DOCSLIB.ORG

Program Analysis for Compiler Validation ∗

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Program Analysis for Compiler Validation ∗ Program Analysis for Compiler Validation ¤ Anna Zaks Amir Pnueli New York University New York University 251 Mercer Street 251 Mercer Street New York, New York New York, New York [email protected] [email protected] ABSTRACT (CoVaC) framework is a two-step solution to the program Translation Validation is an approach of ensuring compila- equivalence problem. First, one has to construct a compar- tion correctness in which each compiler run is followed by ison system that represents simultaneous execution of the a validation pass that proves that the target code produced source and target programs. Second, one has to check if by the compiler is a correct translation (implementation) the comparison system satis¯es a given speci¯cation. The of the source code. It has been previously shown that the general framework has been described in [15] along with the problem of translation validation can be reduced to check- algorithm for the comparison system construction. Unlike ing if a single system - the corss-product of the source and the other translation validation frameworks [16, 9, 12], Co- target, satis¯es a speci¯c property. In this paper, we show VaC does not rely on any compiler input (such as the com- how to adapt the existing program analysis techniques in the piler debugging information). In order to make the validator setting of translation validation. In addition, we present a of non-cooperative compilers feasible and e®ective, the set novel invariant generation algorithm which strengthens our of optimizations under consideration is limited to intrapro- analysis when the input programs contain dynamically allo- cedural optimizations in which each branch (or a loop) in cated data structures. Finally, we report on the prototype the target program corresponds to a branch (or a loop) in tool that applies the developed methodology to veri¯cation the source program. Many of the classical compiler opti- of the LLVM compiler. The tool handles many of the classi- mizations such as constant folding, reassociation, induction cal intraprocedural compiler optimizations such as constant variable optimizations, common subexpression elimination, folding, reassociation, common subexpression elimination, code motion, register allocation, instruction scheduling, and code motion, dead code elimination, and others. others fall into this category. However, as described in [15], the completeness of the Co- VaC framework as well as its e®ectiveness depends on the 1. INTRODUCTION methods for generation of the comparison system invariants. Optimizing compilers are quite large applications and are As one of the bene¯ts from following the CoVaC approach, bound to have bugs, some of which may alter the behavior we can choose any existing invariant generation technique of programs being compiled. In safety critical and high- developed for a single system and plug it into the compiler assurance software, where the e®ort of program correctness veri¯cation framework. In this paper, we describe what ex- veri¯cation is extensive, it is highly advisable to ensure that isting methods we found to be e®ective and how they can the transformations performed by a compiler preserve the be used in the CoVaC setting. We also present a novel semantics of a program. That is precisely the goal of Trans- technique for generating the invariants required for check- lation Validation (TV) [10] - it ensures that compiler trans- ing equivalence of dynamically allocated data structures, as formations preserve program semantics. In essence, instead there were no existing suitable method. Finally, we report of attempting veri¯cation of a given compiler, each com- on the experimental results which have been obtained by piler run is followed by a validation pass that automati- applying the CoVaC tool to veri¯cation of optimizing trans- cally checks if the target code, produced by the compiler, formations performed by LLVM 1.9 [7, 2] - a very aggressive is semantically equivalent to the source code. The Com- open-source compiler. piler Veri¯cation by Program Analysis of the Cross-Product The rest of the paper is organized as follows. Section 2 gives an overview of the CoVaC framework. Section 3 fo- ¤This research has been supported in part by a grant from the Microsoft Phoenix Academic Program and the NSF cuses on the main contributions of this paper. It shows CSR{EHS grant CNS-0720581. how the existing program analysis techniques can be ap- plied in the CoVaC framework. It also presents the novel approach to generating invariants required for support of optimizations that involve dynamically allocated data struc- Permission to make digital or hard copies of all or part of this work for tures. Finally, Section 4 presents the experimental results. personal or classroom use is granted without fee provided that copies are We discuss the related work in Section 5. not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific 2. THE COVAC FRAMEWORK permission and/or a fee. PASTE’08, Atlanta, Georgia USA Here we briefly describe the CoVaC equivalence checking Copyright 2008 ACM 978-1-60558-382-2/08/11 ...5.00. framework, which is formally presented in [15]. 1 2.1 Transition Graphs The edge labels should be either exactly the same as the Our model is similar to that presented in [11] for veri¯- corresponding labels of the input systems or, alternatively, cation of procedural programs. A program (application) A an assignment in one of the systems may be coupled with consists of m + 1 procedures: MAIN, P1,..., Pm, where an ²-transition (a skip) in the other. The later signi¯es the MAIN represents the main procedure, and P1,..., Pm are lack of progress in one of the systems. In addition to the procedures which may be called from MAIN or from other structural requirements, no computation of C may contain procedures. We use Pi(~x; &~z) to denote the signature of a an in¯nite sequence of source (or target) ²-transitions; thus, procedure. Here, call-by-value parameter passing method is every computation of the comparison graph has the corre- used for ~x, and call-by-reference is used for ~z. A procedure sponding computations in both source and target. In the may return a result by means of ~z variables. We use ~y to other direction, each source and target computation must denote the typed variables of a module. ~y = (~x; ~z; ~w), i.e. be represented in C. the variables in ~y are partitioned into ~x, ~z, and ~w, where An example of a comparison graph is presented in Fig. 1. ~x and ~z are the input parameters and ~w denotes the local We use capital letters to denote the variables of the source variables of the module. and their lower case counterparts for the target. First, the Each procedure is presented as a transition graph. Its source procedure increments Y by 25. Second, both the nodes are connected by directed edges labeled by instruc- source and target read a number from an I/O device. Third, tions. There are four types of instructions: guarded assign- the target catches up with the source by incrementing y by ments, procedure calls, and read/write operations. Consider 25. Finally, both systems print out the products Y ¤ X and a procedure Pi(~x;&~z) with ~y = (~x;~z; ~w). Let ~u include y ¤ x. variables from ~y; and E(~y) be a list of expressions over ~y. Y := Y + 12 + 13; read(X); ²; write(Y ¤ X); ² read(x) y := y + 25 write(y ¤ x) ² A guarded assignment is an instruction of the form 0,0 1,0 2,1 2,2 3,3 c ! [~u := E(~y)], where guard c is a boolean expression. When the assignment part is empty, we abbreviate the Figure 1: A comparison transition graph for label to a pure condition c?. C(&(Y; y)) = S(&Y ) £ T (&y). ² Read and write instructions are denoted by read(~u) and write(~u). They are used to express the interac- A comparison transition graph C is called a witness of tion of the procedure with the outside world; e.g. I/O correct translation if there exists a set of program invariants instructions. f 'l : l 2 nodes of C g such that the following holds. ² Procedure call instruction Pk(E(~y); ~u) denotes a call to ² For every edge e from node n to node m labeled by S T the procedure Pk(~xf ;&~zf ), passing input parameters (write(~u ); write(~u )), S T E(~y) by value and ~u by reference. 'n ! (~u = ~u ). Transition graphs can be used to model programs in pro- ² If n is the exit node of the comparison transition graph S S T T cedural languages. In order to construct a formal model S(in : ~x ;&~z ) £ T (in : ~x ;&~z ), we check if the of a program, we ¯rst choose a set of program cut points values of the variables passed by reference are equal: S T ¨ such that at least one location in each branch (or loop) 'n ! (~z = ~z ). belongs to ¨ and the locations right before and after each read/write and call instruction belong to ¨. Each procedure It has been shown in [15] that in order to check if T is a (or function) whose implementation is given is represented correct translation of S it is su±cient to: by a transition graph. We choose the set ¨ of a procedure 1. construct a comparison graph C = S £ T ; Pi to be the set of nodes for the corresponding transition graph. For every pair of locations n; m in ¨, if there exists 2.
Load more

Recommended publications
  • Obituary: Amir Pnueli, 1941–2009 Krzysztof R. Apt and Lenore D. Zuck
    Obituary: Amir Pnueli, 1941–2009 Krzysztof R. Apt and Lenore D. Zuck Amir Pnueli was born in Nahalal, Israel, on April 22, 1941 and passed away in New York City on November 2, 2009 as a result of a brain hemorrhage. Amir founded the computer science department in Tel-Aviv University in 1973. In 1981 he joined the department of mathematical sciences at the Weiz- mann Institute of Science, where he spent most of his career and where he held the Estrin family chair. In recent years, Amir was a faculty member at New York University where he was a NYU Silver Professor. Throughout his career, in spite of an impressive list of achievements, Amir remained an extremely modest and selfless researcher. His unique combination of excellence and integrity has set the tone in the large community of researchers working on specification and verification of programs and systems, program semantics and automata theory. Amir was devoid of any arrogance and those who knew him as a young promising researcher were struck how he maintained his modesty throughout his career. Amir has been an active and extremely hard working researcher till the last moment. His sudden death left those who knew him in a state of shock and disbelief. For his achievements Amir received the 1996 ACM Turing Award. The citation reads: “For seminal work introducing temporal logic into computing science and for outstanding contributions to program and system verification.” Amir also received, for his contributions, the 2000 Israel Award in the area of exact sciences. More recently, in 2007, he shared the ACM Software System Award.
    [Show full text]
  • Pdf, 184.84 KB
    Nir Piterman, Associate Professor Coordinates Email: fi[email protected] Homepage: www.cs.le.ac.uk/people/np183 Phone: +44-XX-XXXX-XXXX Research Interests My research area is formal verification. I am especially interested in algorithms for model checking and design synthesis. A major part of my work is on the automata-theoretic approach to verification and especially to model checking. I am also working on applications of formal methods to biological modeling. Qualifications Oct. 2000 { Mar. 2005 Ph.D. in the Department of Computer Science and Applied Mathe- matics at the Weizmann Institute of Science, Rehovot, Israel. • Research Area: Formal Verification. • Thesis: Verification of Infinite-State Systems. • Supervisor: Prof. Amir Pnueli. Oct. 1998 { Oct. 2000 M.Sc. in the Department of Computer Science and Applied Mathe- matics at the Weizmann Institute of Science, Rehovot, Israel. • Research Area: Formal Verification. • Thesis: Extending Temporal Logic with !-Automata. • Supervisor: Prof. Amir Pnueli and Prof. Moshe Vardi. Oct. 1994 { June 1997 B.Sc. in Mathematics and Computer Science in the Hebrew Univer- sity, Jerusalem, Israel. Academic Employment Mar. 2019 { Present Senior Lecturer/Associate Professor in the Department of Com- puter Science and Engineering in University of Gothenburg. Oct. 2012 { Feb. 2019 Reader/Associate Professor in the Department of Informatics in University of Leicester. Oct. 2010 { Sep. 2012 Lecturer in the Department of Computer Science in University of Leicester. Aug. 2007 { Sep. 2010 Research Associate in the Department of Computing in Imperial College London. Host: Dr. Michael Huth Oct. 2004 { July 2007 PostDoc in the school of Computer and Communication Sciences at the Ecole Polytechnique F´ed´eralede Lausanne.
    [Show full text]
  • The Best Nurturers in Computer Science Research
    The Best Nurturers in Computer Science Research Bharath Kumar M. Y. N. Srikant IISc-CSA-TR-2004-10 http://archive.csa.iisc.ernet.in/TR/2004/10/ Computer Science and Automation Indian Institute of Science, India October 2004 The Best Nurturers in Computer Science Research Bharath Kumar M.∗ Y. N. Srikant† Abstract The paper presents a heuristic for mining nurturers in temporally organized collaboration networks: people who facilitate the growth and success of the young ones. Specifically, this heuristic is applied to the computer science bibliographic data to find the best nurturers in computer science research. The measure of success is parameterized, and the paper demonstrates experiments and results with publication count and citations as success metrics. Rather than just the nurturer’s success, the heuristic captures the influence he has had in the indepen- dent success of the relatively young in the network. These results can hence be a useful resource to graduate students and post-doctoral can- didates. The heuristic is extended to accurately yield ranked nurturers inside a particular time period. Interestingly, there is a recognizable deviation between the rankings of the most successful researchers and the best nurturers, which although is obvious from a social perspective has not been statistically demonstrated. Keywords: Social Network Analysis, Bibliometrics, Temporal Data Mining. 1 Introduction Consider a student Arjun, who has finished his under-graduate degree in Computer Science, and is seeking a PhD degree followed by a successful career in Computer Science research. How does he choose his research advisor? He has the following options with him: 1. Look up the rankings of various universities [1], and apply to any “rea- sonably good” professor in any of the top universities.
    [Show full text]
  • Sooner Is Safer Than Later Department of Computer Science
    May 1991 Report No. STAN-CS-91-1360 Sooner is Safer Than Later bY Thomas A. Henzinger Department of Computer Science Stanford University Stanford, California 94305 f- Awwtd REPORT DOCUMENTATION PAGE ma No. 07044188 rt8d to wwq8 I how ou r-. lncllJdlng the ttm8 for nvmwlng tn8uuctl -. wrrtruq 82lsung e8t8 wurcg% Wv*lnQ th8 cOlM(0n Of dormatlon Sand comrrmo I ‘-‘9 th* -om mmate Q arty otwr m ol tha bwdm. to Wnkqtoft ~*dourrtw~ Sewc~. Duator8toT or tnformrt8oe ooer0tm aw v, 121~ - O(cltr of Muwgrmw wbd beget. ?8oemon adato + @~o*olI(i. Woahington. DC 2oSO3. I. AGENCY USE ONLY (Lea- bhd) 2. REPORT DATE 3. REPORT TYPE AND DATES COVERED s/28 p?( I. TITLE AND SulTlTLt 5. FUNDING NUMbERI SomEFz, 15 BIER T&W L-Am 1. PERFORMING ORGANIZATION NAME(S) AND ADDRESS 8. PERFORMING ORGANJZATION REPORT NUMIER jhpx OF- CO~PU’i-ER scii&E STANWD I)tdfhzs’;p/ . 5q-JWFi3RD) CA 9&S I. SPONSORING I’ MONITORING AGENCY NAME(S) AND ADDRESS 10. SPONSORING / MONlTORiNG AGENCY REPORT NUMBER 3ARi’A bJQx39 - 84 c - 020 fd&XW, VA 2220~ I 1. SUPPLEMENTARY NOTES . 12r. DISTRIBUTION / AVAILABILITY STATEMENT lib. DiStRlBUfiON CODE urjL?M:m E. ABSTRACT (Maxrmum 200 words) Abstract. It has been repeatedly observed that the standard safety-liveness classification of properties of reactive systems does not fit for real-time proper- ties. This is because the implicit “liveness” of time shifts the spectrum towards the safety side. While, for example, response - that “something good” will happen, eventually - is a classical liveness property, bounded response - that “something good” will happen soon, within a certain amount of time - has many characteristics of safety.
    [Show full text]
  • Arxiv:2106.11534V1 [Cs.DL] 22 Jun 2021 2 Nanjing University of Science and Technology, Nanjing, China 3 University of Southampton, Southampton, U.K
    Noname manuscript No. (will be inserted by the editor) Turing Award elites revisited: patterns of productivity, collaboration, authorship and impact Yinyu Jin1 · Sha Yuan1∗ · Zhou Shao2, 4 · Wendy Hall3 · Jie Tang4 Received: date / Accepted: date Abstract The Turing Award is recognized as the most influential and presti- gious award in the field of computer science(CS). With the rise of the science of science (SciSci), a large amount of bibliographic data has been analyzed in an attempt to understand the hidden mechanism of scientific evolution. These include the analysis of the Nobel Prize, including physics, chemistry, medicine, etc. In this article, we extract and analyze the data of 72 Turing Award lau- reates from the complete bibliographic data, fill the gap in the lack of Turing Award analysis, and discover the development characteristics of computer sci- ence as an independent discipline. First, we show most Turing Award laureates have long-term and high-quality educational backgrounds, and more than 61% of them have a degree in mathematics, which indicates that mathematics has played a significant role in the development of computer science. Secondly, the data shows that not all scholars have high productivity and high h-index; that is, the number of publications and h-index is not the leading indicator for evaluating the Turing Award. Third, the average age of awardees has increased from 40 to around 70 in recent years. This may be because new breakthroughs take longer, and some new technologies need time to prove their influence. Besides, we have also found that in the past ten years, international collabo- ration has experienced explosive growth, showing a new paradigm in the form of collaboration.
    [Show full text]
  • Amir Pnueli University of Pennsylvania, Pa. 191D4 and Tel-Aviv University, Tel Aviv, Israel
    THE TEMPORAL LOGIC OF PROGRAMS* Amir Pnueli University of Pennsylvania, Pa. 191D4 and Tel-Aviv University, Tel Aviv, Israel Summary: grams, always considered functional programs only. Those are programs with distinct beginning and end, and A unified approach to program verification is sane canputational instructions in between, whose suggested, which applies to both sequential and statement of correctness consists of the description parallel programs. The main proof method suggested is of the func tion of the input variables c anputed on that of temporal reasoning in which the time depend­ successful cOOlpletion. This approach canpletely ence of events is the basic concept. Two forma 1 ignored an important class of operating system or systems are presented for providing a basis for tem­ real time type programs, for which halting is rather poral reasoning. One forms a formalization of the an abnormal situation. Only recently 10,11,19 have method of intermittent assertions, while the other is people begun investigating the concept of correctness an adaptation of the tense logic system Kb, and is for non-terminating cyclic programs. It seems that the notion of temporal implication is the correct one. particularly suitable for reasoning about concurrent Thus, a specification of correctness for an operating programs. system may be that it responds correctly to any incoming request, expressible as: {Request arrival O. Introduction situation }~ System grants request }. Due to increasing maturity in the research on Similar to the unification of correctness basic program verification, and the increasing interest and concepts, there seems to be a unification in the basic understanding of the behavior of concurrent programs, proof methods.
    [Show full text]
  • Alan Mathison Turing and the Turing Award Winners
    Alan Turing and the Turing Award Winners A Short Journey Through the History of Computer TítuloScience do capítulo Luis Lamb, 22 June 2012 Slides by Luis C. Lamb Alan Mathison Turing A.M. Turing, 1951 Turing by Stephen Kettle, 2007 by Slides by Luis C. Lamb Assumptions • I assume knowlege of Computing as a Science. • I shall not talk about computing before Turing: Leibniz, Babbage, Boole, Gödel... • I shall not detail theorems or algorithms. • I shall apologize for omissions at the end of this presentation. • Comprehensive information about Turing can be found at http://www.mathcomp.leeds.ac.uk/turing2012/ • The full version of this talk is available upon request. Slides by Luis C. Lamb Alan Mathison Turing § Born 23 June 1912: 2 Warrington Crescent, Maida Vale, London W9 Google maps Slides by Luis C. Lamb Alan Mathison Turing: short biography • 1922: Attends Hazlehurst Preparatory School • ’26: Sherborne School Dorset • ’31: King’s College Cambridge, Maths (graduates in ‘34). • ’35: Elected to Fellowship of King’s College Cambridge • ’36: Publishes “On Computable Numbers, with an Application to the Entscheindungsproblem”, Journal of the London Math. Soc. • ’38: PhD Princeton (viva on 21 June) : “Systems of Logic Based on Ordinals”, supervised by Alonzo Church. • Letter to Philipp Hall: “I hope Hitler will not have invaded England before I come back.” • ’39 Joins Bletchley Park: designs the “Bombe”. • ’40: First Bombes are fully operational • ’41: Breaks the German Naval Enigma. • ’42-44: Several contibutions to war effort on codebreaking; secure speech devices; computing. • ’45: Automatic Computing Engine (ACE) Computer. Slides by Luis C.
    [Show full text]
  • COMP 516 Research Methods in Computer Science Research Methods in Computer Science Lecture 3: Who Is Who in Computer Science Research
    COMP 516 COMP 516 Research Methods in Computer Science Research Methods in Computer Science Lecture 3: Who is Who in Computer Science Research Dominik Wojtczak Dominik Wojtczak Department of Computer Science University of Liverpool Department of Computer Science University of Liverpool 1 / 24 2 / 24 Prizes and Awards Alan M. Turing (1912-1954) Scientific achievement is often recognised by prizes and awards Conferences often give a best paper award, sometimes also a best “The father of modern computer science” student paper award In 1936 introduced Turing machines, as a thought Example: experiment about limits of mechanical computation ICALP Best Paper Prize (Track A, B, C) (Church-Turing thesis) For the best paper, as judged by the program committee Gives rise to the concept of Turing completeness and Professional organisations also give awards based on varying Turing reducibility criteria In 1939/40, Turing designed an electromechanical machine which Example: helped to break the german Enigma code British Computer Society Roger Needham Award His main contribution was an cryptanalytic machine which used Made annually for a distinguished research contribution in computer logic-based techniques science by a UK based researcher within ten years of their PhD In the 1950 paper ‘Computing machinery and intelligence’ Turing Arguably, the most prestigious award in Computer Science is the introduced an experiment, now called the Turing test A. M. Turing Award 2012 is the Alan Turing year! 3 / 24 4 / 24 Turing Award Turing Award Winners What contribution have the following people made? The A. M. Turing Award is given annually by the Association for Who among them has received the Turing Award? Computing Machinery to an individual selected for contributions of a technical nature made Frances E.
    [Show full text]
  • COS 360 Programming Languages Formal Semantics
    COS 360 Programming Languages Formal Semantics Semantics has to do with meaning, and typically the meaning of a complex whole is a function of the meaning of its parts. Just as in an English sentence, we parse a sentence into subject, verb, objects, adjectives(noun qualifiers) and adverbs(verb qualifiers), so with a program we break it up into control structures, statements, expressions, each of which has a meaning. The meanings of the constituents contribute to the meaning of the program as a whole. Another way this is put is to say that the semantics is compositional en.wikipedia.org/wiki/Denotational_semantics#Compositionality Consequently, the grammar of a language guides the exposition of its meaning. Each of the three approaches to formal semantics, axiomatic, operational, and denotational, will use the grammar as a structuring device to explain the meaning. The grammar used, however, is not the same one that the compiler’s parser uses. It eliminates the punctuation and just contains the relevant, meaning carrying pieces and is often ambiguous, but the notion is that the parsing has already taken place and the parse tree simplified to what is referred to as an abstract syntax tree. Learning Objectives 1. to understand the difference between the abstract syntax trees used in expositions of semantics and the concrete syntax trees, or parse trees, used in parsing 2. to understand how the abstract syntax tree contributes to the explanation of program- ming language semantics 3. to understand the three major approaches to programming language semantics: ax- iomatic, operational, and denotational 4. to understand how axiomatic semantics can be used to prove algorithms are correct 5.
    [Show full text]
  • 20Th International Conference on Computer Aided Verifi Cation PRINCETON July 7–14UNIVERSITY P R I N C E T O N
    20 ANNIVERSARY 20 TH 08 CAV20th International Conference on Computer Aided Verifi cation PRINCETON July 7–14UNIVERSITY P r i n c e t o n . N e w J e r s e y . U S A www.princeton.edu/cav2008 South facade of Nassau Hall (1756), Princeton University; photo by Denise Applewhite INVITED SPEAKERS INVITED TUTORIALS AFFILIATED EVENTS WORKSHOPS July 7, 8, and 14 Edward Felten Princeton University Harry Foster Mentor Graphics CAV Award AFM: Automated Formal Methods James Larus Microsoft Research John Harrison Intel HW-MC-Comp BPR: Bit Precise Reasoning Peter O’Hearn University of London SMT-Comp (EC)^2: Exploiting Concurrency Effi ciently and Correctly Reinhard Wilhelm Saarland University FAC: Formal verifi cation of Analog Circuits HAV: Heap Analysis and Verifi cation NSV: Numerical abstractions for Software Verifi cation SMT: Satisfi ability Modulo Theories CONFERENCE CHAIRS PROGRAM COMMITTEE Aarti Gupta NEC Labs America Rajeev Alur University of Pennsylvania Aarti Gupta NEC Labs America Sharad Malik Princeton University Sharad Malik Princeton University Nina Amla Cadence David Harel Weizmann Institute Ken McMillan Cadence WORKSHOPS CHAIR Clark Barrett New York University John Harrison Intel Kedar Namjoshi Bell Labs, Alcatel-Lucent Byron Cook Microsoft Research Armin Biere Johannes Kepler Universität Linz Thomas A. Henzinger EPFL Corina Pasareanu NASA TUTORIALS CHAIR Roderick Bloem Graz University of Technology Holger Hermanns Saarland University Amir Pnueli New York University Ahmed Bouajjani University Paris 7 Pei-Hsin Ho Synopsys Andreas Podelski University of Freiburg Alan Hu University of British Columbia Alessandro Cimatti IRST Trento Robert Jones Intel Shaz Qadeer Microsoft Research STEERING COMMITTEE Werner Damm Oldenburg University Daniel Kroening Oxford University Koushik Sen University of California–Berkeley Edmund M.
    [Show full text]
  • Computing Paradigm Not a Branch of Science
    letters to the editor DOI:10.1145/1721654.1721657 Computing Paradigm Not a Branch of Science EGINNING WITH THE headline, generically called “computer,” but is key element in all complex computing “Computing’s Paradigm,” a misleading connection, since the domains. Moreover, understanding is The Profession of IT View- two disciplines describe the computer associated with modeling, a key aspect point by Peter J. Denning in different ways—a formal model of of understanding. One cannot deter- and Peter A. Freeman (Dec. computation in Knuth-Dijkstra com- mine whether a system can be built or B2009) reflected some confusion with puting, an actual machine in Denning- represented without the understanding respect to Thomas Kuhn’s notion of Freeman computing. needed to pose hypotheses, theses, or “paradigm” (a set of social and insti- Denning and Freeman proposed formal requirements. Understanding is tutional norms that regulate “normal a “framework” that takes the side of often not addressed very well by begin- science” over a period of time). Para- engineering computing (why I call it ning computing researchers and devel- digms, said Kuhn, are incommensu- Denning-Freeman computing), de- opers, especially as it pertains to infor- rable but determined by the social scribing development of an engineer- mation processes. discourse of the environment in which ing system and leaving no doubt as to The second missing element of con- science develops. the envisioned nature of the discipline. ceptualization is an explicit statement The crux of the matter seems to be All the purportedly different fields they about bounded rationality, per Her- that computing can’t be viewed as a proposed—from robotics to informa- bert Simon (http://en.wikipedia.org/ branch of science since it doesn’t deal tion processing in DNA—are actually wiki/Bounded_rationality), a concept with nature but with an artifact, namely different applications of the same para- based on the fact that the rationality of the computer.
    [Show full text]
  • Etude on Recursion Elimination by Program Manipulation and Problem Analysis
    Etude on Recursion Elimination by Program Manipulation and Problem Analysis Nikolay V. Shilov Innopolis University Russia [email protected] Transformation-based program verification was a very important research topic in early years of theory of programming. Great computer scientists contributed to these studies: John McCarthy, Amir Pnueli, Donald Knuth ... Many fascinating examples were examined and resulted in recursion elimination techniques known as tail-recursion and as co-recursion. In the present paper we examine another (new we believe) example of recursion elimination via program manipulations and problem analysis. The recursion pattern of the study example matches neither tail-recursion nor co-recursion pattern. 1 Introduction 1.1 McCarthy 91 function Let us start with a short story [7] about the McCarthy 91 function M : N ! N, defined by John McCarthy1 as a test case for formal verification. The function is defined recursively as n − 10, if n > 100; M(n) = M(M(n + 11)), if n ≤ 100. The result of evaluating the function are given by n − 10, if n > 101; M(n) = (1) 91, if n ≤ 101. The function was introduced in papers published by Zohar Manna, Amir Pnueli and John McCarthy in 1970 [15, 16]. These papers represented early developments towards the application of formal methods to program verification. The function has a “complex” recursion pattern (contrasted with simple patterns, such as recurrence, tail-recursion or co-recursion). Nevertheless the McCarthy 91 function can be computed by an iterative algorithm/program. Really, let us consider an auxiliary recursive function Maux : N × N ! N 8 n m < , if = 0; Maux(n;m) = Maux(n − 10; m − 1), if n > 100 and m > 0; : Maux(n + 11; m + 1), if n < 100 and m > 0.
    [Show full text]