346 research outputs found
Type Soundness and Race Freedom for Mezzo
International audienceThe programming language Mezzo is equipped with a rich type system that controls aliasing and access to mutable memory. We incorporate shared-memory concurrency into Mezzo and present a mod-ular formalization of its core type system, in the form of a concurrent λ-calculus, which we extend with references and locks. We prove that well-typed programs do not go wrong and are data-race free. Our definitions and proofs are machine-checked
The Meaning of Memory Safety
We give a rigorous characterization of what it means for a programming
language to be memory safe, capturing the intuition that memory safety supports
local reasoning about state. We formalize this principle in two ways. First, we
show how a small memory-safe language validates a noninterference property: a
program can neither affect nor be affected by unreachable parts of the state.
Second, we extend separation logic, a proof system for heap-manipulating
programs, with a memory-safe variant of its frame rule. The new rule is
stronger because it applies even when parts of the program are buggy or
malicious, but also weaker because it demands a stricter form of separation
between parts of the program state. We also consider a number of pragmatically
motivated variations on memory safety and the reasoning principles they
support. As an application of our characterization, we evaluate the security of
a previously proposed dynamic monitor for memory safety of heap-allocated data.Comment: POST'18 final versio
Understanding and evolving the Rust programming language
Rust is a young systems programming language that aims to fill the gap between high-level languagesâwhich provide strong static guarantees like memory and thread safetyâand low-level languagesâwhich give the programmer fine-grained control over data layout and memory management. This dissertation presents two projects establishing the first formal foundations for Rust, enabling us to better understand and evolve this important language: RustBelt and Stacked Borrows. RustBelt is a formal model of Rustâs type system, together with a soundness proof establishing memory and thread safety. The model is designed to verify the safety of a number of intricate APIs from the Rust standard library, despite the fact that the implementations of these APIs use unsafe language features. Stacked Borrows is a proposed extension of the Rust specification, which enables the compiler to use the strong aliasing information in Rustâs types to better analyze and optimize the code it is compiling. The adequacy of this specification is evaluated not only formally, but also by running real Rust code in an instrumented version of Rustâs Miri interpreter that implements the Stacked Borrows semantics. RustBelt is built on top of Iris, a language-agnostic framework, implemented in the Coq proof assistant, for building higher-order concurrent separation logics. This dissertation begins by giving an introduction to Iris, and explaining how Iris enables the derivation of complex high-level reasoning principles from a few simple ingredients. In RustBelt, this technique is exploited crucially to introduce the lifetime logic, which provides a novel separation-logic account of borrowing, a key distinguishing feature of the Rust type system.Rust ist eine junge systemnahe Programmiersprache, die es sich zum Ziel gesetzt hat, die LĂŒcke zu schlieĂen zwischen Sprachen mit hohem Abstraktionsniveau, die vor Speicher- und NebenlĂ€ufigkeitsfehlern schĂŒtzen, und Sprachen mit niedrigem Abstraktionsniveau, welche dem Programmierer detaillierte Kontrolle ĂŒber die ReprĂ€sentation von Daten und die Verwaltung des Speichers ermöglichen. Diese Dissertation stellt zwei Projekte vor, welche die ersten formalen Grundlagen fĂŒr Rust zum Zwecke des besseren VerstĂ€ndnisses und der weiteren Entwicklung dieser wichtigen Sprache legen: RustBelt und Stacked Borrows. RustBelt ist ein formales Modell des Typsystems von Rust einschlieĂlich eines Korrektheitsbeweises, welcher die Sicherheit von Speicherzugriffen und NebenlĂ€ufigkeit zeigt. Das Modell ist darauf ausgerichtet, einige komplexe Komponenten der Standardbibliothek von Rust zu verifizieren, obwohl die Implementierung dieser Komponenten unsichere Sprachkonstrukte verwendet. Stacked Borrows ist eine Erweiterung der Spezifikation von Rust, die es dem Compiler ermöglicht, den Quelltext mit Hilfe der im Typsystem kodierten Alias-Informationen besser zu analysieren und zu optimieren. Die Tauglichkeit dieser Spezifikation wird nicht nur formal belegt, sondern auch an echten Programmen getestet, und zwar mit Hilfe einer um Stacked Borrows erweiterten Version des Interpreters Miri. RustBelt basiert auf Iris, welches die Konstruktion von Separationslogiken fĂŒr beliebige Programmiersprachen im Beweisassistenten Coq ermöglicht. Diese Dissertation beginnt mit einer EinfĂŒhrung in Iris und erklĂ€rt, wie komplexe Beweismethoden mit Hilfe weniger einfacher Bausteine hergeleitet werden können. In RustBelt wird diese Technik fĂŒr die Umsetzung der âLebenszeitlogikâ verwendet, einer Erweiterung der Separationslogik mit dem Konzept von âLeihgabenâ (borrows), welche eine wichtige Rolle im Typsystem von Rust spielen.This research was supported in part by a European Research Council (ERC) Consolidator Grant for the project "RustBelt", funded under the European Unionâs Horizon 2020 Framework Programme (grant agreement no. 683289)
Kindly Bent to Free Us
Systems programming often requires the manipulation of resources like file
handles, network connections, or dynamically allocated memory. Programmers need
to follow certain protocols to handle these resources correctly. Violating
these protocols causes bugs ranging from type mismatches over data races to
use-after-free errors and memory leaks. These bugs often lead to security
vulnerabilities.
While statically typed programming languages guarantee type soundness and
memory safety by design, most of them do not address issues arising from
improper handling of resources. An important step towards handling resources is
the adoption of linear and affine types that enforce single-threaded resource
usage. However, the few languages supporting such types require heavy type
annotations.
We present Affe, an extension of ML that manages linearity and affinity
properties using kinds and constrained types. In addition Affe supports the
exclusive and shared borrowing of affine resources, inspired by features of
Rust. Moreover, Affe retains the defining features of the ML family: it is an
impure, strict, functional expression language with complete principal type
inference and type abstraction. Affe does not require any linearity annotations
in expressions and supports common functional programming idioms.Comment: ICFP 202
âWe are against Islam!â: The Lega Nord and the Islamic folk devil
© 2012 the Author(s). This article has been published under the terms of the Creative Commons Attribution License. Without requesting permission from the Author or SAGE, you may further copy, distribute, transmit, and adapt the article, with the condition that the Author and SAGE Open are in each case credited as the source of the article.Since 1995, the Italian Lega Nord (LN) political party has depicted itself as the defender of Padania, a territory that covers the mainly affluent regions of Northern Italy. Around this politico-spatial territory, the LN has shaped an identity based on the notion of Popolo Padano (the Padanian People). Since the new millennium, LN rhetoric has increasingly focusedâstemming more from the demands of realpolitik than those of convictionâon opposing irregular immigration per se and, more specifically, Islam and Muslim immigration. In the eyes of the LN propagandists and their media, the theology of Islam and its practitioners represent a growing threat to the modern Italian and Padanian identity (and tradition). The LN has not been alone in using the media to oppose Islam; the Italian media has reinforced LN messages; Muslims are generally depicted as dangerous and compared with terrorists and their religion and culture are described as the opposite of Italian/West values. Something approximating to a âmoral panicâ around this issue has ensued. Integral to this are notions of morality combined with practices of moral entrepreneurship. What follows seeks to highlight the LNâs stereotypical depictions of Islam. This evaluation is important because the LN was a major player in former Prime Minister Silvio Berlusconiâs government (2008-2011) and is still a significant party among the Italian political spectrum. Integral to what follows are the following questions: âIs contemporary Islamic immigration a threat to the Italian (and Padanian) way of life?â and âAre the perceived threats to be found in the periodic uncertainties that societies suffer or might we need to search for wider processes?
Machine-Checked Semantic Session Typing
Session types- A family of type systems for message-passing concurrency-have been subject to many extensions, where each extension comes with a separate proof of type safety. These extensions cannot be readily combined, and their proofs of type safety are generally not machine checked, making their correctness less trustworthy. We overcome these shortcomings with a semantic approach to binary asynchronous affine session types, by developing a logical relations model in Coq using the Iris program logic. We demonstrate the power of our approach by combining various forms of polymorphism and recursion, asynchronous subtyping, references, and locks/mutexes. As an additional benefit of the semantic approach, we demonstrate how to manually prove typing judgements of racy, but safe, programs that cannot be type checked using only the rules of the type system. Programming Language
Competitive implications of cross-border banking
This paper reviews the recent literature on cross-border banking, with a focus on policy implications. Cross-border banking has increased sharply in recent decades, particularly in the form of entry, and has affected the development of financial systems, access to financial services, and stability. Reviewing the empirical literature, the author finds much, although not uniform, evidence that cross-border banking supports the development of an efficient and stable financial system that offers a wide access to quality financial services at low cost. But as better financial systems have more cross-border banking, the relationship between cross-border banking and competitiveness has to be carefully judged. While developing countries have some special conditions, provided a minimum degree of oversight is in place, they experience effects similar to industrial countries. There are some questions, though, on the effects of cross-border banking on lending based on softer information and on stability. Relevant experiences from capital markets show that the degree of cross-border financial activities can affect local market sustainability and there can be path dependency when opening up to cross-border competition. Reviewing the fast changing landscape of financial services provision, the author argues that cross-border banking highlights the increased importance of competition policy in financial services provision. This competition policy cannot be traditional, institutional based, but will need to resemble that used in other network industries. Furthermore, with globalization accelerating, competition policy will need to be global, supported by greater cross-border institutional collaboration and using the General Agreement on Trade in Services (GATS) process and the disciplines of the World Trade Organization. GATS can be of special value to developing countries as it provides a binding, pro-competition framework that has proven more difficult to establish otherwise.Banks&Banking Reform,Economic Theory&Research,Financial Intermediation,Knowledge Economy,Education for the Knowledge Economy
- âŠ