Patrick Dussud: Garbage Collection - Past, Present and Future
Play Byron Cook: Inside Terminator
Description
A few months ago, I
interviewed
Byron Cook, a researcher at
MSR Cambridge, about his work on
Terminator, which is a proof-based analysis tool used for proving that good things will eventually happen in unmanaged code paths. That is, it's a very good thing for code to stop executing eventually otherwise system hangs occur (drivers are the number
one cause of system hangs and other undesirable system-wide problems).
Terminator is designed to help developers find bugs in their code that cause non-terminating execution. Many of you provided feedback after the last interview that Byron should have gone a bit deeper into the technology, including whiteboarding proofs. Well, he was recently in Redmond and agreed to be the next participant in Going Deep.
Here we dig into the details of Terminator on the whiteboard and even see a demo of Terminator running over some DDK (Driver Development Kit) sample C code.
Fasten your seat belts. We do jump head first into the rabbit hole.
Enjoy!
PS: The Download file (pointed to from the Download button below) was encoded at 512Kbs. If you want a higher bit rate file you can click here.
Terminator is designed to help developers find bugs in their code that cause non-terminating execution. Many of you provided feedback after the last interview that Byron should have gone a bit deeper into the technology, including whiteboarding proofs. Well, he was recently in Redmond and agreed to be the next participant in Going Deep.
Here we dig into the details of Terminator on the whiteboard and even see a demo of Terminator running over some DDK (Driver Development Kit) sample C code.
Fasten your seat belts. We do jump head first into the rabbit hole.
Enjoy!
PS: The Download file (pointed to from the Download button below) was encoded at 512Kbs. If you want a higher bit rate file you can click here.
Download
Right click or Alt+Enter to download this episode
- MP3 (23.3 MB)
- Mid Quality WMV (184.0 MB)
- Low Quality MP4 (275.1 MB)
- High Quality MP4 (604.1 MB)
- Mid Quality MP4 (421.7 MB)
- WMV (186.0 B)
The Discussion
-
Massif Interesting stuff, Byron does a good job of making it comprehensible. Now if only the same tools could be used for .NET... (I know, I know, I'm dreaming. Perhaps in a few years time?)
It looks like there will soon be very few excuses for not having reliable device drivers at least though! -
ilmar Great video. I remember reading a piece some time ago about militairy software, and proofing correct operation of it. If I remember correctly, they where able to proof the complete application/system, not just the device drivers. Now I wander if maybe there are programming languages for which it is much easier to find proof of correct functioning that it is for c(++)? -
Turtle really interesting. it reminded me of computer science at university.
-
mwirth ilmar, you need to keep in mind that provable systems for the military and other safety critical applications (especially subsystems on airplanes) are written in a subset of the ADA language called SPARK. they got rid of possibly dangerous or hard to proof constructs and added annotations for static verifiers (a bit like SAL in the microsoft sdks but more elaborate) which resulted in a language that facilitates proofs.
you might want to read up a bit on ada and spark: it's a fascinating world for die-hard c++ programmers especially.
cheers,
martin
-
Pon Regarding X > 0 && Y > 0: What about passing in positive infinities? -
ivan_ to the above post. You can't pass an infinite positive in a system which can represent only finite numbers, however the different permutations of the state transitions could be infinite (or at least of a much larger order), so hence the point can you terminate the state transitions passing a finite number.
Anyways, Byron made a typo:
he was trying to prove
(x>0 && y>0 && x`=x && y`=y-1)
||
(x>0 && y>0 && y`=y-1 && x`=x)
what should be is the following, because the above two are the same, unless I forgot boolean algebra:
(x>0 && y>0 && x`=x && y`=y-1)
||
(x>0 && y>0 && x`=x-1 && y`=y)
Great stuff, I miss that in my day-to-day .NET life
-
jdkleban
You mention a great blog article by a Chris Broom in the video, but I'm unable to find it. Do I have the name right? Can someone post a link?
Thanks,
Jason -
codism Sounds like halting problem is no longer a problem?
More episodes in this series
Ale Contenti and Louis Lafreniere: Understanding Exceptions and When/How to Handle Them
Related episodes
Byron Cook: Terminator - Proving Good Things Will Eventually Happen
Introducing Image Watch - A VS 2012 Plug-In for C++ Image and Video Debugging
ICSE 2011: Victor Pankratius - Developing Manycore Applications with Concurrency…
Orleans: A Framework for Scalable Client+Cloud Computing
E2E: Concurrent Programming with Revisions
Developers: Rise to the Challenge at RiSE4fun.com
BTC: David Heckerman - Biology, Machines, Medicine and Physics
E2E: Erik Meijer and Leslie Lamport - Mathematical Reasoning and Distributed Systems
C9 Conversations: Yuri Gurevich On Logic, Imperative, Abstraction and Algorithms
Andrew Kennedy: F# Units of Measure
