Presentation is loading. Please wait.

Presentation is loading. Please wait.

Semantic Type Qualifiers

Published byYuliani Sudirman Modified over 5 years ago

Similar presentations

Presentation on theme: "Semantic Type Qualifiers"— Presentation transcript:

1 Semantic Type Qualifiers
Chien-Huei Chen Huseyin Sinecan

2 Semantic Type Qualifiers
Type Systems A natural discipline Specify properties Checking properties Problem: Statically checks properties Augmenting properties of types Program designers cannot estimate evrythng Qualifiers (no need to add many annotations) 5/10/2019 Semantic Type Qualifiers

3 Semantic Type Qualifiers
The Clarity Project A novel framework for user-defined type qualifiers for C programs It provides a declarative language in which users can define new qualifiers An extensible typechecker employs these user-defined rules to automatically check annotated C programs. (University of California, Los Angeles) 5/10/2019 Semantic Type Qualifiers

4 Semantic Type Qualifiers
The Cqual Project A tool for adding type qualifiers to C Same purpose with Clarity Uses a fixed set of type rules across all type refinements Not expressive enough to handle many common situations 5/10/2019 Semantic Type Qualifiers

5 Where to use qualifiers
Deadlock detection Format-String Vulnerability Detection by using a tainted qualifier to mark untrusted data and by requiring that printf-like functions take untainted data const Inference The qualifier const is used in ANSI C programs to state that certain names will not be used to write to a location Ex: foo (const int * x) *additional const annotations* 5/10/2019 Semantic Type Qualifiers

6 Semantic Type Qualifiers
Classes of qualifiers The Clarity framework supports 2 common types of qualifiers Value qualifiers (pertain to the value) pos nonnull - Reference qualifiers (pertain to the address) unique unaliased 5/10/2019 Semantic Type Qualifiers

7 Semantic Type Qualifiers
pos qualifier 1. value qualifier pos(int Expr E) 2. case E of decl int Const C: 4. C, where C > 0 5. | decl int Expr E1, E2: 6. E1 * E2, where pos(E1) && pos(E2) 7. | decl int Expr E1: E1, where neg(E1) 9. invariant value(E) > 0 A user-defined type qualifier and associated type rules for positive integers. 5/10/2019 Semantic Type Qualifiers

8 A type qualifier for unaliased variables
ref qualifier unaliased(T Var X) ondecl disallow &X invariant forall T** P: *P != location(X) Indicates the variable´s address, not the value ondecl : Can be given at declaration Disallow : Cannot have its address taken 5/10/2019 Semantic Type Qualifiers

9 Semantic Type Qualifiers
Sample Example: qualifier nonzero(int Expr E) case E of decl int Const C: C, where C != 0 | decl int Expr E1: E1, where pos(E1) | decl int Expr E1: E1, where neg(E1) | decl int Expr E: -E, where nonzero(E) | decl int Expr E1, E2: E1 * E2, where nonzero(E1) && nonzero(E2) restrict decl int Expr E1, E2: E1 / E2, where nonzero(E2) invariant Value(E) != 0 int y0 = 20; int z0; …………………… …………………… ……………… z0 = x / y0; 5/10/2019 Semantic Type Qualifiers

10 Semantic Type Qualifiers
Example1: nonnull qualifier nonnull(T* Expr E) case E of decl T LValue X: &X | new restrict decl T* Expr E: *E, where nonnull(E) invariant Value(E) != null 5/10/2019 Semantic Type Qualifiers

11 Semantic Type Qualifiers
Example1(cont.) In original link_list.c ……………. 158 struct list_head *first = list->next; 159 struct list_head *last = list->prev; 160 struct list_head *at = head->next; compiled with nonnull qualifier Expression list->next breaks rule 'Restricts: Dref(WCExpr(E)) where Qual(nonnull, E)' under qualifier nonnull at examples/link_list.c:158 5/10/2019 Semantic Type Qualifiers

12 Semantic Type Qualifiers
Example1(cont.) In order to get rid of all the errors, we first try to add a qualifier nonnull to the function. In the function: void list_add( struct list_head *new, struct list_head* __attribute__((nonnull)) head){ __list_add(new, head, head->next); } 5/10/2019 Semantic Type Qualifiers

13 Semantic Type Qualifiers
Example1(cont.) Mail from one of the author: There is also a notion of "reference qualifiers" for talking about properties of memory locations…..However, reference qualifiers are not very well developed at this point and are very difficult to use in a practical way in the current framework, due to its flow insensitivity. 5/10/2019 Semantic Type Qualifiers

14 Example2: locked and unlocked
Original example file: void f(struct obj* o) { acquire_lock(&o->lock); do_stuff(o); g(o); release_lock(&lock_o->lock); } void g(struct obj* o) { if (1) { acquire_lock(&o->lock); /* bug: deadlock */ release_lock(&o->lock); 5/10/2019 Semantic Type Qualifiers

15 Semantic Type Qualifiers
Example2(cont.) void f(struct obj* __attribute__((unlocked)) o) { struct obj* __attribute__((locked)) lock_o; acquire_lock(&o->lock); lock_o = castto(o,struct obj* __attribute__((locked))); do_stuff(o); g(lock_o); release_lock(&o->lock); } void g(struct obj* __attribute__((unlocked)) o) { if (1) { acquire_lock(&o->lock); /* bug: deadlock */ 5/10/2019 Semantic Type Qualifiers

16 Semantic Type Qualifiers
Example2(cont.) g(lock_o); do not match with function type void (struct dummy * __attribute__((__unlocked__)) o ) at examples/deadlock.c:32 Total Errors: 1 5/10/2019 Semantic Type Qualifiers

Download ppt "Semantic Type Qualifiers"

Similar presentations

Static Analysis for Security

Static Analysis for Security
CH4.1 Type Checking Md. Fahim Computer Engineering Department Jamia Millia Islamia (A Central University) New Delhi – 110 025

CH4.1 Type Checking Md. Fahim Computer Engineering Department Jamia Millia Islamia (A Central University) New Delhi –
Programming Languages and Paradigms The C Programming Language.

Programming Languages and Paradigms The C Programming Language.
Imperative Programming with Dependent Types Hongwei Xi University of Cincinnati.

Imperative Programming with Dependent Types Hongwei Xi University of Cincinnati.
1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.

1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.
SPLINT STATIC CHECKING TOOL Sripriya Subramanian 10/29/2002.

SPLINT STATIC CHECKING TOOL Sripriya Subramanian 10/29/2002.
1 Chapter 2 Introduction to Java Applications. 2 2.1 Introduction Java application programming Display ____________________ Obtain information from the.

1 Chapter 2 Introduction to Java Applications Introduction Java application programming Display ____________________ Obtain information from the.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Type Checking.

Type Checking.
Detecting Format String Vulnerabilities with Type Qualifier Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, David Wanger University of California at Berkeley.

Detecting Format String Vulnerabilities with Type Qualifier Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, David Wanger University of California at Berkeley.
ECE 353: Lab C Pointers and Structs. Basics A pointer holds an address to some variable Notation: – Dereferencing operator: * int *x is a declaration.

ECE 353: Lab C Pointers and Structs. Basics A pointer holds an address to some variable Notation: – Dereferencing operator: * int *x is a declaration.
Visualizing Type Qualifier Inference with Eclipse David Greenfieldboyce Jeffrey S. Foster University of Maryland.

Visualizing Type Qualifier Inference with Eclipse David Greenfieldboyce Jeffrey S. Foster University of Maryland.
Constants. 2 Objectives Describe ways to create constants –const –readonly –enum.

Constants. 2 Objectives Describe ways to create constants –const –readonly –enum.
A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001.

A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001.
Data Abstraction and Object- Oriented Programming CS351 – Programming Paradigms.

Data Abstraction and Object- Oriented Programming CS351 – Programming Paradigms.
May 9, 2001OSQ Retreat 1 Run-Time Type Checking for Pointers and Arrays in C Wes Weimer, George Necula Scott McPeak, S.P. Rahul, Raymond To.

May 9, 2001OSQ Retreat 1 Run-Time Type Checking for Pointers and Arrays in C Wes Weimer, George Necula Scott McPeak, S.P. Rahul, Raymond To.
Mechanized Metatheory for User- Defined Type Extensions Dan Marino, Brian Chin, Todd Millstein UCLA Gang Tan Boston College Robert J. Simmons, David Walker.

Mechanized Metatheory for User- Defined Type Extensions Dan Marino, Brian Chin, Todd Millstein UCLA Gang Tan Boston College Robert J. Simmons, David Walker.
CQual: A Tool for Adding Type Qualifiers to C Jeff Foster et al UC Berkeley OSQ Retreat, May 21-23 2002.

CQual: A Tool for Adding Type Qualifiers to C Jeff Foster et al UC Berkeley OSQ Retreat, May
Extending Type Systems in a Library Yuriy Solodkyy Jaakko Järvi Esam Mlaih.

Extending Type Systems in a Library Yuriy Solodkyy Jaakko Järvi Esam Mlaih.
Testing a program Remove syntax and link errors: Look at compiler comments where errors occurred and check program around these lines Run time errors:

Testing a program Remove syntax and link errors: Look at compiler comments where errors occurred and check program around these lines Run time errors:

Similar presentations

Ads by Google