-
Picking a CHERI Allocator: Security and Performance Considerations
Authors:
Jacob Bramley,
Dejice Jacob,
Andrei Lascu,
Jeremy Singer,
Laurence Tratt
Abstract:
Several open-source memory allocators have been ported to CHERI, a hardware capability platform. In this paper we examine the security and performance of these allocators when run under CheriBSD on Arm's experimental Morello platform. We introduce a number of security attacks and show that all but one allocator are vulnerable to some of the attacks - including the default CheriBSD allocator. We th…
▽ More
Several open-source memory allocators have been ported to CHERI, a hardware capability platform. In this paper we examine the security and performance of these allocators when run under CheriBSD on Arm's experimental Morello platform. We introduce a number of security attacks and show that all but one allocator are vulnerable to some of the attacks - including the default CheriBSD allocator. We then show that while some forms of allocator performance are meaningful, comparing the performance of hybrid and pure capability (i.e. 'running in non-CHERI vs. running in CHERI modes') allocators does not appear to be meaningful. Although we do not fully understand the reasons for this, it seems to be at least as much due to factors such as immature compiler toolchains as it is due to the effects of capabilities on hardware.
△ Less
Submitted 15 May, 2023; v1 submitted 27 March, 2023;
originally announced March 2023.
-
Default Disambiguation for Online Parsers
Authors:
Lukas Diekmann,
Laurence Tratt
Abstract:
Since composed grammars are often ambiguous, grammar composition requires a mechanism for dealing with ambiguity: either ruling it out by using delimiters (which are awkward to work with), or by using disambiguation operators to filter a parse forest down to a single parse tree (where, in general, we cannot be sure that we have covered all possible parse forests). In this paper, we show that defau…
▽ More
Since composed grammars are often ambiguous, grammar composition requires a mechanism for dealing with ambiguity: either ruling it out by using delimiters (which are awkward to work with), or by using disambiguation operators to filter a parse forest down to a single parse tree (where, in general, we cannot be sure that we have covered all possible parse forests). In this paper, we show that default disambiguation, which is inappropriate for batch parsing, works well for online parsing, where it can be overridden by the user if necessary. We extend language boxes -- a delimiter-based algorithm atop incremental parsing -- in such a way that default disambiguation can automatically insert, remove, or resize, language boxes, leading to the automatic language boxes algorithm. The nature of the problem means that default disambiguation cannot always match a user's intention. However, our experimental evaluation shows that automatic language boxes behave acceptably in 98.8% of tests involving compositions of real-world programming languages.
△ Less
Submitted 2 July, 2020; v1 submitted 18 September, 2019;
originally announced September 2019.
-
Don't Panic! Better, Fewer, Syntax Errors for LR Parsers
Authors:
Lukas Diekmann,
Laurence Tratt
Abstract:
Syntax errors are generally easy to fix for humans, but not for parsers in general nor LR parsers in particular. Traditional 'panic mode' error recovery, though easy to implement and applicable to any grammar, often leads to a cascading chain of errors that drown out the original. More advanced error recovery techniques suffer less from this problem but have seen little practical use because their…
▽ More
Syntax errors are generally easy to fix for humans, but not for parsers in general nor LR parsers in particular. Traditional 'panic mode' error recovery, though easy to implement and applicable to any grammar, often leads to a cascading chain of errors that drown out the original. More advanced error recovery techniques suffer less from this problem but have seen little practical use because their typical performance was seen as poor, their worst case unbounded, and the repairs they reported arbitrary. In this paper we introduce the CPCT+ algorithm, and an implementation of that algorithm, that address these issues. First, CPCT+ reports the complete set of minimum cost repair sequences for a given location, allowing programmers to select the one that best fits their intention. Second, on a corpus of 200,000 real-world syntactically invalid Java programs, CPCT+ is able to repair 98.37% of files within a timeout of 0.5s. Finally, CPCT+ uses the complete set of minimum cost repair sequences to reduce the cascading error problem, where incorrect error recovery causes further spurious syntax errors to be identified. Across the test corpus, CPCT+ reports 435,812 error locations to the user, reducing the cascading error problem substantially relative to the 981,628 error locations reported by panic mode.
△ Less
Submitted 3 July, 2020; v1 submitted 19 April, 2018;
originally announced April 2018.
-
Modelling homogeneous generative meta-programming
Authors:
Martin Berger,
Laurence Tratt,
Christian Urban
Abstract:
Homogeneous generative meta-programming (HGMP) enables the generation of program fragments at compile-time or run-time. We present the first foundational calculus which can model powerful HGMP languages such as Template Haskell. The calculus is designed such that we can gradually enhance it with the features needed to model many of the advanced features of real languages. As a demonstration of the…
▽ More
Homogeneous generative meta-programming (HGMP) enables the generation of program fragments at compile-time or run-time. We present the first foundational calculus which can model powerful HGMP languages such as Template Haskell. The calculus is designed such that we can gradually enhance it with the features needed to model many of the advanced features of real languages. As a demonstration of the flexibility of our approach, we also provide a simple type system for the calculus.
△ Less
Submitted 23 April, 2017; v1 submitted 21 February, 2016;
originally announced February 2016.
-
Virtual Machine Warmup Blows Hot and Cold
Authors:
Edd Barrett,
Carl Friedrich Bolz-Tereick,
Rebecca Killick,
Sarah Mount,
Laurence Tratt
Abstract:
Virtual Machines (VMs) with Just-In-Time (JIT) compilers are traditionally thought to execute programs in two phases: the initial warmup phase determines which parts of a program would most benefit from dynamic compilation, before JIT compiling those parts into machine code; subsequently the program is said to be at a steady state of peak performance. Measurement methodologies almost always discar…
▽ More
Virtual Machines (VMs) with Just-In-Time (JIT) compilers are traditionally thought to execute programs in two phases: the initial warmup phase determines which parts of a program would most benefit from dynamic compilation, before JIT compiling those parts into machine code; subsequently the program is said to be at a steady state of peak performance. Measurement methodologies almost always discard data collected during the warmup phase such that reported measurements focus entirely on peak performance. We introduce a fully automated statistical approach, based on changepoint analysis, which allows us to determine if a program has reached a steady state and, if so, whether that represents peak performance or not. Using this, we show that even when run in the most controlled of circumstances, small, deterministic, widely studied microbenchmarks often fail to reach a steady state of peak performance on a variety of common VMs. Repeating our experiment on 3 different machines, we found that at most 43.5% of <VM, benchmark> pairs consistently reach a steady state of peak performance.
△ Less
Submitted 6 October, 2017; v1 submitted 1 February, 2016;
originally announced February 2016.
-
Making an Embedded DBMS JIT-friendly
Authors:
Carl Friedrich Bolz,
Darya Kurilova,
Laurence Tratt
Abstract:
While database management systems (DBMSs) are highly optimized, interactions across the boundary between the programming language (PL) and the DBMS are costly, even for in-process embedded DBMSs. In this paper, we show that programs that interact with the popular embedded DBMS SQLite can be significantly optimized - by a factor of 3.4 in our benchmarks - by inlining across the PL / DBMS boundary.…
▽ More
While database management systems (DBMSs) are highly optimized, interactions across the boundary between the programming language (PL) and the DBMS are costly, even for in-process embedded DBMSs. In this paper, we show that programs that interact with the popular embedded DBMS SQLite can be significantly optimized - by a factor of 3.4 in our benchmarks - by inlining across the PL / DBMS boundary. We achieved this speed-up by replacing parts of SQLite's C interpreter with RPython code and composing the resulting meta-tracing virtual machine (VM) - called SQPyte - with the PyPy VM. SQPyte does not compromise stand-alone SQL performance and is 2.2% faster than SQLite on the widely used TPC-H benchmark suite.
△ Less
Submitted 20 June, 2016; v1 submitted 10 December, 2015;
originally announced December 2015.
-
Fine-grained Language Composition: A Case Study
Authors:
Edd Barrett,
Carl Friedrich Bolz,
Lukas Diekmann,
Laurence Tratt
Abstract:
Although run-time language composition is common, it normally takes the form of a crude Foreign Function Interface (FFI). While useful, such compositions tend to be coarse-grained and slow. In this paper we introduce a novel fine-grained syntactic composition of PHP and Python which allows users to embed each language inside the other, including referencing variables across languages. This composi…
▽ More
Although run-time language composition is common, it normally takes the form of a crude Foreign Function Interface (FFI). While useful, such compositions tend to be coarse-grained and slow. In this paper we introduce a novel fine-grained syntactic composition of PHP and Python which allows users to embed each language inside the other, including referencing variables across languages. This composition raises novel design and implementation challenges. We show that good solutions can be found to the design challenges; and that the resulting implementation imposes an acceptable performance overhead of, at most, 2.6x.
△ Less
Submitted 11 July, 2016; v1 submitted 30 March, 2015;
originally announced March 2015.
-
Program Logics for Homogeneous Generative Run-Time Meta-Programming
Authors:
Martin Berger,
Laurence Tratt
Abstract:
This paper provides the first program logic for homogeneous generative run-time meta-programming---using a variant of MiniML by Davies and Pfenning as its underlying meta-programming language. We show the applicability of our approach by reasoning about example meta-programs from the literature. We also demonstrate that our logics are relatively complete in the sense of Cook, enable the inductive…
▽ More
This paper provides the first program logic for homogeneous generative run-time meta-programming---using a variant of MiniML by Davies and Pfenning as its underlying meta-programming language. We show the applicability of our approach by reasoning about example meta-programs from the literature. We also demonstrate that our logics are relatively complete in the sense of Cook, enable the inductive derivation of characteristic formulae, and exactly capture the observational properties induced by the operational semantics.
△ Less
Submitted 29 March, 2017; v1 submitted 16 November, 2014;
originally announced November 2014.
-
Model Transformations in Practice Workshop (MTiP)
Authors:
Jean Bézivin,
Bernhard Rumpe,
Andy Schürr,
Laurence Tratt
Abstract:
Model Transformations in Practice (MTiP) 2005 was a workshop which provided a forum for the model transformation community to discuss practical model transformation issues. Although many different model transformation approaches have been proposed and explored in recent years, there has been little work on comparing and contrasting various approaches. Without such comparisons, it is hard to assess…
▽ More
Model Transformations in Practice (MTiP) 2005 was a workshop which provided a forum for the model transformation community to discuss practical model transformation issues. Although many different model transformation approaches have been proposed and explored in recent years, there has been little work on comparing and contrasting various approaches. Without such comparisons, it is hard to assess new model transformation approaches such as the upcoming OMG MOF/QVT recommendation, or to discern sensible future paths for the area. Our aims with the workshop were to create a forum that would help lead to an increased understanding of the relative merits of different model transformation techniques and approaches. A more advanced understanding of such merits is of considerable benefit to both the model transformation and wider modelling communities.
△ Less
Submitted 22 September, 2014;
originally announced September 2014.
-
Approaches to Interpreter Composition
Authors:
Edd Barrett,
Carl Friedrich Bolz,
Laurence Tratt
Abstract:
In this paper, we compose six different Python and Prolog VMs into 4 pairwise compositions: one using C interpreters; one running on the JVM; one using meta-tracing interpreters; and one using a C interpreter and a meta-tracing interpreter. We show that programs that cross the language barrier frequently execute faster in a meta-tracing composition, and that meta-tracing imposes a significantly lo…
▽ More
In this paper, we compose six different Python and Prolog VMs into 4 pairwise compositions: one using C interpreters; one running on the JVM; one using meta-tracing interpreters; and one using a C interpreter and a meta-tracing interpreter. We show that programs that cross the language barrier frequently execute faster in a meta-tracing composition, and that meta-tracing imposes a significantly lower overhead on composed programs relative to mono-language programs.
△ Less
Submitted 19 May, 2015; v1 submitted 2 September, 2014;
originally announced September 2014.