Safe Dynamic Memory Management in Ada and SPARK
|
|
- Lily Walton
- 5 years ago
- Views:
Transcription
1 Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej, Tucker Taft, Yannick Moy AdaCore Ada-Europe June 19, 2018 Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 1/28
2 Why Try To Verify Use of Pointers? Automatic storage management Control unknown aliasing of names Use pointers in SPARK for formal verification How? Implement a variant of pointer Ownership Inspired from Rust Concurrent-Read-Exclusive-Write (CREW) policy Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 2/28
3 Quick Reminder 1/2 Named types: type Int Ptr is access Integer; X : Int Ptr; Anonymous types: Y : access Integer; General access types type Int Cst Ptr is access constant Integer; type Int Cst Ptr is access all Integer; Pool-specific access types No general access modifier appears Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 3/28
4 Quick Reminder 2/2 Access types X : Int Ptr; Composite types type Rec is record Data : Int Ptr; end record By-copy types Parameter passed by copy By-reference types Parameter passed by reference: a view on the actual parameter Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 4/28
5 Motivating Example: Swap Pointers 1 t y p e I n t P t r i s a c c e s s I n t e g e r ; 2 3 p r o c e d u r e Swap ( X Param, Y Param : i n o u t I n t P t r ) i s 4 Tmp : I n t P t r := X Param ; 5 b e g i n Dangling refs? 6 X Param : = Y Param ; 7 Y Param : = Tmp ; 8 end Swap ; Storage leaks? 9 10 X : I n t P t r := new I n t e g e r ; 11 Y : I n t P t r := new I n t e g e r ; Swap (X, Y) ; Correct result? Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 5/28
6 Pointer Ownership: Overview Idea: No more than one owning pointer to a given object Constraints: Composite types are by-reference types Always passed by reference Access types are pool-specific types Cannot point to stack Goal: Automatic storage management Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 6/28
7 Pointer Ownership: Overview Idea: No more than one owning pointer to a given object Constraints: Composite types are by-reference types Always passed by reference Access types are pool-specific types Cannot point to stack Goal: Automatic storage management Operations Move complete transfer of the ownership Borrow temporary transfer of the ownership Observe no owning object Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 6/28
8 Pointer Ownership: Overview Idea: No more than one owning pointer to a given object Constraints: Composite types are by-reference types Always passed by reference Access types are pool-specific types Cannot point to stack Goal: Automatic storage management Operations Move Borrow Observe Objects states Unrestricted Read Write Observed Read Only Borrowed No Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 6/28
9 Contents 1 Moving Operations 2 Borrowing Operations 3 Observing Operations 4 Formal Verification in SPARK 5 Conclusion Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 7/28
10 Moving Operations Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 8/28
11 Moving Access Values When: Assignment to named variables or return objects parameters of mode out/in-out Example: Y : Int Ptr; X : Int Ptr := Y; Conditions X, Y of named type X, Y unrestricted Results X unrestricted Old storage of X deallocated Y unrestricted, null Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 9/28
12 Moving Composite Types When: Assignment to variables or return objects parameters of mode out/in-out Example: R : Rec := (...); S : Rec := (...); S := R; Conditions R, S unrestricted Results S unrestricted Old S components deallocated R unrestricted; components null Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 10/28
13 Borrowing Operations Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 11/28
14 Borrowing Access Values When: Initializing in parameters stand-alone anonymous objects constants of an access-to-variable type Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 12/28
15 Borrowing Access Values When: Initializing in parameters stand-alone anonymous objects constants of an access-to-variable type Example: procedure f(x Param : in Int Ptr); f(x); Conditions X Param of mode in; access-to-variable type X unrestricted Results X Param unrestricted X borrowed Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 12/28
16 Borrowing Access Values When: Initializing in parameters anonymous stand-alone objects constants of an access-to-variable type Example: X : access Integer := Y Conditions X of an anonymous access-to-variable type Y unrestricted Results X unrestricted Y borrowed Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 13/28
17 Borrowing Access Values When: Initializing in parameters anonymous stand-alone objects constants of an access-to-variable type Example: X : access Integer := Y Conditions X of an anonymous access-to-variable type Y unrestricted Results X unrestricted Y borrowed Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 13/28
18 Borrowing Composite Objects When: Passing parameters of mode out or in-out Example: procedure f(x Param : in out Rec); f(x); Conditions X Param of mode in-out X passed by-reference Results X Param unrestricted X borrowed Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 14/28
19 Observing Operations Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 15/28
20 Observing Access Values When: Initializing in parameters anonymous stand-alone objects of an access-to-constant type Example: X : access constant Integer := Y; Conditions X of an anonymous access-to-constant type Y unrestricted or observed Results X observed Read Only Y observed Read Only Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 16/28
21 Observing Access Values When: Initializing in parameters anonymous stand-alone objects of an access-to-constant type Example: X : access constant Integer := Y; Conditions X of an anonymous access-to-constant type Y unrestricted or observed Results X observed Read Only Y observed Read Only Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 16/28
22 Observing Composite Types When: Initializing constant stand-alone objects parameters of mode in Example: procedure f(x Param : in Rec); f(x); Conditions X Param of mode in X passed by-reference Results X Param observed RO X observed RO Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 17/28
23 Observing Composite Types When: Initializing constant stand-alone objects parameters of mode in Example: procedure f(x Param : in Rec); f(x); Conditions X Param of mode in X passed by-reference Results X Param observed RO X observed RO Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 17/28
24 Example Cont d: Swap Pointers 1 t y p e I n t P t r i s a c c e s s I n t e g e r ; 2 3 p r o c e d u r e Swap ( X Param, Y Param : i n o u t I n t P t r ) i s 4 Tmp : Int Ptr := X Param ; 5 b e g i n 6 X Param := Y Param ; 7 Y Param := Tmp ; 8 end Swap ; 9 10 X : I n t P t r := new I n t e g e r ; 11 Y : I n t P t r := new I n t e g e r ; Swap ( X, Y ) ; Tmp is the new owning object No dangling reference, cannot dereference the old value of X Param Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 18/28
25 Formal Verification in SPARK Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 19/28
26 SPARK - What it is? A programming language A subset of Ada, designed for static verification Additional features to enhance program specification Ada SP ARK Ada F eatures outside the SP ARK subset Core language common to Ada and SP ARK Additional SP ARK aspects A set of program verification tools Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 20/28
27 Why Aliasing Matters in SPARK? 1 t y p e I n t P t r i s a c c e s s I n t e g e r ; 2 3 p r o c e d u r e Add One ( X Param, Y Param : i n I n t P t r ) w ith 4 P o s t => X Param. a l l = X Param. a l l Old and Y Param. a l l = Y Param. a l l Old i s 7 b e g i n 8 X Param. a l l := X Param. a l l + 1 ; 9 Y Param. a l l := Y Param. a l l + 1 ; 10 end Add One ; Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 21/28
28 Why Aliasing Matters in SPARK? 1 t y p e I n t P t r i s a c c e s s I n t e g e r ; 2 3 p r o c e d u r e Add One ( X Param, Y Param : i n I n t P t r ) w ith 4 P o s t => X Param. a l l = X Param. a l l Old and Y Param. a l l = Y Param. a l l Old i s 7 b e g i n 8 X Param. a l l := X Param. a l l + 1 ; 9 Y Param. a l l := Y Param. a l l + 1 ; 10 end Add One ; If SPARK ignored aliasing: 1 X : I n t P t r := new I n t e g e r ( 3 ) ; 2 (... ) 3 4 Add One (X, X) ; 5 pragma A s s e r t (X. a l l = 4) ; i n c o r r e c t a s s e r t i o n Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 21/28
29 With Ownership Types: Alias Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 22/28
30 With Ownership Types: Alias Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 23/28
31 With Ownership Types: Alias Free Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 24/28
32 Conclusion Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 25/28
33 Conclusion Pointer Ownership Approach Inspired from Rust Safe pointers w.r.t to CREW policy: full ownership (read/write access); partial ownership (read-only access) Pointer Ownership Goals For Ada No storage leaks No dangling references For SPARK No hidden aliasing Can verify correctness of algorithms Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 26/28
34 Supporting Pointers in SPARK: Steps Borrowing Safe Pointers From Rust to SPARK 1 SPARK Formal Verification: Prototype SPARK Formal Verification: In Production Access Value Ownership 2 Ada 2020? Georges-Axel Jaloyan, Yannick Moy, and Andrei Paskevich. Borrowing Safe Pointers From Rust in SPARK url: 2 AdaCore. Access value ownership and parameter aliasing url: Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 27/28
35 Questions? Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 28/28
Safe Dynamic Memory Management in Ada and SPARK
Safe Dynamic Memory Management in Ada and SPARK Maroua Maalej 1, Tucker Taft 2, Yannick Moy 1 1 AdaCore Paris, France maalej@adacore.com, moy@adacore.com 2 Adacore New York, USA taft@adacore.com Abstract.
More informationMemory and Addresses. Pointers in C. Memory is just a sequence of byte-sized storage devices.
Memory and Addresses Memory is just a sequence of byte-sized storage devices. 1 The bytes are assigned numeric addresses, starting with zero, just like the indexing of the cells of an array. It is the
More informationLecture 14. No in-class files today. Homework 7 (due on Wednesday) and Project 3 (due in 10 days) posted. Questions?
Lecture 14 No in-class files today. Homework 7 (due on Wednesday) and Project 3 (due in 10 days) posted. Questions? Friday, February 11 CS 215 Fundamentals of Programming II - Lecture 14 1 Outline Static
More informationHybrid Verification in SPARK 2014: Combining Formal Methods with Testing
IEEE Software Technology Conference 2015 Hybrid Verification in SPARK 2014: Combining Formal Methods with Testing Steve Baird Senior Software Engineer Copyright 2014 AdaCore Slide: 1 procedure Array_Indexing_Bug
More informationCSE 307: Principles of Programming Languages
CSE 307: Principles of Programming Languages Variables and Constants R. Sekar 1 / 22 Topics 2 / 22 Variables and Constants Variables are stored in memory, whereas constants need not be. Value of variables
More informationCMSC 330: Organization of Programming Languages. Ownership, References, and Lifetimes in Rust
CMSC 330: Organization of Programming Languages Ownership, References, and Lifetimes in Rust CMSC330 Spring 2018 1 Memory: the Stack and the Heap The stack constant-time, automatic (de)allocation Data
More information1. Which of the following best describes the situation after Line 1 has been executed?
Instructions: Submit your answers to these questions to the Curator as OQ3 by the posted due date and time. No late submissions will be accepted. For the next three questions, consider the following short
More informationHoare logic. A proof system for separation logic. Introduction. Separation logic
Introduction Hoare logic Lecture 6: Examples in separation logic In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing separation logic.
More informationSafe Pointers in SPARK 2014.
Master 2 Internship Report - MPRI 20 March 2017-4 August 2017 Safe Pointers in SPARK 2014. arxiv:1710.07047v1 [cs.pl] 19 Oct 2017 Author: Georges-Axel Jaloyan AdaCore École normale supérieure Supervisor:
More informationPointers. A pointer value is the address of the first byte of the pointed object in the memory. A pointer does not know how many bytes it points to.
Pointers A pointer is a memory address of an object of a specified type, or it is a variable which keeps such an address. Pointer properties: P (pointer) 12316 12316 (address) Typed object A pointer value
More informationAda 2012, SPARK 2014, and Combining Proof and Test!
Presentation cover page EU Ada 2012, SPARK 2014, and Combining Proof and Test! Tucker Taft AdaCore Inc Languages and Tools for High Integrity Bergen, Norway February, 2014 www.adacore.com Cost of testing
More informationTypes and Type Inference
CS 242 2012 Types and Type Inference Notes modified from John Mitchell and Kathleen Fisher Reading: Concepts in Programming Languages, Revised Chapter 6 - handout on Web!! Outline General discussion of
More informationo Code, executable, and process o Main memory vs. virtual memory
Goals for Today s Lecture Memory Allocation Prof. David August COS 217 Behind the scenes of running a program o Code, executable, and process o Main memory vs. virtual memory Memory layout for UNIX processes,
More informationApplied Unified Ownership. Capabilities for Sharing Across Threads
Applied Unified Ownership or Capabilities for Sharing Across Threads Elias Castegren Tobias Wrigstad DRF transfer parallel programming AppliedUnified Ownership memory management placement in pools (previous
More informationPOINTERS - Pointer is a variable that holds a memory address of another variable of same type. - It supports dynamic allocation routines. - It can improve the efficiency of certain routines. C++ Memory
More informationStorage. Outline. Variables and Updating. Composite Variables. Storables Lifetime : Programming Languages. Course slides - Storage
Storage 1 Variables and Updating Outline Composite Variables Total and selective updating Array variables Storables Lifetime Local and global variables Heap variables Persistent variables Garbage collection
More informationINITIALISING POINTER VARIABLES; DYNAMIC VARIABLES; OPERATIONS ON POINTERS
INITIALISING POINTER VARIABLES; DYNAMIC VARIABLES; OPERATIONS ON POINTERS Pages 792 to 800 Anna Rakitianskaia, University of Pretoria INITIALISING POINTER VARIABLES Pointer variables are declared by putting
More informationDesign Issues. Subroutines and Control Abstraction. Subroutines and Control Abstraction. CSC 4101: Programming Languages 1. Textbook, Chapter 8
Subroutines and Control Abstraction Textbook, Chapter 8 1 Subroutines and Control Abstraction Mechanisms for process abstraction Single entry (except FORTRAN, PL/I) Caller is suspended Control returns
More information18-642: Code Style for Compilers
18-642: Code Style for Compilers 9/6/2018 2017-2018 Philip Koopman Programming can be fun, so can cryptography; however they should not be combined. Kreitzberg and Shneiderman 2017-2018 Philip Koopman
More informationInstructions: Submit your answers to these questions to the Curator as OQ02 by the posted due date and time. No late submissions will be accepted.
Instructions: Submit your answers to these questions to the Curator as OQ02 by the posted due date and time. No late submissions will be accepted. For the next five questions, consider the function to
More informationOperators. The Arrow Operator. The sizeof Operator
Operators The Arrow Operator Most C++ operators are identical to the corresponding Java operators: Arithmetic: * / % + - Relational: < = >!= Logical:! && Bitwise: & bitwise and; ^ bitwise exclusive
More informationHoare Logic and Model Checking
Hoare Logic and Model Checking Kasper Svendsen University of Cambridge CST Part II 2016/17 Acknowledgement: slides heavily based on previous versions by Mike Gordon and Alan Mycroft Introduction In the
More informationGuaranteeing memory safety in Rust
Guaranteeing memory safety in Rust Nicholas D. Matsakis Mozilla Research 1 Hashtable in C / C++ template struct Hashtable { Bucket *buckets; unsigned num_buckets; template
More informationDynamic Allocation in C
Dynamic Allocation in C C Pointers and Arrays 1 The previous examples involved only targets that were declared as local variables. For serious development, we must also be able to create variables dynamically,
More informationHoare Logic and Model Checking. A proof system for Separation logic. Introduction. Separation Logic
Introduction Hoare Logic and Model Checking In the previous lecture we saw the informal concepts that Separation Logic is based on. Kasper Svendsen University of Cambridge CST Part II 2016/17 This lecture
More informationPointers, Arrays and Parameters
Pointers, Arrays and Parameters This exercise is different from our usual exercises. You don t have so much a problem to solve by creating a program but rather some things to understand about the programming
More informationMemory Leak. C++: Memory Problems. Memory Leak. Memory Leak. Pointer Ownership. Memory Leak
Memory Leak C++ Memory Problems or When Good Memory Goes Bad A bug in a program that prevents it from freeing up memory that it no longer needs. As a result, the program grabs more and more memory until
More informationOn 17 June 2006, the editor provided the following list via an to the convener:
ISO/IEC JTC 1/SC 22/WG 9 N 471 List of AIs Approved per Resolution 50-8 James W. Moore, Convener 23 June 2006 Resolution 50-8 reads as follows: "Noting WG9's approval of the amendment to ISO/IEC 8652 and
More informationTypes and Type Inference
Types and Type Inference Mooly Sagiv Slides by Kathleen Fisher and John Mitchell Reading: Concepts in Programming Languages, Revised Chapter 6 - handout on the course homepage Outline General discussion
More informationFormal semantics and other research around Spark2014
Formal semantics and other research around Spark2014 Virginia Aponte, Pierre Courtieu, Tristan Crolard (CPR Team - Cnam) Zhi Zhang (SAnToS, KSU) November 2014 Aponte, Courtieu, Crolard, Zhang Formal semantics
More informationCS 330 Lecture 18. Symbol table. C scope rules. Declarations. Chapter 5 Louden Outline
CS 0 Lecture 8 Chapter 5 Louden Outline The symbol table Static scoping vs dynamic scoping Symbol table Dictionary associates names to attributes In general: hash tables, tree and lists (assignment ) can
More informationAdvances in Programming Languages
Advances in Programming Languages Lecture 18: Concurrency and More in Rust Ian Stark School of Informatics The University of Edinburgh Friday 24 November 2016 Semester 1 Week 10 https://blog.inf.ed.ac.uk/apl16
More informationLecture 11: Subprograms & their implementation. Subprograms. Parameters
Lecture 11: Subprograms & their implementation Subprograms Parameter passing Activation records The run-time stack Implementation of static and dynamic scope rules Subprograms A subprogram is a piece of
More informationCode Generation II. Code generation for OO languages. Object layout Dynamic dispatch. Parameter-passing mechanisms Allocating temporaries in the AR
Code Generation II Code generation for OO languages Object layout Dynamic dispatch Parameter-passing mechanisms Allocating temporaries in the AR Object Layout OO implementation = Stuff from last lecture
More informationPointers, Dynamic Data, and Reference Types
Pointers, Dynamic Data, and Reference Types Review on Pointers Reference Variables Dynamic Memory Allocation The new operator The delete operator Dynamic Memory Allocation for Arrays 1 C++ Data Types simple
More informationChapter-11 POINTERS. Important 3 Marks. Introduction: Memory Utilization of Pointer: Pointer:
Chapter-11 POINTERS Introduction: Pointers are a powerful concept in C++ and have the following advantages. i. It is possible to write efficient programs. ii. Memory is utilized properly. iii. Dynamically
More informationCMSC 330: Organization of Programming Languages. Memory Management and Garbage Collection
CMSC 330: Organization of Programming Languages Memory Management and Garbage Collection CMSC330 Fall 2018 1 Memory Attributes Memory to store data in programming languages has the following lifecycle
More informationPrinciples of Programming Languages
Principles of Programming Languages h"p://www.di.unipi.it/~andrea/dida2ca/plp- 14/ Prof. Andrea Corradini Department of Computer Science, Pisa Lesson 23! Type systems Type safety Type checking Equivalence,
More informationCSC 211 Intermediate Programming. Arrays & Pointers
CSC 211 Intermediate Programming Arrays & Pointers 1 Definition An array a consecutive group of memory locations that all have the same name and the same type. To create an array we use a declaration statement.
More informationCS 5523 Operating Systems: Midterm II - reivew Instructor: Dr. Tongping Liu Department Computer Science The University of Texas at San Antonio
CS 5523 Operating Systems: Midterm II - reivew Instructor: Dr. Tongping Liu Department Computer Science The University of Texas at San Antonio Fall 2017 1 Outline Inter-Process Communication (20) Threads
More informationCompiler Construction
Compiler Construction Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ss-16/cc/ Recap: Static Data Structures Outline of Lecture 18 Recap:
More informationChapter 9 :: Subroutines and Control Abstraction
Chapter 9 :: Subroutines and Control Abstraction Programming Language Pragmatics, Fourth Edition Michael L. Scott Copyright 2016 Elsevier 1 Chapter09_Subroutines_and_Control_Abstraction_4e - Tue November
More informationMidterm Review. PIC 10B Spring 2018
Midterm Review PIC 10B Spring 2018 Q1 What is size t and when should it be used? A1 size t is an unsigned integer type used for indexing containers and holding the size of a container. It is guarenteed
More informationCMSC 330: Organization of Programming Languages
CMSC 330: Organization of Programming Languages Memory Management and Garbage Collection CMSC 330 - Spring 2013 1 Memory Attributes! Memory to store data in programming languages has the following lifecycle
More informationPointers and Dynamic Memory Allocation
Pointers and Dynamic Memory Allocation ALGORITHMS & DATA STRUCTURES 9 TH SEPTEMBER 2014 Last week Introduction This is not a course about programming: It s is about puzzling. well.. Donald Knuth Science
More informationPointers! Arizona State University 1
Pointers! CSE100 Principles of Programming with C++, Fall 2018 (based off Chapter 10 slides by Pearson) Ryan Dougherty Arizona State University http://www.public.asu.edu/~redoughe/ Arizona State University
More informationProgramming Languages Third Edition. Chapter 7 Basic Semantics
Programming Languages Third Edition Chapter 7 Basic Semantics Objectives Understand attributes, binding, and semantic functions Understand declarations, blocks, and scope Learn how to construct a symbol
More informationLECTURE 19. Subroutines and Parameter Passing
LECTURE 19 Subroutines and Parameter Passing ABSTRACTION Recall: Abstraction is the process by which we can hide larger or more complex code fragments behind a simple name. Data abstraction: hide data
More informationPointers. Memory. void foo() { }//return
Pointers Pointers Every location in memory has a unique number assigned to it called it s address A pointer is a variable that holds a memory address A pointer can be used to store an object or variable
More informationCSC 1600 Memory Layout for Unix Processes"
CSC 16 Memory Layout for Unix Processes" 1 Lecture Goals" Behind the scenes of running a program" Code, executable, and process" Memory layout for UNIX processes, and relationship to C" : code and constant
More informationCompiler Construction
Compiler Construction Lecture 18: Code Generation V (Implementation of Dynamic Data Structures) Thomas Noll Lehrstuhl für Informatik 2 (Software Modeling and Verification) noll@cs.rwth-aachen.de http://moves.rwth-aachen.de/teaching/ss-14/cc14/
More informationProgramming Languages
Programming Languages Tevfik Koşar Lecture - XX April 4 th, 2006 1 Roadmap Subroutines Allocation Strategies Calling Sequences Parameter Passing Generic Subroutines Exception Handling Co-routines 2 1 Review
More informationDEBUGGING: STATIC ANALYSIS
DEBUGGING: STATIC ANALYSIS WS 2017/2018 Martina Seidl Institute for Formal Models and Verification Deduction Techniques (1/2) basic idea: reasoning from abstract program to concrete program runs (program
More informationChapter 8 :: Subroutines and Control Abstraction. Final Test. Final Test Review Tomorrow
Chapter 8 :: Subroutines and Control Abstraction Programming Language Pragmatics Michael L. Scott Administrative Notes Final Test Thursday, August 3 2006 at 11:30am No lecture before or after the mid-term
More informationChap. 8 :: Subroutines and Control Abstraction
Chap. 8 :: Subroutines and Control Abstraction Michael L. Scott Programming Language Theory 2015, kkman@sangji.ac.kr 1 Review Of Stack Layout Allocation strategies Static Code Globals Own variables Explicit
More informationDynamic Memory Allocation
Dynamic Memory Allocation Lecture 15 COP 3014 Fall 2017 November 6, 2017 Allocating memory There are two ways that memory gets allocated for data storage: 1. Compile Time (or static) Allocation Memory
More informationStorage. Outline. Variables and updating. Copy vs. Ref semantics Lifetime. Dangling References Garbage collection
Storage 1 Variables and updating Outline Copy vs. Ref semantics Lifetime Local and global variables Heap variables Persistent variables Dangling References Garbage collection 2 Variables and Updating Variable:
More informationLab 3. Pointers Programming Lab (Using C) XU Silei
Lab 3. Pointers Programming Lab (Using C) XU Silei slxu@cse.cuhk.edu.hk Outline What is Pointer Memory Address & Pointers How to use Pointers Pointers Assignments Call-by-Value & Call-by-Address Functions
More informationPointers. Lecture 1 Sections Robb T. Koether. Hampden-Sydney College. Wed, Jan 14, 2015
Pointers Lecture 1 Sections 10.1-10.2 Robb T. Koether Hampden-Sydney College Wed, Jan 14, 2015 Robb T. Koether (Hampden-Sydney College) Pointers Wed, Jan 14, 2015 1 / 23 1 Pointers 2 Pointer Initialization
More informationStructure of Programming Languages Lecture 10
Structure of Programming Languages Lecture 10 CS 6636 4536 Spring 2017 CS 6636 4536 Lecture 10: Classes... 1/23 Spring 2017 1 / 23 Outline 1 1. Types Type Coercion and Conversion Type Classes, Generics,
More informationProblem. Indexing with B-trees. Indexing. Primary Key Indexing. B-trees: Example. B-trees. primary key indexing
15-82 Advanced Topics in Database Systems Performance Problem Given a large collection of records, Indexing with B-trees find similar/interesting things, i.e., allow fast, approximate queries 2 Indexing
More informationObject-Oriented Principles and Practice / C++
Object-Oriented Principles and Practice / C++ Alice E. Fischer September 26, 2016 OOPP / C++ Lecture 4... 1/33 Global vs. Class Static Parameters Move Semantics OOPP / C++ Lecture 4... 2/33 Global Functions
More informationDynamic Allocation in C
Dynamic Allocation in C 1 The previous examples involved only targets that were declared as local variables. For serious development, we must also be able to create variables dynamically, as the program
More informationIntermediate Programming, Spring 2017*
600.120 Intermediate Programming, Spring 2017* Misha Kazhdan *Much of the code in these examples is not commented because it would otherwise not fit on the slides. This is bad coding practice in general
More informationSE352b: Roadmap. SE352b Software Engineering Design Tools. W3: Programming Paradigms
SE352b Software Engineering Design Tools W3: Programming Paradigms Feb. 3, 2005 SE352b, ECE,UWO, Hamada Ghenniwa SE352b: Roadmap CASE Tools: Introduction System Programming Tools Programming Paradigms
More informationTypes, Type Inference and Unification
Types, Type Inference and Unification Mooly Sagiv Slides by Kathleen Fisher and John Mitchell Cornell CS 6110 Summary (Functional Programming) Lambda Calculus Basic ML Advanced ML: Modules, References,
More information0. Overview of this standard Design entities and configurations... 5
Contents 0. Overview of this standard... 1 0.1 Intent and scope of this standard... 1 0.2 Structure and terminology of this standard... 1 0.2.1 Syntactic description... 2 0.2.2 Semantic description...
More informationSubroutines. Subroutine. Subroutine design. Control abstraction. If a subroutine does not fit on the screen, it is too long
Subroutines Subroutine = procedure (statement) - no return value - side effects function (expression) - return value - (no side effects in some languages) Subroutine Control abstraction Subroutine design
More informationVerification & Validation of Open Source
Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open
More informationProcedural programming with C
Procedural programming with C Dr. C. Constantinides Department of Computer Science and Software Engineering Concordia University Montreal, Canada August 11, 2016 1 / 77 Functions Similarly to its mathematical
More informationPointer Basics. Lecture 13 COP 3014 Spring March 28, 2018
Pointer Basics Lecture 13 COP 3014 Spring 2018 March 28, 2018 What is a Pointer? A pointer is a variable that stores a memory address. Pointers are used to store the addresses of other variables or memory
More informationA3. Programming Languages for Writing Safety-Critical Software
A3. Programming Languages for Writing Safety-Critical Software (a) Overview. (b) SPARK Ada. Critical Systems, CS 411, Lent term 2002, Sec. A3 A3-1 (a) Overview Important Factors for Programming Languages
More informationC++11 and Compiler Update
C++11 and Compiler Update John JT Thomas Sr. Director Application Developer Products About this Session A Brief History Features of C++11 you should be using now Questions 2 Bjarne Stroustrup C with Objects
More informationChapter 9 Subprograms
Chapter 9 Subprograms We now explore the design of subprograms, including parameter-passing methods, local referencing environment, overloaded subprograms, generic subprograms, and the aliasing and problematic
More informationHomework #3 CS2255 Fall 2012
Homework #3 CS2255 Fall 2012 MULTIPLE CHOICE 1. The, also known as the address operator, returns the memory address of a variable. a. asterisk ( * ) b. ampersand ( & ) c. percent sign (%) d. exclamation
More informationCMSC 330: Organization of Programming Languages
CMSC 330: Organization of Programming Languages Memory Management and Garbage Collection CMSC 330 Spring 2017 1 Memory Attributes Memory to store data in programming languages has the following lifecycle
More informationCSCI-1200 Data Structures Fall 2011 Lecture 24 Garbage Collection & Smart Pointers
CSCI-1200 Data Structures Fall 2011 Lecture 24 Garbage Collection & Smart Pointers Review from Lecture 23 Basic exception mechanisms: try/throw/catch Functions & exceptions, constructors & exceptions Today
More informationAn Operational and Axiomatic Semantics for Non-determinism and Sequence Points in C
An Operational and Axiomatic Semantics for Non-determinism and Sequence Points in C Robbert Krebbers Radboud University Nijmegen January 22, 2014 @ POPL, San Diego, USA 1 / 16 What is this program supposed
More informationGreen Hills Software, Inc.
Green Hills Software, Inc. A Safe Tasking Approach to Ada95 Jim Gleason Engineering Manager Ada Products 5.0-1 Overview Multiple approaches to safe tasking with Ada95 No Tasking - SPARK Ada95 Restricted
More information04-19 Discussion Notes
04-19 Discussion Notes PIC 10B Spring 2018 1 Constructors and Destructors 1.1 Copy Constructor The copy constructor should copy data. However, it s not this simple, and we need to make a distinction here
More informationIntermediate Programming, Spring 2017*
600.120 Intermediate Programming, Spring 2017* Misha Kazhdan *Much of the code in these examples is not commented because it would otherwise not fit on the slides. This is bad coding practice in general
More informationChapter 5 Names, Binding, Type Checking and Scopes
Chapter 5 Names, Binding, Type Checking and Scopes Names - We discuss all user-defined names here - Design issues for names: -Maximum length? - Are connector characters allowed? - Are names case sensitive?
More informationCS 314 Principles of Programming Languages. Lecture 13
CS 314 Principles of Programming Languages Lecture 13 Zheng Zhang Department of Computer Science Rutgers University Wednesday 19 th October, 2016 Zheng Zhang 1 CS@Rutgers University Class Information Reminder:
More informationVariation of Pointers
Variation of Pointers A pointer is a variable whose value is the address of another variable, i.e., direct address of the memory location. Like any variable or constant, you must declare a pointer before
More informationIronclad C++ A Library-Augmented Type-Safe Subset of C++
Ironclad C++ A Library-Augmented Type-Safe Subset of C++ Christian DeLozier, Richard Eisenberg, Peter-Michael Osera, Santosh Nagarakatte*, Milo M. K. Martin, and Steve Zdancewic October 30, 2013 University
More informationCode Generation & Parameter Passing
Code Generation & Parameter Passing Lecture Outline 1. Allocating temporaries in the activation record Let s optimize our code generator a bit 2. A deeper look into calling sequences Caller/Callee responsibilities
More informationC Pointers. 6th April 2017 Giulio Picierro
C Pointers 6th April 07 Giulio Picierro Functions Return type Function name Arguments list Function body int sum(int a, int b) { return a + b; } Return statement (return keyword
More informationCPSC 3740 Programming Languages University of Lethbridge. Data Types
Data Types A data type defines a collection of data values and a set of predefined operations on those values Some languages allow user to define additional types Useful for error detection through type
More informationReferences and pointers
References and pointers Pointers are variables whose value is a reference, i.e. an address of a store location. Early languages (Fortran, COBOL, Algol 60) had no pointers; added to Fortran 90. In Pascal,
More informationDynamic Allocation of Memory
Dynamic Allocation of Memory Lecture 4 Sections 10.9-10.10 Robb T. Koether Hampden-Sydney College Fri, Jan 25, 2013 Robb T. Koether (Hampden-Sydney College) Dynamic Allocation of Memory Fri, Jan 25, 2013
More informationPrinciples of Programming Languages
Principles of Programming Languages Lecture 10 Variables and Assignment 1 Variable Variable (Math) (CS) Math π CS pi symbol 3.1415828 R definite singular description 3.14 referent symbol R indefinite singular
More informationOlder geometric based addressing is called CHS for cylinder-head-sector. This triple value uniquely identifies every sector.
Review: On Disk Structures At the most basic level, a HDD is a collection of individually addressable sectors or blocks that are physically distributed across the surface of the platters. Older geometric
More informationPointers (1A) Young Won Lim 1/9/18
Pointers (1A) Copyright (c) 2010-2017 Young W. Lim. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later
More informationPointers (1A) Young Won Lim 1/5/18
Pointers (1A) Copyright (c) 2010-2017 Young W. Lim. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later
More informationData Types (cont.) Subset. subtype in Ada. Powerset. set of in Pascal. implementations. CSE 3302 Programming Languages 10/1/2007
CSE 3302 Programming Languages Data Types (cont.) Chengkai Li Fall 2007 Subset U = { v v satisfies certain conditions and v V} Ada subtype Example 1 type Digit_Type is range 0..9; subtype IntDigit_Type
More informationReminder of the last lecture. Aliasing Issues: Call by reference, Pointer programs. Introducing Aliasing Issues. Home Work from previous lecture
Reminder of the last lecture Aliasing Issues: Call by reference, Pointer programs Claude Marché Cours MPRI 2-36-1 Preuve de Programme 18 janvier 2017 Additional features of the specification language Abstract
More informationProving Security Properties in Software of Unknown Provenance
DEPENDABLE COMPUTING Proving Security Properties in Software of Unknown Provenance SOUND STATIC ANALYSIS FOR SECURITY WORKSHOP Ashlie B. Hocking 1 2018 June 2017 In collaboration with: Ben Rodes 1, John
More informationObject-Oriented Principles and Practice / C++
Object-Oriented Principles and Practice / C++ Alice E. Fischer May 13, 2013 OOPP / C++ Lecture 7... 1/27 Construction and Destruction Allocation and Deallocation Move Semantics Template Classes Example:
More informationOn the C11 Memory Model and a Program Logic for C11 Concurrency
On the C11 Memory Model and a Program Logic for C11 Concurrency Manuel Penschuck Aktuelle Themen der Softwaretechnologie Software Engineering & Programmiersprachen FB 12 Goethe Universität - Frankfurt
More informationHeap, Variables, References, and Garbage. CS152. Chris Pollett. Oct. 13, 2008.
Heap, Variables, References, and Garbage. CS152. Chris Pollett. Oct. 13, 2008. Outline. Dynamic Allocation. Variables and Constants. Aliases and Problems. Garbage. Introduction. On Wednesday, we were talking
More information