首页 > 最新文献

Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages最新文献

英文 中文
Sigma*: symbolic learning of input-output specifications Sigma*:输入-输出规范的符号学习
M. Botincan, Domagoj Babic
We present Sigma*, a novel technique for learning symbolic models of software behavior. Sigma* addresses the challenge of synthesizing models of software by using symbolic conjectures and abstraction. By combining dynamic symbolic execution to discover symbolic input-output steps of the programs and counterexample guided abstraction refinement to over-approximate program behavior, Sigma* transforms arbitrary source representation of programs into faithful input-output models. We define a class of stream filters---programs that process streams of data items---for which Sigma* converges to a complete model if abstraction refinement eventually builds up a sufficiently strong abstraction. In other words, Sigma* is complete relative to abstraction. To represent inferred symbolic models, we use a variant of symbolic transducers that can be effectively composed and equivalence checked. Thus, Sigma* enables fully automatic analysis of behavioral properties such as commutativity, reversibility and idempotence, which is useful for web sanitizer verification and stream programs compiler optimizations, as we show experimentally. We also show how models inferred by Sigma* can boost performance of stream programs by parallelized code generation.
我们提出Sigma*,一种学习软件行为符号模型的新技术。Sigma*解决了通过使用符号猜想和抽象来综合软件模型的挑战。通过结合动态符号执行来发现程序的符号输入-输出步骤和反例指导抽象细化以过度近似程序行为,Sigma*将程序的任意源表示转换为忠实的输入-输出模型。我们定义了一类流过滤器——处理数据项流的程序——如果抽象细化最终建立了一个足够强的抽象,Sigma*就会收敛到一个完整的模型。换句话说,Sigma*相对于抽象是完整的。为了表示推断的符号模型,我们使用了一种符号换能器的变体,它可以有效地组成和等价性检查。因此,Sigma*可以完全自动地分析行为特性,如交换性、可逆性和幂等性,这对于网络消毒验证和流程序编译器优化非常有用,正如我们在实验中所展示的那样。我们还展示了Sigma*推断的模型如何通过并行代码生成来提高流程序的性能。
{"title":"Sigma*: symbolic learning of input-output specifications","authors":"M. Botincan, Domagoj Babic","doi":"10.1145/2429069.2429123","DOIUrl":"https://doi.org/10.1145/2429069.2429123","url":null,"abstract":"We present Sigma*, a novel technique for learning symbolic models of software behavior. Sigma* addresses the challenge of synthesizing models of software by using symbolic conjectures and abstraction. By combining dynamic symbolic execution to discover symbolic input-output steps of the programs and counterexample guided abstraction refinement to over-approximate program behavior, Sigma* transforms arbitrary source representation of programs into faithful input-output models. We define a class of stream filters---programs that process streams of data items---for which Sigma* converges to a complete model if abstraction refinement eventually builds up a sufficiently strong abstraction. In other words, Sigma* is complete relative to abstraction. To represent inferred symbolic models, we use a variant of symbolic transducers that can be effectively composed and equivalence checked. Thus, Sigma* enables fully automatic analysis of behavioral properties such as commutativity, reversibility and idempotence, which is useful for web sanitizer verification and stream programs compiler optimizations, as we show experimentally. We also show how models inferred by Sigma* can boost performance of stream programs by parallelized code generation.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"19 1","pages":"443-456"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89501930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 64
High-level separation logic for low-level code 低级代码的高级分离逻辑
J. B. Jensen, Nick Benton, A. Kennedy
Separation logic is a powerful tool for reasoning about structured, imperative programs that manipulate pointers. However, its application to unstructured, lower-level languages such as assembly language or machine code remains challenging. In this paper we describe a separation logic tailored for this purpose that we have applied to x86 machine-code programs. The logic is built from an assertion logic on machine states over which we construct a specification logic that encapsulates uses of frames and step indexing. The traditional notion of Hoare triple is not applicable directly to unstructured machine code, where code and data are mixed together and programs do not in general run to completion, so instead we adopt a continuation-passing style of specification with preconditions alone. Nevertheless, the range of primitives provided by the specification logic, which include a higher-order frame connective, a novel read-only frame connective, and a 'later' modality, support the definition of derived forms to support structured-programming-style reasoning for common cases, in which standard rules for Hoare triples are derived as lemmas. Furthermore, our encoding of scoped assembly-language labels lets us give definitions and proof rules for powerful assembly-language 'macros' such as while loops, conditionals and procedures. We have applied the framework to a model of sequential x86 machine code built entirely within the Coq proof assistant, including tactic support based on computational reflection.
分离逻辑是对操作指针的结构化命令式程序进行推理的强大工具。然而,将其应用于非结构化的低级语言(如汇编语言或机器码)仍然具有挑战性。在本文中,我们描述了为此目的量身定制的分离逻辑,我们已将其应用于x86机器码程序。该逻辑是基于机器状态的断言逻辑构建的,在此基础上,我们构建了封装帧和步骤索引使用的规范逻辑。传统的Hoare三元组概念并不直接适用于非结构化的机器码,在这种情况下,代码和数据混合在一起,程序通常不会运行到完成,因此我们采用了仅具有先决条件的延续传递样式的规范。尽管如此,规范逻辑提供的原语范围(包括高阶框架连接、新颖的只读框架连接和“后期”模态)支持派生形式的定义,以支持常见情况下的结构化编程风格推理,其中Hoare三元组的标准规则作为引理派生。此外,我们对作用域汇编语言标签的编码使我们能够为强大的汇编语言“宏”(如while循环、条件和过程)提供定义和证明规则。我们将该框架应用于完全在Coq证明助手中构建的顺序x86机器码模型,包括基于计算反射的策略支持。
{"title":"High-level separation logic for low-level code","authors":"J. B. Jensen, Nick Benton, A. Kennedy","doi":"10.1145/2429069.2429105","DOIUrl":"https://doi.org/10.1145/2429069.2429105","url":null,"abstract":"Separation logic is a powerful tool for reasoning about structured, imperative programs that manipulate pointers. However, its application to unstructured, lower-level languages such as assembly language or machine code remains challenging. In this paper we describe a separation logic tailored for this purpose that we have applied to x86 machine-code programs.\u0000 The logic is built from an assertion logic on machine states over which we construct a specification logic that encapsulates uses of frames and step indexing. The traditional notion of Hoare triple is not applicable directly to unstructured machine code, where code and data are mixed together and programs do not in general run to completion, so instead we adopt a continuation-passing style of specification with preconditions alone. Nevertheless, the range of primitives provided by the specification logic, which include a higher-order frame connective, a novel read-only frame connective, and a 'later' modality, support the definition of derived forms to support structured-programming-style reasoning for common cases, in which standard rules for Hoare triples are derived as lemmas. Furthermore, our encoding of scoped assembly-language labels lets us give definitions and proof rules for powerful assembly-language 'macros' such as while loops, conditionals and procedures.\u0000 We have applied the framework to a model of sequential x86 machine code built entirely within the Coq proof assistant, including tactic support based on computational reflection.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"54 1","pages":"301-314"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86187491","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 58
Checking NFA equivalence with bisimulations up to congruence 用双模拟检验NFA等价直到同余
F. Bonchi, D. Pous
We introduce bisimulation up to congruence as a technique for proving language equivalence of non-deterministic finite automata. Exploiting this technique, we devise an optimisation of the classical algorithm by Hopcroft and Karp. We compare our approach to the recently introduced antichain algorithms, by analysing and relating the two underlying coinductive proof methods. We give concrete examples where we exponentially improve over antichains; experimental results moreover show non negligible improvements.
本文介绍了一种证明非确定性有限自动机语言等价性的方法——双模拟到同余。利用这种技术,我们设计了Hopcroft和Karp的经典算法的优化。我们通过分析和关联两种潜在的共归纳证明方法,将我们的方法与最近引入的反链算法进行比较。我们给出了在反链上幂指数改进的具体例子;实验结果也显示出不可忽视的改进。
{"title":"Checking NFA equivalence with bisimulations up to congruence","authors":"F. Bonchi, D. Pous","doi":"10.1145/2429069.2429124","DOIUrl":"https://doi.org/10.1145/2429069.2429124","url":null,"abstract":"We introduce bisimulation up to congruence as a technique for proving language equivalence of non-deterministic finite automata. Exploiting this technique, we devise an optimisation of the classical algorithm by Hopcroft and Karp. We compare our approach to the recently introduced antichain algorithms, by analysing and relating the two underlying coinductive proof methods. We give concrete examples where we exponentially improve over antichains; experimental results moreover show non negligible improvements.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"123 1","pages":"457-468"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89142914","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 161
HALO: haskell to logic through denotational semantics HALO:通过指称语义来理解逻辑
Dimitrios Vytiniotis, S. Jones, Koen Claessen, Dan Rosén
Even well-typed programs can go wrong in modern functional languages, by encountering a pattern-match failure, or simply returning the wrong answer. An increasingly-popular response is to allow programmers to write contracts that express semantic properties, such as crash-freedom or some useful post-condition. We study the static verification of such contracts. Our main contribution is a novel translation to first-order logic of both Haskell programs, and contracts written in Haskell, all justified by denotational semantics. This translation enables us to prove that functions satisfy their contracts using an off-the-shelf first-order logic theorem prover.
在现代函数式语言中,即使是类型良好的程序也可能出错,比如遇到模式匹配失败,或者只是返回错误的答案。一种日益流行的回应是允许程序员编写表达语义属性的契约,比如避免崩溃或一些有用的后用条件。我们研究了这种契约的静态验证。我们的主要贡献是对Haskell程序和用Haskell编写的契约的一阶逻辑的新颖翻译,所有这些都是通过指称语义来证明的。这种转换使我们能够使用现成的一阶逻辑定理证明器证明函数满足它们的契约。
{"title":"HALO: haskell to logic through denotational semantics","authors":"Dimitrios Vytiniotis, S. Jones, Koen Claessen, Dan Rosén","doi":"10.1145/2429069.2429121","DOIUrl":"https://doi.org/10.1145/2429069.2429121","url":null,"abstract":"Even well-typed programs can go wrong in modern functional languages, by encountering a pattern-match failure, or simply returning the wrong answer. An increasingly-popular response is to allow programmers to write contracts that express semantic properties, such as crash-freedom or some useful post-condition. We study the static verification of such contracts. Our main contribution is a novel translation to first-order logic of both Haskell programs, and contracts written in Haskell, all justified by denotational semantics. This translation enables us to prove that functions satisfy their contracts using an off-the-shelf first-order logic theorem prover.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"5 1","pages":"431-442"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85939199","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 64
Deadlock-freedom-by-design: multiparty asynchronous global programming 死锁自由设计:多方异步全局编程
Marco Carbone, F. Montesi
Over the last decade, global descriptions have been successfully employed for the verification and implementation of communicating systems, respectively as protocol specifications and choreographies. In this work, we bring these two practices together by proposing a purely-global programming model. We show a novel interpretation of asynchrony and parallelism in a global setting and develop a typing discipline that verifies choreographies against protocol specifications, based on multiparty sessions. Exploiting the nature of global descriptions, our type system defines a new class of deadlock-free concurrent systems (deadlock-freedom-by-design), provides type inference, and supports session mobility. We give a notion of Endpoint Projection (EPP) which generates correct entity code (as pi-calculus terms) from a choreography. Finally, we evaluate our approach by providing a prototype implementation for a concrete programming language and by applying it to some examples from multicore and service-oriented programming.
在过去的十年中,全局描述已经成功地用于通信系统的验证和实现,分别作为协议规范和编排。在这项工作中,我们通过提出一个纯全局编程模型将这两种实践结合在一起。我们展示了对全局设置中的异步和并行性的一种新的解释,并开发了一种基于多方会话根据协议规范验证编排的类型规则。利用全局描述的特性,我们的类型系统定义了一类新的无死锁并发系统(设计死锁自由),提供类型推断并支持会话移动性。我们给出了端点投影(Endpoint Projection, EPP)的概念,它从编排中生成正确的实体代码(作为pi-微积分项)。最后,我们通过提供具体编程语言的原型实现,并将其应用于多核和面向服务编程的一些示例来评估我们的方法。
{"title":"Deadlock-freedom-by-design: multiparty asynchronous global programming","authors":"Marco Carbone, F. Montesi","doi":"10.1145/2429069.2429101","DOIUrl":"https://doi.org/10.1145/2429069.2429101","url":null,"abstract":"Over the last decade, global descriptions have been successfully employed for the verification and implementation of communicating systems, respectively as protocol specifications and choreographies. In this work, we bring these two practices together by proposing a purely-global programming model. We show a novel interpretation of asynchrony and parallelism in a global setting and develop a typing discipline that verifies choreographies against protocol specifications, based on multiparty sessions. Exploiting the nature of global descriptions, our type system defines a new class of deadlock-free concurrent systems (deadlock-freedom-by-design), provides type inference, and supports session mobility. We give a notion of Endpoint Projection (EPP) which generates correct entity code (as pi-calculus terms) from a choreography. Finally, we evaluate our approach by providing a prototype implementation for a concrete programming language and by applying it to some examples from multicore and service-oriented programming.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"17 1","pages":"263-274"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84014458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 181
Quantitative relaxation of concurrent data structures 并发数据结构的定量松弛
T. Henzinger, C. Kirsch, H. Payer, A. Sezgin, A. Sokolova
There is a trade-off between performance and correctness in implementing concurrent data structures. Better performance may be achieved at the expense of relaxing correctness, by redefining the semantics of data structures. We address such a redefinition of data structure semantics and present a systematic and formal framework for obtaining new data structures by quantitatively relaxing existing ones. We view a data structure as a sequential specification S containing all "legal" sequences over an alphabet of method calls. Relaxing the data structure corresponds to defining a distance from any sequence over the alphabet to the sequential specification: the k-relaxed sequential specification contains all sequences over the alphabet within distance k from the original specification. In contrast to other existing work, our relaxations are semantic (distance in terms of data structure states). As an instantiation of our framework, we present two simple yet generic relaxation schemes, called out-of-order and stuttering relaxation, along with several ways of computing distances. We show that the out-of-order relaxation, when further instantiated to stacks, queues, and priority queues, amounts to tolerating bounded out-of-order behavior, which cannot be captured by a purely syntactic relaxation (distance in terms of sequence manipulation, e.g. edit distance). We give concurrent implementations of relaxed data structures and demonstrate that bounded relaxations provide the means for trading correctness for performance in a controlled way. The relaxations are monotonic which further highlights the trade-off: increasing k increases the number of permitted sequences, which as we demonstrate can lead to better performance. Finally, since a relaxed stack or queue also implements a pool, we actually have new concurrent pool implementations that outperform the state-of-the-art ones.
在实现并发数据结构时,需要在性能和正确性之间进行权衡。通过重新定义数据结构的语义,可以在降低正确性的代价下获得更好的性能。我们解决了这样一个数据结构语义的重新定义,并提出了一个系统的和正式的框架,通过定量地放松现有的数据结构来获得新的数据结构。我们将数据结构视为包含方法调用字母表上所有“合法”序列的顺序规范S。放宽数据结构对应于定义从字母表上的任何序列到顺序规范的距离:k放宽的顺序规范包含字母表上距离原始规范k的所有序列。与其他现有工作相比,我们的松弛是语义的(数据结构状态方面的距离)。作为我们框架的一个实例,我们提出了两种简单而通用的松弛方案,称为无序松弛和口吃松弛,以及几种计算距离的方法。我们表明,当进一步实例化到堆栈,队列和优先级队列时,乱序松弛相当于容忍有界的乱序行为,这不能通过纯粹的语法松弛(序列操作方面的距离,例如编辑距离)来捕获。我们给出了松弛数据结构的并发实现,并证明了有界松弛提供了一种以可控的方式交换正确性和性能的方法。松弛是单调的,这进一步强调了权衡:增加k会增加允许序列的数量,正如我们所证明的那样,这可以带来更好的性能。最后,由于宽松的堆栈或队列也实现了池,因此我们实际上有了新的并发池实现,其性能优于最先进的实现。
{"title":"Quantitative relaxation of concurrent data structures","authors":"T. Henzinger, C. Kirsch, H. Payer, A. Sezgin, A. Sokolova","doi":"10.1145/2429069.2429109","DOIUrl":"https://doi.org/10.1145/2429069.2429109","url":null,"abstract":"There is a trade-off between performance and correctness in implementing concurrent data structures. Better performance may be achieved at the expense of relaxing correctness, by redefining the semantics of data structures. We address such a redefinition of data structure semantics and present a systematic and formal framework for obtaining new data structures by quantitatively relaxing existing ones. We view a data structure as a sequential specification S containing all \"legal\" sequences over an alphabet of method calls. Relaxing the data structure corresponds to defining a distance from any sequence over the alphabet to the sequential specification: the k-relaxed sequential specification contains all sequences over the alphabet within distance k from the original specification. In contrast to other existing work, our relaxations are semantic (distance in terms of data structure states). As an instantiation of our framework, we present two simple yet generic relaxation schemes, called out-of-order and stuttering relaxation, along with several ways of computing distances. We show that the out-of-order relaxation, when further instantiated to stacks, queues, and priority queues, amounts to tolerating bounded out-of-order behavior, which cannot be captured by a purely syntactic relaxation (distance in terms of sequence manipulation, e.g. edit distance). We give concurrent implementations of relaxed data structures and demonstrate that bounded relaxations provide the means for trading correctness for performance in a controlled way. The relaxations are monotonic which further highlights the trade-off: increasing k increases the number of permitted sequences, which as we demonstrate can lead to better performance. Finally, since a relaxed stack or queue also implements a pool, we actually have new concurrent pool implementations that outperform the state-of-the-art ones.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"19 1","pages":"317-328"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81930972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 97
Automatic detection of floating-point exceptions 自动检测浮点异常
Earl T. Barr, Thanh Vo, Vu Le, Z. Su
It is well-known that floating-point exceptions can be disastrous and writing exception-free numerical programs is very difficult. Thus, it is important to automatically detect such errors. In this paper, we present Ariadne, a practical symbolic execution system specifically designed and implemented for detecting floating-point exceptions. Ariadne systematically transforms a numerical program to explicitly check each exception triggering condition. Ariadne symbolically executes the transformed program using real arithmetic to find candidate real-valued inputs that can reach and trigger an exception. Ariadne converts each candidate input into a floating-point number, then tests it against the original program. In general, approximating floating-point arithmetic with real arithmetic can change paths from feasible to infeasible and vice versa. The key insight of this work is that, for the problem of detecting floating-point exceptions, this approximation works well in practice because, if one input reaches an exception, many are likely to, and at least one of them will do so over both floating-point and real arithmetic. To realize Ariadne, we also devised a novel, practical linearization technique to solve nonlinear constraints. We extensively evaluated Ariadne over 467 scalar functions in the widely used GNU Scientific Library (GSL). Our results show that Ariadne is practical and identifies a large number of real runtime exceptions in GSL. The GSL developers confirmed our preliminary findings and look forward to Ariadne's public release, which we plan to do in the near future.
众所周知,浮点异常可能是灾难性的,编写无异常的数值程序非常困难。因此,自动检测此类错误非常重要。在本文中,我们提出了Ariadne,一个实用的符号执行系统,专门为检测浮点异常而设计和实现。阿里阿德涅系统地转换了一个数值程序来显式地检查每个异常触发条件。阿里阿德涅使用实数算法象征性地执行转换后的程序,以找到可以到达并触发异常的候选实数输入。阿里阿德涅将每个候选输入转换成一个浮点数,然后将其与原始程序进行测试。一般来说,用实算术逼近浮点运算可以改变从可行到不可行的路径,反之亦然。这项工作的关键见解是,对于检测浮点异常的问题,这种近似在实践中工作得很好,因为如果一个输入遇到异常,那么许多输入都可能遇到异常,并且在浮点和实算术中至少有一个输入会遇到异常。为了实现阿里阿德涅,我们还设计了一种新颖实用的线性化技术来解决非线性约束。我们对广泛使用的GNU科学库(GSL)中的467个标量函数进行了广泛的评估。我们的结果表明,阿里阿德涅是实用的,并确定了大量的真实运行时异常在GSL。GSL开发者确认了我们的初步发现,并期待着《阿里阿德涅》的公开发布,我们计划在不久的将来发布。
{"title":"Automatic detection of floating-point exceptions","authors":"Earl T. Barr, Thanh Vo, Vu Le, Z. Su","doi":"10.1145/2429069.2429133","DOIUrl":"https://doi.org/10.1145/2429069.2429133","url":null,"abstract":"It is well-known that floating-point exceptions can be disastrous and writing exception-free numerical programs is very difficult. Thus, it is important to automatically detect such errors. In this paper, we present Ariadne, a practical symbolic execution system specifically designed and implemented for detecting floating-point exceptions. Ariadne systematically transforms a numerical program to explicitly check each exception triggering condition. Ariadne symbolically executes the transformed program using real arithmetic to find candidate real-valued inputs that can reach and trigger an exception. Ariadne converts each candidate input into a floating-point number, then tests it against the original program. In general, approximating floating-point arithmetic with real arithmetic can change paths from feasible to infeasible and vice versa. The key insight of this work is that, for the problem of detecting floating-point exceptions, this approximation works well in practice because, if one input reaches an exception, many are likely to, and at least one of them will do so over both floating-point and real arithmetic. To realize Ariadne, we also devised a novel, practical linearization technique to solve nonlinear constraints. We extensively evaluated Ariadne over 467 scalar functions in the widely used GNU Scientific Library (GSL). Our results show that Ariadne is practical and identifies a large number of real runtime exceptions in GSL. The GSL developers confirmed our preliminary findings and look forward to Ariadne's public release, which we plan to do in the near future.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"14 1","pages":"549-560"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74784943","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 96
Cache and I/O efficent functional algorithms 缓存和I/O高效的函数算法
G. Blelloch, R. Harper
The widely studied I/O and ideal-cache models were developed to account for the large difference in costs to access memory at different levels of the memory hierarchy. Both models are based on a two level memory hierarchy with a fixed size primary memory(cache) of size M, an unbounded secondary memory organized in blocks of size B. The cost measure is based purely on the number of block transfers between the primary and secondary memory. All other operations are free. Many algorithms have been analyzed in these models and indeed these models predict the relative performance of algorithms much more accurately than the standard RAM model. The models, however, require specifying algorithms at a very low level requiring the user to carefully lay out their data in arrays in memory and manage their own memory allocation. In this paper we present a cost model for analyzing the memory efficiency of algorithms expressed in a simple functional language. We show how some algorithms written in standard forms using just lists and trees (no arrays) and requiring no explicit memory layout or memory management are efficient in the model. We then describe an implementation of the language and show provable bounds for mapping the cost in our model to the cost in the ideal-cache model. These bound imply that purely functional programs based on lists and trees with no special attention to any details of memory layout can be as asymptotically as efficient as the carefully designed imperative I/O efficient algorithms. For example we describe an O(n_B logM/Bn_B)cost sorting algorithm, which is optimal in the ideal cache and I/O models.
广泛研究的I/O和理想缓存模型被开发出来,以解释在内存层次结构的不同级别访问内存的成本的巨大差异。这两种模型都基于两级内存层次结构,其中固定大小的主内存(缓存)大小为M,无界的辅助内存组织在大小为b的块中。成本衡量完全基于主内存和辅助内存之间的块传输数量。所有其他操作都是免费的。在这些模型中分析了许多算法,实际上这些模型比标准RAM模型更准确地预测了算法的相对性能。然而,这些模型需要在非常低的级别上指定算法,这要求用户在内存中的数组中仔细布局他们的数据,并管理他们自己的内存分配。在本文中,我们提出了一个成本模型来分析用简单函数语言表示的算法的内存效率。我们展示了一些仅使用列表和树(没有数组)、不需要显式内存布局或内存管理的标准形式编写的算法在模型中是如何高效的。然后,我们描述了该语言的实现,并展示了将我们模型中的成本映射到理想缓存模型中的成本的可证明界限。这些约束意味着,基于列表和树而不特别关注内存布局细节的纯函数式程序可以与精心设计的命令式I/O高效算法一样渐进地高效。例如,我们描述了一个O(n_B logM/Bn_B)代价排序算法,它在理想的缓存和I/O模型中是最优的。
{"title":"Cache and I/O efficent functional algorithms","authors":"G. Blelloch, R. Harper","doi":"10.1145/2429069.2429077","DOIUrl":"https://doi.org/10.1145/2429069.2429077","url":null,"abstract":"The widely studied I/O and ideal-cache models were developed to account for the large difference in costs to access memory at different levels of the memory hierarchy. Both models are based on a two level memory hierarchy with a fixed size primary memory(cache) of size M, an unbounded secondary memory organized in blocks of size B. The cost measure is based purely on the number of block transfers between the primary and secondary memory. All other operations are free. Many algorithms have been analyzed in these models and indeed these models predict the relative performance of algorithms much more accurately than the standard RAM model. The models, however, require specifying algorithms at a very low level requiring the user to carefully lay out their data in arrays in memory and manage their own memory allocation.\u0000 In this paper we present a cost model for analyzing the memory efficiency of algorithms expressed in a simple functional language. We show how some algorithms written in standard forms using just lists and trees (no arrays) and requiring no explicit memory layout or memory management are efficient in the model. We then describe an implementation of the language and show provable bounds for mapping the cost in our model to the cost in the ideal-cache model. These bound imply that purely functional programs based on lists and trees with no special attention to any details of memory layout can be as asymptotically as efficient as the carefully designed imperative I/O efficient algorithms. For example we describe an O(n_B logM/Bn_B)cost sorting algorithm, which is optimal in the ideal cache and I/O models.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"12 1","pages":"39-50"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82013053","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Library abstraction for C/C++ concurrency C/ c++并发的库抽象
Mark Batty, Mike Dodds, Alexey Gotsman
When constructing complex concurrent systems, abstraction is vital: programmers should be able to reason about concurrent libraries in terms of abstract specifications that hide the implementation details. Relaxed memory models present substantial challenges in this respect, as libraries need not provide sequentially consistent abstractions: to avoid unnecessary synchronisation, they may allow clients to observe relaxed memory effects, and library specifications must capture these. In this paper, we propose a criterion for sound library abstraction in the new C11 and C++11 memory model, generalising the standard sequentially consistent notion of linearizability. We prove that our criterion soundly captures all client-library interactions, both through call and return values, and through the subtle synchronisation effects arising from the memory model. To illustrate our approach, we verify implementations against specifications for the lock-free Treiber stack and a producer-consumer queue. Ours is the first approach to compositional reasoning for concurrent C11/C++11 programs.
在构建复杂的并发系统时,抽象是至关重要的:程序员应该能够根据隐藏实现细节的抽象规范来推断并发库。放松内存模型在这方面提出了实质性的挑战,因为库不需要提供顺序一致的抽象:为了避免不必要的同步,它们可能允许客户端观察放松内存效果,而库规范必须捕获这些。在本文中,我们提出了在新的C11和c++ 11内存模型中合理的库抽象标准,推广了标准的顺序一致性线性化概念。我们证明,我们的标准通过调用和返回值,以及通过内存模型产生的微妙同步效应,可以很好地捕获所有客户机-库交互。为了说明我们的方法,我们根据无锁Treiber堆栈和生产者-消费者队列的规范来验证实现。我们的方法是对并发C11/ c++ 11程序进行组合推理的第一种方法。
{"title":"Library abstraction for C/C++ concurrency","authors":"Mark Batty, Mike Dodds, Alexey Gotsman","doi":"10.1145/2429069.2429099","DOIUrl":"https://doi.org/10.1145/2429069.2429099","url":null,"abstract":"When constructing complex concurrent systems, abstraction is vital: programmers should be able to reason about concurrent libraries in terms of abstract specifications that hide the implementation details. Relaxed memory models present substantial challenges in this respect, as libraries need not provide sequentially consistent abstractions: to avoid unnecessary synchronisation, they may allow clients to observe relaxed memory effects, and library specifications must capture these.\u0000 In this paper, we propose a criterion for sound library abstraction in the new C11 and C++11 memory model, generalising the standard sequentially consistent notion of linearizability. We prove that our criterion soundly captures all client-library interactions, both through call and return values, and through the subtle synchronisation effects arising from the memory model. To illustrate our approach, we verify implementations against specifications for the lock-free Treiber stack and a producer-consumer queue. Ours is the first approach to compositional reasoning for concurrent C11/C++11 programs.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"10 1","pages":"235-248"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90605649","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 92
Automating relatively complete verification of higher-order functional programs 自动化相对完整的高阶功能程序验证
Hiroshi Unno, Tachio Terauchi, N. Kobayashi
We present an automated approach to relatively completely verifying safety (i.e., reachability) property of higher-order functional programs. Our contribution is two-fold. First, we extend the refinement type system framework employed in the recent work on (incomplete) automated higher-order verification by drawing on the classical work on relatively complete "Hoare logic like" program logic for higher-order procedural languages. Then, by adopting the recently proposed techniques for solving constraints over quantified first-order logic formulas, we develop an automated type inference method for the type system, thereby realizing an automated relatively complete verification of higher-order programs.
我们提出了一种自动化的方法来相对完整地验证高阶函数程序的安全性(即可达性)。我们的贡献是双重的。首先,我们通过借鉴高阶过程语言中相对完整的“类似Hoare逻辑”的程序逻辑的经典工作,扩展了最近在(不完全)自动化高阶验证工作中使用的精化类型系统框架。然后,通过采用最近提出的求解量化一阶逻辑公式约束的技术,我们开发了一种类型系统的自动类型推理方法,从而实现了高阶程序的相对完整的自动化验证。
{"title":"Automating relatively complete verification of higher-order functional programs","authors":"Hiroshi Unno, Tachio Terauchi, N. Kobayashi","doi":"10.1145/2429069.2429081","DOIUrl":"https://doi.org/10.1145/2429069.2429081","url":null,"abstract":"We present an automated approach to relatively completely verifying safety (i.e., reachability) property of higher-order functional programs. Our contribution is two-fold. First, we extend the refinement type system framework employed in the recent work on (incomplete) automated higher-order verification by drawing on the classical work on relatively complete \"Hoare logic like\" program logic for higher-order procedural languages. Then, by adopting the recently proposed techniques for solving constraints over quantified first-order logic formulas, we develop an automated type inference method for the type system, thereby realizing an automated relatively complete verification of higher-order programs.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"55 7 1","pages":"75-86"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80956009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 49
期刊
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1