Type systems equivalent to data-flow analyses for imperative languages

We show that a large class of data-flow analyses for imperative languages are describable as type systems in the following technical sense: possible results of an analysis can be described in a language of types so that a program checks with a type if and only if this type is a supertype of the result of applying the analysis. Type-checking is easy with the help of a certificate that records the “eureka”-bits of a typing derivation. Certificate-assisted type-checking amounts to a form of lightweight analysis à la Rose. For secure information flow, we obtain a type system that is considerably more precise than that of Volpano et al., but not more sophisticated. Importantly, our type systems are compositional.     

Certifying Compilation and Run-Time Code Generation

A certifying compiler takes a source language program and produces object code, as well as a certificate that can be used to verify that the object code satisfies desirable properties, such as type safety and memory safety. Certifying compilation helps to increase both compiler robustness and program safety. Compiler robustness is improved since some compiler errors can be caught by checking the object code against the certificate immediately after compilation. Program safety is improved because the object code and certificate alone are sufficient to establish safety: even if the object code and certificate are produced on an unknown machine by an unknown compiler and sent over an untrusted network, safe execution is guaranteed as long as the code and certificate pass the verifier.Existing work in certifying compilation has addressed statically generated code. In this paper, we extend this to code generated at run time. Our goal is to combine certifying compilation with run-time code generation to produce programs that are both fast and verifiably safe. To achieve this goal, we present two new languages with explicit run-time code generation constructs: Cyclone, a type safe dialect of C, and TAL/T, a type safe assembly language. We have designed and implemented a system that translates a safe C program into Cyclone, which is then compiled to TAL/T, and finally assembled into executable object code. This paper focuses on our overall approach and the front end of our system; details about TAL/T will appear in a subsequent paper.     

A Formally Verified Compiler Back-end

This article describes the development and formal verification (proof of semantic preservation) of a compiler back-end from Cminor (a simple imperative intermediate language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its soundness. Such a verified compiler is useful in the context of formal methods applied to the certification of critical software: the verification of the compiler guarantees that the safety properties proved on the source code hold for the executable compiled code as well.     

A Bayesian approach to fuzzy hypotheses testing for the estimation of optimal age for vaccination against measles

Fuzzy Bayesian tests were performed to evaluate whether the mother’s seroprevalence and children’s seroconversion to measles vaccine could be considered as “high” or “low”. The results of the tests were aggregated into a fuzzy rule-based model structure, which would allow an expert to influence the model results. The linguistic model was developed considering four input variables. As the model output, we obtain the recommended age-specific vaccine coverage. The inputs of the fuzzy rules are fuzzy sets and the outputs are constant functions, performing the simplest Takagi–Sugeno–Kang model. This fuzzy approach is compared to a classical one, where the classical Bayes test was performed. Although the fuzzy and classical performances were similar, the fuzzy approach was more detailed and revealed important differences. In addition to taking into account subjective information in the form of fuzzy hypotheses it can be intuitively grasped by the decision maker.     

Fuzzy rule based decision trees

This paper presents a new architecture of a fuzzy decision tree based on fuzzy rules – fuzzy rule based decision tree (FRDT) and provides a learning algorithm. In contrast with “traditional” axis-parallel decision trees in which only a single feature (variable) is taken into account at each node, the node of the proposed decision trees involves a fuzzy rule which involves multiple features. Fuzzy rules are employed to produce leaves of high purity. Using multiple features for a node helps us minimize the size of the trees. The growth of the FRDT is realized by expanding an additional node composed of a mixture of data coming from different classes, which is the only non-leaf node of each layer. This gives rise to a new geometric structure endowed with linguistic terms which are quite different from the “traditional” oblique decision trees endowed with hyperplanes as decision functions. A series of numeric studies are reported using data coming from UCI machine learning data sets. The comparison is carried out with regard to “traditional” decision trees such as C4.5, LADtree, BFTree, SimpleCart, and NBTree. The results of statistical tests have shown that the proposed FRDT exhibits the best performance in terms of both accuracy and the size of the produced trees.     

A MATLAB subset to C compiler targeting embedded systems

This paper describes MATISSE, a compiler able to translate a MATLAB subset to C targeting embedded systems. MATISSE uses LARA, an aspect‐oriented programming language, to specify additional information and transformations to the input MATLAB code, for example, insertion of code for initialization of variables, and specification of types and shapes of variables. The compiler is being developed bearing in mind flexibility, multitarget and multitoolchain support, allowing for the generation of several implementations in C from the same reference code in MATLAB. In this paper, we also present a number of techniques being employed in MATLAB to C compilation, such as element‐wise mapping operations, matrix views, weak types, and intrinsics. We validate these techniques using MATISSE and a set of representative benchmarks. More specifically, we evaluate the compiler with a set of 31 benchmarks using an embedded system board and a desktop computer. The results show speedups up to 1.8× by employing information provided by LARA aspects, when compared with C code generated without additional user information. When compared with the execution time of the original code running on MATLAB, the execution time of the generated C code achieved a geometric mean speedup of 13×. Copyright © 2016 John Wiley & Sons, Ltd.     

Design and implementation of an efficient hybrid dynamic and static typing language

Dynamic languages are suitable for developing specific applications where runtime adaptability is an important issue. On the contrary, statically typed languages commonly provide better compile‐time type error detection and more opportunities for compiler optimizations. Because both approaches offer different benefits, there exist programming languages that support hybrid dynamic and static typing. However, the existing hybrid typing languages commonly do not gather type information of dynamic references at compile time, missing opportunities for improving compile‐time error detection and runtime performance. Therefore, we propose some design principles to implement hybrid typing languages that continue gathering type information of dynamically typed references. This type information is used to perform compile‐time type checking of the dynamically typed code and improve its runtime performance. As an example, we have implemented a hybrid typing language following the proposed design principles. We have evaluated the runtime performance and memory consumption of the generated code. The average performance of the dynamic and hybrid typing code is at least 2.53× and 4.51× better than the related approaches for the same platform, consuming less memory resources. Copyright © 2014 John Wiley & Sons, Ltd.     

Action semantics-directed prototyping

We present a methodology for compiler synthesis based on Mosses-Watt's action semantics. Each action in action semantics notation is assigned specific “analysis functions”, such as a typing function and a binding-time function. When a language is given an action semantics, the typing and binding-time functions for the individual actions compose into typing and binding-time analyses for the language; these are implemented as the type checker and static semantics processor, respectively, in the synthesized compiler. Other analyses can be similarly formalized and implemented. We show a sample language semantics and its synthesized compiler, and we describe the compiler synthesizer that we have developed.     

Extending type systems in a library: Type-safe XML processing in C++

Type systems built directly into the compiler or interpreter of a programming language cannot be easily extended to keep track of run-time invariants of new abstractions. Yet, programming with domain-specific abstractions could benefit from additional static checking. This paper presents library techniques for extending the type system of C++ to support domain-specific abstractions. The main contribution is a programmable “subtype” relation. As a demonstration of the techniques, we implement a type system for defining type qualifiers in C++, as well as a type system for the XML processing language, capable of, e.g., statically guaranteeing that a program only produces valid XML documents according to a given XML schema.     

Region-Based Memory Management

This paper describes a memory management discipline for programs that perform dynamic memory allocation and de-allocation. At runtime, all values are put intoregions. The store consists of a stack of regions. All points of region allocation and de-allocation are inferred automatically, using a type and effect based program analysis. The scheme does not assume the presence of a garbage collector. The scheme was first presented in 1994 (M. Tofte and J.-P. Talpin,in“Proceedings of the 21st ACM SIGPLAN–SIGACT Symposium on Principles of Programming Languages,” pp. 188–201); subsequently, it has been tested in The ML Kit with Regions, a region-based, garbage-collection free implementation of the Standard ML Core language, which includes recursive datatypes, higher-order functions and updatable references L. Birkedal, M. Tofte, and M. Vejlstrup, (1996),in“Proceedings of the 23 rd ACM SIGPLAN–SIGACT Symposium on Principles of Programming Languages,” pp. 171–183. This paper defines a region-based dynamic semantics for a skeletal programming language extracted from Standard ML. We present the inference system which specifies where regions can be allocated and de-allocated and a detailed proof that the system is sound with respect to a standard semantics. We conclude by giving some advice on how to write programs that run well on a stack of regions, based on practical experience with the ML Kit.     

A block-tridiagonal solver with two-level parallelization for finite element-spectral codes

Two-level parallelization is introduced to solve a massive block-tridiagonal matrix system. One-level is used for distributing blocks whose size is as large as the number of block rows due to the spectral basis, and the other level is used for parallelizing in the block row dimension. The purpose of the added parallelization dimension is to retard the saturation of the scaling due to communication overhead and inefficiencies in the single-level parallelization only distributing blocks. As a technique for parallelizing the tridiagonal matrix, the combined method of “Partitioned Thomas method” and “Cyclic Odd–Even Reduction” is implemented in an MPI-Fortran90 based finite element-spectral code (TORIC) that calculates the propagation of electromagnetic waves in a tokamak. The two-level parallel solver using thousands of processors shows more than 5 times improved computation speed with the optimized processor grid compared to the single-level parallel solver under the same conditions. Three-dimensional RF field reconstructions in a tokamak are shown as examples of the physics simulations that have been enabled by this algorithmic advance.     

A Generalization of Short-Cut Fusion and its Correctness Proof

Short-cut fusion is a program transformation technique that uses a single, local transformation—called the foldr-build rule—to remove certain intermediate lists from modularly constructed functional programs. Arguments that short-cut fusion is correct typically appeal either to intuition or to free theorems—even though the latter have not been known to hold for the languages supporting higher-order polymorphic functions and fixed point recursion in which short-cut fusion is usually applied. In this paper we use Pitts' recent demonstration that contextual equivalence in such languages is relationally parametric to prove that programs in them which have undergone short-cut fusion are contextually equivalent to their unfused counterparts. For each algebraic data type we then define a generalization of build which constructs substitution instances of its associated data structures, and use Pitts' techniques to prove the correctness of a contextual equivalence-preserving fusion rule which generalizes short-cut fusion. These rules optimize compositions of functions that uniformly consume algebraic data structures with functions that uniformly produce substitution instances of those data sructures.     

Monte Carlo simulations of the 2d-Ising model in the geometry of a long stripe

The two-dimensional Ising model in the geometry of a long stripe can be regarded as a model system for the study of nanopores. As a quasi-one-dimensional system, it also exhibits a rather interesting “phase behavior”: At low temperatures the stripe is either filled with “liquid” or “gas” and “densities” are similar to those in the bulk. When we approach a “pseudo-critical point” (below the critical point of the bulk) at which the correlation length becomes comparable to the length of the stripe, several interfaces emerge and the systems contains multiple “liquid” and “gas” domains. The transition depends on the size of the stripe and occurs at lower temperatures for larger stripes. Our results are corroborated by simulations of the three-dimensional Asakura–Oosawa model in cylindrical geometry, which displays qualitatively similar behavior. Thus our simulations explain the physical basis for the occurrence of “hysteresis critical points” in corresponding experiments.     

Design and implementation of a fuzzy expert system for performance assessment of an integrated health, safety, environment (HSE) and ergonomics system: The case of a gas refinery

The objective of this study is to design a fuzzy expert system for performance assessment of health, safety, environment (HSE) and ergonomics system factors in a gas refinery. This will lead to a robust control system for continuous assessment and improvement of HSE and ergonomics performance. The importance of this study stems from the current lack of formal integrated methodologies for interpreting and evaluating performance data for HSE and ergonomics. Three important reasons to use fuzzy expert systems are (1) reduction of human error, (2) creation of expert knowledge and (3) interpretation of large amount of vague data. To achieve the objective of this study, standard indicators and technical tolerances for assessment of HSE and ergonomics factors are identified. Then, data is collected for all indicators and consequently, for each indicator four conditions are defined as “acceptance”, “low deviation”, “mid deviation” and “high deviation”. A membership function is defined for each fuzzy condition (set) because an indicator cannot be allocated to just one of the above conditions. The expert system uses fuzzy rules, which are structured with Data Engine. Previous studies have introduced HSE expert system whereas this study introduces an integrated HSE and ergonomics expert system through fuzzy logic.     

A greedy algorithm for feedrate planning of CNC machines along curved tool paths with confined jerk

In this paper, the problem of optimal feedrate planning along a curved tool path for 3-axis CNC machines with the acceleration and jerk limits for each axis and the tangential velocity bound is addressed. It is proved that the optimal feedrate planning must be “Bang–Bang” or “Bang–Bang-Singular” control, that is, at least one of the axes reaches its acceleration or jerk bound, or the tangential velocity reaches its bound throughout the motion. As a consequence, the optimal parametric velocity can be expressed as a piecewise analytic function of the curve parameter u. The explicit formula for the velocity function when a jerk reaches its bound is given by solving a second-order differential equation. Under a “greedy rule”, an algorithm for optimal jerk confined feedrate planning is presented. Experiment results show that the new algorithm can be used to reduce the machining vibration and improve the machining quality.     

Certification of a Type Inference Tool for ML: Damas–Milner within Coq

We develop a formal proof of the ML type inference algorithm, within the Coq proof assistant. We are much concerned with methodology and reusability of such a mechanization. This proof is an essential step toward the certification of a complete ML compiler.In this paper we present the Coq formalization of the typing system and its inference algorithm. We establish formally the correctness and the completeness of the type inference algorithm with respect to the typing rules of the language. We describe and comment on the mechanized proofs.     

An abstract data type for name analysis

This paper defines an abstract data type on which a solution to the name analysis subproblem of a compiler can be based. (Name analysis uses the scope rules of a language to associate uses of identifiers with their definitions.) We give a state model for the ADT, and show how to implement that model efficiently. The implementation is independent of any particular name analysis, so it is possible to create a library module that can be used in any compiler. Such a library module has been incorporated into the Eli compiler construction system.     

Alias types for “environment-aware” computations

In previous work with Bono we introduced a calculus for modelling “environment-aware” computations, that is computations that adapt their behavior according to the capabilities of the environment. The calculus is an imperative, object-based language (with extensible objects and primitives for discriminating the presence or absence of attributes of objects) equipped with a small-step operational semantics.In this paper we define a type and effect system for the calculus. The typing judgements specify, via constraints, the shape of environments which guarantees the correct execution of expressions and the typing rules track the effect of expression evaluation on the environment. The type and effect system is sound w.r.t. the operational semantics of the language.