Docstoc

oo

Document Sample
oo Powered By Docstoc
					            CSE 637

Program Semantics and Verification
             Reactive Systems
•   Examples:
    Operating Systems
    Embedded Systems (e.g. Heart Stimulator)
    Protocols


•   Main Characteristics:
    Termination is rather an error than a desired outcome.


          Program                Environment
     Properties of Reactive Systems

• Safety Property
  Something BAD never happens.
  Checking safety property is same as checking if a BAD
  state is ever reachable.
  Example: It never happens that all traffic lights are
  simultaneously green.


• Liveness Property
  Something GOOD should eventually happen.
               Verification Problem
• Problem Statement:
  Given : A program P, and a property φ.
  Prove : Whether P satisfies φ.

• Examples of Properties:




                                                              Complexity of Property
  - Program is syntactically correct.
    (BNF)
  - Program is type correct (type checking).
    (AST, Rules)
  - Array type: array (index) out of bound.
    (Symbolic execution)
    a [u + 3*v] = 5, evaluate (u+3*v)
  - All cars are going to eventually pass the intersection.
                  Compiler Passes



String         String
                                 AST Intermediate 3AC    Control/
of             of
       scanner tokens   parser           code           data-flow
chars
                                      generation         analysis
         Compiler Passes (contd.)

• if a > b then x = 1 else x = x + 1
                            scanner
    id op id                id op cnst    id op id op cnst
• if a > b then x = 1 else x = x + 1
                            parser

                     if then else


             >          =         =

         a       b    x 1     x       +
                                    x 1
Example: Reaching Definitions
                                           b0
while i > 0 do                       i>0
                            false               b1
1. x = a          b9                true
                                     x=a        b2
2. y = b
     if (a > b)                      y=b        b3

3.     x=c
                                     a>b         b4
     else              b5                             b6
4.      y=d            x=c                       y=d

5. i = i – 1                               b7
od
                                    i = i - 1 b8
Example: Reaching Definitions (contd.)
while i > 0 do              gen(b0) = gen(b1) = gen(b4) = gen(b7) = Ø

1. x = a                    kill(b0) = Ø

2. y = b                    gen(b2) = {1}, kill(b2) = {3}
                            gen(b3) = {2}, kill(b3) = {4}
     if (a > b)
                            gen(b5) = {3}, kill(b5) = {1}
3.     x=c
                            gen(b6) = {4}, kill(b6) = {2}
     else
                            gen(b8) = {5}, kill(b7) = Ø
4.      y=d
                  in
5. i = i – 1
                               gen
od                b                        out(b) = gen(b) U (in(b) – kill(b))
                               kill
                      out
            Reaching Definitions Algorithm
Input: CFG with gen[B], kill[B] computed for each block B.
Output: in[B], out[B] for each block B.
Method: iterative least fixpoint computation starting with in[B] = Ø.

/* Initialize out[B] on the assumption that in[B] = Ø for all B */

(1)   for each block B do out[B] := gen[B]; end;
(2)   change := true;
(3)   while change do begin                    /* fixpoint iteration */
(4)     change := false;
(5)     for each block B do begin              /* graph traversal */
                in[B] := Up in pred(B) out[p];
                oldout := out[B];
                out[B] := gen[B] U (in[B] – kill[B]);
                if ( out[B] ≠ oldout ) then change := true;
        end;
      end;

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:0
posted:2/14/2012
language:
pages:9