251,007 research outputs found
Acute: high-level programming language design for distributed computation
Existing languages provide good support for typeful programming of standalone programs. In a distributed system, however, there may be interaction between multiple instances of many distinct programs, sharing some (but not necessarily all) of their module structure, and with some instances rebuilt with new versions of certain modules as time goes on. In this paper we discuss programming language support for such systems, focussing on their typing and naming issues. We describe an experimental language, Acute, which extends an ML core to support distributed development, deployment, and execution, allowing type-safe interaction between separately-built programs. The main features are: (1) type-safe marshalling of arbitrary values; (2) type names that are generated (freshly and by hashing) to ensure that type equality tests suffice to protect the invariants of abstract types, across the entire distributed system; (3) expression-level names generated to ensure that name equality tests suffice for type-safety of associated values, e.g. values carried on named channels; (4) controlled dynamic rebinding of marshalled values to local resources; and (5) thunkification of threads and mutexes to support computation mobility. These features are a large part of what is needed for typeful distributed programming. They are a relatively lightweight extension of ML, should be efficiently implementable, and are expressive enough to enable a wide variety of distributed infrastructure layers to be written as simple library code above the byte-string network and persistent store APIs. This disentangles the language runtime from communication intricacies. This paper highlights the main design choices in Acute. It is supported by a full language definition (of typing, compilation, and operational semantics), by a prototype implementation, and by example distribution libraries
A Machine-Independent Debugger--Revisited
Most debuggers are notoriously machine-dependent, but some recent research
prototypes achieve varying degrees of machine-independence with novel designs.
Cdb, a simple source-level debugger for C, is completely independent of its
target architecture. This independence is achieved by embedding symbol tables
and debugging code in the target program, which costs both time and space. This
paper describes a revised design and implementation of cdb that reduces the
space cost by nearly one-half and the time cost by 13% by storing symbol tables
in external files. A symbol table is defined by a 31-line grammar in the
Abstract Syntax Description Language (ASDL). ASDL is a domain-specific language
for specifying tree data structures. The ASDL tools accept an ASDL grammar and
generate code to construct, read, and write these data structures. Using ASDL
automates implementing parts of the debugger, and the grammar documents the
symbol table concisely. Using ASDL also suggested simplifications to the
interface between the debugger and the target program. Perhaps most important,
ASDL emphasizes that symbol tables are data structures, not file formats. Many
of the pitfalls of working with low-level file formats can be avoided by
focusing instead on high-level data structures and automating the
implementation details.Comment: 12 pages; 6 figures; 3 table
CapablePtrs: Securely Compiling Partial Programs using the Pointers-as-Capabilities Principle
Capability machines such as CHERI provide memory capabilities that can be
used by compilers to provide security benefits for compiled code (e.g., memory
safety). The C to CHERI compiler, for example, achieves memory safety by
following a principle called "pointers as capabilities" (PAC). Informally, PAC
says that a compiler should represent a source language pointer as a machine
code capability. But the security properties of PAC compilers are not yet well
understood. We show that memory safety is only one aspect, and that PAC
compilers can provide significant additional security guarantees for partial
programs: the compiler can provide guarantees for a compilation unit, even if
that compilation unit is later linked to attacker-controlled machine code. This
paper is the first to study the security of PAC compilers for partial programs
formally. We prove for a model of such a compiler that it is fully abstract.
The proof uses a novel proof technique (dubbed TrICL, read trickle), which is
of broad interest because it reuses and extends the compiler correctness
relation in a natural way, as we demonstrate. We implement our compiler on top
of the CHERI platform and show that it can compile legacy C code with minimal
code changes. We provide performance benchmarks that show how performance
overhead is proportional to the number of cross-compilation-unit function
calls
Modules program structures and the structuring of operating systems
In this paper some views are presented on the way in which complex systems, such as Operating Systems and the programs to be interfaced with them can be constructed, and how such systems may become heavily library oriented. Although such systems have a dynamic nature, all interfacing within and among modules can be checked statically. It will be shown that the concepts presented are equally valid for single user systems, multi-programming systems and even distributed systems. The ideas have been spurred by the implementation of a modular version of Pascal and a supporting Operating System, currently nearing completion at Twente University of Technology, The Netherlands
- …