“Undefined Behavior” often has a bad reputation. But what, really, is Undefined Behavior, and is it actually that bad?
In this blog post, I will look at this topic from a PL perspective, and argue that Undefined Behavior is a valuable tool in a language designer’s toolbox.
How does compiler optimization affect binary code differences? In this work, we perform a systematic study using search-based iterative compilation. We have built an auto-tuning framework called BinTuner that iteratively compiles to adjust the differences in binary code. Our results demonstrate the effect of modern compiler optimization on binary code difference has been swept under the carpet for a long time. We wish our study can help the research community redesign the optimization-resistance experiments and evaluate the compiler-agnostic capability.
Deep learning has transformed the way we think of software and what it can do. But deep neural networks are fragile and their behaviors are often surprising. In many settings, we need to provide formal guarantees on the safety, security, correctness, or robustness of neural networks. In this post, I will talk about the verification problem for neural networks and some of the prominent verification techniques that are being developed. I will also discuss the great challenges that our community is well positioned to address and some of the ideas that we can port from the machine-learning community.
With about half a century of life, the Unix shell is pervasive and entrenched in our computing infrastructure—with recent virtualization and containerization trends only propelling its use. A fresh surge of academic research highlights show potential for tackling long-standing open problems that are central to the shell and enable further progress. A recent panel discussion at HotOS ’21 concluded that improvements and research on the shell can be impactful and identified several such research directions. Maybe it’s time for your research to be applied to the shell too?
My POPL 2011 “Flash Fill” paper was the most important turning point in my research career. I went from searching for the hardest problem I can solve to searching for the simplest problem that will have the most impact. It sensitized me to customer connection and enlightened me to how practical requirements can inspire foundational research ideas and directions. And most of all, it led to a blissful connection with my loved ones.
The problem of program verification is to find whether a program meets its specification. But if a program calls functions whose bodies are missing, the verification aims at finding the most general implementations of these functions. In this post we show how advances in automated reasoning allow for doing it efficiently.
Everyone uses math libraries. Surprisingly, mainstream math libraries do not produce correct results for several thousands of inputs. Developers are seldom aware of them, which affects reproducibility and portability. We describe our new method for synthesizing elementary functions that produces correct results for all inputs but is also significantly faster than the state of the art libraries, which have been optimized for decades.
We give an introduction to reflective towers of interpreters, a semantic model of reflection with a user level interpreted by a meta level interpreted by a meta meta level and so on.
Software sandboxing or software-based fault isolation (SFI) is a lightweight approach to building secure systems out of untrusted components. The idea of SFI is old. Its use in production, to sandbox third-party libraries in Firefox, is new. We describe the PL techniques—notably static information flow control—that were key to deploying SFI in practice and their use in tackling software security more generally.
