Program Analysis Week 3-23 rd to 27 th January
|
|
- Giles Dorsey
- 4 years ago
- Views:
Transcription
1 Program Analysis Week 3-23 rd to 27 th January Ganesh K. (CS16M006) Honey Goyal (CS16M018) February 5,
2 Contents 1 Data Flow Analysis (Contd.) Concrete Vs Abstract Interpretation: Storing Abstractions: Conservative Analysis: Safety vs Liveness: Analysis - Soundness and Precision : Optimization Soundness : Pointer Analysis Why Pointer Analysis? Definitions : Types of pointer manipulating statements: Algebraic Properties : Cyclic Dependence : Modelling Pointer analysis as a Data Flow Analysis Problem :
3 1 Data Flow Analysis (Contd.) 1.1 Concrete Vs Abstract Interpretation: The Interpretation of a program is a construct by construct execution of the program, and it is performed during compile time. Concrete Interpretation : It involves the interpretation of the program with the actual values at runtime. It is highly precise and offers a better interpretation than what is obtained during static computation. Abstract Interpretation : This interpretation is obtained during compile time and serves as an approximation. Example of concrete interpretation (concrete execution trace ) : // x i s undefined x=0; // x i s zero ++x ; // x i s one ; x ; // x i s zero ; The above is a straightforward program with a branchless, control flow pattern from the start to end. We now proceed with approximating the number of values x takes in the program. It can be noticed that the value of x is undefined till the instruction x=0; is reached. After that program point, the value of x lies in the set {0,1}. If we choose not to use a full integer variable (of multiple bit size) to keep track of the value of x, and proceed with a single bit we limit ourselves to be able to track atmost 2 values of the variable. We choose to track, if the value of x is Zero or Not. Why such a tracking mechanism? : The choice of what value of a variable to track may depend on the requirement of a transformation, (in this case, to track x==0) to facilitate optimization at a later stage. 3
4 Example of Abstract interpretation : Figure 1: Abstract Implementation : execution trace The Idea here is to look through a peephole/window of one construct/instruction at a time. At any point, we have access to the current instruction, and the bit(s) that we use to track variable(s). We specify the bit, say B tracking the variable x to be True, only when the value of x is 0. Whenever the value of x is not 0, or there exists an uncertainty associated with its value, we assign bit B the value, False. Refer Figure 1: Initially the value of x is undefined, hence we assign B=False. Line 1: The variable x has the value 0, as a result of an absolute assignment. Hence, B = True. Line 2: x s value is incremented and it no longer holds the value 0, therefore B=FALSE. Lines 3:x s value is decremented, the Bit B was False earlier, since we cannot claim for certain that the value is 0, using a single bit value tracker, we conservatively assign bit B=False. Figure 2 shows scenarios where we use 2 bits to track x s value. Since there are a total of four possible states with 2 bits 00 - value 0, and denotes imprecision 01 - value 1, 10 - value 2, 11 - value 3. We choose the state 00 to additionally denote imprecision. Figure 2: Abstract Implementation : Using 2 bit tracking variable 4
5 Initially the bits are assigned the value 00 denoting imprecision (Refer Fig 2(a)). Line 1 assigns the value 0 to the variable x. This assignment also sets the bits to 00. However further modifications shown in lines 2 and 3 fail to update the bits, as the state 00 also indicates that x s value could be anything. Unless this loss in precision is regained via a direct assignment to the variable x in the program, it continues to propagate. Similarly, if 11 had been the state chosen to model the uncertainty in x s value, an assignment of the form x=3 would have caused imprecision. This is shown in Figure 2(c), the bits are set to be 11 everytime we are uncertain about x s value. It is to be noted that, 11 may also denote the state where x s value is 3. Line 1: assigns 1 to x therefore the bits are now assigned the values 01. Line 2: absolutely assigns x the value 3, therefore the bits are assigned the values 11. Line 3: decrements x, whose value cannot be determined for certain. Therefore the buts continue to hold the values 11. The figure 2(b) shows another form of abstraction. We maintain two bits here (B 0 B 1 ), one bit (B 0 ) to indicate if x==0, and another bit B 1 to indicate if x<2. (NOTE : 00 models the imprecise state). Additional information : x is a positive integer. Initially,the bits are assigned 00. Line 1, absolutely assigns the value 0 to x, hence bits are assigned 11. Line 2 increments x, since x s value is known to be 0 at this point, the bits are assigned 01. Line 3 decrements x, and yet again since we can determine x s value to be 0 after the operation, we assign the value 11 to the bits. NOTE: we could track x s values accurately post increment/decrement operations only because we knew x was a positive integer. In the absence of type information, we d have conservatively assigned 00 to bits. 1.2 Storing Abstractions: We typically use saturating counters to track values, where the first and last states are used to track imprecision and the range of states between them track precise values. The states at the ends do not wrap around and are used to represent more than one states. Assertions / Conditions may also be tracked. As observed from the example in Figure 2.b additional information about the type, sign if tracked, may improve precision. 1.3 Conservative Analysis: Being safe in Static analysis indicates moving towards the Bottom of the lattice, although it may be imprecise. We initialise the information with empty set (in case of reaching definition )and not Bottom (all definitions) because the analysis monotonically increases the set, and it leads us downwards in the lattice. This is shown in the following figure. 5
6 Figure 3: Reaching Definitions Lattice Choice of Initialisation depends on the confluence operator used in the analysis (Union, in case of reaching definition). 1.4 Safety vs Liveness: Transformations query information computed by an analysis (example : data flow facts at a said program point ). The resulting information is used by optimization passes. The queries can be classified across two properties : 1. Safety property 2. Liveness property Safety : A property / condition that holds across all execution paths at runtime. Liveness : Does there exist an execution path where the property holds. Example : A program can be claimed bug free, only if there exists no bugs(s) across all of its execution paths (Absence of a bug is a Safety property ) However, if there exists a path with a bug in the program, it conclusively indicates the presence of a bug in the program (Presence of a bug is a liveness property) Example : To prove presence of a data race condition in a program it is sufficient to find one pair across any execution path (Liveness property ). However, absence of a data race condition requires us to confirm its absence across all program paths and all pairs of data (Safety property) Question : Are Must/ May/ No alias for pointers Safety/Liveness properties?: No and Must aliases : are safety properties, since they require us to establish correctness across all possible execution paths in the program. However, May alias is a liveness property, as we require only one path where two pointers may point to the same location to prove correctness. 6
7 NOTE : A must alias analysis gives us a guarantee that two pointers point to the same memory location. However, A may alias analysis does not assure aliasing. The following scenario shows how information from may-analysis can be used to infer properties of other pointers. p, q and r are three pointers. Alias analysis provides us with information that only p and q may alias. Since there is a third pointer r that alias analysis does not speak about, it is guaranteed that r aliases neither with p nor with q. This information about r may be of use to some transformation. Figure 4: Relation between Must, May and Must-Not alias NOTE : The complement of May here is Must-not. By increasing the amount of may information, we d be reducing the amount of may-not information, thereby making the analysis more imprecise. 1.5 Analysis - Soundness and Precision : Analyses facilitate optimizations in certain scenarios. Scenarios, here are potential points of optimizations. An analysis is sound if the optimization it leads to maintains the functionality of the original code, and does not inadvertently trigger optimizations where there is no scope. The analysis is sound as long as the the optimization points are within the set of scenarios. If Optimization is carried out for all such scenarios, the analysis is termed complete. An analysis is precise as long as it does not disable optimizations for any possible scenario. 7
8 1.6 Optimization Soundness : It is possible that an analysis is useful for more than one optimization. i.e. the information provided by an analysis may be used by 2 or more optimizations in the similar manner. Example : Increasing the amount of information computed by the analysis may affect multiple the optimizations in the exact same manner. This lets us argue about soundness of the analysis independent of the optimizations. However, this is not always the case : Two opposite optimizations may see the information from the same analysis in opposing ways. i.e. Increasing the amount of information from the analysis may enable optimization O1 but disable optimization O2. In such cases, we cannot argue about soundness of the analysis independent of the optimizations. Example 1 :(Using pointer analysis ) Consider Optimization O 1 that changes *p to x if p points to only x (we can enable caching the value ). Consider Optimization O 2 that makes p volatile if p points to multiple variables at different program points ( we can disable caching the value ). Let the program exhibit, the points-to information as p {x, y} If A computes more information p {x, y, z}, O 1 is suppressed but O 2 is enabled. If A computes less information p {x}, O 1 is enabled and O 2 is suppressed. Example 2 (Uses numerical analysis) Consider Optimization O 1 that converts multiplication by 2 to a left bit-shift operation (x * 2 to x 1). Consider Optimization O 2 that uses a special circuit (fast operation) when there is a sum of reciprocals of powers of 2 ( ) Let the program use 1.98 as the value in a computation. Analysis A is used to compute values of arithmetic expressions. Converting 1.98 to 2 enables O 1, disables O 2. Converting 1.98 to enables O 2, disables O 1. In both examples shown above, analysis feeds different optimization in different ways. What is Precise for one is imprecise for other, and what is sound for one is unsound for the other. 8
9 2 Pointer Analysis It is a static code analysis technique that establishes which pointers, can point to which variables, or storage locations. It is often used as a component or a prelude of more complex analyses. It is also used as the collective name for both points-to analysis, and alias analysis. 2.1 Why Pointer Analysis? 1. a = &x ; 2. b = a ; 3. i f ( b == p ) { /... IF BLOCK... / 4. } else { /... ELSE BLOCK... / 5. } For the program written above, say if a transformation queries if b and *p are aliases ( Line 3 ) If the analysis performed is a Must alias analysis. and the response to the query is Yes, then the transformation can safely exclude the ELSE block. However if the response is No, it is not of significant use to the transformation (since the complement of MUST is MAY NOT ). If the analysis performed is a May alias analysis, and the response is Yes it does not help the transformation to exclude either of the blocks. //However with a No response for the may alias query, the transformation can safely exclude the IF BLOCK (since the complement of MAY is MUST NOT ). Parallelization : Example : fun(p) fun(q) If p and q s execution do not interfere, they can be executed in parallel. Optimization : a= p+2; b= q+2; In this case say, if p are q are inferred to be must aliases, we can proceed to apply common sub-expression elimination among the statements. 9
10 Table 1: Placement of Points-to Analysis Goal Improved Runtime Secure code Better debugging Better Compile Time Application of points-to analysis Lock synchronizer Parallelizing compiler String vulnerability finder Memory leak detector Program slicer Type analyzer Data flow analyzer Affine expression analyzer 2.2 Definitions : Points-to-analysis: computes points-to information for each pointer. Alias analysis : computes aliasing information across pointers. Pointee : the element a pointer points to. Points-to edge : the directed edge from the pointer to pointee in a points-to graph. Aliasing-edge : the undirected edge between two pointers that may be aliases. Figure 5: points-to graph From the figure shown above : p s points to set is {m, x} q s points to set is { x, y }. since there exists a common pointee ( x, here). p and q are aliases. It is to be noted that, we require the points-to information to compute the aliasing information, and not the other way round. Frameworks choose to store points-to information instead of aliasing information, since storing the latter is expensive. 2.3 Types of pointer manipulating statements: A C program can have arbitrarily typed valid statements. We choose to model pointer manipulating statements using the following 4 types : p = &q (address-of) A statement of the kind p=&x assigns the address of x to the pointer p. x is added to the points-to set of p. p = q (copy) If q points to multiple pointees, p begins to point to each one of them. 10
11 q s points-to set is copied into p s set. p = *q (load) The points-to sets of the pointees of q are copied to p s points-to set, as shown in the following figure. Figure 6: load instruction *p = q (store) p s pointees start pointing to the elements in q s points-to set as shown in the figure. Figure 7: store instruction NOTE: p s points-to set is not modified here. 11
12 Question : What kind of pointer statements cannot be modelled using the aforementioned types: Pointer arithmetic t= (p+i); we choose to model (p+i) as another pointer, say q; Pointer casting : We ignore type information and model a statement like q=(int *)p; as q=p; It may be the case that p and q are of different types and refer to blocks of different sizes, but we are okay with the loss in precision/information. malloc instructions: an instruction of the format p=mallox(10); is modelled as p=&x where x is a mnemonic to represent the malloc callsite. free(p): A call to free, deallocates the memory that is associated with the pointer p. However, it does not remove the reference, i.e. free does not change the points-to set of the pointer p, giving rise to a dangling pointer. As far as pointer analysis is concerned, we ignore the free statement. Question: How is NULL pointer modelled? The NULL pointer can be modelled in one of two ways 1. It can be modelled as another pointer in the program. 2. It need not be modelled at all. The choice of how to model the NULL pointer depends on the goal of the analysis. (whether the goal of the analysis is optimization or Security). Question : In case of a load statement ( p = *q ), what happens to p s original points-to set. Is it overwritten or appended to? If analysis is Flow sensitive : The original points-to set is killed. If the analysis is Flow insensitive, the new pointees are added to the points-to set. Question : In case of a load statement (p=*q), can p and *q be termed aliases? Yes, Two expressions can be aliases as long as they refer to the same memory location. 12
13 2.4 Algebraic Properties : Points-to relation : Not reflexive. One may argue that the points-to relation may be reflexive in weakly typed languages. Reflexivity, for the points-to relation is a general property cannot be based upon a few instances of language, and therefore, it is not reflexive. Not symmetric. Not transitive. Directed in nature. Alias relation: Reflexive Symmetric It is not Transitive. The following figure depicts a case where transitivity does not hold a and b are aliases, b and c are aliases. But a and c are Not. Figure 8: transitivity - counter example Undirected in nature. 13
14 Points-to graph: The points-to graphs for programs written in strictly typed languages are essentially DAGs (Directed Acyclic Graphs ). Further, they fall under a subset of DAGs that are possible, wherein edges to pointees in farther levels are not permitted. However, points-to graphs for programs written in weakly typed languages may have such edges. The following figure shows the mentioned scenario, where (a) represents a points-to graph for a strictly typed program instance, and (b) indicates the graph for a weakly typed instance. Every group of s in the figure shown, represents a dereferencing level. Figure 9: Points-to graphs - DAGs 2.5 Cyclic Dependence : Optimization points-to information Output of optimization passes is fed to pointer analysis pass.there exists a possibility that, this might lead to more opportunities to perform optimizations. Therefore we need this cyclic dependence across optimization and analysis. Example : Let p, q, r and s be pointer in a program. p=q+5; r=s +5; If we had prior knowledge that q and r were aliases, we could have performed common sub-expression elimination. Performing pointer analysis will therefore let us enable this optimization. Performing further pointer analysis after this optimization will let us discover that p and q may alias. Call graph Function pointer: To perform inter-procedural or context-sensitive analysis we have to know which function is invoked. However a function pointer may point to different functions depending on its runtime value. We will have to perform pointer analysis to determine targets of the function pointers. In order to proceed with inter-procedural pointer analysis we will require the call graph which in turns expects us to know function call information. There exists a circular dependence in this case. 14
15 For Example: Let p=&x be a statement in the main method, and let a function f (to which, main passes p ) have the statement q=p. We need to know that f is being called. A function pointer may point to different pointers depending on its runtime value. To figure the function pointer s targets and therefore to construct the call graph, we need pointer analysis In this case to perform context sensitive pointer analysis, we need p s points to set ( which is modified in the caller, main function ). This requires the call graph. In such cases, the call graphs are constructed with some pointer information, pointer analysis is then invoked using which function targets are resolved. This information is then fed back to the call graph to make it more precise. 2.6 Modelling Pointer analysis as a Data Flow Analysis Problem : Performing Pointer analysis requires us to compute the points-to information across various basic blocks in the Control Flow Graph, we therefore model this as a data flow analysis Problem and define the GEN and KILL sets. GEN - set of points-to facts that are generated in the basic block. KILL - set of points-to facts that are killed in the basic block. Points-to generations for the four statements used to model pointer operations are as follows : a=&x {generate a x} p=q { generate p x x : x points-to(q) } m=*n { generate m x x points-to(y) y points-to(n) } *p =a generate { b x} if {p b a x }, kill {b x} if {p b b x } (In this case the points-to information of p is not modified. Pointees of a are assigned to pointees of p ) NOTE: The IN set of a basic block is defined in terms of the OUT set of it s predecessor. ( Analysis is in the forward direction ) The confluence operator used is Union. IN(B)= OUT(P) (B - Basic Block, P - Predecessors ) OUT(B) = GEN(B)-{IN(B)-KIll(B)} The points-to facts are defined across the entire program, and not local to the respective basic blocks. 15
Lecture 2 Introduction to Data Flow Analysis
Lecture 2 Introduction to Data Flow Analysis I. Introduction II. Example: Reaching definition analysis III. Example: Liveness analysis IV. A General Framework (Theory in next lecture) Reading: Chapter
More informationChapter 3. Cartesian Products and Relations. 3.1 Cartesian Products
Chapter 3 Cartesian Products and Relations The material in this chapter is the first real encounter with abstraction. Relations are very general thing they are a special type of subset. After introducing
More informationProperties of Real Numbers
16 Chapter P Prerequisites P.2 Properties of Real Numbers What you should learn: Identify and use the basic properties of real numbers Develop and use additional properties of real numbers Why you should
More information(Refer Slide Time: 2:03)
Control Engineering Prof. Madan Gopal Department of Electrical Engineering Indian Institute of Technology, Delhi Lecture - 11 Models of Industrial Control Devices and Systems (Contd.) Last time we were
More information(Refer Slide Time: 00:01:16 min)
Digital Computer Organization Prof. P. K. Biswas Department of Electronic & Electrical Communication Engineering Indian Institute of Technology, Kharagpur Lecture No. # 04 CPU Design: Tirning & Control
More informationLogic in Computer Science: Logic Gates
Logic in Computer Science: Logic Gates Lila Kari The University of Western Ontario Logic in Computer Science: Logic Gates CS2209, Applied Logic for Computer Science 1 / 49 Logic and bit operations Computers
More information1 if 1 x 0 1 if 0 x 1
Chapter 3 Continuity In this chapter we begin by defining the fundamental notion of continuity for real valued functions of a single real variable. When trying to decide whether a given function is or
More informationFormal Languages and Automata Theory - Regular Expressions and Finite Automata -
Formal Languages and Automata Theory - Regular Expressions and Finite Automata - Samarjit Chakraborty Computer Engineering and Networks Laboratory Swiss Federal Institute of Technology (ETH) Zürich March
More informationThe Advantages of Dan Grossman CSE303 Spring 2005, Lecture 25
CSE 303: Concepts and Tools for Software Development Dan Grossman Spring 2005 Lecture 25 Memory-Management Idioms Dan Grossman CSE303 Spring 2005, Lecture 25 1 No tools or rule today Review: Java and C
More informationBinary Adders: Half Adders and Full Adders
Binary Adders: Half Adders and Full Adders In this set of slides, we present the two basic types of adders: 1. Half adders, and 2. Full adders. Each type of adder functions to add two binary bits. In order
More informationNot agree with bug 3, precision actually was. 8,5 not set in the code. Not agree with bug 3, precision actually was
Task 1 Task 2 Task 3 Feedback Presence SUM Matrikkel Rühm [5] [1] [2] [1] [1] [10] Feedback to students A64129 1. rühm 0 0 No submission found A72068 1. rühm 5 1 2 1 1 For Bug 3. Actually the variable
More informationCSE 504: Compiler Design. Data Flow Analysis
Data Flow Analysis Pradipta De pradipta.de@sunykorea.ac.kr Current Topic Iterative Data Flow Analysis LiveOut sets Static Single Assignment (SSA) Form Data Flow Analysis Techniques to reason about runtime
More informationBinary Search Trees. A Generic Tree. Binary Trees. Nodes in a binary search tree ( B-S-T) are of the form. P parent. Key. Satellite data L R
Binary Search Trees A Generic Tree Nodes in a binary search tree ( B-S-T) are of the form P parent Key A Satellite data L R B C D E F G H I J The B-S-T has a root node which is the only node whose parent
More informationIntroduction to Fractions
Section 0.6 Contents: Vocabulary of Fractions A Fraction as division Undefined Values First Rules of Fractions Equivalent Fractions Building Up Fractions VOCABULARY OF FRACTIONS Simplifying Fractions Multiplying
More informationLINEAR EQUATIONS IN TWO VARIABLES
66 MATHEMATICS CHAPTER 4 LINEAR EQUATIONS IN TWO VARIABLES The principal use of the Analytic Art is to bring Mathematical Problems to Equations and to exhibit those Equations in the most simple terms that
More information7. Latches and Flip-Flops
Chapter 7 Latches and Flip-Flops Page 1 of 18 7. Latches and Flip-Flops Latches and flip-flops are the basic elements for storing information. One latch or flip-flop can store one bit of information. The
More informationJava Interview Questions and Answers
1. What is the most important feature of Java? Java is a platform independent language. 2. What do you mean by platform independence? Platform independence means that we can write and compile the java
More information5.1 Radical Notation and Rational Exponents
Section 5.1 Radical Notation and Rational Exponents 1 5.1 Radical Notation and Rational Exponents We now review how exponents can be used to describe not only powers (such as 5 2 and 2 3 ), but also roots
More information2) Write in detail the issues in the design of code generator.
COMPUTER SCIENCE AND ENGINEERING VI SEM CSE Principles of Compiler Design Unit-IV Question and answers UNIT IV CODE GENERATION 9 Issues in the design of code generator The target machine Runtime Storage
More informationChapter 5 Names, Bindings, Type Checking, and Scopes
Chapter 5 Names, Bindings, Type Checking, and Scopes Chapter 5 Topics Introduction Names Variables The Concept of Binding Type Checking Strong Typing Scope Scope and Lifetime Referencing Environments Named
More informationMemory Allocation. Static Allocation. Dynamic Allocation. Memory Management. Dynamic Allocation. Dynamic Storage Allocation
Dynamic Storage Allocation CS 44 Operating Systems Fall 5 Presented By Vibha Prasad Memory Allocation Static Allocation (fixed in size) Sometimes we create data structures that are fixed and don t need
More informationCost Model: Work, Span and Parallelism. 1 The RAM model for sequential computation:
CSE341T 08/31/2015 Lecture 3 Cost Model: Work, Span and Parallelism In this lecture, we will look at how one analyze a parallel program written using Cilk Plus. When we analyze the cost of an algorithm
More informationCHAPTER 3 Boolean Algebra and Digital Logic
CHAPTER 3 Boolean Algebra and Digital Logic 3.1 Introduction 121 3.2 Boolean Algebra 122 3.2.1 Boolean Expressions 123 3.2.2 Boolean Identities 124 3.2.3 Simplification of Boolean Expressions 126 3.2.4
More information2x + y = 3. Since the second equation is precisely the same as the first equation, it is enough to find x and y satisfying the system
1. Systems of linear equations We are interested in the solutions to systems of linear equations. A linear equation is of the form 3x 5y + 2z + w = 3. The key thing is that we don t multiply the variables
More information26 Integers: Multiplication, Division, and Order
26 Integers: Multiplication, Division, and Order Integer multiplication and division are extensions of whole number multiplication and division. In multiplying and dividing integers, the one new issue
More informationA Little Set Theory (Never Hurt Anybody)
A Little Set Theory (Never Hurt Anybody) Matthew Saltzman Department of Mathematical Sciences Clemson University Draft: August 21, 2013 1 Introduction The fundamental ideas of set theory and the algebra
More informationA linear combination is a sum of scalars times quantities. Such expressions arise quite frequently and have the form
Section 1.3 Matrix Products A linear combination is a sum of scalars times quantities. Such expressions arise quite frequently and have the form (scalar #1)(quantity #1) + (scalar #2)(quantity #2) +...
More informationSources: On the Web: Slides will be available on:
C programming Introduction The basics of algorithms Structure of a C code, compilation step Constant, variable type, variable scope Expression and operators: assignment, arithmetic operators, comparison,
More informationCounters and Decoders
Physics 3330 Experiment #10 Fall 1999 Purpose Counters and Decoders In this experiment, you will design and construct a 4-bit ripple-through decade counter with a decimal read-out display. Such a counter
More informationInstruction Set Architecture (ISA)
Instruction Set Architecture (ISA) * Instruction set architecture of a machine fills the semantic gap between the user and the machine. * ISA serves as the starting point for the design of a new machine
More informationStatic Analysis. Find the Bug! 15-654: Analysis of Software Artifacts. Jonathan Aldrich. disable interrupts. ERROR: returning with interrupts disabled
Static Analysis 15-654: Analysis of Software Artifacts Jonathan Aldrich 1 Find the Bug! Source: Engler et al., Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions, OSDI
More informationWhy? A central concept in Computer Science. Algorithms are ubiquitous.
Analysis of Algorithms: A Brief Introduction Why? A central concept in Computer Science. Algorithms are ubiquitous. Using the Internet (sending email, transferring files, use of search engines, online
More informationChapter 4 Register Transfer and Microoperations. Section 4.1 Register Transfer Language
Chapter 4 Register Transfer and Microoperations Section 4.1 Register Transfer Language Digital systems are composed of modules that are constructed from digital components, such as registers, decoders,
More informationMath 4310 Handout - Quotient Vector Spaces
Math 4310 Handout - Quotient Vector Spaces Dan Collins The textbook defines a subspace of a vector space in Chapter 4, but it avoids ever discussing the notion of a quotient space. This is understandable
More informationNetwork (Tree) Topology Inference Based on Prüfer Sequence
Network (Tree) Topology Inference Based on Prüfer Sequence C. Vanniarajan and Kamala Krithivasan Department of Computer Science and Engineering Indian Institute of Technology Madras Chennai 600036 vanniarajanc@hcl.in,
More informationInformatica e Sistemi in Tempo Reale
Informatica e Sistemi in Tempo Reale Introduction to C programming Giuseppe Lipari http://retis.sssup.it/~lipari Scuola Superiore Sant Anna Pisa October 25, 2010 G. Lipari (Scuola Superiore Sant Anna)
More informationChapter One Introduction to Programming
Chapter One Introduction to Programming 1-1 Algorithm and Flowchart Algorithm is a step-by-step procedure for calculation. More precisely, algorithm is an effective method expressed as a finite list of
More information1 Definition of a Turing machine
Introduction to Algorithms Notes on Turing Machines CS 4820, Spring 2012 April 2-16, 2012 1 Definition of a Turing machine Turing machines are an abstract model of computation. They provide a precise,
More informationA Static Analyzer for Large Safety-Critical Software. Considered Programs and Semantics. Automatic Program Verification by Abstract Interpretation
PLDI 03 A Static Analyzer for Large Safety-Critical Software B. Blanchet, P. Cousot, R. Cousot, J. Feret L. Mauborgne, A. Miné, D. Monniaux,. Rival CNRS École normale supérieure École polytechnique Paris
More informationDiscrete Mathematics and Probability Theory Fall 2009 Satish Rao, David Tse Note 2
CS 70 Discrete Mathematics and Probability Theory Fall 2009 Satish Rao, David Tse Note 2 Proofs Intuitively, the concept of proof should already be familiar We all like to assert things, and few of us
More information1. Give the 16 bit signed (twos complement) representation of the following decimal numbers, and convert to hexadecimal:
Exercises 1 - number representations Questions 1. Give the 16 bit signed (twos complement) representation of the following decimal numbers, and convert to hexadecimal: (a) 3012 (b) - 435 2. For each of
More informationDesign: a mod-8 Counter
Design: a mod-8 Counter A mod-8 counter stores a integer value, and increments that value (say) on each clock tick, and wraps around to 0 if the previous stored value was 7. So, the stored value follows
More informationDigital Systems Based on Principles and Applications of Electrical Engineering/Rizzoni (McGraw Hill
Digital Systems Based on Principles and Applications of Electrical Engineering/Rizzoni (McGraw Hill Objectives: Analyze the operation of sequential logic circuits. Understand the operation of digital counters.
More informationComputer Science 217
Computer Science 217 Midterm Exam Fall 2009 October 29, 2009 Name: ID: Instructions: Neatly print your name and ID number in the spaces provided above. Pick the best answer for each multiple choice question.
More informationCHAPTER 5 INTELLIGENT TECHNIQUES TO PREVENT SQL INJECTION ATTACKS
66 CHAPTER 5 INTELLIGENT TECHNIQUES TO PREVENT SQL INJECTION ATTACKS 5.1 INTRODUCTION In this research work, two new techniques have been proposed for addressing the problem of SQL injection attacks, one
More informationThe C Programming Language course syllabus associate level
TECHNOLOGIES The C Programming Language course syllabus associate level Course description The course fully covers the basics of programming in the C programming language and demonstrates fundamental programming
More informationTheory of Logic Circuits. Laboratory manual. Exercise 3
Zakład Mikroinformatyki i Teorii Automatów yfrowych Theory of Logic ircuits Laboratory manual Exercise 3 Bistable devices 2008 Krzysztof yran, Piotr zekalski (edt.) 1. lassification of bistable devices
More informationTesting LTL Formula Translation into Büchi Automata
Testing LTL Formula Translation into Büchi Automata Heikki Tauriainen and Keijo Heljanko Helsinki University of Technology, Laboratory for Theoretical Computer Science, P. O. Box 5400, FIN-02015 HUT, Finland
More information1 Abstract Data Types Information Hiding
1 1 Abstract Data Types Information Hiding 1.1 Data Types Data types are an integral part of every programming language. ANSI-C has int, double and char to name just a few. Programmers are rarely content
More information. 0 1 10 2 100 11 1000 3 20 1 2 3 4 5 6 7 8 9
Introduction The purpose of this note is to find and study a method for determining and counting all the positive integer divisors of a positive integer Let N be a given positive integer We say d is a
More informationMath Workshop October 2010 Fractions and Repeating Decimals
Math Workshop October 2010 Fractions and Repeating Decimals This evening we will investigate the patterns that arise when converting fractions to decimals. As an example of what we will be looking at,
More informationSection 1.1 Linear Equations: Slope and Equations of Lines
Section. Linear Equations: Slope and Equations of Lines Slope The measure of the steepness of a line is called the slope of the line. It is the amount of change in y, the rise, divided by the amount of
More informationApproximation Algorithms
Approximation Algorithms or: How I Learned to Stop Worrying and Deal with NP-Completeness Ong Jit Sheng, Jonathan (A0073924B) March, 2012 Overview Key Results (I) General techniques: Greedy algorithms
More information6.080/6.089 GITCS Feb 12, 2008. Lecture 3
6.8/6.89 GITCS Feb 2, 28 Lecturer: Scott Aaronson Lecture 3 Scribe: Adam Rogal Administrivia. Scribe notes The purpose of scribe notes is to transcribe our lectures. Although I have formal notes of my
More informationQUADRATIC, EXPONENTIAL AND LOGARITHMIC FUNCTIONS
QUADRATIC, EXPONENTIAL AND LOGARITHMIC FUNCTIONS Content 1. Parabolas... 1 1.1. Top of a parabola... 2 1.2. Orientation of a parabola... 2 1.3. Intercept of a parabola... 3 1.4. Roots (or zeros) of a parabola...
More information3 Some Integer Functions
3 Some Integer Functions A Pair of Fundamental Integer Functions The integer function that is the heart of this section is the modulo function. However, before getting to it, let us look at some very simple
More information8 Divisibility and prime numbers
8 Divisibility and prime numbers 8.1 Divisibility In this short section we extend the concept of a multiple from the natural numbers to the integers. We also summarize several other terms that express
More informationTOPIC 4: DERIVATIVES
TOPIC 4: DERIVATIVES 1. The derivative of a function. Differentiation rules 1.1. The slope of a curve. The slope of a curve at a point P is a measure of the steepness of the curve. If Q is a point on the
More informationComprehensive Static Analysis Using Polyspace Products. A Solution to Today s Embedded Software Verification Challenges WHITE PAPER
Comprehensive Static Analysis Using Polyspace Products A Solution to Today s Embedded Software Verification Challenges WHITE PAPER Introduction Verification of embedded software is a difficult task, made
More informationObject Oriented Software Design
Object Oriented Software Design Introduction to Java - II Giuseppe Lipari http://retis.sssup.it/~lipari Scuola Superiore Sant Anna Pisa October 28, 2010 G. Lipari (Scuola Superiore Sant Anna) Introduction
More informationBasics of Counting. The product rule. Product rule example. 22C:19, Chapter 6 Hantao Zhang. Sample question. Total is 18 * 325 = 5850
Basics of Counting 22C:19, Chapter 6 Hantao Zhang 1 The product rule Also called the multiplication rule If there are n 1 ways to do task 1, and n 2 ways to do task 2 Then there are n 1 n 2 ways to do
More informationMATH10040 Chapter 2: Prime and relatively prime numbers
MATH10040 Chapter 2: Prime and relatively prime numbers Recall the basic definition: 1. Prime numbers Definition 1.1. Recall that a positive integer is said to be prime if it has precisely two positive
More informationC Programming. for Embedded Microcontrollers. Warwick A. Smith. Postbus 11. Elektor International Media BV. 6114ZG Susteren The Netherlands
C Programming for Embedded Microcontrollers Warwick A. Smith Elektor International Media BV Postbus 11 6114ZG Susteren The Netherlands 3 the Table of Contents Introduction 11 Target Audience 11 What is
More informationFlip-Flops, Registers, Counters, and a Simple Processor
June 8, 22 5:56 vra235_ch7 Sheet number Page number 349 black chapter 7 Flip-Flops, Registers, Counters, and a Simple Processor 7. Ng f3, h7 h6 349 June 8, 22 5:56 vra235_ch7 Sheet number 2 Page number
More informationLecture 17 : Equivalence and Order Relations DRAFT
CS/Math 240: Introduction to Discrete Mathematics 3/31/2011 Lecture 17 : Equivalence and Order Relations Instructor: Dieter van Melkebeek Scribe: Dalibor Zelený DRAFT Last lecture we introduced the notion
More informationLINEAR INEQUALITIES. Mathematics is the art of saying many things in many different ways. MAXWELL
Chapter 6 LINEAR INEQUALITIES 6.1 Introduction Mathematics is the art of saying many things in many different ways. MAXWELL In earlier classes, we have studied equations in one variable and two variables
More informationJava Basics: Data Types, Variables, and Loops
Java Basics: Data Types, Variables, and Loops If debugging is the process of removing software bugs, then programming must be the process of putting them in. - Edsger Dijkstra Plan for the Day Variables
More informationMathematical Induction
Mathematical Induction (Handout March 8, 01) The Principle of Mathematical Induction provides a means to prove infinitely many statements all at once The principle is logical rather than strictly mathematical,
More informationECON 459 Game Theory. Lecture Notes Auctions. Luca Anderlini Spring 2015
ECON 459 Game Theory Lecture Notes Auctions Luca Anderlini Spring 2015 These notes have been used before. If you can still spot any errors or have any suggestions for improvement, please let me know. 1
More informationCOMP 250 Fall 2012 lecture 2 binary representations Sept. 11, 2012
Binary numbers The reason humans represent numbers using decimal (the ten digits from 0,1,... 9) is that we have ten fingers. There is no other reason than that. There is nothing special otherwise about
More informationAnswer Key for California State Standards: Algebra I
Algebra I: Symbolic reasoning and calculations with symbols are central in algebra. Through the study of algebra, a student develops an understanding of the symbolic language of mathematics and the sciences.
More informationObject Oriented Software Design
Object Oriented Software Design Introduction to Java - II Giuseppe Lipari http://retis.sssup.it/~lipari Scuola Superiore Sant Anna Pisa September 14, 2011 G. Lipari (Scuola Superiore Sant Anna) Introduction
More informationCHAPTER 11: Flip Flops
CHAPTER 11: Flip Flops In this chapter, you will be building the part of the circuit that controls the command sequencing. The required circuit must operate the counter and the memory chip. When the teach
More informationWrite Barrier Removal by Static Analysis
Write Barrier Removal by Static Analysis Karen Zee and Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology Cambridge, MA 02139 {kkz, rinard@lcs.mit.edu ABSTRACT We present
More informationCopy in your notebook: Add an example of each term with the symbols used in algebra 2 if there are any.
Algebra 2 - Chapter Prerequisites Vocabulary Copy in your notebook: Add an example of each term with the symbols used in algebra 2 if there are any. P1 p. 1 1. counting(natural) numbers - {1,2,3,4,...}
More informationWeb Caching With Dynamic Content Abstract When caching is a good idea
Web Caching With Dynamic Content (only first 5 pages included for abstract submission) George Copeland - copeland@austin.ibm.com - (512) 838-0267 Matt McClain - mmcclain@austin.ibm.com - (512) 838-3675
More informationToday. Binary addition Representing negative numbers. Andrew H. Fagg: Embedded Real- Time Systems: Binary Arithmetic
Today Binary addition Representing negative numbers 2 Binary Addition Consider the following binary numbers: 0 0 1 0 0 1 1 0 0 0 1 0 1 0 1 1 How do we add these numbers? 3 Binary Addition 0 0 1 0 0 1 1
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No. # 11 Block Cipher Standards (DES) (Refer Slide
More informationLecture 3: Finding integer solutions to systems of linear equations
Lecture 3: Finding integer solutions to systems of linear equations Algorithmic Number Theory (Fall 2014) Rutgers University Swastik Kopparty Scribe: Abhishek Bhrushundi 1 Overview The goal of this lecture
More informationUsing the ac Method to Factor
4.6 Using the ac Method to Factor 4.6 OBJECTIVES 1. Use the ac test to determine factorability 2. Use the results of the ac test 3. Completely factor a trinomial In Sections 4.2 and 4.3 we used the trial-and-error
More informationGlossary of Object Oriented Terms
Appendix E Glossary of Object Oriented Terms abstract class: A class primarily intended to define an instance, but can not be instantiated without additional methods. abstract data type: An abstraction
More information10CS35: Data Structures Using C
CS35: Data Structures Using C QUESTION BANK REVIEW OF STRUCTURES AND POINTERS, INTRODUCTION TO SPECIAL FEATURES OF C OBJECTIVE: Learn : Usage of structures, unions - a conventional tool for handling a
More informationSemantic Analysis: Types and Type Checking
Semantic Analysis Semantic Analysis: Types and Type Checking CS 471 October 10, 2007 Source code Lexical Analysis tokens Syntactic Analysis AST Semantic Analysis AST Intermediate Code Gen lexical errors
More information1. Write the number of the left-hand item next to the item on the right that corresponds to it.
1. Write the number of the left-hand item next to the item on the right that corresponds to it. 1. Stanford prison experiment 2. Friendster 3. neuron 4. router 5. tipping 6. small worlds 7. job-hunting
More informationUsing Casio Graphics Calculators
Using Casio Graphics Calculators (Some of this document is based on papers prepared by Donald Stover in January 2004.) This document summarizes calculation and programming operations with many contemporary
More informationThe Graphical Method: An Example
The Graphical Method: An Example Consider the following linear program: Maximize 4x 1 +3x 2 Subject to: 2x 1 +3x 2 6 (1) 3x 1 +2x 2 3 (2) 2x 2 5 (3) 2x 1 +x 2 4 (4) x 1, x 2 0, where, for ease of reference,
More informationAsynchronous counters, except for the first block, work independently from a system clock.
Counters Some digital circuits are designed for the purpose of counting and this is when counters become useful. Counters are made with flip-flops, they can be asynchronous or synchronous and they can
More information3.Basic Gate Combinations
3.Basic Gate Combinations 3.1 TTL NAND Gate In logic circuits transistors play the role of switches. For those in the TTL gate the conducting state (on) occurs when the baseemmiter signal is high, and
More informationMICROPROCESSOR AND MICROCOMPUTER BASICS
Introduction MICROPROCESSOR AND MICROCOMPUTER BASICS At present there are many types and sizes of computers available. These computers are designed and constructed based on digital and Integrated Circuit
More informationJust the Factors, Ma am
1 Introduction Just the Factors, Ma am The purpose of this note is to find and study a method for determining and counting all the positive integer divisors of a positive integer Let N be a given positive
More informationFirst Java Programs. V. Paúl Pauca. CSC 111D Fall, 2015. Department of Computer Science Wake Forest University. Introduction to Computer Science
First Java Programs V. Paúl Pauca Department of Computer Science Wake Forest University CSC 111D Fall, 2015 Hello World revisited / 8/23/15 The f i r s t o b l i g a t o r y Java program @author Paul Pauca
More informationSensitivity Analysis 3.1 AN EXAMPLE FOR ANALYSIS
Sensitivity Analysis 3 We have already been introduced to sensitivity analysis in Chapter via the geometry of a simple example. We saw that the values of the decision variables and those of the slack and
More informationElementary Number Theory and Methods of Proof. CSE 215, Foundations of Computer Science Stony Brook University http://www.cs.stonybrook.
Elementary Number Theory and Methods of Proof CSE 215, Foundations of Computer Science Stony Brook University http://www.cs.stonybrook.edu/~cse215 1 Number theory Properties: 2 Properties of integers (whole
More informationEQUATIONS and INEQUALITIES
EQUATIONS and INEQUALITIES Linear Equations and Slope 1. Slope a. Calculate the slope of a line given two points b. Calculate the slope of a line parallel to a given line. c. Calculate the slope of a line
More information3. Mathematical Induction
3. MATHEMATICAL INDUCTION 83 3. Mathematical Induction 3.1. First Principle of Mathematical Induction. Let P (n) be a predicate with domain of discourse (over) the natural numbers N = {0, 1,,...}. If (1)
More informationSystems I: Computer Organization and Architecture
Systems I: omputer Organization and Architecture Lecture 8: Registers and ounters Registers A register is a group of flip-flops. Each flip-flop stores one bit of data; n flip-flops are required to store
More informationn 2 + 4n + 3. The answer in decimal form (for the Blitz): 0, 75. Solution. (n + 1)(n + 3) = n + 3 2 lim m 2 1
. Calculate the sum of the series Answer: 3 4. n 2 + 4n + 3. The answer in decimal form (for the Blitz):, 75. Solution. n 2 + 4n + 3 = (n + )(n + 3) = (n + 3) (n + ) = 2 (n + )(n + 3) ( 2 n + ) = m ( n
More informationObject-Oriented Design Lecture 4 CSU 370 Fall 2007 (Pucella) Tuesday, Sep 18, 2007
Object-Oriented Design Lecture 4 CSU 370 Fall 2007 (Pucella) Tuesday, Sep 18, 2007 The Java Type System By now, you have seen a fair amount of Java. Time to study in more depth the foundations of the language,
More information6 EXTENDING ALGEBRA. 6.0 Introduction. 6.1 The cubic equation. Objectives
6 EXTENDING ALGEBRA Chapter 6 Extending Algebra Objectives After studying this chapter you should understand techniques whereby equations of cubic degree and higher can be solved; be able to factorise
More informationMechanics 1: Vectors
Mechanics 1: Vectors roadly speaking, mechanical systems will be described by a combination of scalar and vector quantities. scalar is just a (real) number. For example, mass or weight is characterized
More information