1 \documentclass[dvipsnames,14pt,t]{beamer} |
1 \documentclass[dvipsnames,14pt,t]{beamer} |
2 \usepackage{../slides} |
2 \usepackage{../slides} |
3 \usepackage{../langs} |
3 \usepackage{../langs} |
4 \usepackage{../data} |
|
5 \usepackage{../graphics} |
4 \usepackage{../graphics} |
6 \usepackage{../grammar} |
5 \usepackage{../grammar} |
7 \usepackage{soul} |
6 \usepackage{soul} |
8 |
7 \usepackage{mathpartir} |
9 \tikzset{onslide/.code args={<#1>#2}{% |
8 |
10 \only<#1>{\pgfkeysalso{#2}} % \pgfkeysalso doesn't change the path |
9 % beamer stuff |
11 }} |
|
12 |
|
13 \makeatletter |
|
14 \newenvironment<>{btHighlight}[1][] |
|
15 {\begin{onlyenv}#2\begingroup\tikzset{bt@Highlight@par/.style={#1}}\begin{lrbox}{\@tempboxa}} |
|
16 {\end{lrbox}\bt@HL@box[bt@Highlight@par]{\@tempboxa}\endgroup\end{onlyenv}} |
|
17 |
|
18 \newcommand<>\btHL[1][]{% |
|
19 \only#2{\begin{btHighlight}[#1]\bgroup\aftergroup\bt@HL@endenv}% |
|
20 } |
|
21 \def\bt@HL@endenv{%b jm |
|
22 \end{btHighlight}% |
|
23 \egroup |
|
24 } |
|
25 \newcommand{\bt@HL@box}[2][]{% |
|
26 \tikz[#1]{% |
|
27 \pgfpathrectangle{\pgfpoint{1pt}{0pt}}{\pgfpoint{\wd #2}{\ht #2}}% |
|
28 \pgfusepath{use as bounding box}% |
|
29 \node[anchor=base west, fill=orange!30,outer sep=0pt,inner xsep=1pt, inner ysep=0pt, rounded corners=3pt, minimum height=\ht\strutbox+1pt,#1]{\raisebox{1pt}{\strut}\strut\usebox{#2}}; |
|
30 }% |
|
31 } |
|
32 \makeatother |
|
33 |
|
34 \lstset{morekeywords={def,if,then,else,write,read},keywordstyle=\color{codepurple}\bfseries} |
|
35 |
|
36 % beamer stuff |
|
37 \renewcommand{\slidecaption}{CFL 09, King's College London} |
10 \renewcommand{\slidecaption}{CFL 09, King's College London} |
38 \newcommand{\bl}[1]{\textcolor{blue}{#1}} |
11 \newcommand{\bl}[1]{\textcolor{blue}{#1}} |
39 |
|
40 |
12 |
41 \begin{document} |
13 \begin{document} |
42 |
|
43 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
14 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
44 \begin{frame}[t] |
15 \begin{frame}[t] |
45 \frametitle{% |
16 \frametitle{% |
46 \begin{tabular}{@ {}c@ {}} |
17 \begin{tabular}{@ {}c@ {}} |
47 \\[-3mm] |
18 \\[-3mm] |
48 \LARGE Compilers and \\[-2mm] |
19 \LARGE Compilers and \\[-2mm] |
49 \LARGE Formal Languages (8)\\[3mm] |
20 \LARGE Formal Languages (9)\\[3mm] |
50 \end{tabular}} |
21 \end{tabular}} |
51 |
22 |
52 \normalsize |
23 \normalsize |
53 \begin{center} |
24 \begin{center} |
54 \begin{tabular}{ll} |
25 \begin{tabular}{ll} |
55 Email: & christian.urban at kcl.ac.uk\\ |
26 Email: & christian.urban at kcl.ac.uk\\ |
56 Office: & N7.07 (North Wing, Bush House)\\ |
27 Office: & N7.07 (North Wing, Bush House)\\ |
57 Slides: & KEATS (also home work is there)\\ |
28 Slides: & KEATS (also home work is there)\\ |
58 \end{tabular} |
29 \end{tabular} |
59 \end{center} |
30 \end{center} |
60 |
|
61 \end{frame} |
31 \end{frame} |
62 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
32 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
63 |
33 |
64 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
34 |
65 \begin{frame}[t,fragile] |
35 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
66 \frametitle{Compiling AExps} |
36 \begin{frame}[c] |
67 |
37 |
68 For example \bl{$1 + ((2 * 3) + (4 - 3))$}:\medskip |
38 \begin{center} |
69 |
39 \includegraphics[scale=0.6]{../pics/bridge-limits.png} |
70 \begin{columns}[T] |
40 \end{center} |
71 \begin{column}{.3\textwidth} |
41 |
72 \begin{center} |
42 \end{frame} |
73 \bl{\begin{tikzpicture} |
43 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
74 \tikzset{level distance=12mm,sibling distance=4mm} |
44 |
75 \tikzset{edge from parent/.style={draw,very thick}} |
45 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
76 \Tree [.$+$ [.$1$ ] [.$+$ [.$*$ $2$ $3$ ] [.$-$ $4$ $3$ ]]] |
46 \begin{frame}[c] |
77 \end{tikzpicture}} |
47 \frametitle{Old-Fashioned Eng.~vs.~CS} |
78 \end{center} |
48 |
79 \end{column} |
49 \begin{center} |
80 \begin{column}{.3\textwidth} |
50 \begin{tabular}{@{}cc@{}} |
81 \begin{lstlisting}[language=JVMIS,numbers=none] |
51 \begin{tabular}{@{}p{5.2cm}} |
82 ldc 1 |
52 \includegraphics[scale=0.058]{../pics/towerbridge.jpg}\\ |
83 ldc 2 |
53 {\bf bridges}: \\ |
84 ldc 3 |
54 \raggedright\small |
85 imul |
55 engineers can ``look'' at a bridge and have a pretty good |
86 ldc 4 |
56 intuition about whether it will hold up or not\\ |
87 ldc 3 |
57 (redundancy; predictive theory) |
88 isub |
58 \end{tabular} & |
89 iadd |
59 \begin{tabular}{p{5cm}} |
90 iadd |
60 \includegraphics[scale=0.265]{../pics/code.jpg}\\ |
91 \end{lstlisting} |
61 \raggedright |
92 \end{column} |
62 {\bf code}: \\ |
93 \end{columns}\bigskip |
63 \raggedright\small |
94 |
64 programmers have very little intuition about their code; |
95 \small |
65 often it is too expensive to have redundancy; |
96 Traverse tree in post-order \bl{$\Rightarrow$} code for |
66 not ``continuous'' |
97 stack-machine |
67 \end{tabular} |
98 |
68 \end{tabular} |
99 \end{frame} |
69 \end{center} |
100 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
70 |
101 |
71 \end{frame} |
102 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
72 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
103 \begin{frame}[c,fragile] |
73 |
104 \frametitle{Compiling AExps} |
74 |
105 |
|
106 \bl{ |
|
107 \begin{center} |
|
108 \begin{tabular}{lcl} |
|
109 $\textit{compile}(n, E)$ & $\dn$ & $\pcode{ldc}\;n$\smallskip\\ |
|
110 $\textit{compile}(a_1 + a_2, E)$ & $\dn$ \\ |
|
111 \multicolumn{3}{c}{$\qquad\textit{compile}(a_1, E) \;@\;\textit{compile}(a_2, E)\;@\; \pcode{iadd}$}\smallskip\\ |
|
112 $\textit{compile}(a_1 - a_2, E)$ & $\dn$ \\ |
|
113 \multicolumn{3}{c}{$\qquad\textit{compile}(a_1, E) \;@\; \textit{compile}(a_2, E)\;@\; \pcode{isub}$}\smallskip\\ |
|
114 $\textit{compile}(a_1 * a_2, E)$ & $\dn$ \\ |
|
115 \multicolumn{3}{c}{$\qquad\textit{compile}(a_1, E) \;@\; \textit{compile}(a_2, E)\;@\; \pcode{imul}$}\smallskip\\ |
|
116 $\textit{compile}(a_1 \backslash a_2, E)$ & $\dn$\\ |
|
117 \multicolumn{3}{c}{$\qquad\textit{compile}(a_1, E) \;@\; \textit{compile}(a_2, E)\;@\; \pcode{idiv}$}\smallskip\\ |
|
118 $\textit{compile}(x, E)$ & $\dn$ & $\pcode{iload}\;E(x)$\\ |
|
119 \end{tabular} |
|
120 \end{center}} |
|
121 |
|
122 \end{frame} |
|
123 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
124 |
|
125 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
126 \begin{frame}[c,fragile] |
|
127 \frametitle{Compiling Ifs} |
|
128 |
|
129 For example |
|
130 |
|
131 \begin{lstlisting}[mathescape,numbers=none,language=While] |
|
132 if 1 = 1 then x := 2 else y := 3 |
|
133 \end{lstlisting} |
|
134 |
|
135 |
|
136 \begin{center} |
|
137 \begin{lstlisting}[mathescape,language=JVMIS,numbers=none] |
|
138 ldc 1 |
|
139 ldc 1 |
|
140 if_icmpne L_ifelse $\quad\tikz[remember picture] \node (C) {\mbox{}};$ |
|
141 ldc 2 |
|
142 istore 0 |
|
143 goto L_ifend $\quad\tikz[remember picture] \node (A) {\mbox{}};$ |
|
144 L_ifelse: $\quad\tikz[remember picture] \node[] (D) {\mbox{}};$ |
|
145 ldc 3 |
|
146 istore 1 |
|
147 L_ifend: $\quad\tikz[remember picture] \node[] (B) {\mbox{}};$ |
|
148 \end{lstlisting} |
|
149 \end{center} |
|
150 |
|
151 \begin{tikzpicture}[remember picture,overlay] |
|
152 \draw[->,very thick] (A) edge [->,to path={-- ++(10mm,0mm) |
|
153 -- ++(0mm,-17.3mm) |- (\tikztotarget)},line width=1mm] (B.east); |
|
154 \draw[->,very thick] (C) edge [->,to path={-- ++(10mm,0mm) |
|
155 -- ++(0mm,-17.3mm) |- (\tikztotarget)},line width=1mm] (D.east); |
|
156 \end{tikzpicture} |
|
157 |
|
158 \end{frame} |
|
159 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
160 |
|
161 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
162 \begin{frame}[c,fragile] |
|
163 \frametitle{Compiling Whiles} |
|
164 |
|
165 For example |
|
166 |
|
167 \begin{lstlisting}[mathescape,numbers=none,language=While] |
|
168 while x <= 10 do x := x + 1 |
|
169 \end{lstlisting} |
|
170 |
|
171 |
|
172 \begin{center} |
|
173 \begin{lstlisting}[mathescape,language=JVMIS,numbers=none] |
|
174 L_wbegin: $\quad\tikz[remember picture] \node[] (LB) {\mbox{}};$ |
|
175 iload 0 |
|
176 ldc 10 |
|
177 if_icmpgt L_wend $\quad\tikz[remember picture] \node (LC) {\mbox{}};$ |
|
178 iload 0 |
|
179 ldc 1 |
|
180 iadd |
|
181 istore 0 |
|
182 goto L_wbegin $\quad\tikz[remember picture] \node (LA) {\mbox{}};$ |
|
183 L_wend: $\quad\tikz[remember picture] \node[] (LD) {\mbox{}};$ |
|
184 \end{lstlisting} |
|
185 \end{center} |
|
186 |
|
187 \begin{tikzpicture}[remember picture,overlay] |
|
188 \draw[->,very thick] (LA) edge [->,to path={-- ++(12mm,0mm) |
|
189 -- ++(0mm,17.3mm) |- (\tikztotarget)},line width=1mm] (LB.east); |
|
190 \draw[->,very thick] (LC) edge [->,to path={-- ++(12mm,0mm) |
|
191 -- ++(0mm,-17.3mm) |- (\tikztotarget)},line width=1mm] (LD.east); |
|
192 \end{tikzpicture} |
|
193 |
|
194 \end{frame} |
|
195 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
196 |
|
197 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
198 \begin{frame}[c,fragile] |
|
199 \frametitle{Compiling Writes} |
|
200 |
|
201 \small |
|
202 \begin{lstlisting}[language=JVMIS,mathescape, |
|
203 numbers=none,xleftmargin=-6mm] |
|
204 .method public static write(I)V |
|
205 .limit locals 1 |
|
206 .limit stack 2 |
|
207 getstatic java/lang/System/out |
|
208 Ljava/io/PrintStream; |
|
209 iload 0 |
|
210 invokevirtual java/io/PrintStream/println(I)V |
|
211 return |
|
212 .end method |
|
213 |
|
214 |
|
215 |
|
216 iload $E(x)$ |
|
217 invokestatic XXX/XXX/write(I)V |
|
218 \end{lstlisting} |
|
219 |
|
220 \end{frame} |
|
221 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
222 |
|
223 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
224 \begin{frame}[c,fragile] |
|
225 \frametitle{Compiling Main} |
|
226 |
|
227 \footnotesize |
|
228 \begin{lstlisting}[language=JVMIS,mathescape, |
|
229 numbers=none,xleftmargin=-6mm] |
|
230 .class public XXX.XXX |
|
231 .super java/lang/Object |
|
232 |
|
233 .method public <init>()V |
|
234 aload_0 |
|
235 invokenonvirtual java/lang/Object/<init>()V |
|
236 return |
|
237 .end method |
|
238 |
|
239 .method public static main([Ljava/lang/String;)V |
|
240 .limit locals 200 |
|
241 .limit stack 200 |
|
242 |
|
243 $\textit{\ldots{}here comes the compiled code\ldots}$ |
|
244 |
|
245 return |
|
246 .end method |
|
247 \end{lstlisting} |
|
248 |
|
249 \end{frame} |
|
250 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
251 |
|
252 |
|
253 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
254 \begin{frame}[c,fragile] |
|
255 \frametitle{Functional Programming} |
|
256 |
|
257 \footnotesize |
|
258 \begin{textblock}{13}(0.9,3) |
|
259 \begin{lstlisting}[]numbers=none] |
|
260 def fib(n) = if n == 0 then 0 |
|
261 else if n == 1 then 1 |
|
262 else fib(n - 1) + fib(n - 2); |
|
263 |
|
264 def fact(n) = if n == 0 then 1 else n * fact(n - 1); |
|
265 |
|
266 def ack(m, n) = if m == 0 then n + 1 |
|
267 else if n == 0 then ack(m - 1, 1) |
|
268 else ack(m - 1, ack(m, n - 1)); |
|
269 |
|
270 def gcd(a, b) = if b == 0 then a else gcd(b, a % b); |
|
271 \end{lstlisting} |
|
272 \end{textblock} |
|
273 |
|
274 \end{frame} |
|
275 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
276 |
|
277 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
278 \begin{frame}[c] |
|
279 \frametitle{Fun Grammar} |
|
280 \bl{ |
|
281 \begin{plstx}[rhs style=] |
|
282 : \meta{Exp} ::= \meta{Var} | \meta{Num}{\hspace{3cm}} |
|
283 | \meta{Exp} + \meta{Exp} | ... | (\meta{Exp}) |
|
284 | \code{if} \meta{BExp} \code{then} \meta{Exp} \code{else} \meta{Exp} |
|
285 | \code{write} \meta{Exp} {\hspace{3cm}} |
|
286 | \meta{Exp} ; \meta{Exp} |
|
287 | \textit{FunName} (\meta{Exp}, ... , \meta{Exp})\\ |
|
288 : \meta{BExp} ::= ...\\ |
|
289 : \meta{Decl} ::= \meta{Def} ; \meta{Decl} |
|
290 | \meta{Exp}\\ |
|
291 : \meta{Def} ::= \code{def} \textit{FunName} ($\hspace{0.4mm}x_1$, ... , $x_n$) = \meta{Exp}\\ |
|
292 \end{plstx}} |
|
293 |
|
294 |
|
295 |
|
296 \end{frame} |
|
297 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
298 |
|
299 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
300 \begin{frame}[c, fragile] |
|
301 \frametitle{Abstract Syntax Trees} |
|
302 |
|
303 \footnotesize |
|
304 \begin{lstlisting}[language=Scala, numbers=none, xleftmargin=-1mm] |
|
305 abstract class Exp |
|
306 abstract class BExp |
|
307 abstract class Decl |
|
308 |
|
309 case class Var(s: String) extends Exp |
|
310 case class Num(i: Int) extends Exp |
|
311 case class Aop(o: String, a1: Exp, a2: Exp) extends Exp |
|
312 case class If(a: BExp, e1: Exp, e2: Exp) extends Exp |
|
313 case class Write(e: Exp) extends Exp |
|
314 case class Sequ(e1: Exp, e2: Exp) extends Exp |
|
315 case class Call(name: String, args: List[Exp]) extends Exp |
|
316 |
|
317 case class Bop(o: String, a1: Exp, a2: Exp) extends BExp |
|
318 |
|
319 case class Def(name: String, |
|
320 args: List[String], |
|
321 body: Exp) extends Decl |
|
322 case class Main(e: Exp) extends Decl |
|
323 \end{lstlisting} |
|
324 |
|
325 \end{frame} |
|
326 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
327 |
|
328 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
329 \begin{frame}[c, fragile] |
|
330 \frametitle{Sequences} |
|
331 |
|
332 Compiling \texttt{exp1 ; exp2}:\bigskip |
|
333 |
|
334 |
|
335 \begin{lstlisting}[mathescape,language=JVMIS, numbers=none] |
|
336 $\textit{compile}$(exp1) |
|
337 pop |
|
338 $\textit{compile}$(exp2) |
|
339 \end{lstlisting} |
|
340 |
|
341 \end{frame} |
|
342 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
343 |
|
344 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
345 \begin{frame}[c, fragile] |
|
346 \frametitle{Write} |
|
347 |
|
348 Compiling call to \texttt{write(1+2)}:\bigskip |
|
349 |
|
350 |
|
351 \begin{lstlisting}[mathescape,language=JVMIS, numbers=none] |
|
352 $\textit{compile}$(1+2) |
|
353 dup |
|
354 invokestatic XXX/XXX/write(I)V |
|
355 \end{lstlisting}\bigskip |
|
356 |
|
357 \small |
|
358 needs the helper method |
|
359 |
|
360 \footnotesize |
|
361 \begin{lstlisting}[language=JVMIS, |
|
362 xleftmargin=2mm, |
|
363 numbers=none] |
|
364 .method public static write(I)V |
|
365 .limit locals 1 |
|
366 .limit stack 2 |
|
367 getstatic java/lang/System/out Ljava/io/PrintStream; |
|
368 iload 0 |
|
369 invokevirtual java/io/PrintStream/println(I)V |
|
370 return |
|
371 .end method |
|
372 \end{lstlisting} |
|
373 \end{frame} |
|
374 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
375 |
|
376 |
|
377 |
|
378 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
379 \begin{frame}[t, fragile] |
|
380 \frametitle{Function Definitions} |
|
381 |
|
382 \footnotesize |
|
383 \begin{lstlisting}[language=JVMIS, |
|
384 xleftmargin=2mm, |
|
385 numbers=none] |
|
386 .method public static write(I)V |
|
387 .limit locals 1 |
|
388 .limit stack 2 |
|
389 getstatic java/lang/System/out Ljava/io/PrintStream; |
|
390 iload 0 |
|
391 invokevirtual java/io/PrintStream/println(I)V |
|
392 return |
|
393 .end method |
|
394 \end{lstlisting}\bigskip |
|
395 |
|
396 \small We will need for definitions, like\footnotesize\medskip |
|
397 |
|
398 \begin{lstlisting}[language=JVMIS, |
|
399 xleftmargin=2mm, |
|
400 numbers=none] |
|
401 def fname (x1, ... , xn) = ... |
|
402 |
|
403 .method public static fname (I...I)I |
|
404 .limit locals ?? |
|
405 .limit stack ?? |
|
406 ?? |
|
407 .end method |
|
408 \end{lstlisting} |
|
409 |
|
410 \end{frame} |
|
411 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
412 |
|
413 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
414 \begin{frame}[c, fragile] |
|
415 \frametitle{Stack Estimation} |
|
416 \small |
|
417 \mbox{}\\[-15mm] |
|
418 |
|
419 \bl{\begin{center} |
|
420 \begin{tabular}{@{\hspace{-4mm}}l@{\hspace{2mm}}c@{\hspace{2mm}}l@{}} |
|
421 $\textit{estimate}(n)$ & $\dn$ & $1$\\ |
|
422 $\textit{estimate}(x)$ & $\dn$ & $1$\\ |
|
423 $\textit{estimate}(a_1\;aop\;a_2)$ & $\dn$ & |
|
424 $\textit{estimate}(a_1) + \textit{estimate}(a_2)$\\ |
|
425 $\textit{estimate}(\pcode{if}\;b\;\pcode{then}\;e_1\;\pcode{else}\;e_2)$ & $\dn$ & |
|
426 $\textit{estimate}(b) +$\\ |
|
427 & & $\quad max(\textit{estimate}(e_1), \textit{estimate}(e_2))$\\ |
|
428 $\textit{estimate}(\pcode{write}(e))$ & $\dn$ & |
|
429 $\textit{estimate}(e) + 1$\\ |
|
430 $\textit{estimate}(e_1 ; e_2)$ & $\dn$ & |
|
431 $max(\textit{estimate}(e_1), \textit{estimate}(e_2))$\\ |
|
432 $\textit{estimate}(f(e_1, ..., e_n))$ & $\dn$ & |
|
433 $\sum_{i = 1..n}\;estimate(e_i)$\medskip\\ |
|
434 $\textit{estimate}(a_1\;bop\;a_2)$ & $\dn$ & |
|
435 $\textit{estimate}(a_1) + \textit{estimate}(a_2)$\\ |
|
436 \end{tabular} |
|
437 \end{center}} |
|
438 |
|
439 \end{frame} |
|
440 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
441 |
|
442 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
443 \begin{frame}[fragile] |
|
444 \frametitle{Successor Function} |
|
445 |
|
446 \begin{textblock}{7}(1,2.5)\footnotesize |
|
447 \begin{minipage}{6cm} |
|
448 \begin{lstlisting}[language=JVMIS,basicstyle=\ttfamily, numbers=none] |
|
449 .method public static suc(I)I |
|
450 .limit locals 1 |
|
451 .limit stack 2 |
|
452 iload 0 |
|
453 ldc 1 |
|
454 iadd |
|
455 ireturn |
|
456 .end method |
|
457 \end{lstlisting} |
|
458 \end{minipage} |
|
459 \end{textblock} |
|
460 |
|
461 \begin{textblock}{7}(6,8) |
|
462 \begin{bubble}[5cm]\small |
|
463 \begin{lstlisting}[language=Lisp, |
|
464 basicstyle=\ttfamily, |
|
465 numbers=none, |
|
466 xleftmargin=1mm] |
|
467 def suc(x) = x + 1; |
|
468 \end{lstlisting} |
|
469 \end{bubble} |
|
470 \end{textblock} |
|
471 |
|
472 \end{frame} |
|
473 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
474 |
|
475 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
476 \begin{frame}[fragile] |
|
477 \frametitle{Addition Function} |
|
478 |
|
479 \begin{textblock}{7}(1,1.9)\footnotesize |
|
480 \begin{minipage}{6cm} |
|
481 \begin{lstlisting}[language=JVMIS,basicstyle=\ttfamily, numbers=none] |
|
482 .method public static add(II)I |
|
483 .limit locals 2 |
|
484 .limit stack 5 |
|
485 iload 0 |
|
486 ldc 0 |
|
487 if_icmpne If_else |
|
488 iload 1 |
|
489 goto If_end |
|
490 If_else: |
|
491 iload 0 |
|
492 ldc 1 |
|
493 isub |
|
494 iload 1 |
|
495 invokestatic XXX/XXX/add(II)I |
|
496 invokestatic XXX/XXX/suc(I)I |
|
497 If_end: |
|
498 ireturn |
|
499 .end method |
|
500 \end{lstlisting} |
|
501 \end{minipage} |
|
502 \end{textblock} |
|
503 |
|
504 \begin{textblock}{7}(6,6.6) |
|
505 \begin{bubble}[7cm]\small |
|
506 \begin{lstlisting}[language=Lisp, |
|
507 basicstyle=\ttfamily, |
|
508 numbers=none, |
|
509 xleftmargin=1mm] |
|
510 def add(x, y) = |
|
511 if x == 0 then y |
|
512 else suc(add(x - 1, y)); |
|
513 \end{lstlisting} |
|
514 \end{bubble} |
|
515 \end{textblock} |
|
516 |
|
517 \end{frame} |
|
518 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
519 |
|
520 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
521 \begin{frame}[fragile] |
|
522 \frametitle{Factorial} |
|
523 |
|
524 \begin{textblock}{7}(1,1.5)\footnotesize |
|
525 \begin{minipage}{6cm} |
|
526 \begin{lstlisting}[language=JVMIS,basicstyle=\ttfamily, numbers=none] |
|
527 .method public static facT(II)I |
|
528 .limit locals 2 |
|
529 .limit stack 6 |
|
530 iload 0 |
|
531 ldc 0 |
|
532 if_icmpne If_else_2 |
|
533 iload 1 |
|
534 goto If_end_3 |
|
535 If_else_2: |
|
536 iload 0 |
|
537 ldc 1 |
|
538 isub |
|
539 iload 0 |
|
540 iload 1 |
|
541 imul |
|
542 invokestatic fact/fact/facT(II)I |
|
543 If_end_3: |
|
544 ireturn |
|
545 .end method |
|
546 \end{lstlisting} |
|
547 \end{minipage} |
|
548 \end{textblock} |
|
549 |
|
550 \begin{textblock}{7}(6,7) |
|
551 \begin{bubble}[7cm]\small |
|
552 \begin{lstlisting}[language=Lisp, |
|
553 basicstyle=\ttfamily, |
|
554 numbers=none, |
|
555 xleftmargin=1mm] |
|
556 def facT(n, acc) = |
|
557 if n == 0 then acc |
|
558 else facT(n - 1, n * acc); |
|
559 \end{lstlisting} |
|
560 \end{bubble} |
|
561 \end{textblock} |
|
562 |
|
563 \end{frame} |
|
564 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
565 |
|
566 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
567 \begin{frame}[fragile] |
|
568 |
|
569 \begin{textblock}{7}(1,-0.2)\footnotesize |
|
570 \begin{minipage}{6cm} |
|
571 \begin{lstlisting}[language=JVMIS,basicstyle=\ttfamily, numbers=none, escapeinside={(*@}{@*)}] |
|
572 .method public static facT(II)I |
|
573 .limit locals 2 |
|
574 .limit stack 6 |
|
575 (*@\hl{facT\_Start:} @*) |
|
576 iload 0 |
|
577 ldc 0 |
|
578 if_icmpne If_else_2 |
|
579 iload 1 |
|
580 goto If_end_3 |
|
581 If_else_2: |
|
582 iload 0 |
|
583 ldc 1 |
|
584 isub |
|
585 iload 0 |
|
586 iload 1 |
|
587 imul |
|
588 (*@\hl{istore 1} @*) |
|
589 (*@\hl{istore 0} @*) |
|
590 (*@\hl{goto facT\_Start} @*) |
|
591 If_end_3: |
|
592 ireturn |
|
593 .end method |
|
594 \end{lstlisting} |
|
595 \end{minipage} |
|
596 \end{textblock} |
|
597 |
|
598 \begin{textblock}{7}(6,7) |
|
599 \begin{bubble}[7cm]\small |
|
600 \begin{lstlisting}[language=Lisp, |
|
601 basicstyle=\ttfamily, |
|
602 numbers=none, |
|
603 xleftmargin=1mm] |
|
604 def facT(n, acc) = |
|
605 if n == 0 then acc |
|
606 else facT(n - 1, n * acc); |
|
607 \end{lstlisting} |
|
608 \end{bubble} |
|
609 \end{textblock} |
|
610 |
|
611 \end{frame} |
|
612 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
613 |
|
614 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
615 \begin{frame}[c, fragile] |
|
616 \frametitle{Tail Recursion} |
|
617 |
|
618 A call to \texttt{f(args)} is usually compiled as\medskip |
|
619 |
|
620 {\small\begin{lstlisting}[basicstyle=\ttfamily, numbers=none] |
|
621 args onto stack |
|
622 invokestatic .../f |
|
623 \end{lstlisting}}\pause |
|
624 |
|
625 |
|
626 A call is in tail position provided:\medskip |
|
627 |
|
628 {\small\begin{itemize} |
|
629 \item \texttt{if Bexp then \hl{Exp} else \hl{Exp}} |
|
630 \item \texttt{Exp ; \hl{Exp}} |
|
631 \item \texttt{Exp op Exp} |
|
632 \end{itemize}}\medskip |
|
633 |
|
634 then a call \texttt{f(args)} can be compiled as\medskip\small |
|
635 |
|
636 \begin{lstlisting}[basicstyle=\ttfamily, numbers=none] |
|
637 prepare environment |
|
638 jump to start of function |
|
639 \end{lstlisting} |
|
640 |
|
641 \end{frame} |
|
642 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
643 |
|
644 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
645 \begin{frame}[c, fragile] |
|
646 \frametitle{Tail Recursive Call} |
|
647 \footnotesize |
|
648 |
|
649 \begin{textblock}{13}(-0.3,2) |
|
650 \begin{lstlisting}[language=Scala,basicstyle=\ttfamily, numbers=none] |
|
651 def compile_expT(a: Exp, env: Mem, name: String): Instrs = |
|
652 ... |
|
653 case Call(n, args) => if (name == n) |
|
654 { |
|
655 val stores = args.zipWithIndex.map |
|
656 { case (x, y) => "istore " + y.toString + "\n" } |
|
657 args.flatMap(a => compile_expT(a, env, "")) ++ |
|
658 stores.reverse ++ |
|
659 List ("goto " + n + "_Start\n") |
|
660 } |
|
661 else |
|
662 { |
|
663 val is = "I" * args.length |
|
664 args.flatMap(a => compile_expT(a, env, "")) ++ |
|
665 List ("invokestatic XXX/XXX/" + n + "(" + is + ")I\n") |
|
666 } |
|
667 \end{lstlisting} |
|
668 \end{textblock} |
|
669 |
|
670 \end{frame} |
|
671 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
672 |
75 |
673 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
76 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
674 \begin{frame}[c] |
77 \begin{frame}[c] |
675 \frametitle{Dijkstra on Testing} |
78 \frametitle{Dijkstra on Testing} |
676 |
79 |
677 \begin{bubble}[10cm] |
80 \begin{bubble}[10cm] |
678 ``Program testing can be a very effective way to show the |
81 ``Program testing can be a very effective way to show the |
679 presence of bugs, but it is hopelessly inadequate for showing |
82 presence of bugs, but it is hopelessly inadequate for showing |
680 their absence.'' |
83 their absence.'' |
681 \end{bubble}\bigskip |
84 \end{bubble}\bigskip |
682 |
85 |
683 \small |
|
684 What is good about compilers: the either seem to work, |
|
685 or go horribly wrong (most of the time). |
|
686 |
|
687 \end{frame} |
86 \end{frame} |
688 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
87 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
689 |
88 |
690 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
89 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
691 \begin{frame}[c] |
90 \begin{frame}[c] |
710 {\bf Long, long proof} \ldots\\ |
109 {\bf Long, long proof} \ldots\\ |
711 \end{bubble}\bigskip\medskip |
110 \end{bubble}\bigskip\medskip |
712 |
111 |
713 \small This can be a gigantic proof. The only hope is to have |
112 \small This can be a gigantic proof. The only hope is to have |
714 help from the computer. `Program' is here to be understood to be |
113 help from the computer. `Program' is here to be understood to be |
715 quite general (compiler, OS, \ldots). |
114 quite general (protocols, OS, \ldots). |
716 |
115 |
717 \end{frame} |
116 \end{frame} |
718 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
117 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
719 |
118 |
720 |
119 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
120 \begin{frame}[c] |
|
121 \frametitle{\Large{}Mars Pathfinder Mission 1997} |
|
122 |
|
123 \begin{center} |
|
124 \includegraphics[scale=0.15]{../pics/marspath1.png} |
|
125 \includegraphics[scale=0.16]{../pics/marspath3.png} |
|
126 \includegraphics[scale=0.3]{../pics/marsrover.png} |
|
127 \end{center} |
|
128 |
|
129 \begin{itemize} |
|
130 \item despite NASA's famous testing procedures, the lander crashed frequently on Mars |
|
131 \item a scheduling algorithm was not used in the OS |
|
132 \end{itemize} |
|
133 |
|
134 \end{frame} |
|
135 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
136 |
|
137 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
138 \begin{frame}[c] |
|
139 |
|
140 |
|
141 \begin{textblock}{11}(1,3) |
|
142 \begin{tabular}{@{\hspace{-10mm}}l} |
|
143 \begin{tikzpicture}[scale=1.1] |
|
144 \node at (-2.5,-1.5) {\textcolor{white}{a}}; |
|
145 \node at (8,4) {\textcolor{white}{a}}; |
|
146 |
|
147 |
|
148 |
|
149 \only<1>{ |
|
150 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
151 } |
|
152 \only<2>{ |
|
153 \draw[fill, blue!50] (1,0) rectangle (2,0.6); |
|
154 \draw[fill, blue!50] (3,0) rectangle (5,0.6); |
|
155 \draw[fill, blue!100] (2,3) rectangle (3,3.6); |
|
156 } |
|
157 \only<3>{ |
|
158 \draw[fill, blue!50] (1,0) rectangle (2,0.6); |
|
159 \draw[fill, blue!50] (3,0) rectangle (4.5,0.6); |
|
160 \draw[fill, blue!50] (5.5,0) rectangle (6,0.6); |
|
161 \draw[fill, blue!100] (2,3) rectangle (3,3.6); |
|
162 \draw[fill, blue!100] (4.5,3) rectangle (5.5,3.6); |
|
163 } |
|
164 \only<4>{ |
|
165 \node at (2.5,0.9) {\small locked a resource}; |
|
166 \draw[fill, blue!50] (1,0) rectangle (2,0.6); |
|
167 \draw[blue!50, very thick] (2,0) rectangle (4,0.6); |
|
168 \draw[blue!100, very thick] (2,3) rectangle (3, 3.6); |
|
169 \draw[red, <-, line width = 2mm] (2,-0.1) -- (2, -1); |
|
170 } |
|
171 \only<5>{ |
|
172 \node at (2.5,0.9) {\small locked a resource}; |
|
173 \draw[fill, blue!50] (1,0) rectangle (4,0.6); |
|
174 \draw[blue!100, fill] (4,3) rectangle (5, 3.6); |
|
175 } |
|
176 \only<6>{ |
|
177 \node at (2.5,0.9) {\small locked a resource}; |
|
178 \draw[fill, blue!50] (1,0) rectangle (2,0.6); |
|
179 \draw[blue!50, very thick] (2,0) rectangle (4,0.6); |
|
180 \draw[blue!100, very thick] (2,3) rectangle (3, 3.6); |
|
181 \draw[red, <-, line width = 2mm] (2,-0.1) -- (2, -1); |
|
182 } |
|
183 \only<7>{ |
|
184 \node at (2.5,0.9) {\small locked a resource}; |
|
185 \draw[fill, blue!50] (1,0) rectangle (2.5,0.6); |
|
186 \draw[blue!50, very thick] (2.5,0) rectangle (4,0.6); |
|
187 \draw[blue!100, very thick] (2.5,3) rectangle (3.5, 3.6); |
|
188 \draw[red, <-, line width = 2mm] (2.5,-0.1) -- (2.5, -1); |
|
189 } |
|
190 \only<8>{ |
|
191 \node at (2.5,0.9) {\small locked a resource}; |
|
192 \draw[fill, blue!50] (1,0) rectangle (2.5,0.6); |
|
193 \draw[blue!50, very thick] (2.5,0) rectangle (4,0.6); |
|
194 \draw[blue!100, very thick] (2.5,3) rectangle (3.5, 3.6); |
|
195 \draw[blue!100, very thick] (2.5,3) rectangle (3.5, 3.6); |
|
196 \draw[red, fill] (2.5,1.5) rectangle (3.5,2.1); |
|
197 \draw[red, <-, line width = 2mm] (2.5,-0.1) -- (2.5, -1); |
|
198 } |
|
199 \only<9>{ |
|
200 \node at (2.5,0.9) {\small locked a resource}; |
|
201 \draw[fill, blue!50] (1,0) rectangle (2.5,0.6); |
|
202 \draw[blue!50, very thick] (3.5,0) rectangle (5,0.6); |
|
203 \draw[blue!100, very thick] (3.5,3) rectangle (4.5, 3.6); |
|
204 \draw[red, fill] (2.5,1.5) rectangle (3.5,2.1); |
|
205 \draw[red, <-, line width = 2mm] (3.5,-0.1) -- (3.5, -1); |
|
206 } |
|
207 \only<10>{ |
|
208 \node at (2.5,0.9) {\small locked a resource}; |
|
209 \draw[fill, blue!50] (1,0) rectangle (2.5,0.6); |
|
210 \draw[blue!50, very thick] (3.5,0) rectangle (5,0.6); |
|
211 \draw[blue!100, very thick] (3.5,3) rectangle (4.5, 3.6); |
|
212 \draw[red, fill] (2.5,1.5) rectangle (3.5,2.1); |
|
213 \draw[red, fill] (3.55,1.5) rectangle (4.5,2.1); |
|
214 \draw[red, <-, line width = 2mm] (3.5,-0.1) -- (3.5, -1); |
|
215 } |
|
216 \only<11>{ |
|
217 \node at (2.5,0.9) {\small locked a resource}; |
|
218 \draw[fill, blue!50] (1,0) rectangle (2.5,0.6); |
|
219 \draw[blue!50, very thick] (4.5,0) rectangle (6,0.6); |
|
220 \draw[blue!100, very thick] (4.5,3) rectangle (5.5, 3.6); |
|
221 \draw[red, fill] (2.5,1.5) rectangle (3.5,2.1); |
|
222 \draw[red, fill] (3.55,1.5) rectangle (4.5,2.1); |
|
223 \draw[red, <-, line width = 2mm] (4.5,-0.1) -- (4.5, -1); |
|
224 } |
|
225 \only<12>{ |
|
226 \node at (2.5,0.9) {\small locked a resource}; |
|
227 \draw[fill, blue!50] (1,0) rectangle (2.5,0.6); |
|
228 \draw[blue!50, very thick] (5.5,0) rectangle (7,0.6); |
|
229 \draw[blue!100, very thick] (5.5,3) rectangle (6.5, 3.6); |
|
230 \draw[red, fill] (2.5,1.5) rectangle (3.5,2.1); |
|
231 \draw[red, fill] (3.55,1.5) rectangle (4.5,2.1); |
|
232 \draw[red, fill] (4.55,1.5) rectangle (5.5,2.1); |
|
233 \draw[red, <-, line width = 2mm] (5.5,-0.1) -- (5.5, -1); |
|
234 \node [anchor=base] at (6.3, 1.8) {\Large\ldots}; |
|
235 } |
|
236 \only<13>{ |
|
237 \node at (2.5,0.9) {\small locked a resource}; |
|
238 \draw[fill, blue!50] (1,0) rectangle (2,0.6); |
|
239 \draw[blue!50, very thick] (2,0) rectangle (4,0.6); |
|
240 \draw[blue!100, very thick] (2,3) rectangle (3, 3.6); |
|
241 \draw[red, <-, line width = 2mm] (2,-0.1) -- (2, -1); |
|
242 } |
|
243 \only<14>{ |
|
244 \node at (2.5,3.9) {\small locked a resource}; |
|
245 \draw[fill, blue!50] (1,0) rectangle (2,0.6); |
|
246 \draw[blue!50, fill] (2,3) rectangle (4,3.6); |
|
247 \draw[blue!100, very thick] (4,3) rectangle (5, 3.6); |
|
248 \draw[blue!50, ->, line width = 2mm] (2,1) -- (2, 2.5); |
|
249 \draw[red, <-, line width = 2mm] (2,-0.1) -- (2, -1); |
|
250 } |
|
251 \only<15>{ |
|
252 \node at (2.5,3.9) {\small locked a resource}; |
|
253 \draw[fill, blue!50] (1,0) rectangle (2,0.6); |
|
254 \draw[blue!50, fill] (2,3) rectangle (4,3.6); |
|
255 \draw[blue!100, very thick] (4,3) rectangle (5, 3.6); |
|
256 \draw[red, <-, line width = 2mm] (2.5,-0.1) -- (2.5, -1); |
|
257 \draw[red, very thick] (2.5,1.5) rectangle (3.5,2.1); |
|
258 } |
|
259 |
|
260 |
|
261 \draw[very thick,->](0,0) -- (8,0); |
|
262 \node [anchor=base] at (8, -0.3) {\scriptsize time}; |
|
263 \node [anchor=base] at (0, -0.3) {\scriptsize 0}; |
|
264 \node [anchor=base] at (-1.2, 0.2) {\small low priority}; |
|
265 \only<2->{\node [anchor=base] at (-1.2, 3.2) {\small high priority};} |
|
266 \only<8->{\node [anchor=base] at (-1.5, 1.7) {\small medium pr.};} |
|
267 |
|
268 \end{tikzpicture} |
|
269 \end{tabular} |
|
270 \end{textblock} |
|
271 |
|
272 \begin{textblock}{0}(2.5,13)% |
|
273 \small |
|
274 \onslide<3->{ |
|
275 \begin{bubble}[8cm]% |
|
276 Scheduling: You want to avoid that a high |
|
277 priority process is starved indefinitely. |
|
278 \end{bubble}} |
|
279 \end{textblock} |
|
280 |
|
281 \end{frame} |
|
282 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
283 |
|
284 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
285 \begin{frame}[c] |
|
286 \frametitle{\Large Priority Inheritance Scheduling} |
|
287 |
|
288 \begin{itemize} |
|
289 \item Let a low priority process $L$ temporarily inherit |
|
290 the high priority of $H$ until $L$ leaves the critical |
|
291 section unlocking the resource.\bigskip |
|
292 \item Once the resource is unlocked $L$ returns to its original |
|
293 priority level. |
|
294 \end{itemize} |
|
295 |
|
296 \end{frame} |
|
297 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
298 |
|
299 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
300 \begin{frame}[c] |
|
301 |
|
302 \begin{textblock}{11}(1,3) |
|
303 \begin{tabular}{@{\hspace{-10mm}}l} |
|
304 \begin{tikzpicture}[scale=1.1] |
|
305 \node at (-2.5,-1.5) {\textcolor{white}{a}}; |
|
306 \node at (8,4) {\textcolor{white}{a}}; |
|
307 |
|
308 \only<1>{ |
|
309 \draw[fill, blue!50] (1,0) rectangle (6,0.6); |
|
310 \node at (1.5,0.9) {\small $A_L$}; |
|
311 \node at (2.0,0.9) {\small $B_L$}; |
|
312 \node at (3.5,0.9) {\small $A_R$}; |
|
313 \node at (5.7,0.9) {\small $B_R$}; |
|
314 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
315 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
316 \draw[very thick,blue!100] (3.5,0) -- (3.5,0.6); |
|
317 \draw[very thick,blue!100] (5.7,0) -- (5.7,0.6); |
|
318 } |
|
319 \only<2>{ |
|
320 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
321 \draw[very thick, blue!50] (3,0) rectangle (6,0.6); |
|
322 \node at (1.5,0.9) {\small $A_L$}; |
|
323 \node at (2.0,0.9) {\small $B_L$}; |
|
324 \node at (3.5,0.9) {\small $A_R$}; |
|
325 \node at (5.7,0.9) {\small $B_R$}; |
|
326 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
327 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
328 \draw[very thick,blue!100] (3.5,0) -- (3.5,0.6); |
|
329 \draw[very thick,blue!100] (5.7,0) -- (5.7,0.6); |
|
330 } |
|
331 \only<3>{ |
|
332 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
333 \draw[very thick, blue!50] (3,0) rectangle (6,0.6); |
|
334 \node at (1.5,0.9) {\small $A_L$}; |
|
335 \node at (2.0,0.9) {\small $B_L$}; |
|
336 \node at (3.5,0.9) {\small $A_R$}; |
|
337 \node at (5.7,0.9) {\small $B_R$}; |
|
338 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
339 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
340 \draw[very thick,blue!100] (3.5,0) -- (3.5,0.6); |
|
341 \draw[very thick,blue!100] (5.7,0) -- (5.7,0.6); |
|
342 \draw[very thick,blue!100] (3,3) rectangle (4,3.6); |
|
343 \node at (3.5,3.3) {\small $A$}; |
|
344 } |
|
345 \only<4>{ |
|
346 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
347 \draw[very thick, blue!50] (3,0) rectangle (6,0.6); |
|
348 \node at (1.5,0.9) {\small $A_L$}; |
|
349 \node at (2.0,0.9) {\small $B_L$}; |
|
350 \node at (3.5,0.9) {\small $A_R$}; |
|
351 \node at (5.7,0.9) {\small $B_R$}; |
|
352 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
353 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
354 \draw[very thick,blue!100] (3.5,0) -- (3.5,0.6); |
|
355 \draw[very thick,blue!100] (5.7,0) -- (5.7,0.6); |
|
356 \draw[very thick,blue!100] (3,3) rectangle (4,3.6); |
|
357 \node at (3.5,3.3) {\small $A$}; |
|
358 \draw[very thick,blue!100] (4,3) rectangle (5,3.6); |
|
359 \node at (4.5,3.3) {\small $B$}; |
|
360 } |
|
361 \only<5>{ |
|
362 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
363 \draw[very thick, blue!50] (3,3) rectangle (6,3.6); |
|
364 \node at (1.5,0.9) {\small $A_L$}; |
|
365 \node at (2.0,0.9) {\small $B_L$}; |
|
366 \node at (3.5,3.9) {\small $A_R$}; |
|
367 \node at (5.7,3.9) {\small $B_R$}; |
|
368 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
369 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
370 \draw[very thick,blue!100] (3.5,3) -- (3.5,3.6); |
|
371 \draw[very thick,blue!100] (5.7,3) -- (5.7,3.6); |
|
372 \draw[very thick,blue!100] (6,3) rectangle (7,3.6); |
|
373 \node at (6.5,3.3) {\small $A$}; |
|
374 \draw[very thick,blue!100] (7,3) rectangle (8,3.6); |
|
375 \node at (7.5,3.3) {\small $B$}; |
|
376 \draw[blue!50, ->, line width = 2mm] (3,1) -- (3, 2.5); |
|
377 } |
|
378 \only<6>{ |
|
379 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
380 \draw[fill, blue!50] (3,3) rectangle (3.5,3.6); |
|
381 \draw[very thick, blue!50] (3.5,3) rectangle (6,3.6); |
|
382 \node at (1.5,0.9) {\small $A_L$}; |
|
383 \node at (2.0,0.9) {\small $B_L$}; |
|
384 \node at (3.5,3.9) {\small $A_R$}; |
|
385 \node at (5.7,3.9) {\small $B_R$}; |
|
386 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
387 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
388 \draw[very thick,blue!100] (3.5,3) -- (3.5,3.6); |
|
389 \draw[very thick,blue!100] (5.7,3) -- (5.7,3.6); |
|
390 \draw[very thick,blue!100] (6,3) rectangle (7,3.6); |
|
391 \node at (6.5,3.3) {\small $A$}; |
|
392 \draw[very thick,blue!100] (7,3) rectangle (8,3.6); |
|
393 \node at (7.5,3.3) {\small $B$}; |
|
394 } |
|
395 \only<7>{ |
|
396 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
397 \draw[fill, blue!50] (3,3) rectangle (3.5,3.6); |
|
398 \draw[very thick, blue!50] (3.5,0) rectangle (6,0.6); |
|
399 \node at (1.5,0.9) {\small $A_L$}; |
|
400 \node at (2.0,0.9) {\small $B_L$}; |
|
401 \node at (3.5,3.9) {\small $A_R$}; |
|
402 \node at (5.7,0.9) {\small $B_R$}; |
|
403 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
404 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
405 \draw[very thick,blue!100] (3.5,3) -- (3.5,3.6); |
|
406 \draw[very thick,blue!100] (5.7,0) -- (5.7,0.6); |
|
407 \draw[very thick,blue!100] (6,3) rectangle (7,3.6); |
|
408 \node at (6.5,3.3) {\small $A$}; |
|
409 \draw[very thick,blue!100] (7,3) rectangle (8,3.6); |
|
410 \node at (7.5,3.3) {\small $B$}; |
|
411 \draw[blue!50, <-, line width = 2mm] (3.5,1) -- (3.5, 2.5); |
|
412 \draw[blue!50, <-, line width = 2mm] (4,3.3) -- (5.5,3.3); |
|
413 } |
|
414 \only<8>{ |
|
415 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
416 \draw[fill, blue!50] (3,3) rectangle (3.5,3.6); |
|
417 \draw[very thick, blue!50] (4.5,0) rectangle (7,0.6); |
|
418 \node at (1.5,0.9) {\small $A_L$}; |
|
419 \node at (2.0,0.9) {\small $B_L$}; |
|
420 \node at (3.5,3.9) {\small $A_R$}; |
|
421 \node at (6.7,0.9) {\small $B_R$}; |
|
422 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
423 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
424 \draw[very thick,blue!100] (3.5,3) -- (3.5,3.6); |
|
425 \draw[very thick,blue!100] (6.7,0) -- (6.7,0.6); |
|
426 \draw[fill,blue!100] (3.5,3) rectangle (4.5,3.6); |
|
427 \node at (4,3.3) {\small $A$}; |
|
428 \draw[very thick,blue!100] (7,3) rectangle (8,3.6); |
|
429 \node at (7.5,3.3) {\small $B$}; |
|
430 } |
|
431 \only<9>{ |
|
432 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
433 \draw[fill, blue!50] (3,3) rectangle (3.5,3.6); |
|
434 \draw[fill, blue!50] (4.5,0) rectangle (5,0.6); |
|
435 \draw[very thick, blue!50] (5,0) rectangle (7,0.6); |
|
436 \node at (1.5,0.9) {\small $A_L$}; |
|
437 \node at (2.0,0.9) {\small $B_L$}; |
|
438 \node at (3.5,3.9) {\small $A_R$}; |
|
439 \node at (6.7,0.9) {\small $B_R$}; |
|
440 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
441 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
442 \draw[very thick,blue!100] (3.5,3) -- (3.5,3.6); |
|
443 \draw[very thick,blue!100] (6.7,0) -- (6.7,0.6); |
|
444 \draw[fill,blue!100] (3.5,3) rectangle (4.5,3.6); |
|
445 \node at (4,3.3) {\small $A$}; |
|
446 \draw[very thick,blue!100] (7,3) rectangle (8,3.6); |
|
447 \node at (7.5,3.3) {\small $B$}; |
|
448 } |
|
449 \only<10>{ |
|
450 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
451 \draw[fill, blue!50] (3,3) rectangle (3.5,3.6); |
|
452 \draw[fill, blue!50] (4.5,0) rectangle (5,0.6); |
|
453 \draw[very thick, blue!50] (5,0) rectangle (7,0.6); |
|
454 \node at (1.5,0.9) {\small $A_L$}; |
|
455 \node at (2.0,0.9) {\small $B_L$}; |
|
456 \node at (3.5,3.9) {\small $A_R$}; |
|
457 \node at (6.7,0.9) {\small $B_R$}; |
|
458 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
459 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
460 \draw[very thick,blue!100] (3.5,3) -- (3.5,3.6); |
|
461 \draw[very thick,blue!100] (6.7,0) -- (6.7,0.6); |
|
462 \draw[fill,blue!100] (3.5,3) rectangle (4.5,3.6); |
|
463 \node at (4,3.3) {\small $A$}; |
|
464 \draw[very thick,blue!100] (7,3) rectangle (8,3.6); |
|
465 \node at (7.5,3.3) {\small $B$}; |
|
466 \draw[red, fill] (5,1.5) rectangle (6,2.1); |
|
467 \draw[red, fill] (6.05,1.5) rectangle (7,2.1); |
|
468 } |
|
469 \only<11>{ |
|
470 \draw[fill, blue!50] (1,0) rectangle (3,0.6); |
|
471 \draw[fill, blue!50] (3,3) rectangle (3.5,3.6); |
|
472 \draw[fill, blue!50] (4.5,0) rectangle (5,0.6); |
|
473 \draw[very thick, blue!50] (5,0) rectangle (7,0.6); |
|
474 \node at (1.5,0.9) {\small $A_L$}; |
|
475 \node at (2.0,0.9) {\small $B_L$}; |
|
476 \node at (3.5,3.9) {\small $A_R$}; |
|
477 \node at (6.7,0.9) {\small $B_R$}; |
|
478 \draw[very thick,blue!100] (1.5,0) -- (1.5,0.6); |
|
479 \draw[very thick,blue!100] (2.0,0) -- (2.0,0.6); |
|
480 \draw[very thick,blue!100] (3.5,3) -- (3.5,3.6); |
|
481 \draw[very thick,blue!100] (6.7,0) -- (6.7,0.6); |
|
482 \draw[fill,blue!100] (3.5,3) rectangle (4.5,3.6); |
|
483 \node at (4,3.3) {\small $A$}; |
|
484 \draw[very thick,blue!100] (7,3) rectangle (8,3.6); |
|
485 \node at (7.5,3.3) {\small $B$}; |
|
486 \draw[red, fill] (5,1.5) rectangle (6,2.1); |
|
487 \draw[red, fill] (6.05,1.5) rectangle (7,2.1); |
|
488 \draw[blue!50, ->, line width = 2mm] (7.1,0.4) -- (8, 0.4); |
|
489 \draw[blue!50, ->, line width = 2mm] (7.1,4) -- (8,4); |
|
490 } |
|
491 |
|
492 \draw[very thick,->](0,0) -- (8,0); |
|
493 \node [anchor=base] at (8, -0.3) {\scriptsize time}; |
|
494 \node [anchor=base] at (0, -0.3) {\scriptsize 0}; |
|
495 \node [anchor=base] at (-1.2, 0.2) {\small low priority}; |
|
496 \only<2->{\node [anchor=base] at (-1.2, 3.2) {\small high priority};} |
|
497 \only<10->{\node [anchor=base] at (-1.5, 1.7) {\small medium pr.};} |
|
498 |
|
499 \end{tikzpicture} |
|
500 \end{tabular} |
|
501 \end{textblock} |
|
502 |
|
503 \begin{textblock}{0}(2.5,13)% |
|
504 \small |
|
505 \onslide<11>{ |
|
506 \begin{bubble}[8cm]% |
|
507 Scheduling: You want to avoid that a high |
|
508 priority process is staved indefinitely. |
|
509 \end{bubble}} |
|
510 \end{textblock} |
|
511 |
|
512 |
|
513 \end{frame} |
|
514 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
515 |
|
516 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
517 \begin{frame}[c] |
|
518 \frametitle{\Large Priority Inheritance Scheduling} |
|
519 |
|
520 \begin{itemize} |
|
521 \item Let a low priority process $L$ temporarily inherit |
|
522 the high priority of $H$ until $L$ leaves the critical |
|
523 section unlocking the resource.\bigskip |
|
524 \item Once the resource is unlocked $L$ returns to its original |
|
525 priority level. \alert{\bf BOGUS}\pause\bigskip |
|
526 \item \ldots $L$ needs to switch to the highest |
|
527 \alert{remaining} priority of the threads that it blocks. |
|
528 \end{itemize}\bigskip |
|
529 |
|
530 \small this error is already known since around 1999 |
|
531 |
|
532 \end{frame} |
|
533 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
534 |
|
535 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
536 \begin{frame}[c] |
|
537 |
|
538 \begin{center} |
|
539 \includegraphics[scale=0.25]{../pics/p3.jpg} |
|
540 \end{center} |
|
541 |
|
542 \begin{itemize} |
|
543 \item by Rajkumar, 1991 |
|
544 \item \it ``it resumes the priority it had at the point of entry into the critical |
|
545 section'' |
|
546 \end{itemize} |
|
547 |
|
548 \end{frame} |
|
549 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
550 |
|
551 |
|
552 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
553 \begin{frame}[c] |
|
554 |
|
555 \begin{center} |
|
556 \includegraphics[scale=0.25]{../pics/p2.jpg} |
|
557 \end{center} |
|
558 |
|
559 \begin{itemize} |
|
560 \item by Jane Liu, 2000 |
|
561 \item {\it ``The job $J_l$ executes at its inherited |
|
562 priority until it releases $R$; at that time, the |
|
563 priority of $J_l$ returns to its priority |
|
564 at the time when it acquires the resource $R$.''}\medskip |
|
565 \item \small gives pseudo code and totally bogus data structures |
|
566 \item \small interesting part ``{\it left as an exercise}'' |
|
567 \end{itemize} |
|
568 |
|
569 \end{frame} |
|
570 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
571 |
|
572 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
573 \begin{frame}[c] |
|
574 |
|
575 \begin{center} |
|
576 \includegraphics[scale=0.15]{../pics/p1.pdf} |
|
577 \end{center} |
|
578 |
|
579 \begin{itemize} |
|
580 \item by Laplante and Ovaska, 2011 (\$113.76) |
|
581 \item \it ``when $[$the task$]$ exits the critical section that |
|
582 caused the block, it reverts to the priority it had |
|
583 when it entered that section'' |
|
584 \end{itemize} |
|
585 |
|
586 \end{frame} |
|
587 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
588 |
|
589 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
590 \begin{frame}[c] |
|
591 |
|
592 \begin{center} |
|
593 \includegraphics[scale=0.25]{../pics/p4.jpg} |
|
594 \end{center} |
|
595 |
|
596 \begin{itemize} |
|
597 \item by Silberschatz, Galvin, and Gagne, 2013 (OS-bible) |
|
598 \item \it ``Upon releasing the lock, the |
|
599 $[$low-priority$]$ thread will revert to |
|
600 its original priority.'' |
|
601 \end{itemize} |
|
602 |
|
603 \end{frame} |
|
604 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
605 |
|
606 |
|
607 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
608 \begin{frame}[c] |
|
609 \frametitle{Priority Scheduling} |
|
610 |
|
611 \begin{itemize} |
|
612 \item a scheduling algorithm that is widely used in real-time operating systems |
|
613 \item has been ``proved'' correct by hand in a paper in 1983 |
|
614 \item but this algorithm turned out to be incorrect, despite its ``proof''\bigskip\pause |
|
615 |
|
616 \item we used the corrected algorithm and then {\bf really} proved |
|
617 that it is correct |
|
618 |
|
619 \item we implemented this algorithm in a small OS called PINTOS |
|
620 (used for teaching at Stanford) |
|
621 |
|
622 \item our implementation was much more efficient than their |
|
623 reference implementation |
|
624 |
|
625 \end{itemize} |
|
626 |
|
627 \end{frame} |
|
628 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
629 |
721 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
630 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
722 |
631 |
723 \begin{frame}[c] |
632 \begin{frame}[c] |
724 \frametitle{Can This Be Done?} |
633 \frametitle{Big Proofs in CS (1)} |
|
634 |
|
635 Formal proofs in CS sound like science fiction? |
725 |
636 |
726 \begin{itemize} |
637 \begin{itemize} |
727 \item in 2008, verification of a small C-compiler |
638 \item in 2008, verification of a C-compiler |
728 \begin{itemize} |
639 \begin{itemize} |
729 \item ``if my input program has a certain behaviour, then the compiled machine code has the same behaviour'' |
640 \item ``if my input program has a certain behaviour, then the compiled machine code has the same behaviour'' |
730 \item is as good as \texttt{gcc -O1}, but much, much less buggy |
641 \item is as good as \texttt{gcc -O1}, but much less buggy |
731 \end{itemize} |
642 \end{itemize} |
732 \end{itemize} |
643 \end{itemize} |
733 |
644 |
734 \begin{center} |
645 \begin{center} |
735 \includegraphics[scale=0.12]{../pics/compcert.png} |
646 \includegraphics[scale=0.12]{../pics/compcert.png} |
737 |
648 |
738 \end{frame} |
649 \end{frame} |
739 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
650 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
740 |
651 |
741 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
652 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
653 % \begin{frame}[c] |
|
654 % \frametitle{Fuzzy Testing C-Compilers} |
|
655 |
|
656 % \begin{itemize} |
|
657 % \item tested GCC, LLVM and others by randomly generating |
|
658 % C-programs |
|
659 % \item found more than 300 bugs in GCC and also |
|
660 % many in LLVM (some of them highest-level critical)\bigskip |
|
661 % \item about CompCert: |
|
662 |
|
663 % \begin{bubble}[10cm]\small ``The striking thing about our CompCert |
|
664 % results is that the middle-end bugs we found in all other |
|
665 % compilers are absent. As of early 2011, the under-development |
|
666 % version of CompCert is the only compiler we have tested for |
|
667 % which Csmith cannot find wrong-code errors. This is not for |
|
668 % lack of trying: we have devoted about six CPU-years to the |
|
669 % task.'' |
|
670 % \end{bubble} |
|
671 % \end{itemize} |
|
672 |
|
673 % \end{frame} |
|
674 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
675 |
|
676 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
742 \begin{frame}[c] |
677 \begin{frame}[c] |
743 \frametitle{Fuzzy Testing C-Compilers} |
678 \frametitle{Big Proofs in CS (2)} |
744 |
679 |
745 \begin{itemize} |
680 \begin{itemize} |
746 \item tested GCC, LLVM and others by randomly generating |
681 \item in 2010, verification of a micro-kernel operating system (approximately 8700 loc) |
747 C-programs |
682 \begin{itemize} |
748 \item found more than 300 bugs in GCC and also |
683 \item used in helicopters and mobile phones |
749 many in LLVM (some of them highest-level critical)\bigskip |
684 \item 200k loc of proof |
750 \item about CompCert: |
685 \item 25 - 30 person years |
751 |
686 \item found 160 bugs in the C code (144 by the proof) |
752 \begin{bubble}[10cm]\small ``The striking thing about our CompCert |
687 \end{itemize} |
753 results is that the middle-end bugs we found in all other |
|
754 compilers are absent. As of early 2011, the under-development |
|
755 version of CompCert is the only compiler we have tested for |
|
756 which Csmith cannot find wrong-code errors. This is not for |
|
757 lack of trying: we have devoted about six CPU-years to the |
|
758 task.'' |
|
759 \end{bubble} |
|
760 \end{itemize} |
688 \end{itemize} |
761 |
689 |
762 \end{frame} |
690 \begin{bubble}[10cm]\small |
|
691 ``Real-world operating-system kernel with an end-to-end proof |
|
692 of implementation correctness and security enforcement'' |
|
693 \end{bubble}\bigskip\pause |
|
694 |
|
695 unhackable kernel (New Scientists, September 2015) |
|
696 \end{frame} |
|
697 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
698 |
763 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
699 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
700 \begin{frame}[c] |
|
701 \frametitle{Big Proofs in CS (3)} |
|
702 |
|
703 \begin{itemize} |
|
704 \item verified TLS implementation\medskip |
|
705 \item verified compilers (CompCert, CakeML)\medskip |
|
706 \item verified distributed systems (Verdi)\medskip |
|
707 \item verified OSes or OS components\\ |
|
708 (seL4, CertiKOS, \ldots)\bigskip\pause |
|
709 \item Infer static analyser developed by Facebook |
|
710 \end{itemize} |
|
711 |
|
712 \end{frame} |
|
713 |
|
714 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
715 \begin{frame}[c] |
|
716 \frametitle{How Did This Happen?} |
|
717 |
|
718 Lots of ways! |
|
719 |
|
720 \begin{itemize} |
|
721 \item better programming languages |
|
722 \begin{itemize} |
|
723 \item basic safety guarantees built in |
|
724 \item powerful mechanisms for abstraction and modularity |
|
725 \end{itemize} |
|
726 \item better software development methodology |
|
727 \item stable platforms and frameworks |
|
728 \item better use of specifications\medskip\\ |
|
729 \small If you want to build software that works or is secure, |
|
730 it is helpful to know what you mean by ``works'' and by ``is secure''! |
|
731 \end{itemize} |
|
732 |
|
733 \end{frame} |
|
734 |
|
735 |
|
736 |
|
737 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
738 \begin{frame}[c] |
|
739 \frametitle{Goal} |
|
740 |
|
741 Remember the Bridges example? |
|
742 |
|
743 \begin{itemize} |
|
744 \item Can we look at our programs and somehow ensure |
|
745 they are bug free/correct?\pause\bigskip |
|
746 |
|
747 \item Very hard: Anything interesting about programs is equivalent |
|
748 to the Halting Problem, which is undecidable.\pause\bigskip |
|
749 |
|
750 \item \alert{Solution:} We avoid this ``minor'' obstacle by |
|
751 being as close as possible of deciding the halting |
|
752 problem, without actually deciding the halting problem. |
|
753 \small$\quad\Rightarrow$ yes, no, don't know (static analysis) |
|
754 \end{itemize} |
|
755 |
|
756 \end{frame} |
|
757 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
758 |
|
759 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
760 \begin{frame}[c] |
|
761 \frametitle{What is Static Analysis?} |
|
762 |
|
763 \begin{center} |
|
764 \includegraphics[scale=0.4]{../pics/state.png} |
|
765 \end{center} |
|
766 |
|
767 \begin{itemize} |
|
768 \item depending on some initial input, a program |
|
769 (behaviour) will ``develop'' over time. |
|
770 \end{itemize} |
|
771 |
|
772 \end{frame} |
|
773 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
774 |
|
775 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
776 \begin{frame}[c] |
|
777 \frametitle{What is Static Analysis?} |
|
778 |
|
779 \begin{center} |
|
780 \includegraphics[scale=0.4]{../pics/state2.png} |
|
781 \end{center} |
|
782 |
|
783 \end{frame} |
|
784 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
785 |
|
786 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
787 \begin{frame}[c] |
|
788 \frametitle{What is Static Analysis?} |
|
789 |
|
790 \begin{center} |
|
791 \includegraphics[scale=0.4]{../pics/state3.jpg} |
|
792 \end{center} |
|
793 |
|
794 \end{frame} |
|
795 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
796 |
|
797 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
798 \begin{frame}[c] |
|
799 \frametitle{What is Static Analysis?} |
|
800 |
|
801 \begin{center} |
|
802 \includegraphics[scale=0.4]{../pics/state4.jpg} |
|
803 \end{center} |
|
804 |
|
805 \begin{itemize} |
|
806 \item to be avoided |
|
807 \end{itemize} |
|
808 |
|
809 \end{frame} |
|
810 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
811 |
|
812 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
813 \begin{frame}[c] |
|
814 \frametitle{What is Static Analysis?} |
|
815 |
|
816 \begin{center} |
|
817 \includegraphics[scale=0.4]{../pics/state5.png} |
|
818 \end{center} |
|
819 |
|
820 \begin{itemize} |
|
821 \item this needs more work |
|
822 \end{itemize} |
|
823 |
|
824 \end{frame} |
|
825 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
826 |
|
827 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
828 \begin{frame}[c] |
|
829 \frametitle{What is Static Analysis?} |
|
830 |
|
831 \begin{center} |
|
832 \includegraphics[scale=0.4]{../pics/state6.png} |
|
833 \end{center} |
|
834 |
|
835 \end{frame} |
|
836 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
837 |
|
838 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
839 \begin{frame}[c,fragile] |
|
840 \frametitle{\Large\begin{tabular}{c}Concrete Example:\\[-1mm] |
|
841 Are Vars Definitely Initialised?\end{tabular}} |
|
842 |
|
843 Assuming \texttt{x} is initialised, what about \texttt{y}?\bigskip |
|
844 |
|
845 Prog.~1:\\ |
|
846 \begin{lstlisting}[numbers=none, |
|
847 basicstyle=\ttfamily, |
|
848 language=While,xleftmargin=3mm] |
|
849 if x < 1 then y := x else y := x + 1; |
|
850 y := y + 1 |
|
851 \end{lstlisting}\medskip |
|
852 |
|
853 Prog.~2:\\ |
|
854 \begin{lstlisting}[numbers=none, |
|
855 basicstyle=\ttfamily, |
|
856 language=While,xleftmargin=3mm] |
|
857 if x < x then y := y + 1 else y := x; |
|
858 y := y + 1 |
|
859 \end{lstlisting} |
|
860 |
|
861 \end{frame} |
|
862 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
863 |
|
864 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
865 \begin{frame}[c,fragile] |
|
866 \frametitle{\Large\begin{tabular}{c}Concrete Example:\\[-1mm] |
|
867 Are Vars Definitely Initialised?\end{tabular}} |
|
868 |
|
869 What should the rules be for deciding when a |
|
870 variable is initialised?\bigskip\pause |
|
871 |
|
872 \begin{itemize} |
|
873 \item variable \texttt{x} is definitely initialized after |
|
874 \texttt{skip}\\ |
|
875 iff \texttt{x} is definitely initialized before \texttt{skip}. |
|
876 \end{itemize} |
|
877 |
|
878 \end{frame} |
|
879 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
880 |
|
881 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
882 \begin{frame}[c,fragile] |
|
883 % \frametitle{\Large\begin{tabular}{c}Concrete Example:\\[-1mm] |
|
884 % Are Vars Definitely Initialised?\end{tabular}} |
|
885 |
|
886 $\bl{A}$ is the set of definitely defined variables: |
|
887 |
|
888 \begin{center} |
|
889 \begin{tabular}{c} |
|
890 \bl{\infer{\mbox{}}{A\;\texttt{skip}\;A}}\qquad |
|
891 \bl{\infer{vars(a) \subseteq A}{A\;\;(\texttt{x\,:=\,a})\;\;\{x\}\cup A}} |
|
892 \medskip\\\pause |
|
893 |
|
894 \bl{\infer{A_1\;s_1\;A_2\quad A_2\;s_2\;A_3}{A_1\;(s_1 ; s_2)\;A_3}} |
|
895 \medskip\\\pause |
|
896 |
|
897 \bl{\infer{vars(b)\subseteq A\quad A\;s_1\;A_1\quad A\;s_2\;A_2} |
|
898 {A\;(\texttt{if}\;b\;\texttt{then}\;s_1\;\texttt{else}\;s_2)\;A_1\cap A_2}} |
|
899 \medskip\\\pause |
|
900 |
|
901 \bl{\infer{vars(b)\subseteq A\quad A\;s\;A'} |
|
902 {A\;(\texttt{while}\;b\;\texttt{do}\;s)\;A}}\pause |
|
903 \end{tabular} |
|
904 \end{center} |
|
905 |
|
906 \hfill we start with $\bl{A = \{\}}$ |
|
907 \end{frame} |
|
908 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
909 |
|
910 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
911 \begin{frame}[fragile] |
|
912 \frametitle{\large Concrete Example: Sign-Analysis} |
|
913 \mbox{}\\[-20mm]\mbox{} |
|
914 |
|
915 \bl{\begin{plstx}[rhs style=,one per line] |
|
916 : \meta{Exp} ::= \meta{Exp} + \meta{Exp} |
|
917 | \meta{Exp} * \meta{Exp} |
|
918 | \meta{Exp} = \meta{Exp} |
|
919 | \meta{num} |
|
920 | \meta{var}\\ |
|
921 : \meta{Stmt} ::= \meta{label} : |
|
922 | \meta{var} := \meta{Exp} |
|
923 | \pcode{jmp?} \meta{Exp} \meta{label} |
|
924 | \pcode{goto} \meta{label}\\ |
|
925 : \meta{Prog} ::= \meta{Stmt} \ldots{} \meta{Stmt}\\ |
|
926 \end{plstx}} |
|
927 |
|
928 \begin{textblock}{0}(7.8,2.5) |
|
929 \small |
|
930 \begin{bubble}[5.6cm] |
|
931 \begin{lstlisting}[numbers=none, |
|
932 basicstyle=\ttfamily, |
|
933 language={},xleftmargin=3mm] |
|
934 a := 1 |
|
935 n := 5 |
|
936 top: jmp? n = 0 done |
|
937 a := a * n |
|
938 n := n + -1 |
|
939 goto top |
|
940 done: |
|
941 \end{lstlisting} |
|
942 \end{bubble} |
|
943 \end{textblock} |
|
944 |
|
945 \end{frame} |
|
946 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
947 |
|
948 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
949 \begin{frame}[fragile] |
|
950 \frametitle{\large Concrete Example: Sign-Analysis} |
|
951 \mbox{}\\[-20mm]\mbox{} |
|
952 |
|
953 \bl{\begin{plstx}[rhs style=,one per line] |
|
954 : \meta{Exp} ::= \meta{Exp} + \meta{Exp} |
|
955 | \meta{Exp} * \meta{Exp} |
|
956 | \meta{Exp} = \meta{Exp} |
|
957 | \meta{num} |
|
958 | \meta{var}\\ |
|
959 : \meta{Stmt} ::= \meta{label} : |
|
960 | \meta{var} := \meta{Exp} |
|
961 | \pcode{jmp?} \meta{Exp} \meta{label} |
|
962 | \pcode{goto} \meta{label}\\ |
|
963 : \meta{Prog} ::= \meta{Stmt} \ldots{} \meta{Stmt}\\ |
|
964 \end{plstx}} |
|
965 |
|
966 \begin{textblock}{0}(7.8,3.5) |
|
967 \small |
|
968 \begin{bubble}[5.6cm] |
|
969 \begin{lstlisting}[numbers=none, |
|
970 basicstyle=\ttfamily, |
|
971 language={},xleftmargin=3mm] |
|
972 n := 6 |
|
973 m1 := 0 |
|
974 m2 := 1 |
|
975 top: jmp? n = 0 done |
|
976 tmp := m2 |
|
977 m2 := m1 + m2 |
|
978 m1 := tmp |
|
979 n := n + -1 |
|
980 goto top |
|
981 done: |
|
982 \end{lstlisting} |
|
983 \end{bubble} |
|
984 \end{textblock} |
|
985 |
|
986 \end{frame} |
|
987 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
988 |
|
989 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
990 \begin{frame}[fragile] |
|
991 \frametitle{\large Concrete Example: Sign-Analysis} |
|
992 \mbox{}\\[-20mm]\mbox{} |
|
993 |
|
994 \bl{\begin{plstx}[rhs style=,one per line] |
|
995 : \meta{Exp} ::= \meta{Exp} + \meta{Exp} |
|
996 | \meta{Exp} * \meta{Exp} |
|
997 | \meta{Exp} = \meta{Exp} |
|
998 | \meta{num} |
|
999 | \meta{var}\\ |
|
1000 : \meta{Stmt} ::= \meta{label} : |
|
1001 | \meta{var} := \meta{Exp} |
|
1002 | \pcode{jmp?} \meta{Exp} \meta{label} |
|
1003 | \pcode{goto} \meta{label}\\ |
|
1004 : \meta{Prog} ::= \meta{Stmt} \ldots{} \meta{Stmt}\\ |
|
1005 \end{plstx}} |
|
1006 |
|
1007 \end{frame} |
|
1008 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1009 |
|
1010 |
|
1011 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1012 \begin{frame}[fragile] |
|
1013 \frametitle{Eval: An Interpreter} |
|
1014 \mbox{}\\[-14mm]\mbox{} |
|
1015 |
|
1016 \small |
|
1017 \begin{center} |
|
1018 \bl{\begin{tabular}{lcl} |
|
1019 $[n]_{env}$ & $\dn$ & $n$\\ |
|
1020 $[x]_{env}$ & $\dn$ & $env(x)$\\ |
|
1021 $[e_1 + e_2]_{env}$ & $\dn$ & $[e_1]_{env} + [e_2]_{env}$\\ |
|
1022 $[e_1 * e_2]_{env}$ & $\dn$ & $[e_1]_{env} * [e_2]_{env}$\\ |
|
1023 $[e_1 = e_2]_{env}$ & $\dn$ & |
|
1024 $\begin{cases} |
|
1025 1 & \text{if}\quad[e_1]_{env} = [e_2]_{env}\\ |
|
1026 0 & \text{otherwise} |
|
1027 \end{cases}$\\ |
|
1028 \end{tabular}} |
|
1029 \end{center} |
|
1030 |
|
1031 \footnotesize |
|
1032 \begin{lstlisting}[numbers=none,xleftmargin=-5mm] |
|
1033 def eval_exp(e: Exp, env: Env) : Int = e match { |
|
1034 case Num(n) => n |
|
1035 case Var(x) => env(x) |
|
1036 case Plus(e1, e2) => eval_exp(e1, env) + eval_exp(e2, env) |
|
1037 case Times(e1, e2) => eval_exp(e1, env) * eval_exp(e2, env) |
|
1038 case Equ(e1, e2) => |
|
1039 if (eval_exp(e1, env) == eval_exp(e2, env)) 1 else 0 |
|
1040 } |
|
1041 \end{lstlisting} |
|
1042 |
|
1043 \end{frame} |
|
1044 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1045 |
|
1046 |
|
1047 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1048 \begin{frame}[fragile] |
|
1049 \small |
|
1050 A program |
|
1051 \begin{bubble}[6cm]\footnotesize |
|
1052 \begin{lstlisting}[numbers=none, |
|
1053 language={}, |
|
1054 basicstyle=\ttfamily, |
|
1055 xleftmargin=1mm] |
|
1056 a := 1 |
|
1057 n := 5 |
|
1058 top: jmp? n = 0 done |
|
1059 a := a * n |
|
1060 n := n + -1 |
|
1061 goto top |
|
1062 done: |
|
1063 \end{lstlisting} |
|
1064 \end{bubble} |
|
1065 |
|
1066 The \emph{snippets} of the program: |
|
1067 |
|
1068 \footnotesize |
|
1069 \begin{columns} |
|
1070 \begin{column}[t]{5cm} |
|
1071 \begin{bubble}[4.5cm] |
|
1072 \begin{lstlisting}[numbers=none, |
|
1073 basicstyle=\ttfamily, |
|
1074 language={},xleftmargin=1mm] |
|
1075 "" a := 1 |
|
1076 n := 5 |
|
1077 top: jmp? n = 0 done |
|
1078 a := a * n |
|
1079 n := n + -1 |
|
1080 goto top |
|
1081 done: |
|
1082 \end{lstlisting} |
|
1083 \end{bubble} |
|
1084 \end{column} |
|
1085 \begin{column}[t]{5cm} |
|
1086 \begin{bubble}[4.5cm] |
|
1087 \begin{lstlisting}[numbers=none, |
|
1088 basicstyle=\ttfamily, |
|
1089 language={},xleftmargin=1mm] |
|
1090 top: jmp? n = 0 done |
|
1091 a := a * n |
|
1092 n := n + -1 |
|
1093 goto top |
|
1094 done: |
|
1095 \end{lstlisting} |
|
1096 \end{bubble} |
|
1097 \end{column} |
|
1098 \begin{column}[t]{2cm} |
|
1099 \begin{bubble}[1.1cm] |
|
1100 \begin{lstlisting}[numbers=none, |
|
1101 basicstyle=\ttfamily, |
|
1102 language={},xleftmargin=1mm] |
|
1103 done: |
|
1104 \end{lstlisting} |
|
1105 \end{bubble} |
|
1106 \end{column} |
|
1107 \end{columns} |
|
1108 |
|
1109 \end{frame} |
|
1110 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1111 |
|
1112 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1113 \begin{frame}[fragile] |
|
1114 \frametitle{Eval for Stmts} |
|
1115 \mbox{}\\[-12mm]\mbox{} |
|
1116 |
|
1117 Let \bl{$sn$} be the snippets of a program |
|
1118 |
|
1119 \small |
|
1120 \begin{center} |
|
1121 \bl{\begin{tabular}{lcl} |
|
1122 $[\texttt{nil}]_{env}$ & $\dn$ & $env$\medskip\\ |
|
1123 $[\texttt{Label}(l:)::rest]_{env}$ & $\dn$ & $[rest]_{env}$\medskip\\ |
|
1124 $[x \,\texttt{:=}\, a::rest]_{env}$ & $\dn$ & |
|
1125 $[rest]_{(env[x:= [a]_{env}])}$\medskip\\ |
|
1126 $[\texttt{jmp?}\;b\;l::rest]_{env}$ & $\dn$ & |
|
1127 $\begin{cases} |
|
1128 [sn(l)]_{env} & \text{if}\quad[b]_{env} = true\\ |
|
1129 [rest]_{env} & \text{otherwise} |
|
1130 \end{cases}$\medskip\\ |
|
1131 $[\texttt{goto}\;l::rest]_{env}$ & $\dn$ & $[sn(l)]_{env}$\\ |
|
1132 \end{tabular}} |
|
1133 \end{center}\bigskip |
|
1134 |
|
1135 Start with \bl{$[sn(\mbox{\code{""}})]_{\varnothing}$} |
|
1136 |
|
1137 \end{frame} |
|
1138 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1139 |
|
1140 |
|
1141 |
|
1142 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1143 \begin{frame}[fragile] |
|
1144 \frametitle{Eval in Code} |
|
1145 |
|
1146 \footnotesize |
|
1147 \begin{lstlisting}[language=Scala,numbers=none,xleftmargin=-5mm] |
|
1148 def eval(sn: Snips) : Env = { |
|
1149 def eval_stmts(sts: Stmts, env: Env) : Env = sts match { |
|
1150 case Nil => env |
|
1151 |
|
1152 case Label(l)::rest => eval_stmts(rest, env) |
|
1153 |
|
1154 case Assign(x, e)::rest => |
|
1155 eval_stmts(rest, env + (x -> eval_exp(e, env))) |
|
1156 |
|
1157 case Jmp(b, l)::rest => |
|
1158 if (eval_exp(b, env) == 1) eval_stmts(sn(l), env) |
|
1159 else eval_stmts(rest, env) |
|
1160 |
|
1161 case Goto(l)::rest => eval_stmts(sn(l), env) |
|
1162 } |
|
1163 |
|
1164 eval_stmts(sn(""), Map()) |
|
1165 } |
|
1166 \end{lstlisting} |
|
1167 |
|
1168 \end{frame} |
|
1169 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1170 |
|
1171 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1172 \begin{frame}[fragile] |
|
1173 \frametitle{The Idea of Static Analysis} |
|
1174 \small |
|
1175 \mbox{}\bigskip\\ |
|
1176 |
|
1177 \begin{columns} |
|
1178 \begin{column}{5cm} |
|
1179 \begin{bubble}[4.5cm]\footnotesize |
|
1180 \begin{lstlisting}[numbers=none, |
|
1181 language={}, |
|
1182 basicstyle=\ttfamily, |
|
1183 xleftmargin=1mm] |
|
1184 a := 1 |
|
1185 n := 5 |
|
1186 top: jmp? n = 0 done |
|
1187 a := a * n |
|
1188 n := n + -1 |
|
1189 goto top |
|
1190 done: |
|
1191 \end{lstlisting} |
|
1192 \end{bubble} |
|
1193 \end{column} |
|
1194 |
|
1195 \begin{column}{1cm} |
|
1196 \raisebox{-20mm}{\LARGE\bf$\Rightarrow$} |
|
1197 \end{column} |
|
1198 \begin{column}{6cm} |
|
1199 \begin{bubble}[4.7cm]\footnotesize |
|
1200 \begin{lstlisting}[numbers=none, |
|
1201 language={}, |
|
1202 basicstyle=\ttfamily, |
|
1203 xleftmargin=1mm, |
|
1204 escapeinside={(*}{*)}] |
|
1205 a := (*\hl{'+'}*) |
|
1206 n := (*\hl{'+'}*) |
|
1207 top: jmp? n = (*\hl{'0'}*) done |
|
1208 a := a * n |
|
1209 n := n + (*\hl{'-'}*) |
|
1210 goto top |
|
1211 done: |
|
1212 \end{lstlisting} |
|
1213 \end{bubble} |
|
1214 \end{column} |
|
1215 \end{columns}\bigskip\bigskip |
|
1216 |
|
1217 Replace all constants and variables by either |
|
1218 \pcode{+}, \pcode{-} or \pcode{0}. What we want to find out |
|
1219 is what the sign of \texttt{a} and \texttt{n} is (they should |
|
1220 always positive). |
|
1221 |
|
1222 \end{frame} |
|
1223 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1224 |
|
1225 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1226 \begin{frame}[c] |
|
1227 \frametitle{Sign Analysis?} |
|
1228 |
|
1229 |
|
1230 \begin{columns} |
|
1231 \begin{column}{3cm} |
|
1232 \begin{tabular}{cc|l} |
|
1233 $e_1$ & $e_2$ & $e_1 + e_2$\\\hline{} |
|
1234 - & - & -\\ |
|
1235 - & 0 & -\\ |
|
1236 - & + & -, 0, +\\ |
|
1237 0 & $x$ & $x$\\ |
|
1238 + & - & -, 0, +\\ |
|
1239 + & 0 & +\\ |
|
1240 + & + & +\\ |
|
1241 \end{tabular} |
|
1242 \end{column} |
|
1243 |
|
1244 \begin{column}{3cm} |
|
1245 \begin{tabular}{cc|l} |
|
1246 $e_1$ & $e_2$ & $e_1 * e_2$\\\hline{} |
|
1247 - & - & +\\ |
|
1248 - & 0 & 0\\ |
|
1249 - & + & -\\ |
|
1250 0 & $x$ & 0\\ |
|
1251 + & - & -\\ |
|
1252 + & 0 & 0\\ |
|
1253 + & + & +\\ |
|
1254 \end{tabular} |
|
1255 \end{column} |
|
1256 \end{columns} |
|
1257 |
|
1258 \end{frame} |
|
1259 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1260 |
|
1261 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1262 \begin{frame}[fragile] |
|
1263 \mbox{}\\[-13mm]\mbox{} |
|
1264 |
|
1265 \small |
|
1266 \begin{center} |
|
1267 \bl{\begin{tabular}{lcl} |
|
1268 $[n]_{aenv}$ & $\dn$ & |
|
1269 $\begin{cases} |
|
1270 \{+\} & \text{if}\; n > 0\\ |
|
1271 \{-\} & \text{if}\; n < 0\\ |
|
1272 \{0\} & \text{if}\; n = 0 |
|
1273 \end{cases}$\\ |
|
1274 $[x]_{aenv}$ & $\dn$ & $aenv(x)$\\ |
|
1275 $[e_1 + e_2]_{aenv}$ & $\dn$ & $[e_1]_{aenv} \oplus [e_2]_{aenv}$\\ |
|
1276 $[e_1 * e_2]_{aenv}$ & $\dn$ & $[e_1]_{aenv} \otimes [e_2]_{aenv}$\\ |
|
1277 $[e_1 = e_2]_{aenv}$ & $\dn$ & $\{0, +\}$\\ |
|
1278 \end{tabular}} |
|
1279 \end{center} |
|
1280 |
|
1281 \scriptsize |
|
1282 \begin{lstlisting}[language=Scala,numbers=none,xleftmargin=-5mm] |
|
1283 def aeval_exp(e: Exp, aenv: AEnv) : Set[Abst] = e match { |
|
1284 case Num(0) => Set(Zero) |
|
1285 case Num(n) if (n < 0) => Set(Neg) |
|
1286 case Num(n) if (n > 0) => Set(Pos) |
|
1287 case Var(x) => aenv(x) |
|
1288 case Plus(e1, e2) => |
|
1289 aplus(aeval_exp(e1, aenv), aeval_exp(e2, aenv)) |
|
1290 case Times(e1, e2) => |
|
1291 atimes(aeval_exp(e1, aenv), aeval_exp(e2, aenv)) |
|
1292 case Equ(e1, e2) => Set(Zero, Pos) |
|
1293 } |
|
1294 \end{lstlisting} |
|
1295 |
|
1296 \end{frame} |
|
1297 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1298 |
|
1299 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1300 \begin{frame}[fragile] |
|
1301 \frametitle{AEval for Stmts} |
|
1302 \mbox{}\\[-12mm]\mbox{} |
|
1303 |
|
1304 Let \bl{$sn$} be the snippets of a program |
|
1305 |
|
1306 \small |
|
1307 \begin{center} |
|
1308 \bl{\begin{tabular}{lcl} |
|
1309 $[\texttt{nil}]_{aenv}$ & $\to$ & $(\texttt{nil},aenv)$\medskip\\ |
|
1310 $[\texttt{Label}(l:)::rest]_{aenv}$ & $\to$ & $(rest, aenv)$\medskip\\ |
|
1311 $[x \,\texttt{:=}\, e::rest]_{aenv}$ & $\to$ & |
|
1312 $(rest, aenv[x:= [e]_{aenv}])$\medskip\\ |
|
1313 $[\texttt{jmp?}\;e\;l::rest]_{aenv}$ & $\to$ & |
|
1314 $(sn(l),aenv)$ \textcolor{black}{and} $(rest, aenv)$\medskip\\ |
|
1315 $[\texttt{goto}\;l::rest]_{aenv}$ & $\to$ & $(sn(l), aenv)$\\ |
|
1316 \end{tabular}} |
|
1317 \end{center}\bigskip |
|
1318 |
|
1319 Start with \bl{$[sn(\mbox{\code{""}})]_{\varnothing}$}, try to |
|
1320 reach all \emph{states} you can find (until a fix point is reached). |
|
1321 |
|
1322 Check whether there are only $aenv$ in the final states that have |
|
1323 your property. |
|
1324 \end{frame} |
|
1325 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1326 |
|
1327 |
|
1328 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1329 \begin{frame}[c] |
|
1330 \frametitle{Sign Analysis} |
|
1331 |
|
1332 \begin{itemize} |
|
1333 \item We want to find out whether \texttt{a} and \texttt{n} |
|
1334 are always positive?\medskip |
|
1335 \item After a few optimisations, we can indeed find this out. |
|
1336 \begin{itemize} |
|
1337 \item equal signs return only \texttt{+} or \texttt{0} |
|
1338 \item branch into only one direction if you know |
|
1339 \item if $x$ is \texttt{+}, then $x + \texttt{-1}$ |
|
1340 cannot be negative |
|
1341 \end{itemize}\bigskip |
|
1342 |
|
1343 \item What is this good for? Well, you do not need |
|
1344 underflow checks (in order to prevent buffer-overflow |
|
1345 attacks). In general this technique is used to make sure |
|
1346 keys stay secret. |
|
1347 \end{itemize} |
|
1348 |
|
1349 \end{frame} |
|
1350 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1351 |
|
1352 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1353 \begin{frame}[c] |
|
1354 \frametitle{Take Home Points} |
|
1355 |
|
1356 \begin{itemize} |
|
1357 \item While testing is important, it does not show the |
|
1358 absence of bugs/vulnerabilities.\medskip |
|
1359 \item More and more we need (formal) proofs that show |
|
1360 a program is bug free.\medskip |
|
1361 |
|
1362 \item Static analysis is more and more employed nowadays |
|
1363 in order to automatically hunt for bugs. |
|
1364 \end{itemize} |
|
1365 |
|
1366 \end{frame} |
|
1367 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
|
1368 |
|
1369 |
764 |
1370 |
765 \end{document} |
1371 \end{document} |
|
1372 |
766 |
1373 |
767 %%% Local Variables: |
1374 %%% Local Variables: |
768 %%% mode: latex |
1375 %%% mode: latex |
769 %%% TeX-master: t |
1376 %%% TeX-master: t |
770 %%% End: |
1377 %%% End: |