DOCSLIB.ORG

Cyclone by Example 15-213 Spring 2007

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyclone by Example 15-213 Spring 2007 Cyclone By Example 15-213 Spring 2007 Aleksey Kliger Computer Science Department Carnegie Mellon University March 8, 2007 Aleksey Kliger (CMU) Cyclone By Example Mar 8 1 / 26 The Big Picture Outline 1 The Big Picture 2 Pointer Arithmetic 3 Tagged Unions And Not-NULL Pointers 4 Regions Aleksey Kliger (CMU) Cyclone By Example Mar 8 2 / 26 The Big Picture From C to Cyclone Theme 1 Rule out unsafe features of C 2 When possible, check some properties of a program at compile-time. 3 Otherwise, do a runtime check. Aleksey Kliger (CMU) Cyclone By Example Mar 8 3 / 26 The Big Picture Unsafe Features of C Review of Tuesday’s Lecture 1 Pointer arithmetic 2 NULL pointer dereferences 3 Union types 4 Pointers to local variables 5 Casting to pointer types 6 Malloc/free 7 Symbol confusion during linking 8 Format string problems 9 Uninitialized Variables Aleksey Kliger (CMU) Cyclone By Example Mar 8 4 / 26 The Big Picture Unsafe Features of C Review of Tuesday’s Lecture 1 Pointer arithmetic 2 NULL pointer dereferences 3 Union types 4 Pointers to local variables 5 Casting to pointer types 6 Malloc/free 7 Symbol confusion during linking 8 Format string problems 9 Uninitialized Variables Aleksey Kliger (CMU) Cyclone By Example Mar 8 4 / 26 The Big Picture C vs Cyclone C Cyclone 1 Pointer arithmetic 1 @fat pointers 2 NULL pointer dereferences 2 @notnull pointers or runtime checks 3 Union types 3 @tagged unions 4 Pointers to local variables 4 @region() annotations Aleksey Kliger (CMU) Cyclone By Example Mar 8 5 / 26 Pointer Arithmetic Outline 1 The Big Picture 2 Pointer Arithmetic 3 Tagged Unions And Not-NULL Pointers 4 Regions Aleksey Kliger (CMU) Cyclone By Example Mar 8 6 / 26 Pointer Arithmetic Pointer Arithmetic C version Example (Singly-linked Example (Array to list) lists) list* array2list(int* A, int n) { struct List { list* l = NULL; int head; int i; struct List* tail; for (i = n-1; i >= 0; i--) { }; list* t = malloc (sizeof (list)); typedef t->head = A[i]; struct List t->tail = l; list; l = t; } return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 7 / 26 Pointer Arithmetic Pointer Arithmetic C version Example (Singly-linked Example (Array to list) lists) list* array2list(int* A, int n) { struct List { list* l = NULL; int head; int i; struct List* tail; for (i = n-1; i >= 0; i--) { }; list* t = malloc (sizeof (list)); typedef t->head = A[i]; struct List t->tail = l; list; l = t; } return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 7 / 26 Pointer Arithmetic Array To List Illustration Example (Array to list) list* array2list(int* A, int n) { list* l = NULL; int i; for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); Example t->head = A[i]; int a[3] = t->tail = l; {7, 8, 9}; l = t; list* result = } array2list (a, 3); return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 8 / 26 Pointer Arithmetic Array To List Illustration Example (Array to list) list* array2list(int* A, int n) { list* l = NULL; int i; for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); Example t->head = A[i]; int a[3] = t->tail = l; {7, 8, 9}; l = t; list* result = } array2list (a, 3); return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 8 / 26 Pointer Arithmetic Array To List Illustration Example (Array to list) list* array2list(int* A, int n) { list* l = NULL; int i; for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); Example t->head = A[i]; int a[3] = t->tail = l; {7, 8, 9}; l = t; list* result = } array2list (a, 3); return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 8 / 26 Pointer Arithmetic Array To List Illustration Example (Array to list) list* array2list(int* A, int n) { list* l = NULL; int i; for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); Example t->head = A[i]; int a[3] = t->tail = l; {7, 8, 9}; l = t; list* result = } array2list (a, 3); return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 8 / 26 Pointer Arithmetic Array To List Illustration Example (Array to list) list* array2list(int* A, int n) { list* l = NULL; int i; for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); Example t->head = A[i]; int a[3] = t->tail = l; {7, 8, 9}; l = t; list* result = } array2list (a, 3); return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 8 / 26 Pointer Arithmetic Array To List Unsafe Aspects Question Example (Array to list) What’s unsafe here? list* array2list(int* A, int n){ list* l = NULL; int i; for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); t->head = A[i]; t->tail = l; l = t; } return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 9 / 26 Pointer Arithmetic Array To List Unsafe Aspects Question Example (Array to list) What’s unsafe here? list* array2list(int* A, int n){ list* l = NULL; int i; for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); t->head = A[i]; t->tail = l; l = t; } return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 9 / 26 Pointer Arithmetic Array To List Cyclone Version Example (Array to list) 1 Fat pointer list* array2list(int? A){ (int? A) list* l = NULL; 2 Number of int i; int n = numelts(A); elements for (i = n-1; i >= 0; i--) { numelts(A) list* t = malloc (sizeof (list)); 3 Array bounds check t->head = A[i]; t->tail = l; l = t; } (int ? abbreviates int *@fat) return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 10 / 26 Pointer Arithmetic Array To List Let’s compile it! [aleksey@tuna] cyclone -Wall -c array2list.cyc ***Warnings*** array2list.cyc:16: inserted bounds check at A[i] array2list.cyc:16: inserted null check ************** Often, Cyclone can eliminate bounds checks. Sometimes it can’t. Aleksey Kliger (CMU) Cyclone By Example Mar 8 11 / 26 Pointer Arithmetic Array To List Let’s compile it! [aleksey@tuna] cyclone -Wall -c array2list.cyc ***Warnings*** array2list.cyc:16: inserted bounds check at A[i] array2list.cyc:16: inserted null check ************** But why the null check? Aleksey Kliger (CMU) Cyclone By Example Mar 8 11 / 26 Pointer Arithmetic Array To List @fat pointers can be null Example (Array to list) list* array2list(int? A) { list* l = NULL; int i; int n = numelts(A); If A were NULL, we for (i = n-1; i >= 0; i--) { would never get here, list* t = malloc (sizeof (list)); but Cyclone doesn’t know that. t->head = A[i]; t->tail = l; l = t; } return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 12 / 26 Pointer Arithmetic Array To List @fat pointers can be null Example (Array to list) list* array2list(int? A) { list* l = NULL; Add our own NULL int i; int n = numelts(A); check (outside the if (!A) return NULL; loop). for (i = n-1; i >= 0; i--) { list* t = malloc (sizeof (list)); t->head = A[i]; t->tail = l; l = t; } return l; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 12 / 26 Tagged Unions And Not-NULL Pointers Outline 1 The Big Picture 2 Pointer Arithmetic 3 Tagged Unions And Not-NULL Pointers 4 Regions Aleksey Kliger (CMU) Cyclone By Example Mar 8 13 / 26 Tagged Unions And Not-NULL Pointers Zoology (From a gazelle’s perspective) Example (Animals) Example (Count teeth) struct Herbivore {...}; int count_teeth(animal struct Carnivore { serengeti[], int numteeth; ... int n) { }; int total = 0; struct Animal { int i; int isCarnivore; union { for (i = 0; i < n; i++) { struct Herbivore* h; if (serengeti[i].isCarnivore) struct Carnivore* c; total += }; serengeti[i].c->numteeth; }; } typedef struct Animal return total; animal; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 14 / 26 Tagged Unions And Not-NULL Pointers Zoology (From a gazelle’s perspective) Example (Animals) Example (Count teeth) struct Herbivore {...}; int count_teeth(animal struct Carnivore { serengeti[], int numteeth; ... int n) { }; int total = 0; struct Animal { int i; int isCarnivore; union { for (i = 0; i < n; i++) { struct Herbivore* h; if (serengeti[i].isCarnivore) struct Carnivore* c; total += }; serengeti[i].c->numteeth; }; } typedef struct Animal return total; animal; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 14 / 26 Tagged Unions And Not-NULL Pointers Zoology Unsafe features Example (Count teeth) int count_teeth(animal serengeti[], int n){ int total = 0; int i; for (i = 0; i < n; i++) { if (serengeti[i].isCarnivore) total += serengeti[i].c->numteeth; } return total; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 15 / 26 Tagged Unions And Not-NULL Pointers Zoology Unsafe features Example (Count teeth) int count_teeth(animal serengeti[], int n){ 1 Arrays int total = 0; 2 Tag and union field int i; may be out of sync 3 Dereferencing a pointer for (i = 0; i < n; i++) { without checking for if (serengeti[i].isCarnivore) NULL total += serengeti[i].c->numteeth; } return total; } Aleksey Kliger (CMU) Cyclone By Example Mar 8 15 / 26 Tagged Unions And Not-NULL Pointers Safe Zoology Use @tagged and @notnull Example (Animals) struct Herbivore {...}; struct Carnivore { int numteeth; ... }; struct Animal { int isCarnivore; union { struct Herbivore* h; struct Carnivore* c; }; }; typedef struct Animal animal; Aleksey Kliger (CMU) Cyclone By Example Mar 8 16 / 26 Tagged Unions And Not-NULL Pointers Safe Zoology Use @tagged and @notnull Example (Animals) struct Herbivore {...}; 1 @tagged union: compiler knows the struct Carnivore { role of the tag in selecting between int numteeth; ... .h and .c }; 2 struct Carnivore @ is a pointer @tagged that must not be NULL.
Load more

Recommended publications
  • Cyclone: a Type-Safe Dialect of C∗
    Cyclone: A Type-Safe Dialect of C∗ Dan Grossman Michael Hicks Trevor Jim Greg Morrisett If any bug has achieved celebrity status, it is the • In C, an array of structs will be laid out contigu- buffer overflow. It made front-page news as early ously in memory, which is good for cache locality. as 1987, as the enabler of the Morris worm, the first In Java, the decision of how to lay out an array worm to spread through the Internet. In recent years, of objects is made by the compiler, and probably attacks exploiting buffer overflows have become more has indirections. frequent, and more virulent. This year, for exam- ple, the Witty worm was released to the wild less • C has data types that match hardware data than 48 hours after a buffer overflow vulnerability types and operations. Java abstracts from the was publicly announced; in 45 minutes, it infected hardware (“write once, run anywhere”). the entire world-wide population of 12,000 machines running the vulnerable programs. • C has manual memory management, whereas Notably, buffer overflows are a problem only for the Java has garbage collection. Garbage collec- C and C++ languages—Java and other “safe” lan- tion is safe and convenient, but places little con- guages have built-in protection against them. More- trol over performance in the hands of the pro- over, buffer overflows appear in C programs written grammer, and indeed encourages an allocation- by expert programmers who are security concious— intensive style. programs such as OpenSSH, Kerberos, and the com- In short, C programmers can see the costs of their mercial intrusion detection programs that were the programs simply by looking at them, and they can target of Witty.
    [Show full text]
  • REFPERSYS High-Level Goals and Design Ideas*
    REFPERSYS high-level goals and design ideas* Basile STARYNKEVITCH† Abhishek CHAKRAVARTI‡ Nimesh NEEMA§ refpersys.org October 2019 - May 2021 Abstract REFPERSYS is a REFlexive and orthogonally PERsistent SYStem (as a GPLv3+ licensed free software1) running on Linux; it is a hobby2 but serious research project for many years, mostly aimed to experiment open science ideas close to Artificial General Intelligence3 dreams, and we don’t expect use- ful or interesting results before several years of hard work. audience : LINUX free software developers4 and computer scientists interested in an experimental open science approach to reflexive systems, orthogonal persistence, symbolic artificial intelligence, knowledge engines, etc.... Nota Bene: this report contains many hyperlinks to relevant sources so its PDF should rather be read on a computer screen, e.g. with evince. Since it describes a circular design (with many cycles [Hofstadter:1979:GEB]), we recommend to read it twice (skipping footnotes and references on the first read). This entire document is licensed under the Creative Commons Attribution-ShareAlike 4.0 International License. To view a copy of this license, visit creativecommons.org/licenses/by-sa/4.0/ or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. *This document has git commit fb17387fbbb7e200, was Lua-LATEX generated on 2021-May-17 18:55 MEST, see gitlab.com/bstarynk/refpersys/ and its doc/design-ideas subdirectory. Its draft is downloadable, as a PDF file, from starynkevitch.net/Basile/refpersys-design.pdf ... †See starynkevitch.net/Basile/ and contact [email protected], 92340 Bourg La Reine (near Paris), France. ‡[email protected], FL 3C, 62B PGH Shah Road, Kolkata 700032, India.
    [Show full text]
  • Spindle Documentation Release 2.0.0
    spindle Documentation Release 2.0.0 Jorge Ortiz, Jason Liszka June 08, 2016 Contents 1 Thrift 3 1.1 Data model................................................3 1.2 Interface definition language (IDL)...................................4 1.3 Serialization formats...........................................4 2 Records 5 2.1 Creating a record.............................................5 2.2 Reading/writing records.........................................6 2.3 Record interface methods........................................6 2.4 Other methods..............................................7 2.5 Mutable trait...............................................7 2.6 Raw class.................................................7 2.7 Priming..................................................7 2.8 Proxies..................................................8 2.9 Reflection.................................................8 2.10 Field descriptors.............................................8 3 Custom types 9 3.1 Enhanced types..............................................9 3.2 Bitfields..................................................9 3.3 Type-safe IDs............................................... 10 4 Enums 13 4.1 Enum value methods........................................... 13 4.2 Companion object methods....................................... 13 4.3 Matching and unknown values...................................... 14 4.4 Serializing to string............................................ 14 4.5 Examples................................................. 14 5 Working
    [Show full text]
  • Union Types for Semistructured Data
    Edinburgh Research Explorer Union Types for Semistructured Data Citation for published version: Buneman, P & Pierce, B 1999, Union Types for Semistructured Data. in Union Types for Semistructured Data: 7th International Workshop on Database Programming Languages, DBPL’99 Kinloch Rannoch, UK, September 1–3,1999 Revised Papers. Lecture Notes in Computer Science, vol. 1949, Springer-Verlag GmbH, pp. 184-207. https://doi.org/10.1007/3-540-44543-9_12 Digital Object Identifier (DOI): 10.1007/3-540-44543-9_12 Link: Link to publication record in Edinburgh Research Explorer Document Version: Peer reviewed version Published In: Union Types for Semistructured Data General rights Copyright for the publications made accessible via the Edinburgh Research Explorer is retained by the author(s) and / or other copyright owners and it is a condition of accessing these publications that users recognise and abide by the legal requirements associated with these rights. Take down policy The University of Edinburgh has made every reasonable effort to ensure that Edinburgh Research Explorer content complies with UK legislation. If you believe that the public display of this file breaches copyright please contact [email protected] providing details, and we will remove access to the work immediately and investigate your claim. Download date: 27. Sep. 2021 Union Typ es for Semistructured Data Peter Buneman Benjamin Pierce University of Pennsylvania Dept of Computer Information Science South rd Street Philadelphia PA USA fpeterbcpiercegcisupenn edu Technical
    [Show full text]
  • A Proposal for a Standard Systemverilog Synthesis Subset
    A Proposal for a Standard Synthesizable Subset for SystemVerilog-2005: What the IEEE Failed to Define Stuart Sutherland Sutherland HDL, Inc., Portland, Oregon [email protected] Abstract frustrating disparity in commercial synthesis compilers. Each commercial synthesis product—HDL Compiler, SystemVerilog adds hundreds of extensions to the Encounter RTL Compiler, Precision, Blast and Synplify, to Verilog language. Some of these extensions are intended to name just a few—supports a different subset of represent hardware behavior, and are synthesizable. Other SystemVerilog. Design engineers must experiment and extensions are intended for testbench programming or determine for themselves what SystemVerilog constructs abstract system level modeling, and are not synthesizable. can safely be used for a specific design project and a The IEEE 1800-2005 SystemVerilog standard[1] defines specific mix of EDA tools. Valuable engineering time is the syntax and simulation semantics of these extensions, lost because of the lack of a standard synthesizable subset but does not define which constructs are synthesizable, or definition for SystemVerilog. the synthesis rules and semantics. This paper proposes a standard synthesis subset for SystemVerilog. The paper This paper proposes a subset of the SystemVerilog design reflects discussions with several EDA companies, in order extensions that should be considered synthesizable using to accurately define a common synthesis subset that is current RTL synthesis compiler technology. At Sutherland portable across today’s commercial synthesis compilers. HDL, we use this SystemVerilog synthesis subset in the training and consulting services we provide. We have 1. Introduction worked closely with several EDA companies to ensure that this subset is portable across a variety of synthesis SystemVerilog extensions to the Verilog HDL address two compilers.
    [Show full text]
  • Presentation on Ocaml Internals
    OCaml Internals Implementation of an ML descendant Theophile Ranquet Ecole Pour l’Informatique et les Techniques Avancées SRS 2014 [email protected] November 14, 2013 2 of 113 Table of Contents Variants and subtyping System F Variants Type oddities worth noting Polymorphic variants Cyclic types Subtyping Weak types Implementation details α ! β Compilers Functional programming Values Why functional programming ? Allocation and garbage Combinatory logic : SKI collection The Curry-Howard Compiling correspondence Type inference OCaml and recursion 3 of 113 Variants A tagged union (also called variant, disjoint union, sum type, or algebraic data type) holds a value which may be one of several types, but only one at a time. This is very similar to the logical disjunction, in intuitionistic logic (by the Curry-Howard correspondance). 4 of 113 Variants are very convenient to represent data structures, and implement algorithms on these : 1 d a t a t y p e tree= Leaf 2 | Node of(int ∗ t r e e ∗ t r e e) 3 4 Node(5, Node(1,Leaf,Leaf), Node(3, Leaf, Node(4, Leaf, Leaf))) 5 1 3 4 1 fun countNodes(Leaf)=0 2 | countNodes(Node(int,left,right)) = 3 1 + countNodes(left)+ countNodes(right) 5 of 113 1 t y p e basic_color= 2 | Black| Red| Green| Yellow 3 | Blue| Magenta| Cyan| White 4 t y p e weight= Regular| Bold 5 t y p e color= 6 | Basic of basic_color ∗ w e i g h t 7 | RGB of int ∗ i n t ∗ i n t 8 | Gray of int 9 1 l e t color_to_int= function 2 | Basic(basic_color,weight) −> 3 l e t base= match weight with Bold −> 8 | Regular −> 0 in 4 base+ basic_color_to_int basic_color 5 | RGB(r,g,b) −> 16 +b+g ∗ 6 +r ∗ 36 6 | Grayi −> 232 +i 7 6 of 113 The limit of variants Say we want to handle a color representation with an alpha channel, but just for color_to_int (this implies we do not want to redefine our color type, this would be a hassle elsewhere).
    [Show full text]
  • Meant to Provoke Thought Regarding the Current "Software Crisis" at the Time
    1 www.onlineeducation.bharatsevaksamaj.net www.bssskillmission.in DATA STRUCTURES Topic Objective: At the end of this topic student will be able to: At the end of this topic student will be able to: Learn about software engineering principles Discover what an algorithm is and explore problem-solving techniques Become aware of structured design and object-oriented design programming methodologies Learn about classes Learn about private, protected, and public members of a class Explore how classes are implemented Become aware of Unified Modeling Language (UML) notation Examine constructors and destructors Learn about the abstract data type (ADT) Explore how classes are used to implement ADT Definition/Overview: Software engineering is the application of a systematic, disciplined, quantifiable approach to the development, operation, and maintenance of software, and the study of these approaches. That is the application of engineering to software. The term software engineering first appeared in the 1968 NATO Software Engineering Conference and WWW.BSSVE.INwas meant to provoke thought regarding the current "software crisis" at the time. Since then, it has continued as a profession and field of study dedicated to creating software that is of higher quality, cheaper, maintainable, and quicker to build. Since the field is still relatively young compared to its sister fields of engineering, there is still much work and debate around what software engineering actually is, and if it deserves the title engineering. It has grown organically out of the limitations of viewing software as just programming. Software development is a term sometimes preferred by practitioners in the industry who view software engineering as too heavy-handed and constrictive to the malleable process of creating software.
    [Show full text]
  • Obstacl: a Language with Objects, Subtyping, and Classes
    OBSTACL: A LANGUAGE WITH OBJECTS, SUBTYPING, AND CLASSES A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY By Amit Jayant Patel December 2001 c Copyright 2002 by Amit Jayant Patel All Rights Reserved ii I certify that I have read this dissertation and that in my opin- ion it is fully adequate, in scope and quality, as a dissertation for the degree of Doctor of Philosophy. John Mitchell (Principal Adviser) I certify that I have read this dissertation and that in my opin- ion it is fully adequate, in scope and quality, as a dissertation for the degree of Doctor of Philosophy. Kathleen Fisher I certify that I have read this dissertation and that in my opin- ion it is fully adequate, in scope and quality, as a dissertation for the degree of Doctor of Philosophy. David Dill Approved for the University Committee on Graduate Studies: iii Abstract Widely used object-oriented programming languages such as C++ and Java support soft- ware engineering practices but do not have a clean theoretical foundation. On the other hand, most research languages with well-developed foundations are not designed to support software engineering practices. This thesis bridges the gap by presenting OBSTACL, an object-oriented extension of ML with a sound theoretical basis and features that lend themselves to efficient implementation. OBSTACL supports modular programming techniques with objects, classes, structural subtyping, and a modular object construction system. OBSTACL's parameterized inheritance mechanism can be used to express both single inheritance and most common uses of multiple inheritance.
    [Show full text]
  • A Fast, Verified, Cross-Platform Cryptographic Provider
    EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider Jonathan Protzenko∗, Bryan Parnoz, Aymeric Fromherzz, Chris Hawblitzel∗, Marina Polubelovay, Karthikeyan Bhargavany Benjamin Beurdouchey, Joonwon Choi∗x, Antoine Delignat-Lavaud∗,Cedric´ Fournet∗, Natalia Kulatovay, Tahina Ramananandro∗, Aseem Rastogi∗, Nikhil Swamy∗, Christoph M. Wintersteiger∗, Santiago Zanella-Beguelin∗ ∗Microsoft Research zCarnegie Mellon University yInria xMIT Abstract—We present EverCrypt: a comprehensive collection prone (due in part to Intel and AMD reporting CPU features of verified, high-performance cryptographic functionalities avail- inconsistently [78]), with various cryptographic providers able via a carefully designed API. The API provably supports invoking illegal instructions on specific platforms [74], leading agility (choosing between multiple algorithms for the same functionality) and multiplexing (choosing between multiple im- to killed processes and even crashing kernels. plementations of the same algorithm). Through abstraction and Since a cryptographic provider is the linchpin of most zero-cost generic programming, we show how agility can simplify security-sensitive applications, its correctness and security are verification without sacrificing performance, and we demonstrate crucial. However, for most applications (e.g., TLS, cryptocur- how C and assembly can be composed and verified against rencies, or disk encryption), the provider is also on the critical shared specifications. We substantiate the effectiveness of these techniques with
    [Show full text]
  • CS 6110 S18 Lecture 23 Subtyping 1 Introduction 2 Basic Subtyping Rules
    CS 6110 S18 Lecture 23 Subtyping 1 Introduction In this lecture, we attempt to extend the typed λ-calculus to support objects. In particular, we explore the concept of subtyping in detail, which is one of the key features of object-oriented (OO) languages. Subtyping was first introduced in Simula, the first object-oriented programming language. Its inventors Ole-Johan Dahl and Kristen Nygaard later went on to win the Turing award for their contribution to the field of object-oriented programming. Simula introduced a number of innovative features that have become the mainstay of modern OO languages including objects, subtyping and inheritance. The concept of subtyping is closely tied to inheritance and polymorphism and offers a formal way of studying them. It is best illustrated by means of an example. This is an example of a hierarchy that describes a Person Student Staff Grad Undergrad TA RA Figure 1: A Subtype Hierarchy subtype relationship between different types. In this case, the types Student and Staff are both subtypes of Person. Alternatively, one can say that Person is a supertype of Student and Staff. Similarly, TA is a subtype of the Student and Person types, and so on. The subtype relationship is normally a preorder (reflexive and transitive) on types. A subtype relationship can also be viewed in terms of subsets. If σ is a subtype of τ, then all elements of type σ are automatically elements of type τ. The ≤ symbol is typically used to denote the subtype relationship. Thus, Staff ≤ Person, RA ≤ Student, etc. Sometimes the symbol <: is used, but we will stick with ≤.
    [Show full text]
  • Table of Contents
    A Comprehensive Introduction to Vista Operating System Table of Contents Chapter 1 - Windows Vista Chapter 2 - Development of Windows Vista Chapter 3 - Features New to Windows Vista Chapter 4 - Technical Features New to Windows Vista Chapter 5 - Security and Safety Features New to Windows Vista Chapter 6 - Windows Vista Editions Chapter 7 - Criticism of Windows Vista Chapter 8 - Windows Vista Networking Technologies Chapter 9 -WT Vista Transformation Pack _____________________ WORLD TECHNOLOGIES _____________________ Abstraction and Closure in Computer Science Table of Contents Chapter 1 - Abstraction (Computer Science) Chapter 2 - Closure (Computer Science) Chapter 3 - Control Flow and Structured Programming Chapter 4 - Abstract Data Type and Object (Computer Science) Chapter 5 - Levels of Abstraction Chapter 6 - Anonymous Function WT _____________________ WORLD TECHNOLOGIES _____________________ Advanced Linux Operating Systems Table of Contents Chapter 1 - Introduction to Linux Chapter 2 - Linux Kernel Chapter 3 - History of Linux Chapter 4 - Linux Adoption Chapter 5 - Linux Distribution Chapter 6 - SCO-Linux Controversies Chapter 7 - GNU/Linux Naming Controversy Chapter 8 -WT Criticism of Desktop Linux _____________________ WORLD TECHNOLOGIES _____________________ Advanced Software Testing Table of Contents Chapter 1 - Software Testing Chapter 2 - Application Programming Interface and Code Coverage Chapter 3 - Fault Injection and Mutation Testing Chapter 4 - Exploratory Testing, Fuzz Testing and Equivalence Partitioning Chapter 5
    [Show full text]
  • Busting the Myth That Systemverilog Is Only for Verification
    Synthesizing SystemVerilog Busting the Myth that SystemVerilog is only for Verification Stuart Sutherland Don Mills Sutherland HDL, Inc. Microchip Technology, Inc. [email protected] [email protected] ABSTRACT SystemVerilog is not just for Verification! When the SystemVerilog standard was first devised, one of the primary goals was to enable creating synthesizable models of complex hardware designs more accurately and with fewer lines of code. That goal was achieved, and Synopsys has done a great job of implementing SystemVerilog in both Design Compiler (DC) and Synplify-Pro. This paper examines in detail the synthesizable subset of SystemVerilog for ASIC and FPGA designs, and presents the advantages of using these constructs over traditional Verilog. Readers will take away from this paper new RTL modeling skills that will indeed enable modeling with fewer lines of code, while at the same time reducing potential design errors and achieving high synthesis Quality of Results (QoR). Target audience: Engineers involved in RTL design and synthesis, targeting ASIC and FPGA implementations. Note: The information in this paper is based on Synopsys Design Compiler (also called HDL Compiler) version 2012.06-SP4 and Synopsys Synplify-Pro version 2012.09-SP1. These were the most current released versions available at the time this paper was written. SNUG Silicon Valley 2013 1 Synthesizing SystemVerilog Table of Contents 1. Data types .................................................................................................................................4
    [Show full text]