Programming Languages Research and You: What Miracles Are We Cooking Up These Days?

1
Programming LanguagesResearch and YouWhat
Miracles Are We Cooking Up These Days?
2
Talk Outline

• Wes Weimer (also Knight, Reynolds, Evans, )
• What is PL research in general?
• Possible cool senior thesis bits!
• Based on state-of-the-art modern research
• Hint write down a key phrase, email me later

projects.
Professor?
an Undergrad
3
Dont We Already Have Compilers?
4
Dismal View Of PL Research
C
Java (or C)
5
PL Research Quest-ce que cest?

• Study programs and languages
• 2002 US Annual Cost of Software Errors 60B
• 0.6 of the GDP (NIST)
• Cost of 1 bug 2k-10k
• Programs as artifacts
• What should they be doing?
• Are they doing it?
• Are they making mistakes instead?
• How might we fix them?
• Language Design
• Make some things easier

e.g., compare Ruby and Python to C
6
Program Analyses

• We write programs that analyze (or transform)
  other programs
• cf. testing, gt50 of a projects budget
• Doomed in theory but successful in practice

Simplest examples dataflow analyses and type
systems
7
Domain-Specific Bug-Finding

• Embedded components (e.g., cellphones) are
  programmed with special languages
• Most large projects include their own custom
  languages (e.g., simulations, macros, mIRC
  scripts, game engines)
• These are harder to debug and have special
  semantics ( meanings)
• Example UnrealScript is C-ish but has type
  qualifiers like transient and travel
• Example Players of The Sims 2 are complaining
  that their artfully-crafted homes and mansions
  are beginning to resemble the Twilight Zone,
  thanks to an artifact of the game's design that
  causes hacks to spread like viruses from user to
  unwitting user. SecurityFocus 2004-2005

Its a fairly accurate portrayal of college,
actually
8
Program Analyses For Security

• Dont want rogue programs to send our info to MS
• Could we detect that (type systems for secure
  information flow, format string vulnerabilities,
  setuid analyses, )?
• Could we prevent that (bytecode verifiers,
  proof-carrying code, data execution prevention,
  )

9
Helping Out Testing

• Finding bugs (e.g., bugs in Linux, bugs in
  Windows device drivers, bugs in Java systems
  software, )
• Preventing bugs (change the language, or add a
  step to the make process, cf. PREfast)
• Automatically generating test cases
• Limiting test cases that must be run on a check-in

10
Big Example 1 CCured

• Make systems programs as safe as Java but as fast
  as C
• Safe memory safety and type safety
• Take an important C program (e.g., apache, bind,
  openssl)
• Run a program analysis to classify all of the
  pointers in that program
• Safe Pointer no arithmetic, no casts
• Sequence Pointer pointer arithmetic (i), no
  casts
• Wild Pointer anything goes
• Take that classification and transform the
  program
• Safe Pointer add a null check
• Sequence Pointer add bounds (and null) checks
• Wild Pointer add full dynamic type checking
• Resulting program is provably safe
• But is lt 30 slower than the original (cf.
  Purify 50x slower)

11
Big Example 2 SLAM

• Verify critical properties of software or find
  bugs
• Take an important program (e.g., a device driver)
• Merge it with a property (e.g., no deadlocks,
  asynchronous IRP handling, BSD sockets, database
  transactions, )
• Transform the result into a boolean program
• Same control flow, but only boolean variables
• Use a model checker to explore the resulting
  state space
• Result 1 program provably satisfies property
• Result 2 program violates property right here on
  line 92,376!

12
PL Cosmic Mayonnaise

• Two favorite areas? No problem!
• Since most of computing involves programs, its
  easy to form a research project that crosscuts PL
  and
• Systems analyze J2EE ecommerce apps, distributed
  peer-to-peer programs, managed code operating
  systems, concurrency, etc.
• Security, Embedded Systems, Games as before
• Databases add transactional or ACID semantics to
  languages, verify inlined SQL, support persistent
  objects, use DB techniques on program traces,
  safely inject query plans
• Theory we make heavy use of DFAs (lexing), PDAs
  (parsing), NFAs (policies), linear logic
  (resource mgmt), temporal logic (fairness),
  approximation algorithms (e.g., graph-coloring
  register alloc),
• Machine Learning specification mining,
  profiling,
• Graphics analyze the OpenGL or Direct3D aspects
  of programs, provide better support for
  programming on graphics cards,
• Other out of space on the slide

13
Prerequisites

• You have been pre-approved to do PL research!
• mathematical maturity

14
The Breakfast of Champions

• At PL Research, weve pretty much got it all
  theory and practice, glitzy killer apps and
  hard-core fundamental problems. Theres a lot to
  do, and thats why we need people like you.
• Talk to your doctor of philosophy to see whether
  PL is right for you. Side effects were generally
  mild and included reliable software, resistance
  to viruses, increased hacking opportunities,
  decreased development times, disappearing
  deadlocks and race conditions, ironclad APIs,
  firmer theoretical bases,

15
Any Questions?

• Also, send me email. Even if you dont care about
  PL (sigh!) I would be happy to give advice about
  CS research, industry and grad school.