Iris-Wasm: Robust and Modular Verification of WebAssembly Programs-Reference-Cited by-同舟云学术

Iris-Wasm: Robust and Modular Verification of WebAssembly Programs

Published:2023-06-06 Issue:PLDI Volume:7 Page:1096-1120
ISSN:2475-1421
Container-title:Proceedings of the ACM on Programming Languages
language:en
Short-container-title:Proc. ACM Program. Lang.

Author:

Rao Xiaojia¹^ORCID,Georges Aïna Linn²^ORCID,Legoupil Maxime²^ORCID,Watt Conrad³^ORCID,Pichon-Pharabod Jean²^ORCID,Gardner Philippa¹^ORCID,Birkedal Lars²^ORCID

Affiliation:

1. Imperial College London, UK

2. Aarhus University, Denmark

3. University of Cambridge, UK

Abstract

WebAssembly makes it possible to run C/C++ applications on the web with near-native performance. A WebAssembly program is expressed as a collection of higher-order ML-like modules, which are composed together through a system of explicit imports and exports using a host language, enabling a form of higher- order modular programming. We present Iris-Wasm, a mechanized higher-order separation logic building on a specification of Wasm 1.0 mechanized in Coq and the Iris framework. Using Iris-Wasm, we are able to specify and verify individual modules separately, and then compose them modularly in a simple host language featuring the core operations of the WebAssembly JavaScript Interface. Building on Iris-Wasm, we develop a logical relation that enforces robust safety: unknown, adversarial code can only affect other modules through the functions that they explicitly export. Together, the program logic and the logical relation allow us to formally verify functional correctness of WebAssembly programs, even when they invoke and are invoked by unknown code, thereby demonstrating that WebAssembly enforces strong isolation between modules.

Funder

villum investigator grant

EPSRC fellowship

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3591265

Reference35 articles.

1. Lars Birkedal and Aleš Bizjak . 2017. Lecture Notes on Iris: Higher-Order Concurrent Separation Logic . Aarhus University . Lars Birkedal and Aleš Bizjak. 2017. Lecture Notes on Iris: Higher-Order Concurrent Separation Logic. Aarhus University.

2. Position Paper

3. Daniel Ehrenberg. 2019. WebAssembly JavaScript Interface W3C Recommendation. W3C. https://www.w3.org/TR/wasm-js-api-1/ Daniel Ehrenberg. 2019. WebAssembly JavaScript Interface W3C Recommendation. W3C. https://www.w3.org/TR/wasm-js-api-1/

4. Modular verification of concurrent assembly code with dynamic thread creation and termination

5. Michael Fitzgibbons. 2022. CapableWasm: Bringing Better Interop Down to WebAssembly. https://www.youtube.com/watch?v=E44lTaa2qHk POPL’22 student research competition presentation Michael Fitzgibbons. 2022. CapableWasm: Bringing Better Interop Down to WebAssembly. https://www.youtube.com/watch?v=E44lTaa2qHk POPL’22 student research competition presentation

Cited by 6 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Logical Approach to Type Soundness;Journal of the ACM;2024-07-10

2. RichWasm: Bringing Safe, Fine-Grained, Shared-Memory Interoperability Down to WebAssembly;Proceedings of the ACM on Programming Languages;2024-06-20

3. Bringing the WebAssembly Standard up to Speed with SpecTec;Proceedings of the ACM on Programming Languages;2024-06-20

4. Securing Verified IO Programs Against Unverified Code in F*;Proceedings of the ACM on Programming Languages;2024-01-05

5. An Iris Instance for Verifying CompCert C Programs;Proceedings of the ACM on Programming Languages;2024-01-05