65 research outputs found
Command injection attacks, continuations, and the Lambek calculus
This paper shows connections between command injection attacks,
continuations, and the Lambek calculus: certain command injections, such as the
tautology attack on SQL, are shown to be a form of control effect that can be
typed using the Lambek calculus, generalizing the double-negation typing of
continuations. Lambek's syntactic calculus is a logic with two implicational
connectives taking their arguments from the left and right, respectively. These
connectives describe how strings interact with their left and right contexts
when building up syntactic structures. The calculus is a form of propositional
logic without structural rules, and so a forerunner of substructural logics
like Linear Logic and Separation Logic.Comment: In Proceedings WoC 2015, arXiv:1606.0583
Categorical structure of continuation passing style
Laboratory for Foundations of Computer ScienceThis thesis attempts to make precise the structure inherent in Continuation Passing Style (CPS).
We emphasize that CPS translates lambda-calculus into a very basic calculus that does not have functions as primitive.
We give an abstract categorical presentation of continuation semantics by taking the continuation type constructor (cont in Standard ML of New Jersey) as primitive. This constructor on types extends to a contravariant functor on terms which is adjoint to itself on the left; restricted to the subcategory of those programs that do not manipulate the current continuation, it is adjoint to itself on the right.
The motivating example of such a category is built from (equivalence classes of typing judgements for) continuation passing style (CPS) terms. The categorical approach suggests a notion of effect-free term as well as some operators for manipulating continuations. We use these for writing programs that illustrate our categorical approach and refute some conjectures about control effects.
A call-by-value lambda-calculus with the control operator callcc can be interpreted. Arrow types are broken down into continuation types for argument/result-continuations pairs, reflecting the fact that CPS compiles functions into a special case of continuations. Variant translations are possible, among them lazy call-by-name, which can be derived by way of argument thunking, and a genuinely call-by-name transform. Specialising the semantics to the CPS term model allows a rational reconstruction of various CPS transforms
A Proposed Categorical Semantics for ML Modules
We present a simple categorical semantics for ML signatures, structures and functors. Our approach relies on realizablity semantics in the category of assemblies. Signatures and structures are modelled as objects in slices of the category of assemblies. Instantiation of signatures to structures and hence functor application is modelled by pullback. 1 Introduction Building on work on the semantics of programming languages in realizability models, in particular that of Wesley Phoa [Pho90] and John Longley [Lon95], we sketch a simple approach to elements of the ML modules system, such as signatures, structures and functors. Once the basic machinery is set up, we will need only quite basic category theory. This paper is an updated and completely revised version of an earlier paper by Michael Fourman and Wesley Phoa [PF92]. The construction of "generic" (in a sense to be defined below) elements and types presented here is essentially the same as in that paper. However, our presentation is ..
2015 Workshop on Continuations: pre-proceedings
This volume contains the papers presented at WoC 2015, the 2015 Workshopon Continuations held on April 12, 2015 in London, UK
Regular Expression Matching and Operational Semantics
Many programming languages and tools, ranging from grep to the Java String
library, contain regular expression matchers. Rather than first translating a
regular expression into a deterministic finite automaton, such implementations
typically match the regular expression on the fly. Thus they can be seen as
virtual machines interpreting the regular expression much as if it were a
program with some non-deterministic constructs such as the Kleene star. We
formalize this implementation technique for regular expression matching using
operational semantics. Specifically, we derive a series of abstract machines,
moving from the abstract definition of matching to increasingly realistic
machines. First a continuation is added to the operational semantics to
describe what remains to be matched after the current expression. Next, we
represent the expression as a data structure using pointers, which enables
redundant searches to be eliminated via testing for pointer equality. From
there, we arrive both at Thompson's lockstep construction and a machine that
performs some operations in parallel, suitable for implementation on a large
number of cores, such as a GPU. We formalize the parallel machine using process
algebra and report some preliminary experiments with an implementation on a
graphics processor using CUDA.Comment: In Proceedings SOS 2011, arXiv:1108.279
Operational semantics for signal handling
Signals are a lightweight form of interprocess communication in Unix. When a
process receives a signal, the control flow is interrupted and a previously
installed signal handler is run. Signal handling is reminiscent both of
exception handling and concurrent interleaving of processes. In this paper, we
investigate different approaches to formalizing signal handling in operational
semantics, and compare them in a series of examples. We find the big-step style
of operational semantics to be well suited to modelling signal handling. We
integrate exception handling with our big-step semantics of signal handling, by
adopting the exception convention as defined in the Definition of Standard ML.
The semantics needs to capture the complex interactions between signal handling
and exception handling.Comment: In Proceedings EXPRESS/SOS 2012, arXiv:1208.244
- …