首页 > 最新文献

Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages最新文献

英文 中文
Sound compilation of reals 真实的声音汇编
Eva Darulova, Viktor Kunčak
Writing accurate numerical software is hard because of many sources of unavoidable uncertainties, including finite numerical precision of implementations. We present a programming model where the user writes a program in a real-valued implementation and specification language that explicitly includes different types of uncertainties. We then present a compilation algorithm that generates a finite-precision implementation that is guaranteed to meet the desired precision with respect to real numbers. Our compilation performs a number of verification steps for different candidate precisions. It generates verification conditions that treat all sources of uncertainties in a unified way and encode reasoning about finite-precision roundoff errors into reasoning about real numbers. Such verification conditions can be used as a standardized format for verifying the precision and the correctness of numerical programs. Due to their non-linear nature, precise reasoning about these verification conditions remains difficult and cannot be handled using state-of-the art SMT solvers alone. We therefore propose a new procedure that combines exact SMT solving over reals with approximate and sound affine and interval arithmetic. We show that this approach overcomes scalability limitations of SMT solvers while providing improved precision over affine and interval arithmetic. Our implementation gives promising results on several numerical models, including dynamical systems, transcendental functions, and controller implementations.
编写精确的数值软件是困难的,因为有许多不可避免的不确定性来源,包括有限的数值精度实现。我们提出了一个编程模型,其中用户用实值实现和规范语言编写程序,其中显式包含不同类型的不确定性。然后,我们提出了一种编译算法,该算法生成有限精度的实现,保证满足相对于实数的所需精度。我们的编译对不同的候选精度执行许多验证步骤。它生成验证条件,以统一的方式处理所有不确定源,并将有限精度舍入误差的推理编码为实数推理。这些验证条件可以作为验证数值程序精度和正确性的标准格式。由于它们的非线性性质,对这些验证条件的精确推理仍然很困难,并且不能单独使用最先进的SMT求解器来处理。因此,我们提出了一个新的过程,结合了精确的SMT求解实数与近似和声音仿射和区间算法。我们证明这种方法克服了SMT求解器的可扩展性限制,同时提供了比仿射和区间算法更高的精度。我们的实现在几个数值模型上给出了有希望的结果,包括动力系统、超越函数和控制器实现。
{"title":"Sound compilation of reals","authors":"Eva Darulova, Viktor Kunčak","doi":"10.1145/2535838.2535874","DOIUrl":"https://doi.org/10.1145/2535838.2535874","url":null,"abstract":"Writing accurate numerical software is hard because of many sources of unavoidable uncertainties, including finite numerical precision of implementations. We present a programming model where the user writes a program in a real-valued implementation and specification language that explicitly includes different types of uncertainties. We then present a compilation algorithm that generates a finite-precision implementation that is guaranteed to meet the desired precision with respect to real numbers. Our compilation performs a number of verification steps for different candidate precisions. It generates verification conditions that treat all sources of uncertainties in a unified way and encode reasoning about finite-precision roundoff errors into reasoning about real numbers. Such verification conditions can be used as a standardized format for verifying the precision and the correctness of numerical programs. Due to their non-linear nature, precise reasoning about these verification conditions remains difficult and cannot be handled using state-of-the art SMT solvers alone. We therefore propose a new procedure that combines exact SMT solving over reals with approximate and sound affine and interval arithmetic. We show that this approach overcomes scalability limitations of SMT solvers while providing improved precision over affine and interval arithmetic. Our implementation gives promising results on several numerical models, including dynamical systems, transcendental functions, and controller implementations.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"20 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2013-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85368702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 124
Proof search for propositional abstract separation logics via labelled sequents 命题抽象分离逻辑的标记序列证明搜索
Zhé Hóu, Ranald Clouston, R. Goré, Alwen Tiu
Abstract separation logics are a family of extensions of Hoare logic for reasoning about programs that mutate memory. These logics are "abstract" because they are independent of any particular concrete memory model. Their assertion languages, called propositional abstract separation logics, extend the logic of (Boolean) Bunched Implications (BBI) in various ways. We develop a modular proof theory for various propositional abstract separation logics using cut-free labelled sequent calculi. We first extend the cut-fee labelled sequent calculus for BBI of Hou et al to handle Calcagno et al's original logic of separation algebras by adding sound rules for partial-determinism and cancellativity, while preserving cut-elimination. We prove the completeness of our calculus via a sound intermediate calculus that enables us to construct counter-models from the failure to find a proof. We then capture other propositional abstract separation logics by adding sound rules for indivisible unit and disjointness, while maintaining completeness and cut-elimination. We present a theorem prover based on our labelled calculus for these logics.
抽象分离逻辑是霍尔逻辑的一组扩展,用于对改变内存的程序进行推理。这些逻辑是“抽象的”,因为它们独立于任何特定的具体内存模型。他们的断言语言,称为命题抽象分离逻辑,以各种方式扩展(布尔)束暗示(BBI)的逻辑。利用无切割标记序演算,建立了各种命题抽象分离逻辑的模证明理论。我们首先扩展了Hou等人的BBI的切割费标记序列演算,通过添加部分决定论和消去性的健全规则来处理Calcagno等人的分离代数的原始逻辑,同时保留切割消去性。我们通过一个健全的中间演算证明了我们的演算的完备性,这个中间演算使我们能够从找不到证明的失败中构造反模型。然后,在保持完备性和切割消除的同时,通过添加不可分割单元和不连接的健全规则来捕获其他命题抽象分离逻辑。我们在标记演算的基础上给出了这些逻辑的定理证明。
{"title":"Proof search for propositional abstract separation logics via labelled sequents","authors":"Zhé Hóu, Ranald Clouston, R. Goré, Alwen Tiu","doi":"10.1145/2535838.2535864","DOIUrl":"https://doi.org/10.1145/2535838.2535864","url":null,"abstract":"Abstract separation logics are a family of extensions of Hoare logic for reasoning about programs that mutate memory. These logics are \"abstract\" because they are independent of any particular concrete memory model. Their assertion languages, called propositional abstract separation logics, extend the logic of (Boolean) Bunched Implications (BBI) in various ways. We develop a modular proof theory for various propositional abstract separation logics using cut-free labelled sequent calculi. We first extend the cut-fee labelled sequent calculus for BBI of Hou et al to handle Calcagno et al's original logic of separation algebras by adding sound rules for partial-determinism and cancellativity, while preserving cut-elimination. We prove the completeness of our calculus via a sound intermediate calculus that enables us to construct counter-models from the failure to find a proof. We then capture other propositional abstract separation logics by adding sound rules for indivisible unit and disjointness, while maintaining completeness and cut-elimination. We present a theorem prover based on our labelled calculus for these logics.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"14 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2013-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89050867","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Views: compositional reasoning for concurrent programs 视图:并发程序的组合推理
Thomas Dinsdale-Young, L. Birkedal, Philippa Gardner, Matthew J. Parkinson, Hongseok Yang
Compositional abstractions underly many reasoning principles for concurrent programs: the concurrent environment is abstracted in order to reason about a thread in isolation; and these abstractions are composed to reason about a program consisting of many threads. For instance, separation logic uses formulae that describe part of the state, abstracting the rest; when two threads use disjoint state, their specifications can be composed with the separating conjunction. Type systems abstract the state to the types of variables; threads may be composed when they agree on the types of shared variables. In this paper, we present the "Concurrent Views Framework", a metatheory of concurrent reasoning principles. The theory is parameterised by an abstraction of state with a notion of composition, which we call views. The metatheory is remarkably simple, but highly applicable: the rely-guarantee method, concurrent separation logic, concurrent abstract predicates, type systems for recursive references and for unique pointers, and even an adaptation of the Owicki-Gries method can all be seen as instances of the Concurrent Views Framework. Moreover, our metatheory proves each of these systems is sound without requiring induction on the operational semantics.
组合抽象是并发程序的许多推理原则的基础:并发环境被抽象,以便对线程进行孤立的推理;这些抽象是用来解释由多个线程组成的程序的。例如,分离逻辑使用描述部分状态的公式,抽象其余部分;当两个线程使用不连接状态时,它们的规范可以用分离连接组成。类型系统将状态抽象为变量的类型;当线程对共享变量的类型达成一致时,就可以组成线程。本文提出了并发推理原理的元理论“并发视图框架”。这个理论是通过一个抽象的状态来参数化的,这个抽象的状态有一个组合的概念,我们称之为视图。元理论非常简单,但非常适用:依赖保证方法、并发分离逻辑、并发抽象谓词、递归引用和唯一指针的类型系统,甚至是对Owicki-Gries方法的改编,都可以看作是并发视图框架的实例。此外,我们的元理论证明了这些系统中的每一个都是健全的,而不需要对操作语义进行归纳。
{"title":"Views: compositional reasoning for concurrent programs","authors":"Thomas Dinsdale-Young, L. Birkedal, Philippa Gardner, Matthew J. Parkinson, Hongseok Yang","doi":"10.1145/2429069.2429104","DOIUrl":"https://doi.org/10.1145/2429069.2429104","url":null,"abstract":"Compositional abstractions underly many reasoning principles for concurrent programs: the concurrent environment is abstracted in order to reason about a thread in isolation; and these abstractions are composed to reason about a program consisting of many threads. For instance, separation logic uses formulae that describe part of the state, abstracting the rest; when two threads use disjoint state, their specifications can be composed with the separating conjunction. Type systems abstract the state to the types of variables; threads may be composed when they agree on the types of shared variables.\u0000 In this paper, we present the \"Concurrent Views Framework\", a metatheory of concurrent reasoning principles. The theory is parameterised by an abstraction of state with a notion of composition, which we call views. The metatheory is remarkably simple, but highly applicable: the rely-guarantee method, concurrent separation logic, concurrent abstract predicates, type systems for recursive references and for unique pointers, and even an adaptation of the Owicki-Gries method can all be seen as instances of the Concurrent Views Framework. Moreover, our metatheory proves each of these systems is sound without requiring induction on the operational semantics.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"64 1","pages":"287-300"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73250331","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 184
Fully abstract compilation to JavaScript 完全抽象编译到JavaScript
C. Fournet, N. Swamy, Juan Chen, Pierre-Évariste Dagand, Pierre-Yves Strub, B. Livshits
Many tools allow programmers to develop applications in high-level languages and deploy them in web browsers via compilation to JavaScript. While practical and widely used, these compilers are ad hoc: no guarantee is provided on their correctness for whole programs, nor their security for programs executed within arbitrary JavaScript contexts. This paper presents a compiler with such guarantees. We compile an ML-like language with higher-order functions and references to JavaScript, while preserving all source program properties. Relying on type-based invariants and applicative bisimilarity, we show full abstraction: two programs are equivalent in all source contexts if and only if their wrapped translations are equivalent in all JavaScript contexts. We evaluate our compiler on sample programs, including a series of secure libraries.
许多工具允许程序员用高级语言开发应用程序,并通过编译JavaScript将其部署到web浏览器中。虽然这些编译器实用且被广泛使用,但它们是特别的:不能保证它们对整个程序的正确性,也不能保证它们对在任意JavaScript上下文中执行的程序的安全性。本文提出了一个具有这种保证的编译器。我们编译了一种类似ml的语言,具有高阶函数和对JavaScript的引用,同时保留了所有源程序属性。依靠基于类型的不变量和应用程序的双相似性,我们展示了完全的抽象:两个程序在所有源上下文中是等价的,当且仅当它们的包装翻译在所有JavaScript上下文中是等价的。我们在示例程序上评估编译器,包括一系列安全库。
{"title":"Fully abstract compilation to JavaScript","authors":"C. Fournet, N. Swamy, Juan Chen, Pierre-Évariste Dagand, Pierre-Yves Strub, B. Livshits","doi":"10.1145/2429069.2429114","DOIUrl":"https://doi.org/10.1145/2429069.2429114","url":null,"abstract":"Many tools allow programmers to develop applications in high-level languages and deploy them in web browsers via compilation to JavaScript. While practical and widely used, these compilers are ad hoc: no guarantee is provided on their correctness for whole programs, nor their security for programs executed within arbitrary JavaScript contexts. This paper presents a compiler with such guarantees. We compile an ML-like language with higher-order functions and references to JavaScript, while preserving all source program properties. Relying on type-based invariants and applicative bisimilarity, we show full abstraction: two programs are equivalent in all source contexts if and only if their wrapped translations are equivalent in all JavaScript contexts. We evaluate our compiler on sample programs, including a series of secure libraries.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"1 1","pages":"371-384"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80003157","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 107
Meta-theory à la carte 元理论a点菜
Benjamin Delaware, Bruno C. d. S. Oliveira, Tom Schrijvers
Formalizing meta-theory, or proofs about programming languages, in a proof assistant has many well-known benefits. Unfortunately, the considerable effort involved in mechanizing proofs has prevented it from becoming standard practice. This cost can be amortized by reusing as much of existing mechanized formalizations as possible when building a new language or extending an existing one. One important challenge in achieving reuse is that the inductive definitions and proofs used in these formalizations are closed to extension. This forces language designers to cut and paste existing definitions and proofs in an ad-hoc manner and to expend considerable effort to patch up the results. The key contribution of this paper is the development of an induction technique for extensible Church encodings using a novel reinterpretation of the universal property of folds. These encodings provide the foundation for a framework, formalized in Coq, which uses type classes to automate the composition of proofs from modular components. This framework enables a more structured approach to the reuse of meta-theory formalizations through the composition of modular inductive definitions and proofs. Several interesting language features, including binders and general recursion, illustrate the capabilities of our framework. We reuse these features to build fully mechanized definitions and proofs for a number of languages, including a version of mini-ML. Bounded induction enables proofs of properties for non-inductive semantic functions, and mediating type classes enable proof adaptation for more feature-rich languages.
在证明助手中形式化元理论或关于编程语言的证明有许多众所周知的好处。不幸的是,机械化证明所涉及的大量努力阻止了它成为标准做法。在构建新语言或扩展现有语言时,可以通过重用尽可能多的现有机械化形式化来分摊此成本。实现重用的一个重要挑战是,这些形式化中使用的归纳定义和证明对扩展是封闭的。这迫使语言设计者以一种特殊的方式剪切和粘贴现有的定义和证明,并花费大量的精力来修补结果。本文的主要贡献是利用对折叠全称性质的一种新的重新解释,发展了一种可扩展的丘奇编码的归纳法。这些编码为Coq中形式化的框架提供了基础,该框架使用类型类来自动组合来自模块化组件的证明。该框架通过组合模块化归纳定义和证明,使元理论形式化的重用成为一种更加结构化的方法。几个有趣的语言特性,包括绑定器和一般递归,说明了我们框架的功能。我们重用这些特性来为许多语言(包括一个mini-ML版本)构建完全机械化的定义和证明。有界归纳法支持对非归纳语义函数的性质进行证明,而中介类型类支持对功能更丰富的语言进行证明。
{"title":"Meta-theory à la carte","authors":"Benjamin Delaware, Bruno C. d. S. Oliveira, Tom Schrijvers","doi":"10.1145/2429069.2429094","DOIUrl":"https://doi.org/10.1145/2429069.2429094","url":null,"abstract":"Formalizing meta-theory, or proofs about programming languages, in a proof assistant has many well-known benefits. Unfortunately, the considerable effort involved in mechanizing proofs has prevented it from becoming standard practice. This cost can be amortized by reusing as much of existing mechanized formalizations as possible when building a new language or extending an existing one. One important challenge in achieving reuse is that the inductive definitions and proofs used in these formalizations are closed to extension. This forces language designers to cut and paste existing definitions and proofs in an ad-hoc manner and to expend considerable effort to patch up the results.\u0000 The key contribution of this paper is the development of an induction technique for extensible Church encodings using a novel reinterpretation of the universal property of folds. These encodings provide the foundation for a framework, formalized in Coq, which uses type classes to automate the composition of proofs from modular components. This framework enables a more structured approach to the reuse of meta-theory formalizations through the composition of modular inductive definitions and proofs.\u0000 Several interesting language features, including binders and general recursion, illustrate the capabilities of our framework. We reuse these features to build fully mechanized definitions and proofs for a number of languages, including a version of mini-ML. Bounded induction enables proofs of properties for non-inductive semantic functions, and mediating type classes enable proof adaptation for more feature-rich languages.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"37 1","pages":"207-218"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76475109","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 63
Universal properties of impure programming languages 非纯编程语言的通用属性
S. Staton, P. Levy
We investigate impure, call-by-value programming languages. Our first language only has variables and let-binding. Its equational theory is a variant of Lambek's theory of multicategories that omits the commutativity axiom. We demonstrate that type constructions for impure languages --- products, sums and functions --- can be characterized by universal properties in the setting of 'premulticategories', multicategories where the commutativity law may fail. This leads us to new, universal characterizations of two earlier equational theories of impure programming languages: the premonoidal categories of Power and Robinson, and the monad-based models of Moggi. Our analysis thus puts these earlier abstract ideas on a canonical foundation, bringing them to a new, syntactic level.
我们研究不纯的、按值调用的编程语言。我们的第一种语言只有变量和let-binding。它的方程理论是Lambek多范畴理论的一个变体,它忽略了交换性公理。我们证明了非纯语言的类型结构——乘积、和和和函数——可以在“前多范畴”的设置下用全称性质来表征,在多范畴中交换律可能失效。这使我们对两个早期的非纯编程语言的方程理论有了新的、普遍的描述:Power和Robinson的一元前范畴,以及Moggi的基于一元的模型。因此,我们的分析将这些早期的抽象概念置于规范的基础上,将它们带到一个新的句法层面。
{"title":"Universal properties of impure programming languages","authors":"S. Staton, P. Levy","doi":"10.1145/2429069.2429091","DOIUrl":"https://doi.org/10.1145/2429069.2429091","url":null,"abstract":"We investigate impure, call-by-value programming languages. Our first language only has variables and let-binding. Its equational theory is a variant of Lambek's theory of multicategories that omits the commutativity axiom.\u0000 We demonstrate that type constructions for impure languages --- products, sums and functions --- can be characterized by universal properties in the setting of 'premulticategories', multicategories where the commutativity law may fail. This leads us to new, universal characterizations of two earlier equational theories of impure programming languages: the premonoidal categories of Power and Robinson, and the monad-based models of Moggi. Our analysis thus puts these earlier abstract ideas on a canonical foundation, bringing them to a new, syntactic level.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"29 1","pages":"179-192"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81229576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Towards fully automatic placement of security sanitizers and declassifiers 走向全自动放置安全杀毒器和解密器
B. Livshits, Stephen Chong
A great deal of research on sanitizer placement, sanitizer correctness, checking path validity, and policy inference, has been done in the last five to ten years, involving type systems, static analysis and runtime monitoring and enforcement. However, in pretty much all work thus far, the burden of sanitizer placement has fallen on the developer. However, sanitizer placement in large-scale applications is difficult, and developers are likely to make errors, and thus create security vulnerabilities. This paper advocates a radically different approach: we aim to fully automate the placement of sanitizers by analyzing the ow of tainted data in the program. We argue that developers are better off leaving out sanitizers entirely instead of trying to place them. This paper proposes a fully automatic technique for sanitizer placement. Placement is static whenever possible, switching to run time when necessary. Run-time taint tracking techniques can be used to track the source of a value, and thus apply appropriate sanitization. However, due to the runtime overhead of run-time taint tracking, our technique avoids it wherever possible.
在过去的五到十年中,已经完成了大量关于消毒液放置、消毒液正确性、检查路径有效性和策略推断的研究,涉及类型系统、静态分析和运行时监视和执行。然而,到目前为止,在几乎所有的工作中,消毒器放置的负担都落在了开发人员身上。然而,在大规模应用程序中放置杀毒程序是困难的,开发人员很可能会犯错误,从而产生安全漏洞。本文提倡一种完全不同的方法:我们的目标是通过分析程序中受污染数据的数量来完全自动化消毒程序的放置。我们认为开发者最好完全忽略杀菌剂,而不是试图放置它们。本文提出了一种全自动消毒剂放置技术。只要可能,位置都是静态的,必要时切换到运行时。运行时污染跟踪技术可用于跟踪值的来源,从而应用适当的清理。然而,由于运行时污染跟踪的运行时开销,我们的技术尽可能地避免了它。
{"title":"Towards fully automatic placement of security sanitizers and declassifiers","authors":"B. Livshits, Stephen Chong","doi":"10.1145/2429069.2429115","DOIUrl":"https://doi.org/10.1145/2429069.2429115","url":null,"abstract":"A great deal of research on sanitizer placement, sanitizer correctness, checking path validity, and policy inference, has been done in the last five to ten years, involving type systems, static analysis and runtime monitoring and enforcement. However, in pretty much all work thus far, the burden of sanitizer placement has fallen on the developer. However, sanitizer placement in large-scale applications is difficult, and developers are likely to make errors, and thus create security vulnerabilities.\u0000 This paper advocates a radically different approach: we aim to fully automate the placement of sanitizers by analyzing the ow of tainted data in the program. We argue that developers are better off leaving out sanitizers entirely instead of trying to place them.\u0000 This paper proposes a fully automatic technique for sanitizer placement. Placement is static whenever possible, switching to run time when necessary. Run-time taint tracking techniques can be used to track the source of a value, and thus apply appropriate sanitization. However, due to the runtime overhead of run-time taint tracking, our technique avoids it wherever possible.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"58 1","pages":"385-398"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84709591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 77
Optimizing data structures in high-level programs: new directions for extensible compilers based on staging 优化高级程序中的数据结构:基于分段的可扩展编译器的新方向
Tiark Rompf, Arvind K. Sujeeth, Nada Amin, Kevin J. Brown, V. Jovanovic, HyoukJoong Lee, Manohar Jonnalagedda, K. Olukotun, Martin Odersky
High level data structures are a cornerstone of modern programming and at the same time stand in the way of compiler optimizations. In order to reason about user- or library-defined data structures compilers need to be extensible. Common mechanisms to extend compilers fall into two categories. Frontend macros, staging or partial evaluation systems can be used to programmatically remove abstraction and specialize programs before they enter the compiler. Alternatively, some compilers allow extending the internal workings by adding new transformation passes at different points in the compile chain or adding new intermediate representation (IR) types. None of these mechanisms alone is sufficient to handle the challenges posed by high level data structures. This paper shows a novel way to combine them to yield benefits that are greater than the sum of the parts. Instead of using staging merely as a front end, we implement internal compiler passes using staging as well. These internal passes delegate back to program execution to construct the transformed IR. Staging is known to simplify program generation, and in the same way it can simplify program transformation. Defining a transformation as a staged IR interpreter is simpler than implementing a low-level IR to IR transformer. With custom IR nodes, many optimizations that are expressed as rewritings from IR nodes to staged program fragments can be combined into a single pass, mitigating phase ordering problems. Speculative rewriting can preserve optimistic assumptions around loops. We demonstrate several powerful program optimizations using this architecture that are particularly geared towards data structures: a novel loop fusion and deforestation algorithm, array of struct to struct of array conversion, object flattening and code generation for heterogeneous parallel devices. We validate our approach using several non trivial case studies that exhibit order of magnitude speedups in experiments.
高级数据结构是现代编程的基石,同时也阻碍了编译器的优化。为了推断用户或库定义的数据结构,编译器需要具有可扩展性。扩展编译器的常见机制分为两类。前端宏、分期或部分求值系统可用于在程序进入编译器之前以编程方式删除抽象和专门化程序。另外,一些编译器允许通过在编译链的不同点添加新的转换传递或添加新的中间表示(IR)类型来扩展内部工作。这些机制都不足以单独处理高级数据结构带来的挑战。本文展示了一种将它们结合起来的新方法,以产生大于各部分之和的效益。我们不再仅仅将staging用作前端,而是使用staging来实现内部编译器传递。这些内部传递委托回程序执行以构造转换后的IR。众所周知,分段可以简化程序生成,同样,它也可以简化程序转换。将转换定义为阶段IR解释器比实现低级IR到IR转换器更简单。使用自定义IR节点,许多优化(表示为从IR节点重写到分阶段程序片段)可以合并到单个通道中,从而减轻了阶段排序问题。推测性重写可以保留循环周围的乐观假设。我们展示了几个强大的程序优化使用这种架构,特别是面向数据结构:一个新的循环融合和毁林算法,数组结构到数组结构的转换,对象扁平化和异构并行设备的代码生成。我们使用几个非平凡的案例研究来验证我们的方法,这些案例研究在实验中表现出数量级的加速。
{"title":"Optimizing data structures in high-level programs: new directions for extensible compilers based on staging","authors":"Tiark Rompf, Arvind K. Sujeeth, Nada Amin, Kevin J. Brown, V. Jovanovic, HyoukJoong Lee, Manohar Jonnalagedda, K. Olukotun, Martin Odersky","doi":"10.1145/2429069.2429128","DOIUrl":"https://doi.org/10.1145/2429069.2429128","url":null,"abstract":"High level data structures are a cornerstone of modern programming and at the same time stand in the way of compiler optimizations. In order to reason about user- or library-defined data structures compilers need to be extensible. Common mechanisms to extend compilers fall into two categories. Frontend macros, staging or partial evaluation systems can be used to programmatically remove abstraction and specialize programs before they enter the compiler. Alternatively, some compilers allow extending the internal workings by adding new transformation passes at different points in the compile chain or adding new intermediate representation (IR) types. None of these mechanisms alone is sufficient to handle the challenges posed by high level data structures. This paper shows a novel way to combine them to yield benefits that are greater than the sum of the parts.\u0000 Instead of using staging merely as a front end, we implement internal compiler passes using staging as well. These internal passes delegate back to program execution to construct the transformed IR. Staging is known to simplify program generation, and in the same way it can simplify program transformation. Defining a transformation as a staged IR interpreter is simpler than implementing a low-level IR to IR transformer. With custom IR nodes, many optimizations that are expressed as rewritings from IR nodes to staged program fragments can be combined into a single pass, mitigating phase ordering problems. Speculative rewriting can preserve optimistic assumptions around loops.\u0000 We demonstrate several powerful program optimizations using this architecture that are particularly geared towards data structures: a novel loop fusion and deforestation algorithm, array of struct to struct of array conversion, object flattening and code generation for heterogeneous parallel devices. We validate our approach using several non trivial case studies that exhibit order of magnitude speedups in experiments.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"1 1","pages":"497-510"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79913915","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 104
Hyperstream processing systems: nonstandard modeling of continuous-time signals 超流处理系统:连续时间信号的非标准建模
Kohei Suenaga, Hiroyoshi Sekine, I. Hasuo
We exploit the apparent similarity between (discrete-time) stream processing and (continuous-time) signal processing and transfer a deductive verification framework from the former to the latter. Our development is based on rigorous semantics that relies on nonstandard analysis (NSA). Specifically, we start with a discrete framework consisting of a Lustre-like stream processing language, its Kahn-style fixed point semantics, and a program logic (in the form of a type system) for partial correctness guarantees. This stream framework is transferred as it is to one for hyperstreams---streams of streams, that typically arise from sampling (continuous-time) signals with progressively smaller intervals---via the logical infrastructure of NSA. Under a certain continuity assumption we identify hyperstreams with signals; our final outcome thus obtained is a deductive verification framework of signals. In it one verifies properties of signals using the (conventionally discrete) proof principles, like fixed point induction.
我们利用(离散时间)流处理和(连续时间)信号处理之间的明显相似性,并将演绎验证框架从前者转移到后者。我们的开发基于依赖于非标准分析(NSA)的严格语义。具体来说,我们从一个离散框架开始,该框架由类似lustret的流处理语言、其kahn风格的定点语义和用于部分正确性保证的程序逻辑(以类型系统的形式)组成。这个流框架通过NSA的逻辑基础结构传输到超流(流的流,通常来自采样(连续时间)信号,间隔逐渐变小)。在一定的连续性假设下,我们用信号识别超流;我们由此得到的最终结果是一个信号的演绎验证框架。在它中,人们使用(传统上离散的)证明原理来验证信号的性质,比如不动点归纳法。
{"title":"Hyperstream processing systems: nonstandard modeling of continuous-time signals","authors":"Kohei Suenaga, Hiroyoshi Sekine, I. Hasuo","doi":"10.1145/2429069.2429120","DOIUrl":"https://doi.org/10.1145/2429069.2429120","url":null,"abstract":"We exploit the apparent similarity between (discrete-time) stream processing and (continuous-time) signal processing and transfer a deductive verification framework from the former to the latter. Our development is based on rigorous semantics that relies on nonstandard analysis (NSA).\u0000 Specifically, we start with a discrete framework consisting of a Lustre-like stream processing language, its Kahn-style fixed point semantics, and a program logic (in the form of a type system) for partial correctness guarantees. This stream framework is transferred as it is to one for hyperstreams---streams of streams, that typically arise from sampling (continuous-time) signals with progressively smaller intervals---via the logical infrastructure of NSA. Under a certain continuity assumption we identify hyperstreams with signals; our final outcome thus obtained is a deductive verification framework of signals. In it one verifies properties of signals using the (conventionally discrete) proof principles, like fixed point induction.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"73 1","pages":"417-430"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73662754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Abstraction and invariance for algebraically indexed types 代数索引类型的抽象和不变性
R. Atkey, Patricia Johann, A. Kennedy
Reynolds' relational parametricity provides a powerful way to reason about programs in terms of invariance under changes of data representation. A dazzling array of applications of Reynolds' theory exists, exploiting invariance to yield "free theorems", non-inhabitation results, and encodings of algebraic datatypes. Outside computer science, invariance is a common theme running through many areas of mathematics and physics. For example, the area of a triangle is unaltered by rotation or flipping. If we scale a triangle, then we scale its area, maintaining an invariant relationship between the two. The transformations under which properties are invariant are often organised into groups, with the algebraic structure reflecting the composability and invertibility of transformations. In this paper, we investigate programming languages whose types are indexed by algebraic structures such as groups of geometric transformations. Other examples include types indexed by principals--for information flow security--and types indexed by distances--for analysis of analytic uniform continuity properties. Following Reynolds, we prove a general Abstraction Theorem that covers all these instances. Consequences of our Abstraction Theorem include free theorems expressing invariance properties of programs, type isomorphisms based on invariance properties, and non-definability results indicating when certain algebraically indexed types are uninhabited or only inhabited by trivial programs. We have fully formalised our framework and most examples in Coq.
雷诺兹的关系参数提供了一种强大的方法来解释程序在数据表示变化时的不变性。雷诺兹理论有一系列令人眼花缭乱的应用,利用不变性来产生“自由定理”、非居住结果和代数数据类型的编码。在计算机科学之外,不变性是贯穿数学和物理许多领域的一个共同主题。例如,一个三角形的面积不会因旋转或翻转而改变。如果我们缩放一个三角形,那么我们缩放它的面积,保持两者之间不变的关系。性质不变的变换通常被组织成群,其代数结构反映了变换的可组合性和可逆性。在本文中,我们研究了用几何变换群等代数结构来索引类型的编程语言。其他示例包括按主体索引的类型(用于信息流安全性)和按距离索引的类型(用于分析一致连续性属性)。在Reynolds之后,我们证明了一个涵盖所有这些实例的一般抽象定理。抽象定理的结果包括表达程序不变性的自由定理,基于不变性的类型同构,以及指示某些代数索引类型何时不存在或仅由平凡程序存在的非可定义性结果。我们已经在Coq中完全形式化了我们的框架和大多数示例。
{"title":"Abstraction and invariance for algebraically indexed types","authors":"R. Atkey, Patricia Johann, A. Kennedy","doi":"10.1145/2429069.2429082","DOIUrl":"https://doi.org/10.1145/2429069.2429082","url":null,"abstract":"Reynolds' relational parametricity provides a powerful way to reason about programs in terms of invariance under changes of data representation. A dazzling array of applications of Reynolds' theory exists, exploiting invariance to yield \"free theorems\", non-inhabitation results, and encodings of algebraic datatypes. Outside computer science, invariance is a common theme running through many areas of mathematics and physics. For example, the area of a triangle is unaltered by rotation or flipping. If we scale a triangle, then we scale its area, maintaining an invariant relationship between the two. The transformations under which properties are invariant are often organised into groups, with the algebraic structure reflecting the composability and invertibility of transformations.\u0000 In this paper, we investigate programming languages whose types are indexed by algebraic structures such as groups of geometric transformations. Other examples include types indexed by principals--for information flow security--and types indexed by distances--for analysis of analytic uniform continuity properties. Following Reynolds, we prove a general Abstraction Theorem that covers all these instances. Consequences of our Abstraction Theorem include free theorems expressing invariance properties of programs, type isomorphisms based on invariance properties, and non-definability results indicating when certain algebraically indexed types are uninhabited or only inhabited by trivial programs. We have fully formalised our framework and most examples in Coq.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"13 1","pages":"87-100"},"PeriodicalIF":0.0,"publicationDate":"2013-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90674075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
期刊
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1