716 research outputs found
Pluggable AOP: Designing Aspect Mechanisms for Third-party Composition
Studies of Aspect-Oriented Programming (AOP) usually focus on a language in
which a specific aspect extension is integrated with a base language. Languages
specified in this manner have a fixed, non-extensible AOP functionality. In
this paper we consider the more general case of integrating a base language
with a set of domain specific third-party aspect extensions for that language.
We present a general mixin-based method for implementing aspect extensions in
such a way that multiple, independently developed, dynamic aspect extensions
can be subject to third-party composition and work collaboratively
Understanding Concurrency Vulnerabilities in Linux Kernel
While there is a large body of work on analyzing concurrency related software
bugs and developing techniques for detecting and patching them, little
attention has been given to concurrency related security vulnerabilities. The
two are different in that not all bugs are vulnerabilities: for a bug to be
exploitable, there needs be a way for attackers to trigger its execution and
cause damage, e.g., by revealing sensitive data or running malicious code. To
fill the gap, we conduct the first empirical study of concurrency
vulnerabilities reported in the Linux operating system in the past ten years.
We focus on analyzing the confirmed vulnerabilities archived in the Common
Vulnerabilities and Exposures (CVE) database, which are then categorized into
different groups based on bug types, exploit patterns, and patch strategies
adopted by developers. We use code snippets to illustrate individual
vulnerability types and patch strategies. We also use statistics to illustrate
the entire landscape, including the percentage of each vulnerability type. We
hope to shed some light on the problem, e.g., concurrency vulnerabilities
continue to pose a serious threat to system security, and it is difficult even
for kernel developers to analyze and patch them. Therefore, more efforts are
needed to develop tools and techniques for analyzing and patching these
vulnerabilities.Comment: It was finished in Oct 201
Type Safe Extensible Programming
Software products evolve over time. Sometimes they evolve by adding new
features, and sometimes by either fixing bugs or replacing outdated
implementations with new ones. When software engineers fail to anticipate such
evolution during development, they will eventually be forced to re-architect or
re-build from scratch. Therefore, it has been common practice to prepare for
changes so that software products are extensible over their lifetimes. However,
making software extensible is challenging because it is difficult to anticipate
successive changes and to provide adequate abstraction mechanisms over
potential changes. Such extensibility mechanisms, furthermore, should not
compromise any existing functionality during extension. Software engineers
would benefit from a tool that provides a way to add extensions in a reliable
way. It is natural to expect programming languages to serve this role.
Extensible programming is one effort to address these issues.
In this thesis, we present type safe extensible programming using the MLPolyR
language. MLPolyR is an ML-like functional language whose type system provides
type-safe extensibility mechanisms at several levels. After presenting the
language, we will show how these extensibility mechanisms can be put to good
use in the context of product line engineering. Product line engineering is an
emerging software engineering paradigm that aims to manage variations, which
originate from successive changes in software.Comment: PhD Thesis submitted October, 200
Better Together: Unifying Datalog and Equality Saturation
We present egglog, a fixpoint reasoning system that unifies Datalog and
equality saturation (EqSat). Like Datalog, it supports efficient incremental
execution, cooperating analyses, and lattice-based reasoning. Like EqSat, it
supports term rewriting, efficient congruence closure, and extraction of
optimized terms.
We identify two recent applications--a unification-based pointer analysis in
Datalog and an EqSat-based floating-point term rewriter--that have been
hampered by features missing from Datalog but found in EqSat or vice-versa. We
evaluate egglog by reimplementing those projects in egglog. The resulting
systems in egglog are faster, simpler, and fix bugs found in the original
systems.Comment: PLDI 202
Differential cost analysis with simultaneous potentials and anti-potentials
We present a novel approach to differential cost analysis that, given a program revision, attempts to statically bound the difference in resource usage, or cost, between the two program versions. Differential cost analysis is particularly interesting because of the many compelling applications for it, such as detecting resource-use regressions at code-review time or proving the absence of certain side-channel vulnerabilities. One prior approach to differential cost analysis is to apply relational reasoning that conceptually constructs a product program on which one can over-approximate the difference in costs between the two program versions. However, a significant challenge in any relational approach is effectively aligning the program versions to get precise results. In this paper, our key insight is that we can avoid the need for and the limitations of program alignment if, instead, we bound the difference of two cost-bound summaries rather than directly bounding the concrete cost difference. In particular, our method computes a threshold value for the maximal difference in cost between two program versions simultaneously using two kinds of cost-bound summaries---a potential function that evaluates to an upper bound for the cost incurred in the first program and an anti-potential function that evaluates to a lower bound for the cost incurred in the second. Our method has a number of desirable properties: it can be fully automated, it allows optimizing the threshold value on relative cost, it is suitable for programs that are not syntactically similar, and it supports non-determinism. We have evaluated an implementation of our approach on a number of program pairs collected from the literature, and we find that our method computes tight threshold values on relative cost in most example
Differential cost analysis with simultaneous potentials and anti-potentials
We present a novel approach to differential cost analysis that, given a program revision, attempts to statically bound the difference in resource usage, or cost, between the two program versions. Differential cost analysis is particularly interesting because of the many compelling applications for it, such as detecting resource-use regressions at code-review time or proving the absence of certain side-channel vulnerabilities. One prior approach to differential cost analysis is to apply relational reasoning that conceptually constructs a product program on which one can over-approximate the difference in costs between the two program versions. However, a significant challenge in any relational approach is effectively aligning the program versions to get precise results. In this paper, our key insight is that we can avoid the need for and the limitations of program alignment if, instead, we bound the difference of two cost-bound summaries rather than directly bounding the concrete cost difference. In particular, our method computes a threshold value for the maximal difference in cost between two program versions simultaneously using two kinds of cost-bound summaries---a potential function that evaluates to an upper bound for the cost incurred in the first program and an anti-potential function that evaluates to a lower bound for the cost incurred in the second. Our method has a number of desirable properties: it can be fully automated, it allows optimizing the threshold value on relative cost, it is suitable for programs that are not syntactically similar, and it supports non-determinism. We have evaluated an implementation of our approach on a number of program pairs collected from the literature, and we find that our method computes tight threshold values on relative cost in most examples
- …