A puzzle. Suppose that you want to run some JavaScript programs---all the cool kids are doing it.

Similar documents
Program Analysis: Theory and Practice

Fundamentals of Programming Languages

Rigorous Software Development CSCI-GA

CS422 - Programming Language Design

Model Checking: An Introduction

Lecture 8. Confidence intervals and the central limit theorem

4.1. Title: data analysis (systems analysis) Annotation of educational discipline: educational discipline includes in itself the mastery of the

Static Analysis. Find the Bug! : Analysis of Software Artifacts. Jonathan Aldrich. disable interrupts. ERROR: returning with interrupts disabled

Introduction to Static Analysis for Assurance

Specification and Analysis of Contracts Lecture 1 Introduction

CLASS PARTICIPATION: MORE THAN JUST RAISING YOUR HAND

A Static Analyzer for Large Safety-Critical Software. Considered Programs and Semantics. Automatic Program Verification by Abstract Interpretation

Grigore Rosu Founder, President and CEO Professor of Computer Science, University of Illinois

Using Algebra Tiles from Polynomials to Factoring

Motivations 1. What is (or should be) the essential preoccupation of computer scientists?

MBA 611 STATISTICS AND QUANTITATIVE METHODS

Success Tips for Online Learning

Simulation Exercises to Reinforce the Foundations of Statistical Thinking in Online Classes

Setting up in Outlook Express

CREATIVE CODING FOR KIDS

CSE 459/598: Logic for Computer Scientists (Spring 2012)

The Physics of Sound and Music

Mathematics 31 Pre-calculus and Limits

Five 5. Rational Expressions and Equations C H A P T E R

Truman College-Mathematics Department Math 125-CD: Introductory Statistics Course Syllabus Fall 2012

Using the Area Model to Teach Multiplying, Factoring and Division of Polynomials

The Ten Commandments. Lesson At-A-Glance. Gather (10 minutes) Arrival Activity Kids create a graffiti wall with family rules.

Collaboration Policy Fall 2015

How to Setup. a Windows Store Account. for a Child Under 13 years Old

EECS : Formal Methods for Engineering Education. Sanjit A. Seshia EECS, UC Berkeley

Why Aircraft Fly and Software Systems Don t

A Brief Introduction to Static Analysis

PAHO Self-Service Password Management Quick Reference Guide December 2014

CS 40 Computing for the Web

Classroom Behavior Management Plan

Learn how to store and analyze Big Data Learn about the cloud and its services for Big Data

The 10 step communication plan

Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification

CS 6371: Advanced Programming Languages

On the Use of Developmental Portfolios for Growth and Assessment

The Course.

ASU College of Education

User Manual. Windows 7 / Vista / XP. iotablet Driver

Data races in Java and static analysis

CWOPA Broadband Users. Windows Operating System

Domain of a Composition

Model Checking based Software Verification

Before we get started

Programming Languages

Pre-Requisites: PC and Browser Configuration Guide v1.3

AGEC $424$ Syllabus. Financial Management of Agricultural Businesses

MKTG , Marketing Research and Information Technology Course Syllabus, Spring :30-11:00 a.m. MW

Formal Verification and Linear-time Model Checking

Coverability for Parallel Programs

Integrated Skills in English ISE II

DePaul University School of Accountancy and MIS ACC Online

After completing SI- 539, students will have a working personal portfolio website in production.

Module One: Developing an Initial Professional Web Page

Testing & Verification of Digital Circuits ECE/CS 5745/6745. Hardware Verification using Symbolic Computation

Quality Assurance Plan

02-201: Programming for Scientists

Predicting the Ones Digit

CS 301 Course Information

Fundamentals of Software Engineering

Introduction to Psychology 100 On-Campus Fall 2014 Syllabus

Mathematical Induction

Innovation and Creativity

Goal: Practice writing pseudocode and understand how pseudocode translates to real code.

Automated Theorem Proving - summary of lecture 1

Spring 2013 CS 6930 Advanced Topics in Web Security and Privacy - 3 Credit Hours Syllabus and Course Policies

ID4002 Communication and Teaching in Arts and Humanities.

Finance 471: DERIVATIVE SECURITIES Fall 2015 Prof. Liang Ma University of South Carolina, Moore School of Business

THE NT (NEW TECHNOLOGY) HYPOTHESIS ABSTRACT

Tenured faculty 68.2% 60. Tenure track but un-tenured faculty 15.9% 14. Arts and Sciences 44.3% 39. Williams College of Business 19.

EE360: Digital Design I Course Syllabus

Department Policies for Online Math Classes

Software safety - DEF-STAN 00-55

INFS5873 Business Analytics. Course Outline Semester 2, 2014

DESIGNING ONLINE COURSES TO PROMOTE STUDENT RETENTION

The Eighth International Conference INCOSE_IL Formal Methods Security Tools in the Service of Cyber Security

Normal Approximation. Contents. 1 Normal Approximation. 1.1 Introduction. Anthony Tanbakuchi Department of Mathematics Pima Community College

Table of Contents. Find Users (Search) 2. Delegate Work Items 6. Reset Password 9. Unlock Account 12. Disable Account 15.

Contents. 1 Introduction. CS 15 Collaboration Policy Fall Introduction Motivation Enforcement... 2

The Distance Formula and the Circle

TMGT W Principles of Cost Engineering Course Syllabus: Spring 2013 Online ecollege Course

MAC 1105 FLEX SYLLABUS

Permanent, Full time, although Part time and secondment may be considered Grade F /G: 32,277-45,954 per annum

The Talent Sourcing and Recruitment Handbook

How do I log into my MyOCC account? -

CSCI 1100 Computer Science 1 Homework 1 Calculations and Functions

Installing the Gerber P2C Plotter USB Driver

Model Checking of Software

Chapter II. Controlling Cars on a Bridge

The phrases above are divided by their function. What is each section of language used to do?

Assessment for Master s Degree Program Fall Spring 2011 Computer Science Dept. Texas A&M University - Commerce

Chapter 5 Discrete Probability Distribution. Learning objectives

GEOL 101: Introduction to Geology

As tutors, we are responsible for improving the skills of our peers.

INF5140: Specification and Verification of Parallel Systems

Scope of this Course. Database System Environment. CSC 440 Database Management Systems Section 1

Transcription:

A puzzle Suppose that you want to run some JavaScript programs---all the cool kids are doing it. However, you are deathly afraid that your mom/ significant other/boss will see the curse word b00 appear on you screen as the result of running the program. What do you do? 1 2 3 4 5 6 1

Program Analysis: Theory and Practice Getting to Know You: I,, wonder Evan Chang Meeting 1: Welcome 8 Introductions: Your guide this semester Introductions: Another guide Office hours: TR 8:30-9:30, and by appointment in ECOT 621 9 Arlen Co 10 Introductions About you? What do you want to get out of this class? Today Some contet and motivation Program analysis in a nutshell Goals for this course Requirements and grading Course summary Convince you that program analysis is cool and eciting! 11 12 2

Meta-Level Information Please interrupt at any time! It s completely ok to say: I don t understand. Please say it another way. Slow down! Wait, I want to read that! Discussion, not lecture No Useless Memorization I will not waste your time with useless memorization This course will cover comple subjects I will teach their details to help you understand them the first time But you will never have to memorize anything low-level Rather, learn to apply broad concepts 13 14 Discussion: What is Program Analysis? What is Program Analysis? Static Program Analysis? Dynamic Program Analysis? 15 16 Is Program Analysis Useful? How is it used? Is Program Analysis Useful? How is it used? 17 18 3

Big Motivation: Software Quality 20 Big Motivation: Software Quality Software errors cost a lot Windows Blue Screen of Death ~$60 billion annually (~0.5% of US GDP) 2002 National Institute of Standards and Technology report Ariane 5 Flight 501 21 But there s hope in program analysis Microsoft uses and distributes the Static Driver Verifier > total annual revenue of > 10 annual budget of Because program analysis can eliminate entire classes of bugs For eample, Reading from a closed file: read( ); Reacquiring a locked lock: acquire( Airbus applies the Astrée Static Analyzer ); û û How? Systematically eamine the program Companies, such as Coverity and Fortify, market static source code analysis tools Simulate running program on all inputs Automated code review 4

Program analysis by eample: Checking for double acquires Simulate running program on all inputs // now points to an unlocked lock acquire(); analysis code state Program analysis by eample: Checking for double acquires Simulate running program on all inputs // now points to an unlocked lock in a linked list ideal analysis state or or or acquire(); ü acquire(); Uh oh! Abstract! Rice s Theorem: Any non-trivial property of programs is undecidable // now points to an unlocked lock in a linked list ideal analysis state analysis state Should we go home then? 27 acquire(); or or or Abstract Interpretation [Cousot and Cousot 1977] Abstractions Eamples? Abstractions Eamples? 29 30 5

Challenges in Designing Static Analyses Challenges in Designing Static Analyses 31 32 Goal 1 Learn to build program analyses Goals 34 Goal 2 Grok the theory behind correct program analyses denotation abstract semantics Ep C σ 2 (v) A «γ α ( P(C (µ) abstract domain abstraction function for sets concretization function 35 Goal 3 Understand current PL research (POPL, PLDI, ( TOPLAS, OOPSLA, 36 6

Most Important Goal Have Lots of Fun! Requirements 37 Project-Based 7000 Graduate Course Epectations of You Prerequisites Programming eperience building analyses in OCaml ideal: undergraduate compilers (e.g., CSCI 4555) Mathematical maturity basic logic ideal: programming language semantics (e.g., CSCI 5535) Not strict but strongly advised. If you do not satisfy these, please see me. 39 40 Assignments Reading and participation (each meeting) Homeworks (Possible) Presentation of Papers Final Semester project Reading and Participation ~2 papers/book chapter, each meeting Spark class discussion, post/bring questions Online discussion Post 1 substantive comment, question, or answer for each lecture Due before the net meeting 41 42 7

What is substantive? May be less than a standard blog post but more than a tweet. Some eamples: Questions Thoughtful answers Clarification of some point What you think is the main point in the reading set. An idea of how some work could be improved Comments on a related web resource related Intent: take a moment to reflect on the day s reading/discussion (not to go scour the web) 43 Homework Homework Guided practice Minimal (2-3 2-week assignments) Collaborate with peers (but acknowledge!) 44 Semester Project Implement an advanced abstract domain and apply your analysis Write a ~5-8 page paper (conference-like) Give a ~15-20 minute presentation Course Summary Reachable Goal: Publishable after 1 more semester of work. 45 Course At-A-Glance Part I: Program Analysis Foundations Interleave implementation and theory Tetbook: Nielson et al. Principles of Program Analysis. Other notes and papers Part II: Research Applications Possible Special Topics Software model checking Shape analysis Symbolic/concolic eecution What do you want to hear about? 47 48 8

Net Week: Model Checking Verify properties or find bugs in software Take an important program (e.g., a device driver) Merge it with a property (e.g., no deadlocks) Transform the result into a boolean program Use a model checker to ehaustively eplore the resulting state space Result 1: program provably satisfies property Result 2: program violates property right here on line 92,376! Remember Join the Piazza and introduce yourself Write a few sentences on why you are taking this course 49 50 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information