COSE 215: Theory of Computation. Undecidability (2) Hakjoo Oh 2016 Spring

Similar documents
COSE312: Compilers. Lecture 1 Overview of Compilers

Static Program Analysis Part 1 the TIP language

The Turing Machine. Unsolvable Problems. Undecidability. The Church-Turing Thesis (1936) Decision Problem. Decision Problems

Advanced Programming Methods. Introduction in program analysis

A Gentle Introduction to Program Analysis

COS 320. Compiling Techniques

CSE 403: Software Engineering, Fall courses.cs.washington.edu/courses/cse403/16au/ Static Analysis. Emina Torlak

Secure Software Development: Theory and Practice

COMPILER DESIGN. For COMPUTER SCIENCE

Today Program Analysis for finding bugs, especially security bugs problem specification motivation approaches remaining issues

R10 SET a) Construct a DFA that accepts an identifier of a C programming language. b) Differentiate between NFA and DFA?

Theory Bridge Exam Example Questions Version of June 6, 2008

CSI33 Data Structures

CSCE 548 Building Secure Software Software Analysis Basics

CS 430 Spring Mike Lam, Professor. Data Types and Type Checking

COP4020 Programming Languages. Syntax Prof. Robert van Engelen

Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation TDDC90: Software Security

Static Analysis methods and tools An industrial study. Pär Emanuelsson Ericsson AB and LiU Prof Ulf Nilsson LiU

Floating-point lab deadline moved until Wednesday Today: characters, strings, scanf Characters, strings, scanf questions clicker questions

Static Analysis and Dataflow Analysis

Spring Semester 16, Dr. Punch. Exam #1 (2/18), form 1 A

Tracking Pointers with Path and Context Sensitivity for Bug Detection in C Programs. {livshits,

COP4020 Programming Languages. Syntax Prof. Robert van Engelen

Verification by Static Analysis

Machine-Learning-Guided Selectively Unsound Static Analysis

Simple Overflow. #include <stdio.h> int main(void){ unsigned int num = 0xffffffff;

Software Security: Vulnerability Analysis

Spring 2013 CSE Qualifying Exam Core Subjects. March 23, 2013

CSE P 501 Compilers. Parsing & Context-Free Grammars Hal Perkins Spring UW CSE P 501 Spring 2018 C-1

22c:111 Programming Language Concepts. Fall Types I

Language Security. Lecture 40

C Programming Language: C ADTs, 2d Dynamic Allocation. Math 230 Assembly Language Programming (Computer Organization) Thursday Jan 31, 2008

Array. Array Declaration:

COSE212: Programming Languages. Lecture 3 Functional Programming in OCaml

MA513: Formal Languages and Automata Theory Topic: Context-free Grammars (CFG) Lecture Number 18 Date: September 12, 2011

Goal. Overflow Checking in Firefox. Sixgill. Sixgill (cont) Verifier Design Questions. Sixgill: Properties 4/8/2010

Static Analysis of C++ Projects with CodeSonar

CSE 3302 Programming Languages Lecture 2: Syntax

Combinational Devices and Boolean Algebra

Informatics Ingeniería en Electrónica y Automática Industrial

Introduction to Computer Science Midterm 3 Fall, Points

One-Slide Summary. Lecture Outline. Language Security

Gujarat Technological University Sankalchand Patel College of Engineering, Visnagar B.E. Semester VII (CE) July-Nov Compiler Design (170701)

Continuation Passing Style. Continuation Passing Style

Dynamic Dependency Monitoring to Secure Information Flow

BASIC COMPUTATION. public static void main(string [] args) Fundamentals of Computer Science I

Automated Software Analysis Techniques For High Reliability: A Concolic Testing Approach. Moonzoo Kim

ESC101N: Fundamentals of Computing End-sem st semester

Introduction A Tiny Example Language Type Analysis Static Analysis 2009

Automatic Software Verification

CS 3360 Design and Implementation of Programming Languages. Exam 1

Chapter 2 :: Programming Language Syntax

Fiji VM Safety Critical Java

14.1 Encoding for different models of computation

Outline. 1 Scanning Tokens. 2 Regular Expresssions. 3 Finite State Automata

Automatic Generation of Program Specifications

[0569] p 0318 garbage

Pointers. 1 Background. 1.1 Variables and Memory. 1.2 Motivating Pointers Massachusetts Institute of Technology

Compiler Construction

Compiler Construction LECTURE # 3

Programming Studio #9 ECE 190

Agenda. Peer Instruction Question 1. Peer Instruction Answer 1. Peer Instruction Question 2 6/22/2011

Lexical Analysis 1 / 52

Program Verification. Aarti Gupta

Compilation 2012 Static Type Checking

programming languages need to be precise a regular expression is one of the following: tokens are the building blocks of programs

Computer Science Foundation Exam

Algorithms and Programming I. Lecture#12 Spring 2015

Lecture 9 Assertions and Error Handling CS240

Data Types and Variables in C language

Abstractions and small languages in synthesis CS294: Program Synthesis for Everyone

QUESTIONS RELATED TO UNIT I, II And III

Static Analysis in C/C++ code with Polyspace

Midterm Solutions COMS W4115 Programming Languages and Translators Wednesday, March 25, :10-5:25pm, 309 Havemeyer

9/21/17. Outline. Expression Evaluation and Control Flow. Arithmetic Expressions. Operators. Operators. Notation & Placement

Multiple Choice (Questions 1 14) 28 Points Select all correct answers (multiple correct answers are possible)

Datatypes, Variables, and Operations

Automation Framework for Large-Scale Regular Expression Matching on FPGA. Thilan Ganegedara, Yi-Hua E. Yang, Viktor K. Prasanna

CS 449 Lecture 3. Variables in memory. Dr. Jack Lange. int x = 4;

CSE 105 THEORY OF COMPUTATION

c. Typically results in an intractably large set of test cases even for small programs

Syntax Analysis. Amitabha Sanyal. ( as) Department of Computer Science and Engineering, Indian Institute of Technology, Bombay

Flow Control. CSC215 Lecture

Static Analysis Alert Audits Lexicon And Rules David Svoboda, CERT Lori Flynn, CERT Presenter: Will Snavely, CERT

Review! * follows a pointer to its value! & gets the address of a variable! Pearce, Summer 2010 UCB! ! int x = 1000; Pearce, Summer 2010 UCB!

CS61C : Machine Structures

Computer Science Foundation Exam

Computer Science 217

Test Automation. 20 December 2017

Lexical Analysis. Dragon Book Chapter 3 Formal Languages Regular Expressions Finite Automata Theory Lexical Analysis using Automata

Topic 9: Type Checking

Topic 9: Type Checking

Introduction to Programming Using Java (98-388)

Variable and Data Type I

Midterm II CS164, Spring 2006

CompSci 125 Lecture 11

CMSC 330: Organization of Programming Languages

CS711 Advanced Programming Languages Pointer Analysis Overview and Flow-Sensitive Analysis

Week 9 Part 1. Kyle Dewey. Tuesday, August 28, 12

18-642: Code Style for Compilers

Transcription:

COSE 215: Theory of Computation Undecidability (2) Hakjoo Oh 2016 Spring

Contents Real Examples of undecidable problems Halting problem Program verification Properties of CFGs Post Correspondence Problem (PCP) How to deal with undecidable problems?

Halting Problem https://www.youtube.com/watch?v=92whn-pafcs

Program Verification

Program Verification

Properties of CFGs Is a given CFG ambiguous? For CFGs G 1 and G 2,isL(G 1 ) \ L(G 2 )=;? Is L(G 1 )=L(G 2 )? Is L(G 1 )=L(R) for some regular expression R? Is L(G 1 )=T for some alphabet T?

Post Correspondence Problem Is there a list of dominos (repetitions permitted) such that reading off top yields the string obtained by reading off bottom? Possible: { b a ca abc,,, } ca ab a c Impossible: { abc ab, ca a, acc ba }

Programming Technologies Program Analysis Program Synthesis

27 int i; 28 for (i = 0; i <= 12; i++) txtbuf[i] = 0; 29 30 junk = (char *)malloc(sizeof(char) * BUFLEN); 31 binbuf = (char *)malloc(sizeof(char)); 32 33 if ((junk!= NULL) && (binbuf!= NULL)) { 34 isc_buffer_init(binbuf, junk, BUFLEN); 35 dns_name_init(dns_name, NULL); 36 dns_name_setbuffer(dns_name, binbuf); 37 result = dns_name_fromtext(dns_name, txtbuf, NULL, 0, NULL); 38 free(junk); 39 free(binbuf); Current Technology for Safe SW Manual, ad-hoc, postmortem: code review, testing, simulation, debugging, etc

Program Analysis Technology Technology for Software MRI prog.c prog.c

Aims to detect memory errors in C programs e.g., buffer-overrun, memory leak, null-dereference, etc Features (vs. testing) Full automation Find bugs early All bugs found

16 static char *curfinal = "HDACB FE"; 17 18 keysym = read_from_input (); curfinal: buffer of size 10 19 20 if ((((KeySym)(keysym) >= 0xFF91) keysym: && ((KeySym)(keysym) any integer <= 0xFF94))) 21 { 22 unparseputc((char)(keysym-0xff91 +'P'), pty); 23 key = 1; 24 } 25 else if (keysym >= 0) 26 { 27 if (keysym < 16) keysym: [0,15] 28 { 29 if (read_from_input()) 30 { 31 if (keysym >= 10) return; 32 curfinal[keysym] = 1; safe 33 } 34 else 35 { 36 curfinal[keysym] = 2; buffer-overrun 37 } 38 } 39 if (keysym < 10) 40 { 41 unparseputc(curfinal[keysym], pty); 42 } safe Sparrow automatically pinpoints the buffer-overrun bug curfinal:[10,10] keysym: [10,15] 43 }

Static Program Analysis Predict SW behavior statically and automatically static: before execution, before sell / embed automatic: sw is analyzed by sw ( static analyzers ) Applications bug-finding. e.g., find runtime failures of programs security. e.g., is this app malicious or benign? verification. e.g., does the program meet its specification? compiler optimization, e.g., automatic parallelization

14

How Program Analysis Works sound unsound vs.

How Program Analysis Works imprecise precise vs.

Program Synthesis Technology Currently, programs are written solely by programmers programming is often repetitive, tedious, and errorprone end-users are not capable of fully leveraging computational devices In the future, most programs will be written by programs

Program Synthesis Technology

ex) Regular Expressions

Synthesizing Regular Expressions 000 111 000000 010101 0 00 1111 0101 ((0 + 1)(0 + 1)(0 + 1))* 0, 1 3

Synthesizing Regular Expressions 0 1 + * 0+ 1+ ( + )+ ( )+ ( * )+ 0+1 0+( + ) 0+( )

Performance 3 ((0 + 1)(0 + 1)(0 + 1))* 0.007 1 0 (1 (0 + 1)* 0)* 0.012 01 (0 + 1(0 + 1))* 0.028 01 ((0 + 1)* 01)* 0.048 0 (1 + 01*0)* 0.075 3 0 (0 + 1)(0 + 1)0(0 + 1)* 0.125 1 1((0 + 1) + (0 + 1)1)* 0.410 n 3 m 00*00(11)* 0.545 0101 (0 + 1)* 0101 (0 + 1)* 1.273

an help autoand structured uding problem eneration, and These tasks a wide variety ains including programming, d geometry. For s the output of technique for roof problems ple problem.. We have deworld applicahere are many ch IP can and ear future. Any t of high-level sts is a strong xample, the If service (http:// s end users to d programs usis an excellent on of IP. IFTTT gers (such as ) with actions message) over s Facebook. In e used to learn An Excel 2013 feature that automates repetitive string transformations using examples. Once the user performs one instance of the desired transformation (row 2, col. B) and proceeds to transforming another instance (row 3, col. B), Flash Fill learns a program Concatenate(ToLower(Substring(v,WordToken,1)), " ", ToLower(SubString(v,WordToken,2))), which extracts the first two words in input string v (col. A), converts them to lowercase, and concatenates them separated by a space character, to automate the repetitive task. FlashFill in Microsoft Excel

Synthesizing Programs [] 7! [] [[1]] 7! [[]] [[1, 3, 5], [5, 3, 2]] 7! [[3, 5], [5, 3]] [[8, 4, 7, 2], [4, 6, 2, 9], [3, 4, 1, 0]] 7! [[8, 4, 7] [4, 6, 9], [3, 4, 1]] 2.2 Transforming trees dropmins x = map f x where f y = filter g y where g z = foldl h False y where h t w = t (w < z)

Summary Many real problems are unsolvable by algorithms They can be approximately but usefully solved

Announcement Last class: 6/7 (Tuesday) Final exam: 6/9 (Thursday) in class

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback