论文信息 - On the Use of Underspecified Data-Type Semantics for Type Safety in Low-Level Code

On the Use of Underspecified Data-Type Semantics for Type Safety in Low-Level Code

In recent projects on operating-system veriﬁcation, C and C++ data types are often formalized usinga semantics that does not fully specify the precise byte encoding of objects. It is well-known thatsuch an underspeciﬁed data-type semantics can be used to detect certain kinds of type errors. Ingeneral, however, underspeciﬁed data-type semantics are unsound: they assign well-deﬁned meaningto programs that have undeﬁned behavior according to the C and C++ language standards. A precisecharacterization of the type-correctness properties that can be enforced with underspeciﬁed data-typesemantics is still missing. In this paper, we identify strengths and weaknesses of underspeciﬁed data-type semantics for ensuring type safety of low-level systems code. We prove sufﬁcient conditionsto detect certain classes of type errors and, ﬁnally, identify a trade-off between the complexity ofunderspeciﬁed data-type semantics and their type-checking capabilities.

[1] Jonathan L. Shapiro. Programming language challenges in systems codes: why systems programmers still use C, and what to do about it , 2006, PLOS '06.

[2] G. Morrisett,et al. Cyclone : A Type-Safe Dialect of C ∗ , 2004 .

[3] Yuri Gurevich,et al. The Semantics of the C Programming Language , 1992, CSL.

[4] Hendrik Tews,et al. The Semantics of C++ Data Types: Towards Verifying low-level System Components , 2003 .

[5] Hendrik Tews,et al. Formal Memory Models for the Verification of Low-Level Operating-System Code , 2009, Journal of Automated Reasoning.

[6] Michael Burrows,et al. Run-Time Type Checking for Binary Programs , 2003, CC.

[7] Michael Norrish. A formal semantics for c , 2007 .

[8] James Gosling,et al. The Java Language Specification, 3rd Edition , 2005 .

[9] Natarajan Shankar,et al. A Brief Overview of PVS , 2008, TPHOLs.

[10] Bjarne Stroustrup,et al. C++ Programming Language , 1986, IEEE Softw..

[11] Guy L. Steele,et al. The Java Language Specification , 1996 .

[12] Hendrik Tews,et al. Nova Micro--Hypervisor Verification , 2008 .

[13] Michael Norrish,et al. Types, bytes, and separation logic , 2007, POPL '07.

[14] Michael Norrish,et al. seL4: formal verification of an operating-system kernel , 2010, Commun. ACM.

[15] Hendrik Tews,et al. The VFiasco approach for a verified operating system , 2005 .

[16] Susan Horwitz,et al. Debugging via Run-Time Type Checking , 2001, FASE.