Mechanising a type-safe model of multithreaded Java with a verified compiler
Size: px
Start display at page:

Download "Mechanising a type-safe model of multithreaded Java with a verified compiler"

Transcription

1 Mechanising a type-safe model of multithreaded Java with a verified compiler Andreas Lochbihler Digital Asset (Switzerland) GmbH

2 Andreas Lochbihler 2 = Isabelle λ β HOL α

3 Andreas Lochbihler 3 Timeline Java light 1998 today

4 Andreas Lochbihler 4 Timeline Java light µjava today

5 Andreas Lochbihler 5 Timeline Java light µjava Jinja today

6 Timeline Java light µjava Jinja today Bali Type Safety? Operational Semantics Type System Object Model Well-Formedness Compiler Operational Semantics Type System Memory model Well-Formedness Syntax BALI JAV A Correctness? Bytecode BVM JVM Andreas Lochbihler 6

7 Timeline Java light µjava Jinja JinjaThreads today Bali Type Safety? Concurrency Operational Semantics Type System Object Model Well-Formedness Syntax BALI JAV A Compiler Correctness? Operational Semantics Type System Memory model Well-Formedness Bytecode BVM JVM + threads synchronisation mechanisms Java memory model Andreas Lochbihler 7

8 Andreas Lochbihler 8 From Jinja to JinjaThreads big-step semantics equivalence small-step semantics type safety type system source code declarations & lookup Jinja verified compiler stage 1 stage 2 general infrastructure virtual machine type safety bytecode verifier bytecode subtyping

9 Andreas Lochbihler 9 From Jinja to JinjaThreads concurrent semantics DRF, type safety interleaving scheduler Java memory model big-step semantics equivalence small-step semantics type safety type system source code JinjaThreads verified compiler stage 1 stage 2 virtual machine type safety bytecode verifier bytecode declarations & lookup native methods subtyping general infrastructure

10 Andreas Lochbihler 10 From Jinja to JinjaThreads concurrent semantics DRF, type safety interleaving scheduler Java memory model big-step semantics equivalence small-step semantics type safety type system source code JinjaThreads verified compiler stage 1 stage 2 virtual machine type safety bytecode verifier bytecode declarations & lookup native methods subtyping = executable general infrastructure

11 Andreas Lochbihler 11 From Jinja to JinjaThreads concurrent semantics DRF, type safety interleaving scheduler Java memory model big-step semantics equivalence small-step semantics type safety type system source code JinjaThreads verified compiler stage 1 stage 2 virtual machine type safety bytecode verifier bytecode declarations & lookup native methods subtyping = executable general infrastructure

12 Andreas Lochbihler 12 Semantics in layers Java memory model set of well-formed candidate executions operational semantics shared memory

13 Andreas Lochbihler 13 Semantics in layers Java memory model set of well-formed candidate executions operational semantics shared memory allocation & type information

14 Andreas Lochbihler 14 Semantics in layers Java memory model set of well-formed candidate executions operational semantics t : α shared memory allocation & type information

15 Andreas Lochbihler 15 Semantics in layers Java memory model set of well-formed candidate executions thread communication operational semantics t : α shared memory allocation & type information

16 Andreas Lochbihler 16 Semantics in layers Java memory model set of well-formed candidate executions operational semantics thread communication t : α transition system t 1 :α 1 t 1 :α shared memory allocation & type information

17 Andreas Lochbihler 17 Semantics in layers Java memory model set of well-formed candidate executions operational semantics { [t1 : α 1, t 2 : α 2,...], [t 1 : α 1, t 2 : α 2,...], [t 1 : α 1, t 2 : α 2,...],... thread communication t : α paths in the transition system t 1 :α 1 t 1 :α shared memory allocation & type information

18 Andreas Lochbihler 18 Semantics in layers Java memory model legality constraints pair read and write ops set of well-formed candidate executions operational semantics { [t1 : α 1, t 2 : α 2,...], [t 1 : α 1, t 2 : α 2,...], legal [t 1 : α 1, t 2 : α 2,...],... thread communication t : α paths in the transition system t 1 :α 1 t 1 :α shared memory allocation & type information

19 Andreas Lochbihler 19 type safety = progress + preservation Let s reuse! Jinja Reuse the sequential type safety proof Lifting Use same lifting lemmas for source code and bytecode

20 Andreas Lochbihler 20 type safety = progress + preservation No stuck states What about deadlocks? Let s reuse! Jinja Reuse the sequential type safety proof Lifting Use same lifting lemmas for source code and bytecode

21 Andreas Lochbihler 21 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); g.notify(); Objects e f g Wait set: { { { Locked by: I III II

22 Andreas Lochbihler 22 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); Request lock on f g.notify(); Objects e f g Wait set: { { { Locked by: I III II

23 Andreas Lochbihler 23 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); g.notify(); Objects e f g Wait set: { { { Locked by: I I III II

24 Andreas Lochbihler 24 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); g.notify(); Request lock on g Objects e f g Wait set: { { { Locked by: I I III II

25 Andreas Lochbihler 25 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); g.notify(); Objects e f g Wait set: { { { Locked by: I II I III II

26 Andreas Lochbihler 26 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); g.notify(); Request lock on e Objects e f g Wait set: { { { Locked by: I II I III II

27 Andreas Lochbihler 27 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); g.notify(); Objects e f g Wait set: { { { Locked by: III I II I III II

28 Andreas Lochbihler 28 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); Request lock on g g.notify(); Objects e f g Wait set: { { { Locked by: III I II I III II

29 Andreas Lochbihler 29 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); Request lock on g g.notify(); Request lock on e Objects e f g Wait set: { { { Locked by: III I II I III II

30 Andreas Lochbihler 30 Java deadlock example Thread (I) Thread (II) Thread (III) g.wait(); Request lock on g g.notify(); Request lock on e Request lock on f Objects e f g Wait set: { { { Locked by: III I II I II Deadlock III

31 Andreas Lochbihler 31 Java deadlock example with monitors Thread (I) g.wait(); Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { { Locked by: I Z Z Z III II

32 Andreas Lochbihler 32 Java deadlock example with monitors Thread (I) g.wait(); Request lock on f Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { { Locked by: I Z Z Z III II

33 Andreas Lochbihler 33 Java deadlock example with monitors Thread (I) g.wait(); Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { { Locked by: I I Z Z Z III II

34 Andreas Lochbihler 34 Java deadlock example with monitors Thread (I) g.wait(); Request lock on g Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { { Locked by: I I Z Z Z III II

35 Andreas Lochbihler 35 Java deadlock example with monitors Thread (I) g.wait(); Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { { Locked by: I I I Z Z Z III II

36 Andreas Lochbihler 36 Java deadlock example with monitors Thread (I) g.wait(); Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { { Locked by: I I I Z Z Z III II

37 Andreas Lochbihler 37 Java deadlock example with monitors Thread (I) g.wait(); Wait on notify Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { {I Locked by: I I Z Z Z III II

38 Andreas Lochbihler 38 Java deadlock example with monitors Thread (I) g.wait(); Wait on notify Thread (II) g.notify(); Thread (III) Request lock on e Objects e f g Wait set: { { {I Locked by: I I Z Z Z III II

39 Andreas Lochbihler 39 Java deadlock example with monitors Thread (I) g.wait(); Wait on notify Thread (II) g.notify(); Thread (III) Objects e f g Wait set: { { {I Locked by: III I I Z Z Z III II

40 Andreas Lochbihler 40 Java deadlock example with monitors Thread (I) g.wait(); Wait on notify Thread (II) g.notify(); Thread (III) Request lock on f Objects e f g Wait set: { { {I Locked by: III I I Z Z Z III II

41 Andreas Lochbihler 41 Java deadlock example with monitors Thread (I) g.wait(); Wait on notify Thread (II) g.notify(); Request lock on g Thread (III) Request lock on f Objects e f g Wait set: { { {I Locked by: III I I Z Z Z III II

42 Andreas Lochbihler 42 Java deadlock example with monitors Thread (I) g.wait(); Wait on notify Thread (II) g.notify(); Thread (III) Request lock on f Objects e f g Wait set: { { {I Locked by: III I II I Z Z Z III II

43 Andreas Lochbihler 43 Java deadlock example with monitors Thread (I) g.wait(); Wait on notify Thread (II) g.notify(); Request lock on e Thread (III) Request lock on f Objects e f g Wait set: { { {I Locked by: III I II Z Z Z I II Deadlock III

44 Andreas Lochbihler 44 Deadlock computation Deadlock as a greatest fixpoint: Z Z Z I II III IV V VI VII VIII

45 Andreas Lochbihler 45 Deadlock computation Deadlock as a greatest fixpoint: Z Z Z I II III IV V VI VII VIII

46 Andreas Lochbihler 46 Deadlock computation Deadlock as a greatest fixpoint: Z Z Z I II III IV V VI VII VIII

47 Andreas Lochbihler 47 Deadlock computation Deadlock as a greatest fixpoint: Z Z Z I II III IV V VI VII VIII

48 Andreas Lochbihler 48 Deadlock computation Deadlock as a greatest fixpoint: Z Z Z I II III IV V VI VII VIII Threads in deadlock: IV, VII, VIII

49 Andreas Lochbihler 49 Deadlock computation Deadlock as a greatest fixpoint: Z Z Z I II III IV V VI VII VIII Threads in deadlock: IV, VII, VIII Formalised as a coinductive definition, independent of the language!

50 Andreas Lochbihler 50 Compiler correctness Compiler correctness source code compiler byte code iff

51 Andreas Lochbihler 51 Compiler correctness Compiler correctness source code compiler byte code iff Trace behaviour: result state non-termination deadlock I/O

52 Andreas Lochbihler 52 Compiler correctness Compiler correctness Delay bisimulation with divergence source code compiler byte code = iff Trace behaviour: result state non-termination deadlock I/O

53 Andreas Lochbihler 53 Compiler correctness Compiler correctness source code compiler byte code = Delay bisimulation with divergence s 1 s 2 τ τ iff s 1 s 2 Trace behaviour: result state non-termination deadlock I/O

54 Andreas Lochbihler 54 Compiler correctness Compiler correctness source code compiler byte code = Delay bisimulation with divergence s 1 τ τ s 2 s 1 α 1 s 2 τ α2 iff s 1 s 2 s 1 s 2 Trace behaviour: result state non-termination deadlock I/O

55 Andreas Lochbihler 55 Compiler correctness Compiler correctness source code compiler byte code = Delay bisimulation with divergence s 1 τ τ s 2 s 1 α 1 s 2 τ α2 iff s 1 s 2 s 1 s 2 Trace behaviour: result state non-termination deadlock I/O s 1 s 2 τ τ

56 Andreas Lochbihler 56 Compiler correctness Compiler correctness source code compiler byte code = Delay bisimulation with divergence s 1 τ τ s 2 s 1 α 1 s 2 τ α2 iff s 1 s 2 s 1 s 2 Trace behaviour: result state non-termination deadlock I/O s 1 s 2 τ τ Observable: I/O memory access allocation synchronisation

57 Andreas Lochbihler 57 Compiler correctness Compiler correctness source code compiler byte code = Delay bisimulation with divergence s 1 τ τ s 2 s 1 α 1 s 2 τ α2 iff s 1 s 2 s 1 s 2 Trace behaviour: result state non-termination deadlock I/O s Lifting theorem: 1 s 2 single-threaded d. bisim. τ τ multi-threaded d. bisim. Observable: I/O memory access allocation synchronisation

58 Andreas Lochbihler 58 Stuck programs stuck stage 1 stage 2 source intermediate bytecode

59 Andreas Lochbihler 59 Stuck programs stuck stage 1 stage 2 source intermediate bytecode

60 Andreas Lochbihler 60 Stuck programs stuck stage 1 stage 2 X source intermediate bytecode X

61 Andreas Lochbihler 61 Stuck programs preservation preservation preservation untypeable stuck stage 1 stage 2 source intermediate bytecode

62 Andreas Lochbihler 62 Stuck programs stuck stage 1 stage 2 aggressive JVM source intermediate bytecode defensive JVM

63 Andreas Lochbihler 63 Stuck programs stuck stage 1 stage 2 aggressive JVM source intermediate bytecode defensive JVM

64 Andreas Lochbihler 64 Not covered in this talk Java Memory Model formalised DRF guarantee: No data races = only interleaving behaviours Consistency: Every interleaving allowed Type safety even with data races if addresses are partitioned by type

65 Andreas Lochbihler 65 Not covered in this talk Java Memory Model formalised DRF guarantee: No data races = only interleaving behaviours Consistency: Every interleaving allowed Type safety even with data races if addresses are partitioned by type Validation via code generation Executable interpreter, JVM, bytecode verifier, compiler Unverified converter from Java to abstract syntax Validated with 230+ test cases

66 Andreas Lochbihler 66 Isabelle features Used a lot: locales (co)inductive datatype, primrec, fun code generator nitpick auto & fastforce

67 Andreas Lochbihler 67 Isabelle features Used a lot: locales (co)inductive datatype, primrec, fun code generator nitpick auto & fastforce Would have been great: Eisbach type parameters in locales codatatype & primcorec coinduction method refactoring support

68 Andreas Lochbihler 68 Isabelle features Used a lot: locales (co)inductive datatype, primrec, fun code generator nitpick auto & fastforce Would have been great: Eisbach type parameters in locales codatatype & primcorec coinduction method refactoring support Statistics: lines of code (10k empty lines) 567 definition, 101 (co)inductive, 124 primrec, 169 fun 4045 theorem statements 51 min AFP build time (factor 4.03, 64bit)

Similar documents

Verifying a Compiler for Java Threads

Verifying a Compiler for Java Threads Verifying a Compiler for Java Threads Andreas Lochbihler IPD, PROGRAMMING PARADIGMS GROUP, COMPUTER SCIENCE DEPARTMENT KIT - University of the State of aden-wuerttemberg and National Research Center of

More information

A unified machine-checked model for multithreaded Java

A unified machine-checked model for multithreaded Java A unified machine-checked model for multithreaded Java Andre Lochbihler IPD, PROGRAMMING PARADIGMS GROUP, COMPUTER SCIENCE DEPARTMENT KIT - University of the State of Baden-Wuerttemberg and National Research

More information

From IMP to Java. Andreas Lochbihler. parts based on work by Gerwin Klein and Tobias Nipkow ETH Zurich

From IMP to Java. Andreas Lochbihler. parts based on work by Gerwin Klein and Tobias Nipkow ETH Zurich From IMP to Java Andreas Lochbihler ETH Zurich parts based on work by Gerwin Klein and Tobias Nipkow 2015-07-14 1 Subtyping 2 Objects and Inheritance 3 Multithreading 1 Subtyping 2 Objects and Inheritance

More information

Quis Custodiet Ipsos Custodes The Java memory model

Quis Custodiet Ipsos Custodes The Java memory model Quis Custodiet Ipsos Custodes The Java memory model Andreas Lochbihler funded by DFG Ni491/11, Sn11/10 PROGRAMMING PARADIGMS GROUP = Isabelle λ β HOL α 1 KIT 9University Oct 2012 of the Andreas State of

More information

Type Safe Nondeterminism A Formal Semantics of Java Threads

Type Safe Nondeterminism A Formal Semantics of Java Threads Type Safe Nondeterminism A Formal Semantics of Java Threads Andreas Lochbihler Universität Passau lochbihl@fim.uni-passau.de Abstract We present a generic framework to transform a single-threaded operational

More information

Programming Languages Lecture 14: Sum, Product, Recursive Types

Programming Languages Lecture 14: Sum, Product, Recursive Types CSE 230: Winter 200 Principles of Programming Languages Lecture 4: Sum, Product, Recursive Types The end is nigh HW 3 No HW 4 (= Final) Project (Meeting + Talk) Ranjit Jhala UC San Diego Recap Goal: Relate

More information

Inductive datatypes in HOL. lessons learned in Formal-Logic Engineering

Inductive datatypes in HOL. lessons learned in Formal-Logic Engineering Inductive datatypes in HOL lessons learned in Formal-Logic Engineering Stefan Berghofer and Markus Wenzel Institut für Informatik TU München = Isabelle λ β HOL α 1 Introduction Applications of inductive

More information

Java Memory Model. Jian Cao. Department of Electrical and Computer Engineering Rice University. Sep 22, 2016

Java Memory Model. Jian Cao. Department of Electrical and Computer Engineering Rice University. Sep 22, 2016 Java Memory Model Jian Cao Department of Electrical and Computer Engineering Rice University Sep 22, 2016 Content Introduction Java synchronization mechanism Double-checked locking Out-of-Thin-Air violation

More information

Tradeoffs. CSE 505: Programming Languages. Lecture 15 Subtyping. Where shall we add useful completeness? Where shall we add completeness?

Tradeoffs. CSE 505: Programming Languages. Lecture 15 Subtyping. Where shall we add useful completeness? Where shall we add completeness? Tradeoffs CSE 505: Programming Languages Lecture 15 Subtyping Zach Tatlock Autumn 2017 Desirable type system properties (desiderata): soundness - exclude all programs that get stuck completeness - include

More information

Verifying Concurrent ML programs

Verifying Concurrent ML programs Verifying Concurrent ML programs a research proposal Gergely Buday Eszterházy Károly University Gyöngyös, Hungary Synchron 2016 Bamberg December 2016 Concurrent ML is a synchronous language a CML program

More information

Reasoning About The Implementations Of Concurrency Abstractions On x86-tso. By Scott Owens, University of Cambridge.

Reasoning About The Implementations Of Concurrency Abstractions On x86-tso. By Scott Owens, University of Cambridge. Reasoning About The Implementations Of Concurrency Abstractions On x86-tso By Scott Owens, University of Cambridge. Plan Intro Data Races And Triangular Races Examples 2 sequential consistency The result

More information

Safe Optimisations for Shared-Memory Concurrent Programs. Tomer Raz

Safe Optimisations for Shared-Memory Concurrent Programs. Tomer Raz Safe Optimisations for Shared-Memory Concurrent Programs Tomer Raz Plan Motivation Transformations Semantic Transformations Safety of Transformations Syntactic Transformations 2 Motivation We prove that

More information

Programming Languages

Programming Languages CSE 230: Winter 2008 Principles of Programming Languages Ocaml/HW #3 Q-A Session Push deadline = Mar 10 Session Mon 3pm? Lecture 15: Type Systems Ranjit Jhala UC San Diego Why Typed Languages? Development

More information

High-level languages

High-level languages High-level languages High-level languages are not immune to these problems. Actually, the situation is even worse: the source language typically operates over mixed-size values (multi-word and bitfield);

More information

Adam Chlipala University of California, Berkeley ICFP 2006

Adam Chlipala University of California, Berkeley ICFP 2006 Modular Development of Certified Program Verifiers with a Proof Assistant Adam Chlipala University of California, Berkeley ICFP 2006 1 Who Watches the Watcher? Program Verifier Might want to ensure: Memory

More information

An Approach to Verification of Safety-Critical Java Virtual Machines with Ahead-of-time Compilation. James Baxter

An Approach to Verification of Safety-Critical Java Virtual Machines with Ahead-of-time Compilation. James Baxter An Approach to Verication of Safety-Critical Java Virtual Machines with Ahead-of-time Compilation James Baxter Abstract In recent years Java has been increasingly considered as a language for safety-critical

More information

Runtime Atomicity Analysis of Multi-threaded Programs

Runtime Atomicity Analysis of Multi-threaded Programs Runtime Atomicity Analysis of Multi-threaded Programs Focus is on the paper: Atomizer: A Dynamic Atomicity Checker for Multithreaded Programs by C. Flanagan and S. Freund presented by Sebastian Burckhardt

More information

Servlet Performance and Apache JServ

Servlet Performance and Apache JServ Servlet Performance and Apache JServ ApacheCon 1998 By Stefano Mazzocchi and Pierpaolo Fumagalli Index 1 Performance Definition... 2 1.1 Absolute performance...2 1.2 Perceived performance...2 2 Dynamic

More information

CS/B.TECH/CSE(OLD)/SEM-6/CS-605/2012 OBJECT ORIENTED PROGRAMMING. Time Allotted : 3 Hours Full Marks : 70

CS/B.TECH/CSE(OLD)/SEM-6/CS-605/2012 OBJECT ORIENTED PROGRAMMING. Time Allotted : 3 Hours Full Marks : 70 CS/B.TECH/CSE(OLD)/SEM-6/CS-605/2012 2012 OBJECT ORIENTED PROGRAMMING Time Allotted : 3 Hours Full Marks : 70 The figures in the margin indicate full marks. Candidates are required to give their answers

More information

Administrivia. Events this week Drop-In Resume and Cover Letter Editing Date: Tues., Mar 23 Time: 12:30 2:30 pm Location: Rm 255, ICICS/CS

Administrivia. Events this week Drop-In Resume and Cover Letter Editing Date: Tues., Mar 23 Time: 12:30 2:30 pm Location: Rm 255, ICICS/CS Department of Computer Science Undergraduate Events Events this week Drop-In Resume and Cover Letter Editing Date: Tues., Mar 23 Time: 12:30 2:30 pm Location: Rm 255, ICICS/CS ICICS/KPMG Seminar Presentation:

More information

The Java Memory Model

The Java Memory Model The Java Memory Model The meaning of concurrency in Java Bartosz Milewski Plan of the talk Motivating example Sequential consistency Data races The DRF guarantee Causality Out-of-thin-air guarantee Implementation

More information

Theorem Proving Principles, Techniques, Applications Recursion

Theorem Proving Principles, Techniques, Applications Recursion NICTA Advanced Course Theorem Proving Principles, Techniques, Applications Recursion 1 CONTENT Intro & motivation, getting started with Isabelle Foundations & Principles Lambda Calculus Higher Order Logic,

More information

Programming Languages Lecture 15: Recursive Types & Subtyping

Programming Languages Lecture 15: Recursive Types & Subtyping CSE 230: Winter 2008 Principles of Programming Languages Lecture 15: Recursive Types & Subtyping Ranjit Jhala UC San Diego News? Formalize first-order type systems Simple types (integers and booleans)

More information

Functional Programming with Isabelle/HOL

Functional Programming with Isabelle/HOL Functional Programming with Isabelle/HOL = Isabelle λ β HOL α Florian Haftmann Technische Universität München January 2009 Overview Viewing Isabelle/HOL as a functional programming language: 1. Isabelle/HOL

More information

Timing Analysis of Parallel Software Using Abstract Execution

Timing Analysis of Parallel Software Using Abstract Execution Timing Analysis of Parallel Software Using Abstract Execution Björn Lisper School of Innovation, Design, and Engineering Mälardalen University bjorn.lisper@mdh.se 2014-09-10 EACO Workshop 2014 Motivation

More information

Static Program Analysis

Static Program Analysis Static Program Analysis Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ws-1617/spa/ Recap: Taking Conditional Branches into Account Extending

More information

Intersections and Unions of Session Types

Intersections and Unions of Session Types Intersections and Unions of Session Types Coşku Acay Frank Pfenning Carnegie Mellon University School of Computer Science ITRS 2016 C. Acay & F. Pfenning (CMU) Intersections and Unions of Session Types

More information

Programming Safe Agents in Blueprint. Alex Muscar University of Craiova

Programming Safe Agents in Blueprint. Alex Muscar University of Craiova Programming Safe Agents in Blueprint Alex Muscar University of Craiova Programmers are craftsmen, and, as such, they are only as productive as theirs tools allow them to be Introduction Agent Oriented

More information

Software Architecture

Software Architecture Software Architecture Lecture 5 Call-Return Systems Rob Pettit George Mason University last class data flow data flow styles batch sequential pipe & filter process control! process control! looping structure

More information

Weak Memory Models: an Operational Theory

Weak Memory Models: an Operational Theory Opening Weak Memory Models: an Operational Theory INRIA Sophia Antipolis 9th June 2008 Background on weak memory models Memory models, what are they good for? Hardware optimizations Contract between hardware

More information

Security for Multithreaded Programs under Cooperative Scheduling

Security for Multithreaded Programs under Cooperative Scheduling Security for Multithreaded Programs under Cooperative Scheduling Alejandro Russo and Andrei Sabelfeld Dept. of Computer Science and Engineering, Chalmers University of Technology 412 96 Göteborg, Sweden,

More information

Gradual Typing for Functional Languages. Jeremy Siek and Walid Taha (presented by Lindsey Kuper)

Gradual Typing for Functional Languages. Jeremy Siek and Walid Taha (presented by Lindsey Kuper) Gradual Typing for Functional Languages Jeremy Siek and Walid Taha (presented by Lindsey Kuper) 1 Introduction 2 What we want Static and dynamic typing: both are useful! (If you re here, I assume you agree.)

More information

CS-XXX: Graduate Programming Languages. Lecture 9 Simply Typed Lambda Calculus. Dan Grossman 2012

CS-XXX: Graduate Programming Languages. Lecture 9 Simply Typed Lambda Calculus. Dan Grossman 2012 CS-XXX: Graduate Programming Languages Lecture 9 Simply Typed Lambda Calculus Dan Grossman 2012 Types Major new topic worthy of several lectures: Type systems Continue to use (CBV) Lambda Caluclus as our

More information

Administration CS 412/413. Why build a compiler? Compilers. Architectural independence. Source-to-source translator

Administration CS 412/413. Why build a compiler? Compilers. Architectural independence. Source-to-source translator CS 412/413 Introduction to Compilers and Translators Andrew Myers Cornell University Administration Design reports due Friday Current demo schedule on web page send mail with preferred times if you haven

More information

An introduction to weak memory consistency and the out-of-thin-air problem

An introduction to weak memory consistency and the out-of-thin-air problem An introduction to weak memory consistency and the out-of-thin-air problem Viktor Vafeiadis Max Planck Institute for Software Systems (MPI-SWS) CONCUR, 7 September 2017 Sequential consistency 2 Sequential

More information

HOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1

HOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1 LAST TIME ON HOL Proof rules for propositional and predicate logic Safe and unsafe rules NICTA Advanced Course Forward Proof Slide 1 Theorem Proving Principles, Techniques, Applications Slide 3 The Epsilon

More information

Formalising FinFuns Generating Code for Functions as Data from Isabelle/HOL

Formalising FinFuns Generating Code for Functions as Data from Isabelle/HOL Formalising FinFuns Generating Code for Functions as Data from Isabelle/HOL Andreas Lochbihler Universität Karlsruhe (TH) 17.8.2009, TPHOLs 2009 Motivation I Quickcheck Andreas Lochbihler (Univ. Karlsruhe

More information

The Java Memory Model: a Formal Explanation 1

The Java Memory Model: a Formal Explanation 1 The Java Memory Model: a Formal Explanation 1 M. Huisman 2 G. Petri 3 INRIA Sophia Antipolis, France Abstract This paper discusses the new Java Memory Model (JMM), introduced for Java 1.5. The JMM specifies

More information

Safety SPL/2010 SPL/20 1

Safety SPL/2010 SPL/20 1 Safety 1 system designing for concurrent execution environments system: collection of objects and their interactions system properties: Safety - nothing bad ever happens Liveness - anything ever happens

More information

Software Engineering using Formal Methods

Software Engineering using Formal Methods Software Engineering using Formal Methods Introduction to Promela Wolfgang Ahrendt 03 September 2015 SEFM: Promela /GU 150903 1 / 36 Towards Model Checking System Model Promela Program byte n = 0; active

More information

Runtime Checking for Program Verification Systems

Runtime Checking for Program Verification Systems Runtime Checking for Program Verification Systems Karen Zee, Viktor Kuncak, and Martin Rinard MIT CSAIL Tuesday, March 13, 2007 Workshop on Runtime Verification 1 Background Jahob program verification

More information

Overview. Rationale Division of labour between script and C++ Choice of language(s) Interfacing to C++ Performance, memory

Overview. Rationale Division of labour between script and C++ Choice of language(s) Interfacing to C++ Performance, memory SCRIPTING Overview Rationale Division of labour between script and C++ Choice of language(s) Interfacing to C++ Reflection Bindings Serialization Performance, memory Rationale C++ isn't the best choice

More information

Type Theory meets Effects. Greg Morrisett

Type Theory meets Effects. Greg Morrisett Type Theory meets Effects Greg Morrisett A Famous Phrase: Well typed programs won t go wrong. 1. Describe abstract machine: M ::= 2. Give transition relation: M 1 M 2

More information

Semantical Characterization of unbounded-nondeterministic ASMs

Semantical Characterization of unbounded-nondeterministic ASMs Semantical Characterization of unbounded-nondeterministic ASMs Berlin, 26/27 Feb 2007 Andreas Glausch Humboldt-Universität zu Berlin Department of Computer Science Abstract State Machines (ASMs) state

More information

The Java Memory Model

The Java Memory Model The Java Memory Model Presented by: Aaron Tomb April 10, 2007 1 Introduction 1.1 Memory Models As multithreaded programming and multiprocessor systems gain popularity, it is becoming crucial to define

More information

Conservative Concurrency in Haskell

Conservative Concurrency in Haskell Conservative Concurrency in Haskell David Sabel and Manfred Schmidt-Schauß Goethe-University, Frankfurt am Main, Germany LICS 12, Dubrovnik, Croatia Motivation a View on Haskell Purely functional core

More information

CSE-505: Programming Languages. Lecture 20.5 Recursive Types. Zach Tatlock 2016

CSE-505: Programming Languages. Lecture 20.5 Recursive Types. Zach Tatlock 2016 CSE-505: Programming Languages Lecture 20.5 Recursive Types Zach Tatlock 2016 Where are we System F gave us type abstraction code reuse strong abstractions different from real languages (like ML), but

More information

CMSC 336: Type Systems for Programming Languages Lecture 5: Simply Typed Lambda Calculus Acar & Ahmed January 24, 2008

CMSC 336: Type Systems for Programming Languages Lecture 5: Simply Typed Lambda Calculus Acar & Ahmed January 24, 2008 CMSC 336: Type Systems for Programming Languages Lecture 5: Simply Typed Lambda Calculus Acar & Ahmed January 24, 2008 Contents 1 Solution to the Exercise 1 1.1 Semantics for lambda calculus.......................

More information

Runtime assertion checking of multithreaded Java programs

Runtime assertion checking of multithreaded Java programs Master Thesis Runtime assertion checking of multithreaded Java programs An extension of the STROBE framework Author: Jorne Kandziora Supervisors: dr. M. Huisman dr. C.M. Bockisch M. Zaharieva-Stojanovski,

More information

Java PathFinder. Pavel Parízek. CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics

Java PathFinder. Pavel Parízek. CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics Java PathFinder http://d3s.mff.cuni.cz Pavel Parízek CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics Java PathFinder (JPF) Verification framework for Java programs Explicit state space

More information

Multicore Programming Java Memory Model

Multicore Programming Java Memory Model p. 1 Multicore Programming Java Memory Model Peter Sewell Jaroslav Ševčík Tim Harris University of Cambridge MSR with thanks to Francesco Zappa Nardelli, Susmit Sarkar, Tom Ridge, Scott Owens, Magnus O.

More information

Formal Specification and Verification

Formal Specification and Verification Formal Specification and Verification Introduction to Promela Bernhard Beckert Based on a lecture by Wolfgang Ahrendt and Reiner Hähnle at Chalmers University, Göteborg Formal Specification and Verification:

More information

A Programming Model for Concurrent Object-Oriented Programs

A Programming Model for Concurrent Object-Oriented Programs 1 A Programming Model for Concurrent Object-Oriented Programs BART JACOBS, FRANK PIESSENS, and JAN SMANS Katholieke Universiteit Leuven and K. RUSTAN M. LEINO and WOLFRAM SCHULTE Microsoft Research Reasoning

More information

WebAssembly what? why? whither? Ben L. Titzer Andreas Rossberg Google Germany

WebAssembly what? why? whither? Ben L. Titzer Andreas Rossberg Google Germany WebAssembly what? why? whither? Ben L. Titzer Andreas Rossberg Google Germany What is WebAssembly? A portable, compact, binary code format Low-level execution model with native unboxed types Suitable as

More information

11/19/2013. Imperative programs

11/19/2013. Imperative programs if (flag) 1 2 From my perspective, parallelism is the biggest challenge since high level programming languages. It s the biggest thing in 50 years because industry is betting its future that parallel programming

More information

Lecture 1: Overview of Java

Lecture 1: Overview of Java Lecture 1: Overview of Java What is java? Developed by Sun Microsystems (James Gosling) A general-purpose object-oriented language Based on C/C++ Designed for easy Web/Internet applications Widespread

More information

Part VI. Imperative Functional Programming

Part VI. Imperative Functional Programming Part VI Imperative Functional Programming Chapter 14 Mutable Storage MinML is said to be a pure language because the execution model consists entirely of evaluating an expression for its value. ML is

More information

Programming Languages

Programming Languages : Winter 2010 Principles of Programming Languages Lecture 1: Welcome, etc. Ranjit Jhala UC San Diego Computation & Interaction Precisely expressed by PL Dependence means need for analysis Safety Security

More information

From Types to Sets in Isabelle/HOL

From Types to Sets in Isabelle/HOL From Types to Sets in Isabelle/HOL Extented Abstract Ondřej Kunčar 1 and Andrei Popescu 1,2 1 Fakultät für Informatik, Technische Universität München, Germany 2 Institute of Mathematics Simion Stoilow

More information

Software Engineering using Formal Methods

Software Engineering using Formal Methods Software Engineering using Formal Methods Introduction to Promela Wolfgang Ahrendt & Richard Bubel & Reiner Hähnle & Wojciech Mostowski 31 August 2011 SEFM: Promela /GU 110831 1 / 35 Towards Model Checking

More information

CS-XXX: Graduate Programming Languages. Lecture 17 Recursive Types. Dan Grossman 2012

CS-XXX: Graduate Programming Languages. Lecture 17 Recursive Types. Dan Grossman 2012 CS-XXX: Graduate Programming Languages Lecture 17 Recursive Types Dan Grossman 2012 Where are we System F gave us type abstraction code reuse strong abstractions different from real languages (like ML),

More information

Proof Carrying Code(PCC)

Proof Carrying Code(PCC) Discussion p./6 Proof Carrying Code(PCC Languaged based security policy instead of OS-based A mechanism to determine with certainity that it is safe execute a program or not Generic architecture for providing

More information

Functional Programming and Modeling

Functional Programming and Modeling Chapter 2 2. Functional Programming and Modeling 2.0 2. Functional Programming and Modeling 2.0 Overview of Chapter Functional Programming and Modeling 2. Functional Programming and Modeling 2.1 Overview

More information

Object Oriented Programming and Design in Java. Session 18 Instructor: Bert Huang

Object Oriented Programming and Design in Java. Session 18 Instructor: Bert Huang Object Oriented Programming and Design in Java Session 18 Instructor: Bert Huang Announcements Homework 4 due Mon. Apr. 19 No multithreading in programming part Final Exam Monday May 10, 9 AM - noon, 173

More information

The New Java Technology Memory Model

The New Java Technology Memory Model The New Java Technology Memory Model java.sun.com/javaone/sf Jeremy Manson and William Pugh http://www.cs.umd.edu/~pugh 1 Audience Assume you are familiar with basics of Java technology-based threads (

More information

MPRI course 2-4 Functional programming languages Exercises

MPRI course 2-4 Functional programming languages Exercises MPRI course 2-4 Functional programming languages Exercises Xavier Leroy October 13, 2016 Part I: Interpreters and operational semantics Exercise I.1 (**) Prove theorem 2 (the unique decomposition theorem).

More information

CSE 505 Graduate PL. Fall 2013

CSE 505 Graduate PL. Fall 2013 CSE 505 Graduate PL Fall 2013 Goals Since Day 1 Develop tools to rigorously study what programs mean. semantics equivalence, termination, determinism,... Develop tools for studying program behavior! inductive

More information

Note that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m.

Note that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m. CS 6110 S18 Lecture 8 Structural Operational Semantics and IMP Today we introduce a very simple imperative language, IMP, along with two systems of rules for evaluation called small-step and big-step semantics.

More information

Learning from Bad Examples. CSCI 5828: Foundations of Software Engineering Lecture 25 11/18/2014

Learning from Bad Examples. CSCI 5828: Foundations of Software Engineering Lecture 25 11/18/2014 Learning from Bad Examples CSCI 5828: Foundations of Software Engineering Lecture 25 11/18/2014 1 Goals Demonstrate techniques to design for shared mutability Build on an example where multiple threads

More information

Parametricity of Inductive Predicates

Parametricity of Inductive Predicates Proposal for a Master s thesis Parametricity of Inductive Predicates Supervisors: Dr. Andreas Lochbihler, Dr. Dmitriy Traytel Professor: Prof. David Basin Issue date: May 19, 2017 Prerequisites Good skills

More information

Notes on the Exam. Question 1. Today. Comp 104:Operating Systems Concepts 11/05/2015. Revision Lectures (separate questions and answers)

Notes on the Exam. Question 1. Today. Comp 104:Operating Systems Concepts 11/05/2015. Revision Lectures (separate questions and answers) Comp 104:Operating Systems Concepts Revision Lectures (separate questions and answers) Today Here are a sample of questions that could appear in the exam Please LET ME KNOW if there are particular subjects

More information

Resource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems

Resource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems Resource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems Insup Lee 1, Oleg Sokolsky 1, Anna Philippou 2 1 RTG (Real-Time Systems Group) Department of

More information

Specification and verification of a simple machine

Specification and verification of a simple machine March 8, 2006 One slide summary Simple Virtual Machine Modeled a simple virtual machine: an interpreter + a static checker Proved that verified programs never overflow the operand stack Identified a suitable

More information

Programs and Proofs in Isabelle/HOL

Programs and Proofs in Isabelle/HOL Programs and Proofs in Isabelle/HOL Makarius Wenzel http://sketis.net March 2016 = Isabelle λ β α Introduction What is Isabelle? Hanabusa Itcho : Blind monks examining an elephant Introduction 2 History:

More information

Goal. CS152: Programming Languages. Lecture 15 Parametric Polymorphism. What the Library Likes. What The Client Likes. Start simpler.

Goal. CS152: Programming Languages. Lecture 15 Parametric Polymorphism. What the Library Likes. What The Client Likes. Start simpler. Goal Understand what this interface means and why it matters: CS152: Programming Languages Lecture 15 Parametric Polymorphism Dan Grossman Spring 2011 type a mylist; val mt_list : a mylist val cons : a

More information

Semantic Subtyping. Alain Frisch (ENS Paris) Giuseppe Castagna (ENS Paris) Véronique Benzaken (LRI U Paris Sud)

Semantic Subtyping. Alain Frisch (ENS Paris) Giuseppe Castagna (ENS Paris) Véronique Benzaken (LRI U Paris Sud) Semantic Subtyping Alain Frisch (ENS Paris) Giuseppe Castagna (ENS Paris) Véronique Benzaken (LRI U Paris Sud) http://www.cduce.org/ Semantic Subtyping - Groupe de travail BD LRI p.1/28 CDuce A functional

More information

Formal Semantics. Prof. Clarkson Fall Today s music: Down to Earth by Peter Gabriel from the WALL-E soundtrack

Formal Semantics. Prof. Clarkson Fall Today s music: Down to Earth by Peter Gabriel from the WALL-E soundtrack Formal Semantics Prof. Clarkson Fall 2015 Today s music: Down to Earth by Peter Gabriel from the WALL-E soundtrack Review Previously in 3110: simple interpreter for expression language: abstract syntax

More information

Interleaving and Lock-Step Semantics for Analysis and Verification of GPU Kernels

Interleaving and Lock-Step Semantics for Analysis and Verification of GPU Kernels Interleaving and Lock-Step Semantics for Analysis and Verification of GPU Kernels Peter Collingbourne 1, Alastair F. Donaldson 1, Jeroen Ketema 1, and Shaz Qadeer 2 1 Imperial College London peter@pcc.me.uk,{afd,jketema}@imperial.ac.uk

More information

QWeSST. Type-Safe Web Programming. Thierry Sans and Iliano Cervesato. Carnegie Mellon University Qatar

QWeSST. Type-Safe Web Programming. Thierry Sans and Iliano Cervesato. Carnegie Mellon University Qatar QWeSST Type-Safe Web Programming Thierry Sans and Iliano Cervesato Carnegie Mellon University Qatar Katholieke Universiteit Leuven, Belgium 2 August 2011 Project Goal Study the foundations of web programming

More information

The Isar Proof Language in 2016

The Isar Proof Language in 2016 The Isar Proof Language in 2016 Makarius Wenzel sketis.net August 2016 = Isabelle λ β Isar α Introduction History of Isar 1999: first usable version primary notion of proof document (not proof script )

More information

Parallelism Marco Serafini

Parallelism Marco Serafini Parallelism Marco Serafini COMPSCI 590S Lecture 3 Announcements Reviews First paper posted on website Review due by this Wednesday 11 PM (hard deadline) Data Science Career Mixer (save the date!) November

More information

Comp 204: Computer Systems and Their Implementation. Lecture 25a: Revision Lectures (separate questions and answers)

Comp 204: Computer Systems and Their Implementation. Lecture 25a: Revision Lectures (separate questions and answers) Comp 204: Computer Systems and Their Implementation Lecture 25a: Revision Lectures (separate questions and answers) 1 Today Here are a sample of questions that could appear in the exam Please LET ME KNOW

More information

Foundations of the C++ Concurrency Memory Model

Foundations of the C++ Concurrency Memory Model Foundations of the C++ Concurrency Memory Model John Mellor-Crummey and Karthik Murthy Department of Computer Science Rice University johnmc@rice.edu COMP 522 27 September 2016 Before C++ Memory Model

More information

Preuves Interactives et Applications

Preuves Interactives et Applications Preuves Interactives et Applications Christine Paulin & Burkhart Wolff http://www.lri.fr/ paulin/preuvesinteractives Université Paris-Saclay HOL and its Specification Constructs 10/12/16 B. Wolff - M2

More information

From High Level to Machine Code. Compilation Overview. Computer Programs

From High Level to Machine Code. Compilation Overview. Computer Programs From High Level to Algorithm/Model Java, C++, VB Compilation Execution Cycle Hardware 27 October 2007 Ariel Shamir 1 Compilation Overview Algorithm vs. Programs From Algorithm to Compilers vs. Interpreters

More information

An experiment with variable binding, denotational semantics, and logical relations in Coq. Adam Chlipala University of California, Berkeley

An experiment with variable binding, denotational semantics, and logical relations in Coq. Adam Chlipala University of California, Berkeley A Certified TypePreserving Compiler from Lambda Calculus to Assembly Language An experiment with variable binding, denotational semantics, and logical relations in Coq Adam Chlipala University of California,

More information

Featherweight Java (FJ)

Featherweight Java (FJ) x = 1 let x = 1 in... x(1).!x(1) x.set(1) Programming Language Theory Featherweight Java (FJ) Ralf Lämmel This lecture is based on David Walker s lecture: Computer Science 441, Programming Languages, Princeton

More information

Basic Foundations of Isabelle/HOL

Basic Foundations of Isabelle/HOL Basic Foundations of Isabelle/HOL Peter Wullinger May 16th 2007 1 / 29 1 Introduction into Isabelle s HOL Why Type Theory Basic Type Syntax 2 More HOL Typed λ Calculus HOL Rules 3 Example proof 2 / 29

More information

Ornaments in ML. Thomas Williams, Didier Rémy. April 18, Inria - Gallium

Ornaments in ML. Thomas Williams, Didier Rémy. April 18, Inria - Gallium Ornaments in ML Thomas Williams, Didier Rémy Inria - Gallium April 18, 2017 1 Motivation Two very similar functions let rec add m n = match m with Z n S m S (add m n) let rec append ml nl = match ml with

More information

Natural Semantics [14] within the Centaur system [6], and the Typol formalism [8] which provides us with executable specications. The outcome of such

Natural Semantics [14] within the Centaur system [6], and the Typol formalism [8] which provides us with executable specications. The outcome of such A Formal Executable Semantics for Java Isabelle Attali, Denis Caromel, Marjorie Russo INRIA Sophia Antipolis, CNRS - I3S - Univ. Nice Sophia Antipolis, BP 93, 06902 Sophia Antipolis Cedex - France tel:

More information

Verified Firewall Policy Transformations for Test Case Generation

Verified Firewall Policy Transformations for Test Case Generation Verified Firewall Policy Transformations for Test Case Generation Achim D. Brucker 1 Lukas Brügger 2 Paul Kearney 3 Burkhart Wolff 4 1 SAP Research, Germany 2 Information Security, ETH Zürich, Switzerland

More information

Hoare logic. A proof system for separation logic. Introduction. Separation logic

Hoare logic. A proof system for separation logic. Introduction. Separation logic Introduction Hoare logic Lecture 6: Examples in separation logic In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing separation logic.

More information

arxiv: v1 [cs.pl] 10 May 2016

arxiv: v1 [cs.pl] 10 May 2016 Flag-Based Big-Step Semantics Casper Bach Poulsen 1,, Peter D. Mosses Department of Computer Science Swansea University Singleton Park, Swansea SA2 8PP, UK arxiv:1605.02935v1 [cs.pl] 10 May 2016 Abstract

More information

Safe Reactive Programming: the FunLoft Proposal

Safe Reactive Programming: the FunLoft Proposal Safe Reactive Programming: the FunLoft Proposal Frédéric Boussinot MIMOSA Project, Inria Sophia-Antipolis (Joint work with Frédéric Dabrowski) http://www.inria.fr/mimosa/rp With support from ALIDECS SYNCHRON

More information

Programming Languages FILS Andrei Vasilateanu

Programming Languages FILS Andrei Vasilateanu Programming Languages FILS 2014-2015 Andrei Vasilateanu Course Master: Administration Andrei Vasilateanu, andraevs@gmail.com Teaching Assistants: Radu Serban Grading: Final exam 40% Laboratory 60% 2 Tests

More information

Java Overview An introduction to the Java Programming Language

Java Overview An introduction to the Java Programming Language Java Overview An introduction to the Java Programming Language Produced by: Eamonn de Leastar (edeleastar@wit.ie) Dr. Siobhan Drohan (sdrohan@wit.ie) Department of Computing and Mathematics http://www.wit.ie/

More information

The Java Programming Language

The Java Programming Language The Java Programming Language Slide by John Mitchell (http://www.stanford.edu/class/cs242/slides/) Outline Language Overview History and design goals Classes and Inheritance Object features Encapsulation

More information

Towards Lean 4: Sebastian Ullrich 1, Leonardo de Moura 2.

Towards Lean 4: Sebastian Ullrich 1, Leonardo de Moura 2. Towards Lean 4: Sebastian Ullrich 1, Leonardo de Moura 2 1 Karlsruhe Institute of Technology, Germany 2 Microsoft Research, USA 1 2018/12/12 Ullrich, de Moura - Towards Lean 4: KIT The Research An University

More information

Lecture 5: The Untyped λ-calculus

Lecture 5: The Untyped λ-calculus Lecture 5: The Untyped λ-calculus Syntax and basic examples Polyvios Pratikakis Computer Science Department, University of Crete Type Systems and Static Analysis Pratikakis (CSD) Untyped λ-calculus I CS49040,

More information

Verified compilers. Guest lecture for Compiler Construction, Spring Magnus Myréen. Chalmers University of Technology

Verified compilers. Guest lecture for Compiler Construction, Spring Magnus Myréen. Chalmers University of Technology Guest lecture for Compiler Construction, Spring 2015 Verified compilers Magnus Myréen Chalmers University of Technology Mentions joint work with Ramana Kumar, Michael Norrish, Scott Owens and many more

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback