Results 1 - 10
of
152
Resource Bound Certification
, 2000
"... Various code certification systems allow the certification and static verification of important safety properties such as memory and control-flow safety. These systems are valuable tools for verifying that untrusted and potentially malicious code is safe before execution. However, one important safe ..."
Abstract
-
Cited by 132 (9 self)
- Add to MetaCart
Various code certification systems allow the certification and static verification of important safety properties such as memory and control-flow safety. These systems are valuable tools for verifying that untrusted and potentially malicious code is safe before execution. However, one important safety property that is not usually included is that programs adhere to specific bounds on resource consumption, such as running time. We present a decidable type system capable of specifying and certifying bounds on resource consumption. Our system makes two advances over previous resource bound certification systems, both of which are necessary for a practical system: We allow the execution time of programs and their subroutines to vary, depending on their arguments, and we provide a fully automatic compiler generating certified executables from source-level programs. The principal device in our approach is a strategy for simulating dependent types using sum and inductive kinds. 1 Introducti...
Recursion and Dynamic Data-structures in Bounded Space: Towards Embedded ML Programming
- In Proceedings of the 1999 ACM SIGPLAN International Conference on Functional Programming
, 1999
"... We present a functional language with a type system such that well typed programs run within stated space-bounds. The language is a strict, first-order variant of ML with constructs for explicit storage management. The type system is a variant of Tofte and Talpin's region inference system to wh ..."
Abstract
-
Cited by 93 (0 self)
- Add to MetaCart
We present a functional language with a type system such that well typed programs run within stated space-bounds. The language is a strict, first-order variant of ML with constructs for explicit storage management. The type system is a variant of Tofte and Talpin's region inference system to which the notion of sized types, of Hughes, Pareto and Sabry, has been added.
Hume: A Domain-Specific Language for Real-Time Embedded Systems
- In Proc. Conf. Generative Programming and Component Engineering (GPCE ’03), Lecture Notes in Computer Science
, 2003
"... This paper describes Hume: a novel domain-specific language whose purpose is to explore the expressibility/costability spectrum in resource-constrained systems, such as real-time embedded or control systems. ..."
Abstract
-
Cited by 89 (42 self)
- Add to MetaCart
(Show Context)
This paper describes Hume: a novel domain-specific language whose purpose is to explore the expressibility/costability spectrum in resource-constrained systems, such as real-time embedded or control systems.
Calculating Sized Types
- Higher-Order and Symbolic Computation
, 2001
"... Many program optimizations and analyses, such as array-bounds checking, termination analysis, etc, depend on knowing the size of a function's input and output. However, size information can be dicult to compute. Firstly, accurate size computation requires detecting a size relation between diffe ..."
Abstract
-
Cited by 70 (11 self)
- Add to MetaCart
(Show Context)
Many program optimizations and analyses, such as array-bounds checking, termination analysis, etc, depend on knowing the size of a function's input and output. However, size information can be dicult to compute. Firstly, accurate size computation requires detecting a size relation between different inputs of a function. Secondly, different optimizations and analyses may require slightly different size information, and thus slightly different computation. Literature in size computation has mainly concentrated on size checking, instead of size inference. In this paper, we provide a generic framework on which di erent size variants can be expressed and computed. We also describe an effective algorithm for inferring, instead of checking, size information. Size information are expressed in terms of Presburger formulae, and our algorithm utilizes the Omega Calculator to compute as exact a size information as possible, within the linear arithmetic capability.
Single Assignment C -- efficient support for high-level array operations in a functional setting
, 2003
"... ..."
Automated verification of shape and size properties via separation logic
- In VMCAI
, 2007
"... Abstract. Despite their popularity and importance, pointer-based programs remain a major challenge for program verification. In this paper, we propose an automated verification system that is concise, precise and expressive for ensuring the safety of pointer-based programs. Our approach uses user-de ..."
Abstract
-
Cited by 62 (22 self)
- Add to MetaCart
(Show Context)
Abstract. Despite their popularity and importance, pointer-based programs remain a major challenge for program verification. In this paper, we propose an automated verification system that is concise, precise and expressive for ensuring the safety of pointer-based programs. Our approach uses user-definable shape predicates to allow programmers to describe a wide range of data structures with their associated size properties. To support automatic verification, we design a new entailment checking procedure that can handle well-founded inductive predicates using unfold/fold reasoning. We have proven the soundness and termination of our verification system, and have built a prototype system. 1 Introduction In recent years, separation logic has emerged as a contender for formal reasoningof heap-manipulating imperative programs. While the foundations of separation
Tagless Staged Interpreters for Typed Languages
- In the International Conference on Functional Programming (ICFP ’02
, 2002
"... Multi-stage programming languages provide a convenient notation for explicitly staging programs. Staging a definitional interpreter for a domain specific language is one way of deriving an implementation that is both readable and efficient. In an untyped setting, staging an interpreter "removes ..."
Abstract
-
Cited by 56 (13 self)
- Add to MetaCart
Multi-stage programming languages provide a convenient notation for explicitly staging programs. Staging a definitional interpreter for a domain specific language is one way of deriving an implementation that is both readable and efficient. In an untyped setting, staging an interpreter "removes a complete layer of interpretive overhead", just like partial evaluation. In a typed setting however, Hindley-Milner type systems do not allow us to exploit typing information in the language being interpreted. In practice, this can have a slowdown cost factor of three or more times.
Type-Based Termination of Recursive Definitions
, 2002
"... This article The purpose of this paper is to introduce b, a simply typed -calculus that supports type-based recursive definitions. Although heavily inspired from previous work by Giménez (Giménez 1998) and closely related to recent work by Amadio and Coupet (Amadio and Coupet-Grimal 1998), the techn ..."
Abstract
-
Cited by 52 (4 self)
- Add to MetaCart
This article The purpose of this paper is to introduce b, a simply typed -calculus that supports type-based recursive definitions. Although heavily inspired from previous work by Giménez (Giménez 1998) and closely related to recent work by Amadio and Coupet (Amadio and Coupet-Grimal 1998), the technical machinery behind our system puts a slightly different emphasis on the interpretation of types. More precisely, we formalize the notion of type-based termination using a restricted form of type dependency (a.k.a. indexed types), as popularized by (Xi and Pfenning 1998; Xi and Pfenning 1999). This leads to a simple and intuitive system which is robust under several extensions, such as mutually inductive datatypes and mutually recursive function definitions; however, such extensions are not treated in the paper
Multivariate Amortized Resource Analysis
, 2010
"... We study the problem of automatically analyzing the worst-case resource usage of procedures with several arguments. Existing automatic analyses based on amortization, or sized types bound the resource usage or result size of such a procedure by a sum of unary functions of the sizes of the arguments. ..."
Abstract
-
Cited by 47 (8 self)
- Add to MetaCart
(Show Context)
We study the problem of automatically analyzing the worst-case resource usage of procedures with several arguments. Existing automatic analyses based on amortization, or sized types bound the resource usage or result size of such a procedure by a sum of unary functions of the sizes of the arguments. In this paper we generalize this to arbitrary multivariate polynomial functions thus allowing bounds of the form mn which had to be grossly overestimated by m 2 + n 2 before. Our framework even encompasses bounds like ∑ i,j≤n mimj where the mi are the sizes of the entries of a list of length n. This allows us for the first time to derive useful resource bounds for operations on matrices that are represented as lists of lists and to considerably improve bounds on other super-linear operations on lists such as longest common subsequence and removal of duplicates from lists of lists. Furthermore, resource bounds are now closed under composition which improves accuracy of the analysis of composed programs when some or all of the components exhibit super-linear resource or size behavior. The analysis is based on a novel multivariate amortized resource analysis. We present it in form of a type system for a simple firstorder functional language with lists and trees, prove soundness, and describe automatic type inference based on linear programming. We have experimentally validated the automatic analysis on a wide range of examples from functional programming with lists and trees. The obtained bounds were compared with actual resource consumption. All bounds were asymptotically tight, and the constants were close or even identical to the optimal ones.
