A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001.

Slides:



Advertisements
Similar presentations
Dataflow Analysis for Datarace-Free Programs (ESOP 11) Arnab De Joint work with Deepak DSouza and Rupesh Nasre Indian Institute of Science, Bangalore.
Advertisements

CPSC 388 – Compiler Design and Construction
Kathleen Fisher cs242 Reading: “Concepts in Programming Languages”, Chapter 6.
Type Checking, Inference, & Elaboration CS153: Compilers Greg Morrisett.
Semantics Static semantics Dynamic semantics attribute grammars
Programming Languages and Paradigms
Compilation 2011 Static Analysis Johnni Winther Michael I. Schwartzbach Aarhus University.
Adapted from Scott, Chapter 6:: Control Flow Programming Language Pragmatics Michael L. Scott.
Programming Paradigms Introduction. 6/15/2005 Copyright 2005, by the authors of these slides, and Ateneo de Manila University. All rights reserved. L1:
Current Techniques in Language-based Security David Walker COS 597B With slides stolen from: Steve Zdancewic University of Pennsylvania.
1 Mooly Sagiv and Greta Yorsh School of Computer Science Tel-Aviv University Modern Compiler Design.
Getting started with ML ML is a functional programming language. ML is statically typed: The types of literals, values, expressions and functions in a.
Names and Bindings.
A Type System for Well-Founded Recursion Derek Dreyer Carnegie Mellon University POPL 2004 Venice, Italy.
Checking and Inferring Local Non-Aliasing Alex AikenJeffrey S. Foster UC BerkeleyUMD College Park John KodumalTachio Terauchi UC Berkeley.
Variables Names Bindings Type Scope. L-Value versus R-Value Not complicated Associated with assignment statements Left hand side represents an address.
Introduction The Approach ’ s Overview A Language of Pointers The Type System Operational Semantics Type Safety Type Inference The Rest of C Experiments.
Next Section: Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis (Wilson & Lam) –Unification.
Program analysis Mooly Sagiv html://
Refining Abstract Locations Tachio Terauchi Jeff Foster Alex Aiken.
Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space html://
Approaches to Typing Programming Languages Robert Dewar.
Pointers: Part I. Why pointers? - low-level, but efficient manipulation of memory - dynamic objects  Objects whose memory is allocated during program.
1 Combining verification and analysis. 2 CONCLUSIONS ON VERIFICATION  denotational abstract interpreters have the extra-value of being easily transformed.
Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.
CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.
May 9, 2001OSQ Retreat 1 Run-Time Type Checking for Pointers and Arrays in C Wes Weimer, George Necula Scott McPeak, S.P. Rahul, Raymond To.
CQual: A Tool for Adding Type Qualifiers to C Jeff Foster et al UC Berkeley OSQ Retreat, May
Overview of program analysis Mooly Sagiv html://
Pointer analysis. Pointer Analysis Outline: –What is pointer analysis –Intraprocedural pointer analysis –Interprocedural pointer analysis Andersen and.
Region-Based Model Abstraction Jeremy Condit Jim Larus Sriram Rajamani Jakob Rehof OSQ Lunch 7 September 2003.
Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.
Types for Programs and Proofs Lecture 1. What are types? int, float, char, …, arrays types of procedures, functions, references, records, objects,...
CSE 425: Data Types II Survey of Common Types I Records –E.g., structs in C++ –If elements are named, a record is projected into its fields (e.g., via.
Semantics CSE 340 – Principles of Programming Languages Fall 2015 Adam Doupé Arizona State University
March 12, ICE 1341 – Programming Languages (Lecture #6) In-Young Ko Programming Languages (ICE 1341) Lecture #6 Programming Languages (ICE 1341)
CS212: Object Oriented Analysis and Design Lecture 10: Copy constructor.
Elements of Computing Systems, Nisan & Schocken, MIT Press, 2005, Chapter 11: Compiler II: Code Generation slide 1www.idc.ac.il/tecs.
ISBN Chapter 3 Describing Semantics -Attribute Grammars -Dynamic Semantics.
Fast Points-to Analysis for Languages with Structured Types Michael Jung and Sorin A. Huss Integrated Circuits and Systems Lab. Department of Computer.
Pointer Analysis Lecture 2 G. Ramalingam Microsoft Research, India.
18. DECLARATIONS.
CSE 425: Data Types I Data and Data Types Data may be more abstract than their representation –E.g., integer (unbounded) vs. 64-bit int (bounded) A language.
CS 611: Lecture 6 Rule Induction September 8, 1999 Cornell University Computer Science Department Andrew Myers.
A Certifying Compiler and Pointer Logic Zhaopeng Li Software Security Lab. Department of Computer Science and Technology, University of Science and Technology.
Arvind Computer Science and Artificial Intelligence Laboratory M.I.T. L06-1 September 26, 2006http:// Type Inference September.
Chapter 3 Part II Describing Syntax and Semantics.
CS536 Semantic Analysis Introduction with Emphasis on Name Analysis 1.
Introduction to Compiling
An Undergraduate Course on Software Bug Detection Tools and Techniques Eric Larson Seattle University March 3, 2006.
Semantics CSE 340 – Principles of Programming Languages Fall 2015 Adam Doupé Arizona State University
Using Types to Analyze and Optimize Object-Oriented Programs By: Amer Diwan Presented By: Jess Martin, Noah Wallace, and Will von Rosenberg.
Object-Oriented Programming in C++ Lecture 4 Constants References Operator overloading.
Semantic Analysis II Type Checking EECS 483 – Lecture 12 University of Michigan Wednesday, October 18, 2006.
CSE 130 : Winter 2009 Programming Languages Lecture 11: What’s in a Name ?
COMP 412, FALL Type Systems II C OMP 412 Rice University Houston, Texas Fall 2000 Copyright 2000, Robert Cartwright, all rights reserved. Students.
Types and Programming Languages Lecture 14 Simon Gay Department of Computing Science University of Glasgow 2006/07.
LECTURE 3 Compiler Phases. COMPILER PHASES Compilation of a program proceeds through a fixed series of phases.  Each phase uses an (intermediate) form.
CS412/413 Introduction to Compilers Radu Rugina Lecture 11: Symbol Tables 13 Feb 02.
CS5205Semantics1 CS5205: Foundation in Programming Languages Semantics Static Semantics Dynamic Semantics Operational Semantics Big-step Small-Step Denotational.
COMP 412, FALL Type Systems C OMP 412 Rice University Houston, Texas Fall 2000 Copyright 2000, Robert Cartwright, all rights reserved. Students.
Arvind Computer Science and Artificial Intelligence Laboratory M.I.T. L05-1 September 21, 2006http:// Types and Simple Type.
Data Types In Text: Chapter 6.
Introduction to Programming
Types for Programs and Proofs
COM S 326X Deep C Programming for the 21st Century Prof. Rozier
CSCI 3370: Principles of Programming Languages Chapter 9 Subprograms
CIS 110: Introduction to Computer Programming
Language-based Security
Semantic Type Qualifiers
Presentation transcript:

A Type-Checked Restrict Qualifier Jeff Foster OSQ Retreat May 9-10, 2001

Jeff Foster, OSQ Retreat, May 9-10, Introduction Aliasing: A long-standing problem –Pointers are hard to analyze...*p = 3... what is updated? –We need to know for compilers (optimization) software analysis tools (OSQ)

Jeff Foster, OSQ Retreat, May 9-10, Alias Analysis Research: Fully-automatic alias analysis –Type systems All aliases have same type –Points-to analysis e1 = e2 e1 points to whatever e2 points to Results –Type systems work well –May-alias analysis scales to big programs Usefulness of results?

Jeff Foster, OSQ Retreat, May 9-10, Too Important for Compiler C, C++, Java, ML, etc. –The compiler discovers all aliasing FORTRAN –The compiler can assume non-aliasing C99 –Have the user help the compiler

Jeff Foster, OSQ Retreat, May 9-10, Restrict C99 Standard int *restrict p =...; –Let p point to object o –Within p’s scope, all access to o are through p void f(int n, int *restrict p, int *restrict q) { while (n-- > 0) *p++ = *q++;// no aliasing }[ex. from C99 standard]

Jeff Foster, OSQ Retreat, May 9-10, This Work C99 does not check restrict –Low-level definition of safe use of restrict Goals of this work –Semantics for restrict –Type system for safe restrict –Soundness proof

Jeff Foster, OSQ Retreat, May 9-10, Examples { int *restrict p =...; { int *restrict r = p;...*r...// valid...*p...// invalid } } { int *restrict p = q;...*p... // valid...*q... // invalid } { int *restrict p =...; int *r = p;...*r...// valid }

Jeff Foster, OSQ Retreat, May 9-10, Source Language Lambda-calculus with restrict e ::= x | n | ref e | *e | e1 := e2 | \x.e | e1 e2 | restrict x = e1 in e2 restrict x = e1 in e2 –x is in scope only within e2 –x is a pointer –x is initialized to e1 –within e2, only x can be used to access *x

Jeff Foster, OSQ Retreat, May 9-10, [loc’  error, loc  S’’(loc’)] v; S’’ Big-Step Semantics S e1  loc; S’, loc  errorS’ e2  v; S’’ [loc’  S’(loc) ] [x  loc’] loc’ fresh S e  loc; S’ loc  dom(S’) S *e  S’(loc); S’ S restrict x = e1 in e2 

Jeff Foster, OSQ Retreat, May 9-10, Type System Type and Effect system  ::=  base type | ref  (  )pointer to abstract loc  |  1  L  2function with effect L L ::= Øno effect |  access to location  | L1  L2 effect union | L -  effect difference

Jeff Foster, OSQ Retreat, May 9-10, Type Rules A e :  ; L –In environment A, expression e has type  –evaluating e has effect L A e1 :  1  L  2; L1A e2 :  1; L2 A e1 e2 :  ; L1  L2  L A e : ref  (  ); L A *e :  ; L  

Jeff Foster, OSQ Retreat, May 9-10, Restrict Rule A e1 : ref  (  ); L1 A restrict x = e1 in e2 : A[x  ref  ’ (  )] e2 :  2; L2   L2  ’  A    ’  2; L1  (L2 -  ’)  

Jeff Foster, OSQ Retreat, May 9-10, Soundness Theorem: If Ø e :  ; L, then S e  r; S’ where r is not error Proof: Show subject-reduction property

Jeff Foster, OSQ Retreat, May 9-10, Type Inference Given program, compute types, locs, effects –Naive algorithm obvious Add effect variables ranging over L Perform type inference, ignore ,  constraints Check ,  at end –Polynomial-time algorithm –Efficiency in practice? Future work: polymorphic recursion –The  constraints make things interesting

Jeff Foster, OSQ Retreat, May 9-10, Applications: Optimization C99: Restrict used for optimizations –Can treat restricted pointer like stack location (whose address isn’t taken) –Optimizations sound with checked restrict Type system not complete –C99 standard allows hard-to-check uses of restrict Dead code that access restricted locations allowed Strange use of restrict in data structures Multiple restrict pointers into same array allowed

Jeff Foster, OSQ Retreat, May 9-10, Application: Flow-Sensitive Type Qualifiers Apply Alias Types, Vault techniques to type qualifiers for flow-sensitivity Problem: Elements of data structures FILE a[...]; spin_lock(a[i]);... spin_unlock(a[i]); Goal: Avoid dependent type systems

Jeff Foster, OSQ Retreat, May 9-10, Applications: Strong-Update Two rules for assignment foo(x) {...  *x = e ...} –If |PTSet(x)| = 1[[*x]]  = [[e]] –If |PTSet(x)| > 1 [[*x]]  = [[*x]]   [[e]] Standard Alias Analysis –Points-to sets only grow –Once |PTSet(x)| > 1, lose precision

Jeff Foster, OSQ Retreat, May 9-10, Applications: Strong-Update (2) Restrict recovers singleton points-to sets foo(int *restrict x) {... } –Can assume |PTSet(x)| = 1 at beginning of foo –Other aliases of *x cannot be used in foo Can recover even from complicated aliasing foo(a->b[c].d->f->g[h->i])

Jeff Foster, OSQ Retreat, May 9-10, Summary Alias analysis too important to leave to the compiler Restrict tells compiler where to assume non- aliasing Use of restrict can be type checked –Type and effect system –Soundness proof uses standard subject-reduction

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.