Obey: Code Health for Scala.Meta

Obey is a user-friendly tool that helps programmers enforce code health requirements in their projects. Requirements are expressed as rules, written with the TQL library combinators used to traverse scala.meta trees, that generate compiler warnings and can automatically correct the source code. Programmers are provided with a set of basic rules and can easily implement and use their own. Obey can be used to systematically enforce user-defined requirements, to automate migration between different library versions or simply to format source code. In this paper, we will present the user interface, the implementation details and the results we obtained during this semester project

Scala AST Persistence

The Scala compiler uses ASTs (abstract syntax trees) as an intermediate representation before generating bytecode. With the development of Scala macros which expand trees at compile time, being able to access, modify and recompose ASTs within the compilation scope is becoming more and more important. One of the common scenarios of using macros is inspecting abstract syntax trees within reach in order to learn more about the code being transformed, to apply more powerful optimizations, etc. However, arguments to macros can depend on third-party libraries, which are precompiled as bytecode and don't have their ASTs available. It would therefore be great to have a way to publish ASTs along with the bytecode. The publishing of those ASTs should be a choice of the programmer and should take as little space as possible in order to be transparent to the user

Btk regulates macrophage polarization in response to lipopolysaccharide

Bacterial Lipopolysaccharide (LPS) is a strong inducer of inflammation and does so by inducing polarization of macrophages to the classic inflammatory M1 population. Given the role of Btk as a critical signal transducer downstream of TLR4, we investigated its role in M1/M2 induction. In Btk deficient (Btk (−\−)) mice we observed markedly reduced recruitment of M1 macrophages following intraperitoneal administration of LPS. Ex vivo analysis demonstrated an impaired ability of Btk(−/−) macrophages to polarize into M1 macrophages, instead showing enhanced induction of immunosuppressive M2-associated markers in response to M1 polarizing stimuli, a finding accompanied by reduced phosphorylation of STAT1 and enhanced STAT6 phosphorylation. In addition to STAT activation, M1 and M2 polarizing signals modulate the expression of inflammatory genes via differential activation of transcription factors and regulatory proteins, including NF-κB and SHIP1. In keeping with a critical role for Btk in macrophage polarization, we observed reduced levels of NF-κB p65 and Akt phosphorylation, as well as reduced induction of the M1 associated marker iNOS in Btk(−/−) macrophages in response to M1 polarizing stimuli. Additionally enhanced expression of SHIP1, a key negative regulator of macrophage polarisation, was observed in Btk(−/−) macrophages in response to M2 polarizing stimuli. Employing classic models of allergic M2 inflammation, treatment of Btk (−/−) mice with either Schistosoma mansoni eggs or chitin resulted in increased recruitment of M2 macrophages and induction of M2-associated genes. This demonstrates an enhanced M2 skew in the absence of Btk, thus promoting the development of allergic inflammation

Vaccine breakthrough hypoxemic COVID-19 pneumonia in patients with auto-Abs neutralizing type I IFNs

Life-threatening `breakthrough' cases of critical COVID-19 are attributed to poor or waning antibody response to the SARS- CoV-2 vaccine in individuals already at risk. Pre-existing autoantibodies (auto-Abs) neutralizing type I IFNs underlie at least 15% of critical COVID-19 pneumonia cases in unvaccinated individuals; however, their contribution to hypoxemic breakthrough cases in vaccinated people remains unknown. Here, we studied a cohort of 48 individuals ( age 20-86 years) who received 2 doses of an mRNA vaccine and developed a breakthrough infection with hypoxemic COVID-19 pneumonia 2 weeks to 4 months later. Antibody levels to the vaccine, neutralization of the virus, and auto- Abs to type I IFNs were measured in the plasma. Forty-two individuals had no known deficiency of B cell immunity and a normal antibody response to the vaccine. Among them, ten (24%) had auto-Abs neutralizing type I IFNs (aged 43-86 years). Eight of these ten patients had auto-Abs neutralizing both IFN-a2 and IFN-., while two neutralized IFN-omega only. No patient neutralized IFN-ss. Seven neutralized 10 ng/mL of type I IFNs, and three 100 pg/mL only. Seven patients neutralized SARS-CoV-2 D614G and the Delta variant (B.1.617.2) efficiently, while one patient neutralized Delta slightly less efficiently. Two of the three patients neutralizing only 100 pg/mL of type I IFNs neutralized both D61G and Delta less efficiently. Despite two mRNA vaccine inoculations and the presence of circulating antibodies capable of neutralizing SARS-CoV-2, auto-Abs neutralizing type I IFNs may underlie a significant proportion of hypoxemic COVID-19 pneumonia cases, highlighting the importance of this particularly vulnerable population

COVID-19 symptoms at hospital admission vary with age and sex: results from the ISARIC prospective multinational observational study

Background: The ISARIC prospective multinational observational study is the largest cohort of hospitalized patients with COVID-19. We present relationships of age, sex, and nationality to presenting symptoms. Methods: International, prospective observational study of 60 109 hospitalized symptomatic patients with laboratory-confirmed COVID-19 recruited from 43 countries between 30 January and 3 August 2020. Logistic regression was performed to evaluate relationships of age and sex to published COVID-19 case definitions and the most commonly reported symptoms. Results: ‘Typical’ symptoms of fever (69%), cough (68%) and shortness of breath (66%) were the most commonly reported. 92% of patients experienced at least one of these. Prevalence of typical symptoms was greatest in 30- to 60-year-olds (respectively 80, 79, 69%; at least one 95%). They were reported less frequently in children (≤ 18 years: 69, 48, 23; 85%), older adults (≥ 70 years: 61, 62, 65; 90%), and women (66, 66, 64; 90%; vs. men 71, 70, 67; 93%, each P < 0.001). The most common atypical presentations under 60 years of age were nausea and vomiting and abdominal pain, and over 60 years was confusion. Regression models showed significant differences in symptoms with sex, age and country. Interpretation: This international collaboration has allowed us to report reliable symptom data from the largest cohort of patients admitted to hospital with COVID-19. Adults over 60 and children admitted to hospital with COVID-19 are less likely to present with typical symptoms. Nausea and vomiting are common atypical presentations under 30 years. Confusion is a frequent atypical presentation of COVID-19 in adults over 60 years. Women are less likely to experience typical symptoms than men

Secured Routines: Language-based Construction of Trusted Execution Environments

Trusted Execution Environments (TEEs), such as Intel SGX enclaves, use hardware to ensure the confidentiality and integrity of operations on sensitive data. While the technology is available on many processors, the complexity of its programming model and its performance overhead have limited adoption. TEEs provide a new and valuable hardware functionality that has no obvious analogue in programming languages, which means that developers must manually partition their application into trusted and untrusted components. This paper describes an approach that fully integrates trusted execution into a language. We extend the Go language to allow a programmer to execute a goroutine within an enclave, to use low-overhead channels to communicate between the trusted and untrusted environments, and to rely on a compiler to automatically extract the secure code and data. Our prototype compiler and runtime, GOTEE, is a backward-compatible fork of the Go compiler. The evaluation shows that our compiler-driven code and data partitioning efficiently executes both microbenchmarks and applications. On the former, GOTEE achieves a 5.2×throughput and a 2.3× latency improvement over the Intel SGX SDK. Our case studies, a Go ssh server, the Go tls package, and a secured keystore inspired by the go-ethereum project, demonstrate that minor source-code modifications suffice to provide confidentiality and integrity guarantees with only moderate performance overheads

R2P2: Making RPCs first-class datacenter citizens

Remote Procedure Calls are widely used to connect datacenter applications with strict tail-latency service level objectives in the scale of µs. Existing solutions utilize streaming or datagram-based transport protocols for RPCs that impose overheads and limit the design flexibility. Our work exposes the RPC abstraction to the endpoints and the network, making RPCs first-class datacenter citizens and allowing for in-network RPC scheduling. We propose R2P2, a UDP-based transport protocol specifically designed for RPCs inside a datacenter. R2P2 exposes pairs of requests and responses and allows efficient and scalable RPC routing by separating the RPC target selection from request and reply streaming. Leveraging R2P2, we implement a novel join-bounded-shortest-queue (JBSQ) RPC load balancing policy, which lowers tail latency by centralizing pending RPCs in the router and ensures that requests are only routed to servers with a bounded number of outstanding requests. The R2P2 router logic can be implemented either in a software middlebox or within a P4 switch ASIC pipeline. Our evaluation, using a range of microbenchmarks, shows that the protocol is suitable for µs-scale RPCs and that its tail latency outperforms both random selection and classic HTTP reverse proxies. The P4-based implementation of R2P2 on a Tofino ASIC adds less than 1µs of latency whereas the software middlebox implementation adds 5µs latency and requires only two CPU cores to route RPCs at 10 Gbps linerate. R2P2 improves the tail latency of web index searching on a cluster of 16 workers operating at 50% of capacity by 5.7× over NGINX. R2P2 improves the throughput of the Redis key-value store on a 4-node cluster with master/slave replication for a tail-latency service-level objective of 200µs by more than 4.8× vs. vanilla Redis

Enclosure: Language-Based Restriction of Untrusted Libraries

Programming languages and systems have failed to address the security implications of the increasingly frequent use of public libraries to construct modern software. Most languages provide tools and online repositories to publish, import, and use libraries; however, this double-edged sword can incorporate a large quantity of unknown, unchecked, and unverified code into an application. The risk is real, as demonstrated by malevolent actors who have repeatedly inserted malware into popular open-source libraries. This paper proposes a solution: enclosures, a new programming language construct for library isolation that provides a developer with fine-grain control over the resources that a library can access, even for libraries with complex inter-library dependencies. The programming abstraction is language-independent and could be added to most languages. These languages would then be able to take advantage of hardware isolation mechanisms that are effective across language boundaries. The enclosure policies are enforced at run time by LitterBox, a language-independent framework that uses hardware mechanisms to provide uniform and robust isolation guarantees, even for libraries written in unsafe languages. LitterBox currently supports both Intel VT-x (with general-purpose extended page tables) and the emerging Intel Memory Protection Keys (MPK). We describe an enclosure implementation for the Go and Python languages. Our evaluation demonstrates that the Go implementation can protect sensitive data in real-world applications constructed using complex untrusted libraries with deep dependencies. It requires minimal code refactoring and incurs acceptable performance overhead. The Python implementation demonstrates LitterBox’s ability to support dynamic languages