Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bugs in the Wires or, An Exercise in Language Design David Gay Intel Research Berkeley.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Bugs in the Wires or, An Exercise in Language Design David Gay Intel Research Berkeley."— Presentation transcript:

1 Bugs in the Wires or, An Exercise in Language Design David Gay Intel Research Berkeley

2 Introduction Observation 1: debugging sensor network programs is hard Observation 1: debugging sensor network programs is hard Observation 2: nesC makes wiring, i.e., connecting components of a nesC program, easy; this also means that it’s easy to miswire Observation 2: nesC makes wiring, i.e., connecting components of a nesC program, easy; this also means that it’s easy to miswire example 1: forgetting to wire initialisation code example 1: forgetting to wire initialisation code example 2: mistakenly wiring components together twice example 2: mistakenly wiring components together twice Goal: add a simple language extension to catch these kinds of errors Goal: add a simple language extension to catch these kinds of errors

3 Background: Modules and Wiring module BlinkM { provides interface Init; provides interface Init; uses interface Timer; uses interface Timer;} implementation { command Init.init() { command Init.init() { call Timer.setRate(); call Timer.setRate(); } event Timer.fired() { } event Timer.fired() { }} interface Init { command init(); command init();} interface Timer { command setRate(); command setRate(); event fired(); event fired();} Interfaces are bi-directional. BlinkM can call setRate and must implement init and fired. BlinkM Init.init Timer.fired Timer.setRate C functions function calls

4 Background: Configurations configuration Blink { provides interface Init; provides interface Init;} implementation { components TimerM, BlinkM; components TimerM, BlinkM; Init = BlinkM.Init; Init = BlinkM.Init; BlinkM.Timer -> TimerM.Timer; BlinkM.Timer -> TimerM.Timer;} interface Init { command init(); command init();} Init.init Blink interface Timer { command setRate(); command setRate(); event fired(); event fired();} TimerM Timer.fired BlinkM Init.init Timer.fired Timer.setRate

5 Wiring Graph is Very Flexible Can build nearly arbitrary graphs, except: Can build nearly arbitrary graphs, except: module function nodes have 0-outdegree module function nodes have 0-outdegree module call nodes have 0-indegree module call nodes have 0-indegree

6 Wiring Bug Examples BlinkM’s provided Init interface not wired BlinkM’s provided Init interface not wired  BlinkM never gets initialised BlinkM’s provided Init interface wired twice BlinkM’s provided Init interface wired twice possible incorrect behaviour possible incorrect behaviour provided Timer interface non-shareable, wired twice provided Timer interface non-shareable, wired twice  incorrect behaviour (wrong rate in one user) used split-phase interface wired twice used split-phase interface wired twice ex: interface Send { command send(); event sendDone(); } ex: interface Send { command send(); event sendDone(); }  two responses on every request, will misbehave

7 Component Graph Example (1)

8 Component Graph Example (2)

9 Wiring Bugs: The Fix BlinkM’s provided Init interface not wired BlinkM’s provided Init interface not wired  BlinkM never gets initialised BlinkM’s provided Init interface wired twice BlinkM’s provided Init interface wired twice possible incorrect behaviour possible incorrect behaviour provided Timer interface non-shareable, wired twice provided Timer interface non-shareable, wired twice  incorrect behaviour (wrong rate in one user) used split-phase interface wired twice used split-phase interface wired twice ex: interface Send { command send(); event sendDone(); } ex: interface Send { command send(); event sendDone(); }  two responses on every request, will misbehave Fixes: restrict wiring cardinality Fixes: restrict wiring cardinality ≥ 1 = 1 ≤ 1 = 1

10 Wiring Bugs: The Fix module BlinkM { provides interface Init @atleastonce; provides interface Init @atleastonce; uses interface Timer @exactlyonce; uses interface Timer @exactlyonce;} implementation { command Init.init() { command Init.init() { call Timer.setRate(); call Timer.setRate(); } event Timer.fired() { } event Timer.fired() { }} @ : new syntax for annotations (see Java 1.5) @ : new syntax for annotations (see Java 1.5) atmostonce, atleastonce, exactlyonce : atmostonce, atleastonce, exactlyonce : wiring annotations on provided, used interfaces wiring annotations on provided, used interfaces apply to each function in an interface apply to each function in an interface imply a global check on program’s wiring graph imply a global check on program’s wiring graph

11 Bugs in Language Design What do the annotations mean? What do the annotations mean? Obvious proposal: node in/out degree Obvious proposal: node in/out degree ≤1

12 Bugs in Language Design What do the annotations mean? What do the annotations mean? Obvious proposal: node in/out degree Obvious proposal: node in/out degree “Correct” answer appears to be: “Correct” answer appears to be: provided functions: number of paths to this function provided functions: number of paths to this function used functions: number of paths from this function call used functions: number of paths from this function call ≤1

13 Another Problem What does this mean in a configuration? What does this mean in a configuration? Is this program right? wrong? Is this program right? wrong? provides interface Init @≤1

14 Another Problem What does this mean in a configuration? What does this mean in a configuration? Is this program right? wrong? Is this program right? wrong? Proposal: correct rule is: Proposal: correct rule is: provided function: check number of paths to this node provided function: check number of paths to this node used function: check number of paths from this node used function: check number of paths from this node note: for bi-directional interfaces, this means that you check both the paths to and from the node note: for bi-directional interfaces, this means that you check both the paths to and from the node provides interface Init @≤1

15 Does this do all we want? Matched request/reply makes split-phase programs simpler Matched request/reply makes split-phase programs simpler  Let’s use exactlyonce ! module Simple { uses interface Send; uses interface Send;} implementation { int state; int state; void somefn() { void somefn() { state = SENDING; state = SENDING; call Send.send(); call Send.send(); } event Send.sendDone() { event Send.sendDone() { if (state == SENDING) … if (state == SENDING) … }} interface Send { command send(); command send(); event sendDone(); event sendDone();}

16 Does this do all we want? Matched request/reply makes split-phase programs simpler Matched request/reply makes split-phase programs simpler  Let’s use exactlyonce ! Code is simpler Code is simpler module Simple { uses interface Send uses interface Send @exactlyonce; @exactlyonce;} implementation { void somefn() { void somefn() { call Send.send(); call Send.send(); } event Send.sendDone() { event Send.sendDone() { … }} interface Send { command send(); command send(); event sendDone(); event sendDone();}

17 Does this do all we want? Matched request/reply makes split-phase programs simpler Matched request/reply makes split-phase programs simpler  Let’s use exactlyonce ! Code is simpler Code is simpler Check is insufficient  Check is insufficient  module Simple { uses interface Send uses interface Send @exactlyonce; @exactlyonce;} implementation { void somefn() { void somefn() { call Send.send(); call Send.send(); } event Send.sendDone() { event Send.sendDone() { … }} Simple =1 send sendDone interface Send { command send(); command send(); event sendDone(); event sendDone();}

18 Conclusion Wiring bugs are hard to find Wiring bugs are hard to find Some of these bugs can be caught with annotations that restrict paths in the wiring graph: Some of these bugs can be caught with annotations that restrict paths in the wiring graph: atleastonce : at least one path to/from here atleastonce : at least one path to/from here atmostonce : at most one path to/from here atmostonce : at most one path to/from here exactlyonce : exactly one path to/from here exactlyonce : exactly one path to/from here Does not cover all needs Does not cover all needs could add singlepath : all nodes in path have in/out degree at most one could add singlepath : all nodes in path have in/out degree at most one The annotation syntax will be in nesC 1.2, and will be user-extensible (see Java 1.5 specification for general idea) The annotation syntax will be in nesC 1.2, and will be user-extensible (see Java 1.5 specification for general idea)

Download ppt "Bugs in the Wires or, An Exercise in Language Design David Gay Intel Research Berkeley."

Similar presentations

How to use TinyOS Jason Hill Rob Szewczyk Alec Woo David Culler An event based execution environment for Networked Sensors.

How to use TinyOS Jason Hill Rob Szewczyk Alec Woo David Culler An event based execution environment for Networked Sensors.
Applications of Synchronization Coverage A.Bron,E.Farchi, Y.Magid,Y.Nir,S.Ur Tehila Mayzels 1.

Applications of Synchronization Coverage A.Bron,E.Farchi, Y.Magid,Y.Nir,S.Ur Tehila Mayzels 1.
NesC Prepared for the Multimedia Networks Group University of Virginia.

NesC Prepared for the Multimedia Networks Group University of Virginia.
NesC: A Programming Language for Motes David Gay, Phil Levis, Eric Brewer, Rob von Behren, Nikita Borisov, Mike Chen, David Culler Intel Research, UC Berkeley.

NesC: A Programming Language for Motes David Gay, Phil Levis, Eric Brewer, Rob von Behren, Nikita Borisov, Mike Chen, David Culler Intel Research, UC Berkeley.
Telecooperation/RBG Technische Universität Darmstadt Copyrighted material; for TUD student use only Introduction to Computer Science I Topic 16: Exception.

Telecooperation/RBG Technische Universität Darmstadt Copyrighted material; for TUD student use only Introduction to Computer Science I Topic 16: Exception.
Programming Types of Testing.

Programming Types of Testing.
Introduction to BizAgi. Slide 2 User Interface (Summary) The user interface for BizAgi resembles Office It uses a similar ribbon The Palette contains.

Introduction to BizAgi. Slide 2 User Interface (Summary) The user interface for BizAgi resembles Office It uses a similar ribbon The Palette contains.
TinyOS Introduction Advanced Computer Networks. TinyOS Outline  Introduction to the Architecture of TinyOS and nesC  Component Model –Components, interfaces,

TinyOS Introduction Advanced Computer Networks. TinyOS Outline  Introduction to the Architecture of TinyOS and nesC  Component Model –Components, interfaces,
Systems Wireless EmBedded nesC Update Eric Brewer with help from David Culler, David Gay, Phil Levis, Rob von Behren, and Matt Welsh.

Systems Wireless EmBedded nesC Update Eric Brewer with help from David Culler, David Gay, Phil Levis, Rob von Behren, and Matt Welsh.
1 Efficient Memory Safety for TinyOS Nathan Cooprider Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing † Intel Research.

1 Efficient Memory Safety for TinyOS Nathan Cooprider Will Archer Eric Eide David Gay † John Regehr University of Utah School of Computing † Intel Research.
Incremental Network Programming for Wireless Sensors NEST Retreat June 3 rd, 2004 Jaein Jeong UC Berkeley, EECS Introduction Background – Mechanisms of.

Incremental Network Programming for Wireless Sensors NEST Retreat June 3 rd, 2004 Jaein Jeong UC Berkeley, EECS Introduction Background – Mechanisms of.
GIIS’07 – Marrakech 3 rd July 2007 Behavioural Specification of Wireless Sensor Network Applications Nelson S Rosa and Paulo R F Cunha Universidade Federal.

GIIS’07 – Marrakech 3 rd July 2007 Behavioural Specification of Wireless Sensor Network Applications Nelson S Rosa and Paulo R F Cunha Universidade Federal.
16-Jun-15 Exceptions. Errors and Exceptions An error is a bug in your program dividing by zero going outside the bounds of an array trying to use a null.

16-Jun-15 Exceptions. Errors and Exceptions An error is a bug in your program dividing by zero going outside the bounds of an array trying to use a null.
7/13/2007AIIT Summer Course - D#1 Wireless Embedded Systems and Networking Lab Day 5: Part 1: TinyOS Programming on Open Source Distribution Jaein Jeong.

7/13/2007AIIT Summer Course - D#1 Wireless Embedded Systems and Networking Lab Day 5: Part 1: TinyOS Programming on Open Source Distribution Jaein Jeong.
Random Testing of Interrupt-Driven Software John Regehr University of Utah.

Random Testing of Interrupt-Driven Software John Regehr University of Utah.
Exceptions. Errors and Exceptions An error is a bug in your program –dividing by zero –going outside the bounds of an array –trying to use a null reference.

Exceptions. Errors and Exceptions An error is a bug in your program –dividing by zero –going outside the bounds of an array –trying to use a null reference.
Programming Motes A TinyOS and TOSSIM Tutorial By: Brent Rood.

Programming Motes A TinyOS and TOSSIM Tutorial By: Brent Rood.
Development of a Mica2 Mote Sensor Network Cliff Macklin Bill Ehrbar December 8, 2004 University of Colorado, Colorado Springs.

Development of a Mica2 Mote Sensor Network Cliff Macklin Bill Ehrbar December 8, 2004 University of Colorado, Colorado Springs.
Modules in UHC A proposal by: Tom Hofte & Eric Eijkelenboom.

Modules in UHC A proposal by: Tom Hofte & Eric Eijkelenboom.
2008EECS194-51 Embedded Network Programming nesC, TinyOS, Networking, Microcontrollers Jonathan Hui University of California, Berkeley.

2008EECS Embedded Network Programming nesC, TinyOS, Networking, Microcontrollers Jonathan Hui University of California, Berkeley.

Similar presentations

Ads by Google