More Web Proxy on the site http://driver.im/

Article

Bit level types for high level reasoning

Authors:

Rupak MajumdarAuthors Info & Claims

SIGSOFT '06/FSE-14: Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering

Pages 128 - 140

https://doi.org/10.1145/1181775.1181791

Published: 05 November 2006 Publication History

Abstract

Bitwise operations are commonly used in low-level systems code to access multiple data fields that have been packed into a single word. Program analysis tools that reason about such programs must model the semantics of bitwise operations precisely in order to capture program control and data flow through these operations. We present a type system for subword data structures that explitictly tracks the flow of bit values in the program and identifies consecutive sections of bits as logical entities manipulated atomically by the programmer. Our type inference algorithm tags each integer value of the program with a bitvector type that identifies the data layout at the subword level. These types are used in a translation phase to remove bitwise operations from the program, thereby allowing verification engines to avoid the expensive low-level reasoning required for analyzing bitvector operations. We have used a software model checker to check properties of translated versions of a Linux device driver and a memory protection system. The resulting verification runs could prove many more properties than the naive model checker that did not reason about bitvectors, and could prove properties much faster than a model checker that did reason about bitvectors. We have also applied our bitvector type inference algorithm to generate program documentation for a virtual memory subsystem of an OS kernel. While we have applied the type system mainly for program understanding and verification, bitvector types also have applications to better variable ordering heuristics in boolean model checking and memory optimizations in compilers for embedded software.

References

[1]

T. Ball and S.K. Rajamani. The SLAM project: debugging system software via static analysis. In POPL 02: Principles of Programming Languages, pages 1--3. ACM, 2002.

Digital Library

[2]

C. Barrett, D. Dill, and J. Levitt. A decision procedure for bit-vector arithmetic. In DAC 98: Design Automation Conference, pages 522--527, 1998.

Digital Library

[3]

E.M. Clarke, D. Kroening, and F. Lerda. A tool for checking ANSI-C programs. In TACAS 04: Tools and Algorithms for the construction and analysis of systems, LNCS 2988, pages 168--176. Springer, 2004.

[4]

J. Corbet, G. Kroah-Hartman, and A. Rubini. Linux device drivers, 3rd edition. O'Reilly, 2005.

Digital Library

[5]

M. Das, S. Lerner, and M. Seigle. ESP: Path-sensitive program verification in polynomial time. In PLDI 02: Programming Language Design and Implementation, pages 57--68. ACM, 2002.

Digital Library

[6]

D. Detlefs, G. Nelson, and J.B. Saxe. Simplify: a theorem prover for program checking. J. ACM, 52(3):365--473, 2005.

Digital Library

[7]

C. Flanagan. Hybrid type checking. In POPL 06: Principles of Programming Languages, pages 245--256. ACM Press, 2006.

Digital Library

[8]

J.S. Foster, T. Terauchi, and A. Aiken. Flow-sensitive type qualifiers. In PLDI 02: Programming Language Design and Implementation, pages 1--12. ACM, 2002.

Digital Library

[9]

R. Gupta, E. Mehofer, and Y. Zhang. A representation for bit section based analysis and optimization. In CC 02: Compiler Construction, LNCS 2304, pages 62--77. Springer, 2002.

Digital Library

[10]

T.A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In POPL 02: Principles of Programming Languages, pages 58--70. ACM, 2002.

Digital Library

[11]

R. Jhala and K.L. McMillan. Interpolant-based transition relation approximation. In CAV 05: Computer-Aided Verification, LNCS 3576, pages 39--51. Springer, 2005.

Digital Library

[12]

JOS. Jos: An operating system kernel. http://pdos.csail.mit.edu/6.828/2005/overview.html.

[13]

R. Komondoor, G. Ramalingam, J. Field, and S. Chandra. Dependent types for program understanding. In TACAS 05: Tools and Algorithms for the Construction and Analysis of Systems, LNCS 3440, pages 157--173. Springer, 2005.

Digital Library

[14]

Daniel Kroening and Natasha Sharygina. Approximating predicate images for bit-vector logic. In TACAS, pages 242--256, 2006.

Digital Library

[15]

C. Lee, M. Potkonjak, and W.H. Mangione-Smith. Mediabench: A tool for evaluating and synthesizing multimedia and communicatons systems. In MICRO 97: IEEE/ACM Symposium on Microarchitecture, pages 330--335. IEEE, 1997.

Digital Library

[16]

B. Li and R. Gupta. Bit section instruction set extension of arm for embedded applications. In CASES 02, pages 69--78. ACM, 2002.

Digital Library

[17]

M.O. Möller and H. Ruess. Solving bit-vector equations. In FMCAD 98: Formal Methods in Computer-Aided Design, LNCS 1522, pages 36--48. Springer, 1998.

Digital Library

[18]

R. O'Callahan and D. Jackson. Lackwit: A program understanding tool based on type inference. In ICSE 97: International Conference on Software Engineering, pages 338--348. ACM, 1997.

Digital Library

[19]

G. Ramalingam, J. Field, and F. Tip. Aggregate structure identification and its application to program analysis. In POPL 99: Principles of Programming Languages, pages 119--132. ACM, 1999.

Digital Library

[20]

A. Stump, C.W. Barrett, and D.L. Dill. Cvc: A cooperating validity checker. In CAV 02: Computer-Aided Verification, LNCS 2404, pages 500--504. Springer, 2002.

Digital Library

[21]

S. Tallam and R. Gupta. Bitwidth aware global register allocation. In POPL 03: Principles of Programming Languages, pages 85--96. ACM, 2003.

Digital Library

[22]

E. Witchel, J. Cates, and K. Asanović. Mondrian memory protection. In ASPLOS 02. ACM, 2002.

Digital Library

[23]

Y. Xie and A. Aiken. Scalable error detection using boolean satisfiability. In POPL 05: Principles of Programming Languages, pages 351--363. ACM, 2005.

Digital Library

Cited By

Zhu FSammler MLepigre RDreyer DGarg D(2022)BFF: foundational and automated verification of bitfield-manipulating programsProceedings of the ACM on Programming Languages10.1145/35633456:OOPSLA2(1613-1638)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563345
Kawaguchi MRondon PJhala R(2009)Type-based data structure verificationACM SIGPLAN Notices10.1145/1543135.154251044:6(304-315)Online publication date: 15-Jun-2009
https://dl.acm.org/doi/10.1145/1543135.1542510
Kawaguchi MRondon PJhala RHind MDiwan A(2009)Type-based data structure verificationProceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/1542476.1542510(304-315)Online publication date: 15-Jun-2009
https://dl.acm.org/doi/10.1145/1542476.1542510

Index Terms

Bit level types for high level reasoning

Recommendations

Low-level liquid types
POPL '10: Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

We present Low-Level Liquid Types , a refinement type system for C based on Liquid Types . Low-Level Liquid Types combine refinement types with three key elements to automate verification of critical safety properties of low-level programs: First, by ...
Type inference and strong static type checking for Promela

The Spin model checker and its specification language Promela have been used extensively in industry and academia to check the logical properties of distributed algorithms and protocols. Model checking with Spin involves reasoning about a system via an ...
Liquid types
PLDI '08: Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation

We present Logically Qualified Data Types, abbreviated to Liquid Types, a system that combines Hindley-Milner type inference with Predicate Abstraction to automatically infer dependent types precise enough to prove a variety of safety properties. Liquid ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGSOFT '06/FSE-14: Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering

November 2006

298 pages

ISBN:1595934685

DOI:10.1145/1181775

General Chair:
Michal Young
University of Oregon
,
Program Chair:
Premkumar Devanbu
University of California, Davis

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 November 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SIGSOFT06/FSE-14

Sponsor:

SIGSOFT06/FSE-14: SIGSOFT 2006 -14th International Symposium on the Foundations of Software Engineering

November 5 - 11, 2006

Oregon, Portland, USA

Acceptance Rates

Overall Acceptance Rate 17 of 128 submissions, 13%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
247
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhu FSammler MLepigre RDreyer DGarg D(2022)BFF: foundational and automated verification of bitfield-manipulating programsProceedings of the ACM on Programming Languages10.1145/35633456:OOPSLA2(1613-1638)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563345
Kawaguchi MRondon PJhala R(2009)Type-based data structure verificationACM SIGPLAN Notices10.1145/1543135.154251044:6(304-315)Online publication date: 15-Jun-2009
https://dl.acm.org/doi/10.1145/1543135.1542510
Kawaguchi MRondon PJhala RHind MDiwan A(2009)Type-based data structure verificationProceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/1542476.1542510(304-315)Online publication date: 15-Jun-2009
https://dl.acm.org/doi/10.1145/1542476.1542510

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents