From 8f6855b0a106f7598bef3c5fd61556917868b842 Mon Sep 17 00:00:00 2001 From: Daniel Patterson Date: Mon, 18 Mar 2019 10:15:45 -0400 Subject: [PATCH] Tweaks to course website --- _site/courses/verifcomp/index.html | 33 ++++++--------- courses/verifcomp.markdown | 65 +++++++++++++++--------------- 2 files changed, 45 insertions(+), 53 deletions(-) diff --git a/_site/courses/verifcomp/index.html b/_site/courses/verifcomp/index.html index 570769a..27125a8 100644 --- a/_site/courses/verifcomp/index.html +++ b/_site/courses/verifcomp/index.html @@ -35,33 +35,24 @@

Verified Compilers and Multi-Language Software

-

Why this course?

+

Why this course?

“Can you trust your compiler?” — Xavier Leroy, developer of the Compcert verified C compiler

-

Software is written in a variety of languages, and in many cases, in order to run, it must be compiled down to some lower-level target. But what if that compiler isn’t correct? Compilers are some of the trickier pieces of software we build, and yet bugs in them can be insidious, as bugs in compilers mean that one of our most basic debugging strategies, reading source code, may not be helpful, since the source may have been miscompiled.

-

We want, essentially, the compiler to be invisible. But it can only truly be invisible if we can be sure that it does exactly what we expect: if we have proved it correct. Colliding with the field of verified compilation is the question of how different languages should be able to interact – that interaction, or linking, happens after compilation, in the lower-level target language. But the goal is to write source-level programs, not thinking about how our various languages compile, and so again, we want the compiler to be invisible.

-

These are our high-level motivations. The course itself, while motivated with these problems, will be quite low-level: we will be building languages, compilers, and proving them correct.

-

How will the course be structured?

-

Part 1. We want to produce verified compilers, and so we will use one of the state-of-the-art tools used for this: the Coq proof assistant. This system allows us to write functional programs and prove properties about them; afterwards we can extract runnable versions of the verified programs. The first section of the course will be dedicated to learning Coq and becoming familiar with the process of mechanized proof – that is, proofs that are checked by a machine. The text that we will use for this section of the course is “Programs and Proofs” by Ilya Sergey.

+

Software is written in a variety of languages, and in most cases, in order to run, it must be compiled down to some lower-level target. But what if that compiler isn’t correct? Compilers are some of the trickier pieces of software we build, and yet bugs in them are insidious: bugs in compilers mean that one of our most basic debugging strategies, reading source code, may not be helpful, since what ran may not correspond to that source code!

+

In this setting, we must worry about what the compiler does and how our programs are translated to the target. Much better if the compiler were, essentially, invisible — if the source code fully specified what would happen. But a compiler can only truly be invisible if we can be sure that it does exactly what we expect: if we are sure it is correct. To be absolutely sure, we must prove it correct, and build a verified compiler.

+

Colliding with the field of verified compilation is the question of how different languages should be able to interact – that interaction, or linking, happens after compilation, in the lower-level target language. But the goal is to write source-level programs, not think about how our various languages compile, and so again, we are left wanting an invisible compiler, a verified compiler.

+

These are our high-level motivations. The course itself, while motivated with these problems, will be very grounded: we will be building languages, compilers, and proving them correct.

+

How will the course be structured?

+

Part 1. We want to produce verified compilers, and so we will use one of the state-of-the-art tools used for this: the Coq proof assistant. This system allows us to write functional programs, like compilers, and prove properties about them; afterwards we can extract runnable versions of the verified programs. The first section of the course will be dedicated to learning Coq and becoming familiar with the process of mechanized proof — that is, proofs that are checked by a machine. The text that we will use for this section of the course is “Programs and Proofs” by Ilya Sergey.

Part 2. This part of the course will involve designing, in groups, different source languages. These will all likely be simple functional languages, and we will do plenty of design review to ensure that the language design you pick will not cause too much difficulty later on.

Part 3. The final part will involve building and proving correct compilers from your language to a common low-level target language. All the languages will compile to the same target language, and so once we have compilers, and concurrent with the verification effort, you will experiment building small programs that use a mixture of different student languages.

-

A note on collaboration

-

This will be a highly collaborative course. For the first section, the actual assignments will be done individually, to ensure that you get sufficient practice with theorem-proving, as proof assistants like Coq are not something you can learn without using. Even so, we expect and encourage people to work together throughout the course, provided that the actual work they submit is their own. Once the first section ends, the course will truly become a large collaboration. All of our compilers will be worked on in a shared repository, and while you will be assessed on and be responsible for understanding your own compiler, all are welcome to help any of their classmates. We will do also do group reviews or reviews of one group by another.

-

Requirements

+

A note on collaboration

+

This will be a highly collaborative course. For the first section, the actual assignments will be done individually, to ensure that you get sufficient practice with theorem-proving, as proof assistants like Coq are not something you can learn without using. Even so, we expect and encourage people to work together throughout the course, beyond just the teams you are working in, provided that the actual work you submit is you own. Once the first section ends, the course will truly become a large collaboration. All of our compilers will be worked on in a shared repository, and while you will be assessed on and be responsible for understanding your own compiler, all are welcome to help any of your classmates. We will do also do group reviews or reviews of one group by another.

+

Requirements

Intended for advanced undergraduates, you would be well prepared by either having taken CS4400 (programming languages) or CS4410 (compilers). However, if you are interested and haven’t taken either, please reach out to the instructor. Additionally, familiarity with typed functional languages (e.g., Scala, Haskell, or OCaml) would be helpful, as would any exposure to formal proof in mathematics.

-

Other question? Something not clear?

-

Please reach out to the instructor:

- - - - - - - - - -
Daniel Patterson
dbp@dbpmail.net
+

Other question? Something not clear?

+

Please reach out to the instructor: Daniel Patterson (dbp@dbpmail.net)



diff --git a/courses/verifcomp.markdown b/courses/verifcomp.markdown index 0441880..6e8926a 100644 --- a/courses/verifcomp.markdown +++ b/courses/verifcomp.markdown @@ -11,38 +11,43 @@ Office WVH 308 -------- ------ -### Why this course? +### **Why this course?** > “Can you trust your compiler?” > — Xavier Leroy, developer of the Compcert verified C compiler -Software is written in a variety of languages, and in many cases, in order to +Software is written in a variety of languages, and in most cases, in order to run, it must be compiled down to some lower-level target. **But what if that compiler isn't correct?** Compilers are some of the trickier pieces of software -we build, and yet bugs in them can be insidious, as bugs in compilers mean that +we build, and yet bugs in them are insidious: bugs in compilers mean that one of our most basic debugging strategies, reading source code, may not be -helpful, since the source may have been miscompiled. - -We want, essentially, the compiler to be invisible. But it can only truly be -invisible if we can be sure that it does exactly what we expect: if we have -proved it correct. Colliding with the field of verified compilation is the -question of how different languages should be able to interact -- that -interaction, or linking, happens after compilation, in the lower-level target -language. But the goal is to write source-level programs, not thinking about how -our various languages compile, and so again, we want the compiler to be -invisible. +helpful, since what ran may not correspond to that source code! + +In this setting, we must worry about what the compiler does and how our programs +are translated to the target. Much better if the compiler were, essentially, +invisible --- if the source code fully specified what would happen. But a +compiler can only truly be invisible if we can be sure that it does exactly what +we expect: if we are sure it is correct. To be absolutely sure, we must prove it +correct, and build a _verified_ compiler. + +Colliding with the field of verified compilation is the question of how +different languages should be able to interact -- that interaction, or linking, +happens after compilation, in the lower-level target language. But the goal is +to write source-level programs, not think about how our various languages +compile, and so again, we are left wanting an invisible compiler, a verified +compiler. These are our high-level motivations. The course itself, while motivated with -these problems, will be quite low-level: we will be **building languages, +these problems, will be very grounded: we will be **building languages, compilers, and proving them correct**. -### How will the course be structured? +### **How will the course be structured?** **Part 1.** We want to produce verified compilers, and so we will use one of the state-of-the-art tools used for this: the [Coq proof assistant](https://coq.inria.fr/). This system -allows us to write functional programs and prove properties about them; +allows us to write functional programs, like compilers, and prove properties about them; afterwards we can extract runnable versions of the verified programs. The first section of the course will be dedicated to learning Coq and becoming familiar -with the process of _mechanized_ proof -- that is, proofs that are checked by a +with the process of _mechanized_ proof --- that is, proofs that are checked by a machine. The text that we will use for this section of the course is ["Programs and Proofs" by Ilya Sergey](https://ilyasergey.net/pnp). @@ -57,20 +62,21 @@ compile to the same target language, and so once we have compilers, and concurrent with the verification effort, you will experiment building small programs that use a mixture of different student languages. -### A note on collaboration +### **A note on collaboration** This will be a highly collaborative course. For the first section, the actual assignments will be done individually, to ensure that you get sufficient practice with theorem-proving, as proof assistants like Coq are not something you can learn without using. Even so, we _expect and encourage people to work -together throughout the course_, provided that the actual work they submit is -their own. Once the first section ends, the course will truly become a large -collaboration. All of our compilers will be worked on in a shared repository, -and while you will be assessed on and be responsible for understanding your own -compiler, all are welcome to help any of their classmates. We will do also do -group reviews or reviews of one group by another. +together throughout the course_, beyond just the teams you are working in, +provided that the actual work you submit is you own. Once the first section +ends, the course will truly become a large collaboration. All of our compilers +will be worked on in a shared repository, and while you will be assessed on and +be responsible for understanding your own compiler, all are welcome to help any +of your classmates. We will do also do group reviews or reviews of one group by +another. -### Requirements +### **Requirements** Intended for advanced undergraduates, you would be well prepared by either having taken CS4400 (programming languages) or CS4410 (compilers). However, if you are interested and haven't taken either, **please reach out to the instructor**. @@ -79,13 +85,8 @@ or OCaml) would be helpful, as would any exposure to formal proof in mathematics. -### Other question? Something not clear? - -Please reach out to the instructor: +### **Other question? Something not clear?** ---------- -Daniel Patterson -[dbp@dbpmail.net](mailto:dbp@dbpmail.net) ---------- +Please reach out to the instructor: Daniel Patterson ([dbp@dbpmail.net](mailto:dbp@dbpmail.net))