Byron Cook: Inside Terminator

Posted By: Charles | Sep 13th, 2007 @ 2:24 PM | 15,960 Views | 8 Comments
A few months ago, I interviewed Byron Cook, a researcher at MSR Cambridge, about his work on Terminator, which is a proof-based analysis tool used for proving that good things will eventually happen in unmanaged code paths. That is, it's a very good thing for code to stop executing eventually otherwise system hangs occur (drivers are the number one cause of system hangs and other undesirable system-wide problems).

Terminator is designed to help developers find bugs in their code that cause non-terminating execution. Many of you provided feedback after the last interview that Byron should have gone a bit deeper into the technology, including whiteboarding proofs. Well, he was recently in Redmond and agreed to be the next participant in Going Deep

Here we dig into the details of Terminator on the whiteboard and even see a demo of Terminator running over some DDK (Driver Development Kit) sample C code.

Fasten your seat belts. We do jump head first into the rabbit hole.

Enjoy! 


PS: The Download file (pointed to from the Download button below) was encoded at 512Kbs. If you want a higher bit rate file you can click here.
Media Downloads:
Rating:
0
0
#Sep 14th, 2007 @ 1:58 AM
Massif
Massif
aim stupidly high, expect to fail often.
Interesting stuff, Byron does a good job of making it comprehensible. Now if only the same tools could be used for .NET... (I know, I know, I'm dreaming. Perhaps in a few years time?)

It looks like there will soon be very few excuses for not having reliable device drivers at least though!
#Sep 16th, 2007 @ 2:45 PM
ilmar
ilmar
Great video. I remember reading a piece some time ago about militairy software, and proofing correct operation of it. If I remember correctly, they where able to proof the complete application/system, not just the device drivers. Now I wander if maybe there are programming languages for which it is much easier to find proof of correct functioning that it is for c(++)?
#Sep 17th, 2007 @ 1:35 AM
Turtle
Turtle
really interesting. it reminded me of computer science at university.
#Sep 17th, 2007 @ 5:04 AM
mwirth
mwirth
ilmar, you need to keep in mind that provable systems for the military and other safety critical applications (especially subsystems on airplanes) are written in a subset of the ADA language called SPARK. they got rid of possibly dangerous or hard to proof constructs and added annotations for static verifiers (a bit like SAL in the microsoft sdks but more elaborate) which resulted in a language that facilitates proofs.
you might want to read up a bit on ada and spark: it's a fascinating world for die-hard c++ programmers especially.

cheers,
martin
#Oct 22nd, 2007 @ 2:01 AM
Pon
Pon

Regarding X > 0 && Y > 0: What about passing in positive infinities?
#Feb 7th, 2008 @ 8:27 AM
ivan_
ivan_
to the above post. You can't pass an infinite positive in a system which can represent only finite numbers, however the different permutations of the state transitions could be infinite (or at least of a much larger order), so hence the point can you terminate the state transitions passing a finite number.

Anyways, Byron made a typo:

he was trying to prove
(x>0 && y>0 && x`=x && y`=y-1)
                        ||
(x>0 && y>0 && y`=y-1 && x`=x)

what should be is the following, because the above two are the same, unless I forgot boolean algebra:

(x>0 && y>0 && x`=x && y`=y-1)
                        ||
(x>0 && y>0 && x`=x-1 && y`=y)

Great stuff, I miss that in my day-to-day .NET life Smiley
#May 24th, 2008 @ 11:04 AM
jdkleban
jdkleban

You mention a great blog article by a Chris Broom in the video, but I'm unable to find it.  Do I have the name right?  Can someone post a link?

Thanks,

Jason
#Jul 31st, 2008 @ 11:34 AM
codism
codism
Sounds like halting problem is no longer a problem?
Microsoft Communities