This AFQ (Anticipated Frequent Questions) should cover most of your questions. Please only ask questions after you’ve read the document below and not found a response to your query.
Q: Will the professor remain the same throughout the semester?
Yes. This year, Shriram will teach the whole course.
Q: I hear rumors of a new format. Why are you changing a successful course?
In your day-to-day work, you are going to confront numerous programming languages: new ones are created almost daily, and you never know which new language will become really important in your work. You therefore need the ability to rapidly dive into new languages and understand them.
However, you haven’t really been exposed to a useful mental landscape that lets you quickly understand a new language. This usually comes through practice and experience, combined with a knowledge of various points in the space of language design.
The old style of cs173 was (we believe) good at helping you understand a few points in the design space really well. But it didn’t cover enough of the space, nor did it give you practice with rapidly exploring a large space of designs. We’ve therefore come up with a radically new way of running the course that we hope will address this problem.
Q: How much time will things take?
We ask that if you spend more than five hours on a homework, stop; talk to the course staff; make sure you’re on the right track. We may tell you you’re on the right track and to continue; we may tell you you’re on the wrong path and help set you right; or we may tell you you’ve gotten the point of the assignment and should stop.
Q: So what’s going to be different?
The most important thing is to make you understand that approaching a new language requires a security mindset, and that’s what we want the course to inculcate. It won’t be about computer security per se, but it will be the mindset that comes with it: of probing, asking questions, looking for ways in which things might not fit together, etc.
We will achieve this through a series of what we call mystery language (ML) assignments. In an ML assignment, you are given a new language feature’s syntax and a very loose description of it. The assignment will contain (usually) three different languages that contain that new feature, each presented in terms of a black-box implementation of that language. Each language will contain this new feature but will define it to behave in a somewhat different way. You will need to use the implementations to explore how the feature varies across the languages and try to pin down the differences precisely.
These differences have all been chosen because they have significant consequences, and the class after the homework comes due, we will discuss them. Note that in the above example, to find these differences, you needed to “think like an attacker”: ask what the arrays do not when you use them as intended but rather when you use them erroneously. Of course, many ML assignments have nothing to do with errors, but it is wise to remember that those are also worth checking.
Write a small suite of (one or more) programs, which we call a classifier, that tell the languages apart. That is, each program in the suite produces different outputs on at least two of the implementations, and across the suite, you can tell all three apart.
Since these small programs are meant to be illustrative, it helps to make them relatively small. At the same time, you will not be rewarded by trying to cleverly wire them all together into a single program: that can sometimes be really hard to understand. If you spot two or three conceptual differences, try to express them in different programs. Imagine you’re trying to explain your findings to another human being, not just impress them with your cleverness.
Write a small textual description of what you think is the difference between the languages, focusing on the new feature and its interaction with the existing features. This should not just be a textual rewriting of the classifier, but rather an attempt to synthesize what you’ve learned and describe the difference in high-level terms.
There will still be some implementation. There will be five implementation-oriented assignments, but only one of them will be an interpreter. The idea behind them is to help you understand that there’s a particular pattern followed by pretty much all programs that process other programs. That’s what you will learn and practice.
Q: Were there other issues you were trying to address?
The course was a little too helpful to cs017 students (and to a lesser extent, cs019 students), and disadvantaged cs015 students. Though we’ve tried various mitigations over the years, they have worked only somewhat. The new change addresses that significantly.
The course was a little too much focused on implementation, whereas that’s really the domain of a course on compilers. We wanted to reduce the emphasis on implementation of languages and increase the emphasis on understanding them.
Q: What are “Core”, “Advanced”, and “Prank”?
In the mystery language assignments, you may see the different languages labeled differently. Every assignment has (usually three) Core languages. These reflect the most common or important variations in these features. The array dereference example described above presents three such variations.
Sometimes, there are variations that have made it into real languages but are less important or harder to find. We label these Advanced. For instance, in array dereferencing, a negative index, instead of being an error, could mean “that many indices from the end of the array”. We would consider this an Advanced (but a somewhat straightforward one for people familiar with certain languages that have this behavior). Before you tackle any Advanceds, make sure you’ve nailed down the differences between the Cores! Also, be aware that the Advanceds may take a little or a lot more time than a core.
On very rare instances, an assignment might also have Prank languages. This is usually us re-implementing for you especially bizarre behaviors found in some language. You should only try to classify these languages if you’re really bored or really want to show off your language hacking skills. (Under no circumstances will we expect you to get any of them to get an A in the course.) As an example, there was once a bug in a well-known browser where dereferencing the index -6 would return the value of eval, a dangerous primitive that many Web sandboxes do their best to hide. If we were to provide an implementation of this, we’d certainly classify it as a Prank.
Q: Have you done this before?
No. It’s an experiment. In fact, we don’t know of a course anywhere else, either, that does something exactly like this.
Of course, we’ve put a lot of thought into this and think we understand the benefits and pitfalls. We therefore think it’ll go well. We’re pretty confident that even if it doesn’t go exactly to plan, you will learn enough from it that it’ll have been worth the while.
However, as with all experiments, some things might not go exactly to plan. We want your thoughts and will take your feedback very seriously. But please do be a bit patient as we work it out.
Q: Can you make me feel good about participating in an experiment?
Sure. You’re at a research university, not an undergrad-only liberal arts college. We constantly innovate in both research and education. Some attempts at innovation fail. Others, after a few tries, become wildly successful, and are adopted later by many other institutions—
Also, cs173 has made numerous experiments along the way, and most of them have worked very well.
Q: I have a question not answered above! Where do I send it?
A: Address it to the professor.