Research Statement

来源：抵帆知识网

ResearchStatement

LiminJia

Myresearchinterestsareintheﬁeldofprogramminglanguages.Iamparticularlyinterestedindesigningformallogics,andusingtheselogicstodevelopautomatedveriﬁcationtools,typesystems,andnewlanguagefeaturestohelpproducemorereliablesoftware.

PreviousandCurrentResearch

DuringmygraduatestudyatPrincetonUniversity,Iexploredtwomainresearchareas:oneinvolveddevelopingsystemsforverifyingmemory-safetypropertiesofsource-levelimperativeprogramminglanguages;theotherinvolveddevelopingtypesystemsthatcapturerichmemory-managementinvariantsattheassemblylanguagelevel.

VerifyingPointerPrograms

Oneofthemostimportantandenduringproblemsinprogramminglanguagesresearchistheveriﬁ-cationofprograms,suchasthosewritteninC,thatexplicitlyallocate,deallocate,andmanipulatecomplexheap-allocateddatastructures.Improperpointeroperationsmaycauseprogramstocrashandcreateserioussecurityvulnerabilities.Unfortunately,muchofoursoftwareinusetoday,andmanynewapplicationsbeingdeveloped–especiallythoserunningonresource-scarcesystems,forinstance,embeddedsystems–areimplementedinC.Recently,greatprogresshasbeenmadeinstaticallyverifyingpointerprogramsbyusingsubstructurallogicstodescribeprogrammemory.Substructurallogicstreateachassumptionasaconsumableresourcethatcanbeusedexactlyonceinproofconstruction.Asaresult,theselogicscandescribetheshapeofheap-allocateddatastruc-turespreciselyandreasonaboutmemorystatechangeselegantly.However,existingveriﬁcationsystemsdonothavegeneralizedproofsystemstoreasonaboutexpressiveconstraintssuchasinte-gerconstraintsandsetconstraints.Asaresult,thosesystemscanonlyreasonaboutahandfulofveryspecializeddatastructuresforwhichtheyhavehard-codedtheaxioms.

Inmythesis,whichisthecombinationofaseriesofconferencepapers[2,3,4],Idesignedanewsubstructurallogicthatiscapableofgeneralconstraint-basedreasoningandexploredusingdiﬀerentfragmentsofthelogictoverifyavarietyofpropertiesofpointerprograms.Themaingoalofmythesisistodevelopafoundationalsubstructurallogicthatiscapableofreasoningaboutmemory-safetyinvariantselegantly,and,moreimportantly,canbeusedasauniﬁedunderlyinglogicforbuildingvariousveriﬁcationsystems.Thedevelopmentofthislogicpavedthewayforintegratingdiﬀerentveriﬁcationsystemsintoone.Insuchacombinedsystem,theusershavegreatﬂexibilityinchoosingdiﬀerentcombinationsoftechniquestoobtainthedesiredtrade-oﬀbetweenthestrengthofsafetyguarantees,thecostofveriﬁcation,andrun-timeoverhead.

ASubstructuralLogicwithConstraintReasoning.Togetherwithmyadvisor,Idesignedalogicforreasoningaboutmemoryinvariants(ILC)byextendingintuitionisticlinearlogicwithmechanismstoreasonaboutconstraintssuchasintegerarithmeticconstraints.WeuseILCasthebaselogicintheveriﬁcationofpointerprograms.ILC’sprooftheoryaugmentstheprooftheoryofintuitionisticlinearlogicwithanewmodalitythatconﬁnesformulasdescribingconstraints.Theseparationoflinearreasoningfromconstraint-basedreasoningsetsupamodularframeworkfor(1)thedesignofautomatedtheoremproversforILC,and(2)reasoningaboutILC’sdecidabilityproperties.Theabsenceofterminatingautomatedtheoremproversforlogicsthatareexpressiveenoughtoreasonaboutprogrampropertiesisoneofthebiggesthurdlestobuildingautomated

veriﬁcationsystems.WeidentiﬁedausefulanddecidablefragmentofILCandshowedhowtobuildanautomatedtheoremproverforILCbycombiningalinearlogictheoremproveranddecisionproceduresforsolvingconstraints.

DynamicHeap-shapeAssertions.Dynamicassertions,suchasthe“assert”statementinC,areaneﬃcientmethodofensuringthatinvariantsholdatruntime.However,inordertochecktheshapeinvariantsofdatastructuresatruntime,programmershavetowritecomplexfunctionstotraversethedatastructures.Suchfunctionsoftencontainmessypointeroperationsandhencehavelittledocumentationvalue.WedesignedandimplementedanoveldynamicveriﬁcationsystemforcheckingshapeinvariantsforasubsetofCbyusinglinearlogicasthespeciﬁcationlanguageforinvariants.Thehigh-level,declarativelogicalspeciﬁcationsallowclear,compact,andsemanticallywell-deﬁneddocumentationofheap-shapepropertiesofdatastructures.Theoperationalmeaningoftheassertionsishandledatruntimebyasimpliﬁedlinearlogictheoremprover.Thesedynamicallyevaluatedassertionsserveasalight-weightcomplementtostaticveriﬁcationtechniques.Selectivelyverifyingpiecesofthecodestaticallyandinsertingdynamicchecksatentrypointsfromunveriﬁedcodetoveriﬁedcodeistheidealscenariowherewegetbothstrongsafetyguaranteesonimportantpartsofthesoftwareandrelativelylowoverallcostofveriﬁcation.

ALanguagewithShapePatterns.ThetypeannotationsandtypecheckingofCdoeslittletoensurememorysafety.WecouldgreatlyimprovethereliabilityofprogramsbybuildingtheshapeinvariantsandstrongtypesystemsintoimperativelanguageslikeC.Togetherwithmyadvisor,Idesignedanimperativelanguagethatallowsprogrammerstodeﬁnerecursivedatastructuresusinglinearlogic;furthermore,programmerscanuselinearlogicalformulastoconstruct,dereference,updateanddisposeofheap-allocateddatastructures.Bycombiningnewveriﬁcationtechniqueswithamoderntypesystemforresourcecontrol,wedesignedalanguagethat,inadditiontoensuringmemorysafety,guaranteesthatshapeinvariantsholdthroughouttheexecutionoftheprogram,whichhelpstoensurecorrectness.Thedesignofthislanguagedemonstratesacombineduseofstaticanddynamiccheckstoensurememory-safetyproperties.

TypeSystemsforAssemblyCode

Typecheckingprogramsinastrongly-typedhigh-levelprogramminglanguagedoesnotnecessarilyguaranteethesafetyoftheactuallow-levelcoderunonthecomputer.Thelow-levelassemblycodeisproducedbycompilersthataretoocomplicatedtobetrusted.Onewaytoensurethesafetyoflow-levelcodeistodeveloptypesystemsforassemblylanguages.Throughcheckingthetypesafetyoftheassemblycodeitproduces,wealsogainconﬁdenceinthecorrectnessofthecompiler.

Typesystemsforassemblylanguagesessentiallykeeptrackofprogramstate(memory)changesastheprogramisexecuted.Recallthatsubstructurallogicscandescribememoryinvariantsele-gantly.Typesystemsforlow-levelassemblylanguagesbasedonsubstructurallogicshavetremen-dousﬂexibilityandexpressivenesstocaptureallsortsofmemory-safetyinvariantsthatarepresentinthetypesystemofthesourcelanguage.

Togetherwithmyadvisorandcolleagues,Idevelopedalinear-logic-basedtypesystemforassemblylanguage[1]thatiscapableofdescribingthememory-safetyinvariantsinthepresenceofmemoryallocationbothontheheapandthestack.Wealsodevelopedanalgorithmforatype-preservingtranslationfromalanguagewithstackallocation–acoreintermediarylanguagethatcapturestheessenceofstackallocationintheMicrosoftCommonLanguageInfrastructure(CLI)–toourassemblylanguage.Ourtypesystemforassemblylanguageistheﬁrsttobeabletohandlerealisticinvariantsforgeneralstackallocation,suchasthosepresentinCLI.

FutureResearch

Iplantocontinuetocombinetraditionaltypesystemswiththeoremprovingtodesignlanguagesanddeveloptoolstoprovidememory-safetyguaranteesofprograms.Inparticular,I’minterestedindevelopingtheoremproversforsoftwareveriﬁcation.Automatedtheoremproversarethekeytoautomatedstaticveriﬁcationsystems.Westilldonothaveasatisfactorytheoremproverthateﬀectivelycombineslinearlogicreasoningandconstraintssolving:Ihadtobuildindividualtoolsforeachprototypeimplementationofourresearchprojects.Iwouldliketodevelopanextensibletheoremproverthatmodularlycombineslinearlogicreasoningandconstraintsolvingfortheoriesofconcern.Ibelievethiswillcontributesigniﬁcantlytotheﬁeldofverifyingpointerprograms.

Iamalsointerestedincombininglinear-logic-basedstaticanddynamicveriﬁcationtechniqueswithotherformalmethods,suchasmodelchecking,todevelopacomprehensiveveriﬁcationsystemforarealimperativelanguagelikeC.Userswouldbeabletopickacombinationofveriﬁcationmethodstoachieveabalancebetweencostsandthestrengthofsafetyguaranteesaccordingtodiﬀerentneeds.Someofthekeystepstodevelopingsuchasystemaretoprovidemodelcheckingtoolswithpreciseabstractionsoftheprogramheapextractedfromlinearlogicformulas,tocapturethememory-safetyinvariantsofprogramsthatcontainpointerarithmeticandtypecastingofpointers,andtomakethesystemscalable.

Multicoreprocessorarchitectureshavecreatedhugedemandsforlanguagedesignsthatsupportparallelization.Onewaytoextractparallelismistoruncomputationsonnon-overlappingdatastructuresindiﬀerentthreads.Veriﬁcationtechniquesusingsubstructurallogicsanalyzedisjoint-nessofdatastructuresandtheshapesofdatastructuresoftheprogram.Applyingsubstructurallogicsinabroad,high-leveltypesystemtodescribeconditionsforparallelizablecomputationsisanewandchallengingdirectiontoutilizeformallogicstohelpsolvepracticalproblems,andIamlookingforwardtoexploringthisarea.

References

[1]L.Jia,F.Spalding,D.WalkerandN.Glew.Certifyingcompilationforalanguagewithstackallocation.

InProceedingsofthe20thIEEESymposiumonLogicinComputerScience(LICS),June2005.[2]L.JiaandD.Walker.ILC:Afoundationforautomatedreasoningaboutpointerprograms.InProgram-mingLanguagesandSystems:15thEuropeanSymposiumonProgramming,ESOP2006,LectureNotesinComputerScience3924,April2006.[3]F.Perry,L.JiaandD.Walker.ExpressingHeap-shapeContractsinLinearLogic.InProceedings

ofthe5thInternationalConferenceonGenerativeProgrammingandComponentEngineering(GPCE),October2006.[4]L.JiaandD.Walker.Linearlogic,heap-shapepatternsandimperativeprogramming.Submittedfor

publication,November2006.http://www.cs.princeton.edu/~ljia/research/papers/shapes.pdf.

因篇幅问题不能全部显示，请点此查看更多更全内容

查看全文