable Actors with Retry OrchestrationProceedings of the ACM on Programming Languages10.1145/35912737:PLDI(1293-1316)Online publication date: 6-Jun-2023
  • (2023)CryptOpt: Verified Compilation with Randomized Program Search for Cryptographic PrimitivesProceedings of the ACM on Programming Languages10.1145/35912727:PLDI(1268-1292)Online publication date: 6-Jun-2023
  • (2023)Modular Hardware Design with Timeline TypesProceedings of the ACM on Programming Languages10.1145/35912347:PLDI(343-367)Online publication date: 6-Jun-2023
  • (2023)Generalized Policy-Based Noninterference for Efficient Confidentiality-PreservationProceedings of the ACM on Programming Languages10.1145/35912317:PLDI(267-291)Online publication date: 6-Jun-2023
  • (2023)Omnisemantics: Smooth Handling of NondeterminismACM Transactions on Programming Languages and Systems10.1145/357983445:1(1-43)Online publication date: 8-Mar-2023
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media