



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Material Type: Notes; Professor: Foster; Class: PROG ANLYS&UNDERSTANDING; Subject: Computer Science; University: University of Maryland; Term: Unknown 1989;
Typology: Study notes
1 / 7
This page cannot be seen from the preview
Don't miss anything!




CMSC 631 ā Program Analysis and Understanding Spring 2006
CMSC 631, Fall 2004 (^2)
ā Static analysis
CMSC 631, Fall 2004 (^3)
ā (^) Office: 4129 AVW ā (^) E-mail: jfoster at cs.umd.edu ā Office hours: M 1-2pm, Tu 11am-12pm
CMSC 631, Fall 2004 (^4)
ā (^) Ideas we will use in this class:
CMSC 631, Fall 2004 (^5)
ā Pierce, Types and Programming Languages ā (^) Huth and Ryan, Logic in Computer Science
CMSC 631, Fall 2004
ā (^) https://forum.cs.umd.edu/forumdisplay.php?f=
6
CMSC 631, Fall 2004 (^7)
ā (^) Programming assignments (20% of grade)
ā (^) Much more effective than listening to a lecture CMSC 631, Fall 2004 (^8)
ā (^) No late submissions
ā E.g., religious holidays ā Inform me as soon as possible
CMSC 631, Fall 2004 (^9)
ā (^) More later on in the semester ā (^) Should come prepared to contribute to discussion
ā Read 1-2 papers on a topic ā Present a lecture in class about the material
CMSC 631, Fall 2004 (^10)
ā (^) So you have to do research as part of the class
ā Any topic vaguely related to the class is acceptable
ā (^) Will ease up on homeworks, reading
ā Project proposal (one page) + talk with me ā Project write-up
ā (^) Based on written and programming assignments ā Take-home or in-class (weāll vote at the end of the semester)
CMSC 631, Fall 2004 (^19)
x := 3
y := z + w y := 0
x := 2 * x
x = *
x = 3
x = 3
x = 3
x = 3
x = 6
x =?
x =?
x =?
CMSC 631, Fall 2004 (^20)
ā (^) Out(S) = Gen(S) U (In(S) - Kill(S))
ā (^) Finite height lattice ā (^) Monotone transformation functions
x =? x = 3 x = 6 ...
x = *
CMSC 631, Fall 2004 (^21)
x := 0
v := 3 v := 4 + x
x := x + v
x 1 := 0
v 1 := 3 v 2 := 4 + x 1
v 3 := Φ(v 1 ,v 2 )
x 2 := x 1 + v 3
CMSC 631, Fall 2004 (^22)
variable function function application
ā (^) (replace by in )
ā (^) true = false = ā if a then b else c =
ā (^) But after a while, realized could be general-purpose
ā Similar to lambda-calculus
CMSC 631, Fall 2004 (^25)
ā (^) Is 00110110111100101100111010101000
ā To choose operation (which + op), e.g., FORTRAN ā To avoid programming mistakes
CMSC 631, Fall 2004 (^26)
in type environment , expression has type
dom(A) !
!
!
!
!! !
!
CMSC 631, Fall 2004 (^27)
ā If for each object of type there is an object of type such that for all programs defined in terms of , the behavior of is unchanged when is substituted for then is a subtype of.
ā If anyone expecting a can be given an instead, then is a subtype of.
CMSC 631, Fall 2004 (^28)
ā Hoare, Dijkstra, Gries, others
ā (^) If statement is executed in a state satisfying precondition , then will terminate, and will hold of the resulting state ā Partial correctness: ignore termination
ā (^) Axiom: ā (^) Example:
ā (^) Lots of parallelism (concurrency), but ā Not a lot of structure (e.g., no dynamic allocation)
loop out: x1 := 1; last := 1 req: await x2 = 0 or last = 2 in: x1 := 0 end loop
loop out: x2 := 1; last := 2 req: await x1 = 0 or last = 1 in: x2 := 0 end loop (Example from Henzinger)
||
CMSC 631, Fall 2004 (^37)
ā (^) Focus on device drivers: lock/unlock protocol errors, and other errors sequencing of operations
CMSC 631, Fall 2004 (^38)
ā (^) Can perform deep reasoning about programs ā (^) Array out-of-bounds ā (^) Null pointer errors ā Failure to satisfy internal invariants
ā (^) Format-string vulnerabilities, deadlocks, file I/O protocol errors, kernel security holes
ā Memory allocation and deallocation errors, library protocol errors, misuse of locks
ā (^) Very deep theory ā (^) But lots of practical applications
ā Focus on program correctness instead of speed ā Forget about full correctness, though ā (^) Scalability to large programs essential