In this study, we compared the performance of server-side JavaScript applications programmed using synchronous, asynchronous, and promise-based APIs. Our findings show that, in general, synchronous programs execute significantly faster and consume fewer resources compared to their asynchronous counterparts. The only situation where we observed better performance for the asynchronous model was in the case of a highly loaded web server. For that application, under that exceptional context, we noticed that the asynchronous approach enables servers to degrade more gracefully than the synchronous one. This suggests that an hybrid architecture that could combine the best of both worlds, synchronous operations under normal situations and asynchronous operations under super-heavy pressure, would be optimal. The Hop.js execution environment that supports both modes is an ideal playground for conducting this sort of experiment.

We further demonstrated that the overhead incurred by asynchronous executions is a combination of complex control flow, which makes it challenging for compilers to apply simple reduction optimizations, additional memory allocations, and high thread synchronization costs. The asynchronous model also requires intensive collaborations between JavaScript and the implementation language, with numerous exchanges between the two worlds. This places demands on the JavaScript automatic memory management system to track values passed to the implementation language.

This experiment also unveiled that a highly optimized and tuned JavaScript runtime can be defeated by a more general runtime system that enables smoother integration between the core language and foreign libraries. This suggests that such systems may be suitable when intensive collaborations between the core language and foreign libraries are expected. This is an incentive for pursuing the development of the generic runtime system hopc uses.

JavaScript allows functions to be called with a different number of arguments than the specified number of parameters. The pseudo-variable arguments packs all the arguments into a heap-allocated structure and enables the receiver to introspect the received values. The design and semantics of arguments make it difficult to implement efficiently but it is used by millions or even maybe billions of applications. Therefore, improving it may have a significant global impact on computing resources.

We conducted a study on how modern JavaScript code utilizes the arguments property. By analyzing Npm, the largest JavaScript repository, we demonstrated that despite the introduction of alternative constructs to support variable-arity functions, the historical arguments property is still widely used, which is unfortunate so difficult it is to implement efficiently. To address this issue, we presented an optimization that significantly accelerates its performance. The optimization can either completely eliminate the construction of the arguments object or transform the usual heap allocation, which a generic implementation employs, into a faster stack allocation. We validated the effectiveness of this optimization through a set of micro-benchmarks. When applied to the Hop.js compiler, the optimization resulted in performance gains of one to two orders of magnitude compared to the generic code. The analysis and optimization can also be adopted by JIT compilers, as they rely on fast local analyses instead of lengthy analysis of the entire program.

While the optimization may not have a spectacular impact on individual programs, its global effect could be significant. Our study revealed that approximately half of the 3 million JavaScript packages available on Npm directly or indirectly depend on one or several packages that use arguments. As a result, our optimization has the potential to accelerate around 1.5 million packages, which likely play a role in millions or billions of real applications. Considering the collective impact of optimizing all these executions, the potential benefits could be tremendous. We reckon that this compelling motivation justified our undertaking of this study.

Python is a popular programming language whose performance is known to be uncompetitive in comparison to static languages such as C. Although significant efforts have already accelerated implementations of the language, more efficient ones are still required. The development of such optimized implementations is nevertheless hampered by its complex semantics and the lack of an official formal semantics. We addressed this issue by developing an approach to define an executable semantics targeting the development of optimizing compilers. This executable semantics is written in a format that highlights type checks, primitive values boxing and unboxing, and function calls which are all known sources of overhead. We also developed semPy, a partial evaluator of our executable semantics that can be used to remove redundant operations when evaluating arithmetic operators.

To validate our approach, we integrated these behaviors to Zipi, an AoT optimizing Python compiler prototype. Zipi compiles behaviors and dispatches operations to their corresponding behaviors at run time. This increases execution speed, offering performance that rivals PyPy. Although this speedup is limited to arithmetic-heavy programs, behaviors could be extended to other operations or serve alongside other optimization techniques. On some tasks, Zipi displays performance competitive with that of state of art Python implementations.

We hope semPy and the behavior optimization can contribute to the ongoing optimization efforts of Python implementations. It appears to us that they would be well suited for CPython, as they specifically address the known overhead of this implementation.

This work has been presented at the 16th ACM SIGPLAN International Conference on Software Language Engineering (SLE'23) conference 8.

We tackle the problem of designing efficient binary-level verification for a subset of information flow properties encompassing constant-time and secret-erasure. These properties are crucial for cryptographic implementations, but are generally not preserved by compilers. Our proposal builds on relational symbolic execution enhanced with new optimizations dedicated to information flow and binary-level analysis, yielding a dramatic improvement over prior work based on symbolic execution. We implement a prototype, Binsec/Rel, for bug-finding and bounded-verification of constant-time and secret-erasure, and perform extensive experiments on a set of 338 cryptographic implementations, demonstrating the benefits of our approach. Using Binsec/Rel, we also automate two prior manual studies on preservation of constant-time and secret-erasure by compilers for a total of 4148 and 1156 binaries respectively. Interestingly, our analysis highlights incorrect usages of volatile data pointer for secret erasure and shows that scrubbing mechanisms based on volatile function pointers can introduce additional register spilling which might break secret-erasure. We also discovered that gcc -O0 and backend passes of clang introduce violations of constant-time in implementations that were previously deemed secure by a state-of-the-art constant-time verification tool operating at LLVM level, showing the importance of reasoning at binary-level.

This work has been published as a journal in ACM Transactions on Privacy and Security 2.

We revisit the problem of erasing sensitive data from memory and registers during return from a cryptographic routine. While the problem and related attacker model is fairly easy to phrase, it turns out to be surprisingly hard to guarantee security in this model when implementing cryptography in common languages such as C/C++ or Rust. We revisit the issues surrounding zeroization and then present a principled solution in the sense that it guarantees that sensitive data is erased and it clearly defines when this happens. We implement our solution as extension to the formally verified Jasmin compiler and extend the correctness proof of the compiler to cover zeroization. We show that the approach seamlessly integrates with state-of-the-art protections against microarchitectural attacks by integrating zeroization into Libjade, a cryptographic library written in Jasmin with systematic protections against timing and Spectre-v1 attacks. Benchmarks show that in many cases the overhead of zeroization is barely measurable and that it stays below 2% except for highly optimized symmetric crypto routines on short inputs. This paper is accepted at CHES 2024.

Choreographic languages describe possible sequences of interactions among a set of agents. Typical models are based on languages or automata over sending and receiving actions. Pomsets provide a more compact alternative by using a partial order to explicitly represent causality and concurrency between these actions. However, pomsets offer no representation of choices, thus a set of pomsets is required to represent branching behavior. For example, if an agent Alice can send one of two possible messages to Bob three times, one would need a set of $2\times 2\times 2$ distinct pomsets to represent all possible branches of Alice's behavior. This paper proposes an extension of pomsets, named branching pomsets, with a branching structure that can represent Alice's behavior using $2+2+2$ ordered actions. We compare the expressiveness of branching pomsets with that of several forms of event structures from the literature. We encode choreographies as branching pomsets and show that the pomset semantics of the encoded choreographies are bisimilar to their operational semantics. Furthermore, we define well-formedness conditions on branching pomsets, inspired by multiparty session types, and we prove that the well-formedness of a branching pomset is a sufficient condition for the realizability of the represented communication protocol. Finally, we present a prototype tool that implements our theory of branching pomsets, focusing on its applications to choreographies. These results are presented in 3.

To celebrate the 30th edition of EXPRESS (Expressiveness in Concurrency) and the 20th edition of SOS (Structural Operational Semantics), we presented a retrospective view on how session types can be expressed in a type theory for the standard $\pi$-calculus by means of a suitable encoding 4. This encoding allows one to reuse results about the $\pi$-calculus in the context of session-based communications, thus deepening the understanding of sessions and reducing redundancies in their theoretical foundations. We have also reviewed the practical implications of these results (e.g., refined forms of deadlock analysis, type inference).