Polymorphic Fractional Capabilities

Abstract. The capability calculus is a framework for statically reason-ing about program resources such as deallocatable memory regions. Frac-tional capabilities, originally proposed by Boyland for checking the deter-minism of parallel reads in multi-thread programs, extend the capability calculus by extending the capabilities to range over the rational numbers. Fractional capabilities have since found numerous applications, includ-ing race detection, buer bound inference, security analyses, and sep-aration logic. However, previous work on fractional capability systems either lacked polymorphism or lacked an ecient inference procedure. Automated inference is important for the application of the calculus to static analysis. This paper addresses the issue by presenting a polymor-phic fractional capability calculus that allows polynomial-time inference via a reduction to rational linear programming.

Periodic orbits of period 3 in the disc

Let f be an orientation preserving homeomorphism of the disc D2 which possesses a periodic point of period 3. Then either f is isotopic, relative the periodic orbit, to a homeomorphism g which is conjugate to a rotation by 2 pi /3 or 4 pi /3, or f has a periodic point of least period n for each n in N*.Comment: 7 page

Modular termination verification for non-blocking concurrency

© Springer-Verlag Berlin Heidelberg 2016.We present Total-TaDA, a program logic for verifying the total correctness of concurrent programs: that such programs both terminate and produce the correct result. With Total-TaDA, we can specify constraints on a thread’s concurrent environment that are necessary to guarantee termination. This allows us to verify total correctness for nonblocking algorithms, e.g. a counter and a stack. Our specifications can express lock- and wait-freedom. More generally, they can express that one operation cannot impede the progress of another, a new non-blocking property we call non-impedance. Moreover, our approach is modular. We can verify the operations of a module independently, and build up modules on top of each other

The potential health impact of restricting less-healthy food and beverage advertising on UK television between 05.30 and 21.00 hours: A modelling study

Funder: National Institute for Health Research; funder-id: http://dx.doi.org/10.13039/501100000272Funder: British AcademyBackground: Restrictions on the advertising of less-healthy foods and beverages is seen as one measure to tackle childhood obesity and is under active consideration by the UK government. Whilst evidence increasingly links this advertising to excess calorie intake, understanding of the potential impact of advertising restrictions on population health is limited. Methods and findings: We used a proportional multi-state life table model to estimate the health impact of prohibiting the advertising of food and beverages high in fat, sugar, and salt (HFSS) from 05.30 hours to 21.00 hours (5:30 AM to 9:00 PM) on television in the UK. We used the following data to parameterise the model: children’s exposure to HFSS advertising from AC Nielsen and Broadcasters’ Audience Research Board (2015); effect of less-healthy food advertising on acute caloric intake in children from a published meta-analysis; population numbers and all-cause mortality rates from the Human Mortality Database for the UK (2015); body mass index distribution from the Health Survey for England (2016); disability weights for estimating disability-adjusted life years (DALYs) from the Global Burden of Disease Study; and healthcare costs from NHS England programme budgeting data. The main outcome measures were change in the percentage of the children (aged 5–17 years) with obesity defined using the International Obesity Task Force cut-points, and change in health status (DALYs). Monte Carlo analyses was used to estimate 95% uncertainty intervals (UIs). We estimate that if all HFSS advertising between 05.30 hours and 21.00 hours was withdrawn, UK children (n = 13,729,000), would see on average 1.5 fewer HFSS adverts per day and decrease caloric intake by 9.1 kcal (95% UI 0.5–17.7 kcal), which would reduce the number of children (aged 5–17 years) with obesity by 4.6% (95% UI 1.4%–9.5%) and with overweight (including obesity) by 3.6% (95% UI 1.1%–7.4%) This is equivalent to 40,000 (95% UI 12,000–81,000) fewer UK children with obesity, and 120,000 (95% UI 34,000–240,000) fewer with overweight. For children alive in 2015 (n = 13,729,000), this would avert 240,000 (95% UI 65,000–530,000) DALYs across their lifetime (i.e., followed from 2015 through to death), and result in a health-related net monetary benefit of £7.4 billion (95% UI £2.0 billion–£16 billion) to society. Under a scenario where all HFSS advertising is displaced to after 21.00 hours, rather than withdrawn, we estimate that the benefits would be reduced by around two-thirds. This is a modelling study and subject to uncertainty; we cannot fully and accurately account for all of the factors that would affect the impact of this policy if implemented. Whilst randomised trials show that children exposed to less-healthy food advertising consume more calories, there is uncertainty about the nature of the dose–response relationship between HFSS advertising and calorie intake. Conclusions: Our results show that HFSS television advertising restrictions between 05.30 hours and 21.00 hours in the UK could make a meaningful contribution to reducing childhood obesity. We estimate that the impact on childhood obesity of this policy may be reduced by around two-thirds if adverts are displaced to after 21.00 hours rather than being withdrawn

The social network structure of a dynamic group of dairy cows:from individual to group level patterns

ArticleSocial relationships have been shown to significantly impact individual and group success in wild animal populations, but are largely ignored in farm animal management. There are substantial gaps in our knowledge of how farm animals respond to their social environment, which varies greatly between farms but is commonly unstable due to regrouping. Fundamental to addressing these gaps is an understanding of the social network structure resulting from the patterning of relationships between individuals in a group. Here, we investigated the social structure of a group of 110 lactating dairy cows during four one-month periods. Spatial proximity loggers collected data on associations between cows, allowing us to construct social networks. First we demonstrate that proximity loggers can be used to measure relationships between cows; proximity data was significantly positively correlated to affiliative interactions but had no relationship with agonistic interactions. We measured group-level patterns by testing for community structure, centralisation and repeatability of network structure over time. We explored individual-level patterns by measuring social differentiation (heterogeneity of social associations) and assortment of cows in the network by lactation number, breed, gregariousness and milk production. There was no evidence that cows were subdivided into social communities; individuals belonged to a single cluster and networks showed significant centralisation. Repeatability of the social network was low, which may have consequences for animal welfare. Individuals formed differentiated social relationships and there was evidence of positive assortment by traits; cows associated more with conspecifics of similar lactation number in all study periods. There was also positive assortment by breed, gregariousness and milk production in some study periods. There is growing interest in the farming industry in the impact of social factors on production and welfare; this study takes an important step towards understanding social dynamics.DairyCoDepartment for Environment, Food and Rural Affairs (Defra)Biotechnology and Biological Sciences Research Council (BBSRC)University of Exete

Practical API Protocol Checking with Access Permissions

Reusable APIs often define usage protocols. We previously developed a sound modular type system that checks compliance with typestate-based protocols while affording a great deal of aliasing flexibility. We also developed Plural, a prototype tool that embodies our approach as an automated static analysis and includes several extensions we found useful in practice. This paper evaluates our approach along the following dimensions: (1) We report on experience in specifying relevant usage rules for a large Java standard API with our approach. We also specify several other Java APIs and identify recurring patterns. (2) We summarize two case studies in verifying third-party open-source code bases with few false positives using our tool. We discuss how tool shortcomings can be addressed either with code refactorings or extensions to the tool itself. These results indicate that our approach can be used to specify and enforce real API protocols in practice

Modular termination veri cation for non-blocking concurrency (extended version)

We present Total-TaDA, a program logic for verifying the total correctness of concurrent programs: that such programs both terminate and produce the correct result. With Total-TaDA, we can specify constraints on a thread's concurrent environment that are necessary to guarantee termination. This allows us to verify total correctness for nonblocking algorithms, e.g. a counter and a stack. Our speci cations can express lock- and wait-freedom. More generally, they can express that one operation cannot impede the progress of another, a new non-blocking property we call non-impedance. Moreover, our approach is modular. We can verify the operations of a module independently, and build up modules on top of each other

LMS-Verify: abstraction without regret for verified systems programming

Performance critical software is almost always developed in C, as programmers do not trust high-level languages to deliver the same reliable performance. This is bad because low-level code in unsafe languages attracts security vulnerabilities and because development is far less productive, with PL advances mostly lost on programmers operating under tight performance constraints. High-level languages provide memory safety out of the box, but they are deemed too slow and unpredictable for serious system software. Recent years have seen a surge in staging and generative programming: the key idea is to use high-level languages and their abstraction power as glorified macro systems to compose code fragments in first-order, potentially domain-specific, intermediate languages, from which fast C can be emitted. But what about security? Since the end result is still C code, the safety guarantees of the high-level host language are lost. In this paper, we extend this generative approach to emit ACSL specifications along with C code. We demonstrate that staging achieves ``abstraction without regret'' for verification: we show how high-level programming models, in particular higher-order composable contracts from dynamic languages, can be used at generation time to compose and generate first-order specifications that can be statically checked by existing tools. We also show how type classes can automatically attach invariants to data types, reducing the need for repetitive manual annotations. We evaluate our system on several case studies that varyingly exercise verification of memory safety, overflow safety, and functional correctness. We feature an HTTP parser that is (1) fast (2) high-level: implemented using staged parser combinators (3) secure: with verified memory safety. This result is significant, as input parsing is a key attack vector, and vulnerabilities related to HTTP parsing have been documented in all widely-used web servers.</jats:p

Piecewise Linear Models for the Quasiperiodic Transition to Chaos

We formulate and study analytically and computationally two families of piecewise linear degree one circle maps. These families offer the rare advantage of being non-trivial but essentially solvable models for the phenomenon of mode-locking and the quasi-periodic transition to chaos. For instance, for these families, we obtain complete solutions to several questions still largely unanswered for families of smooth circle maps. Our main results describe (1) the sets of maps in these families having some prescribed rotation interval; (2) the boundaries between zero and positive topological entropy and between zero length and non-zero length rotation interval; and (3) the structure and bifurcations of the attractors in one of these families. We discuss the interpretation of these maps as low-order spline approximations to the classic ``sine-circle'' map and examine more generally the implications of our results for the case of smooth circle maps. We also mention a possible connection to recent experiments on models of a driven Josephson junction.Comment: 75 pages, plain TeX, 47 figures (available on request

A paradox of syntactic priming: why response tendencies show priming for passives, and response latencies show priming for actives

Speakers tend to repeat syntactic structures across sentences, a phenomenon called syntactic priming. Although it has been suggested that repeating syntactic structures should result in speeded responses, previous research has focused on effects in response tendencies. We investigated syntactic priming effects simultaneously in response tendencies and response latencies for active and passive transitive sentences in a picture description task. In Experiment 1, there were priming effects in response tendencies for passives and in response latencies for actives. However, when participants' pre-existing preference for actives was altered in Experiment 2, syntactic priming occurred for both actives and passives in response tendencies as well as in response latencies. This is the first investigation of the effects of structure frequency on both response tendencies and latencies in syntactic priming. We discuss the implications of these data for current theories of syntactic processing