| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Thu, 11 Dec 2014 23:51:08 +0000 | |
| changeset 351 | cd8d18f7b7ac |
| parent 350 | 54d6fc856950 |
| child 352 | da5713bcdbb0 |
| permissions | -rw-r--r-- |
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
1 |
\documentclass{article}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
2 |
\usepackage{../style}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
3 |
\usepackage{../langs}
|
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
4 |
\usepackage{../graphics}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
5 |
\usepackage{../grammar}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
6 |
\usepackage{multicol}
|
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
7 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
8 |
\begin{document}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
9 |
|
|
335
06d5fc15594d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
276
diff
changeset
|
10 |
\section*{Handout 9 (Static Analysis)}
|
|
06d5fc15594d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
276
diff
changeset
|
11 |
|
|
06d5fc15594d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
276
diff
changeset
|
12 |
If we want to improve the safety and security of our programs, |
|
337
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
13 |
we need a more principled approach to programming. Testing is |
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
14 |
good, but as Dijkstra famously wrote: |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
15 |
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
16 |
\begin{quote}\it
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
17 |
``Program testing can be a very effective way to show the |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
18 |
\underline{\smash{presence}} of bugs, but it is hopelessly
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
19 |
inadequate for showing their \underline{\smash{absence}}.''
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
20 |
\end{quote}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
21 |
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
22 |
\noindent While such a more principled approach has been the |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
23 |
subject of intense study for a long, long time, only in the |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
24 |
past few years some impressive results have been achieved. One |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
25 |
is the complete formalisation and (mathematical) verification |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
26 |
of a microkernel operating system called seL4. |
|
337
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
27 |
|
|
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
28 |
\begin{center}
|
|
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
29 |
\url{http://sel4.systems}
|
|
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
30 |
\end{center}
|
|
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
31 |
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
32 |
\noindent In 2011 this work was included in the MIT Technology |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
33 |
Review in the annual list of the world’s ten most important |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
34 |
emerging |
|
337
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
35 |
technologies.\footnote{\url{http://www2.technologyreview.com/tr10/?year=2011}}
|
|
338
f1491e0d7be0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
337
diff
changeset
|
36 |
While this work is impressive, its technical details are too |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
37 |
enormous for an explanation here. Therefore let us look at |
|
337
92a718b88e14
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
335
diff
changeset
|
38 |
something much simpler, namely finding out properties about |
|
338
f1491e0d7be0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
337
diff
changeset
|
39 |
programs using \emph{static analysis}.
|
|
335
06d5fc15594d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
276
diff
changeset
|
40 |
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
41 |
Static analysis is a technique that checks properties of a |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
42 |
program without actually running the program. This should |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
43 |
raise alarm bells with you---because almost all interesting |
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
44 |
properties about programs are equivalent to the halting |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
45 |
problem, which we know is undecidable. For example estimating |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
46 |
the memory consumption of programs is in general undecidable, |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
47 |
just like the halting problem. Static analysis circumvents |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
48 |
this undecidability-problem by essentially allowing answers |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
49 |
\emph{yes} and \emph{no}, but also \emph{don't know}. With
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
50 |
this ``trick'' even the halting problem becomes |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
51 |
decidable\ldots{}for example we could always say \emph{don't
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
52 |
know}. Of course this would be silly. The point is that we |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
53 |
should be striving for a method that answers as often as |
|
347
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
54 |
possible either \emph{yes} or \emph{no}---just in cases when
|
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
55 |
it is too difficult we fall back on the |
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
56 |
\emph{don't-know}-answer. This might sound all like abstract
|
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
57 |
nonsense. Therefore let us look at a concrete example. |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
58 |
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
59 |
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
60 |
\subsubsection*{A Simple, Idealised Programming Language}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
61 |
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
62 |
Our starting point is a small, idealised programming language. |
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
63 |
It is idealised because we cut several corners in comparison |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
64 |
with real programming languages. The language we will study |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
65 |
contains, amongst other things, variables holding integers. We |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
66 |
want to find out what the sign of these integers (positive or |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
67 |
negative) will be when the program runs. This sign-analysis |
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
68 |
seems like a very simple problem, but it will turn out even |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
69 |
such simple problems, if approached naively, are in general |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
70 |
undecidable, just like Turing's halting problem. I let you |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
71 |
think why? |
|
347
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
72 |
|
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
73 |
|
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
74 |
Is sign-analysis of variables an interesting problem? Well, |
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
75 |
yes---if a compiler can find out that for example a variable |
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
76 |
will never be negative and this variable is used as an index |
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
77 |
for an array, then the compiler does not need to generate code |
|
efad8155513f
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
346
diff
changeset
|
78 |
for an underflow-test. Remember some languages are immune to |
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
79 |
buffer-overflow attacks, but they need to add underflow and |
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
80 |
overflow checks everywhere. If the compiler can omit the |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
81 |
underflow test, for example, then this can potentially |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
82 |
drastically speed up the generated code. |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
83 |
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
84 |
What do programs in our programming language look like? The |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
85 |
following grammar gives a first specification: |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
86 |
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
87 |
\begin{multicols}{2}
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
88 |
\begin{plstx}[rhs style=,one per line,left margin=9mm]
|
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
89 |
: \meta{Stmt} ::= \meta{label} \texttt{:}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
90 |
| \meta{var} \texttt{:=} \meta{Exp}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
91 |
| \texttt{jmp?} \meta{Exp} \meta{label}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
92 |
| \texttt{goto} \meta{label}\\
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
93 |
: \meta{Prog} ::= \meta{Stmt} \ldots{} \meta{Stmt}\\
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
94 |
\end{plstx}
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
95 |
\columnbreak |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
96 |
\begin{plstx}[rhs style=,one per line]
: \meta{Exp} ::= \meta{Exp} \texttt{+} \meta{Exp}
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
97 |
| \meta{Exp} \texttt{*} \meta{Exp}
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
98 |
| \meta{Exp} \texttt{=} \meta{Exp}
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
99 |
| \meta{num}
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
100 |
| \meta{var}\\
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
101 |
\end{plstx}
|
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
102 |
\end{multicols}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
103 |
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
104 |
\noindent I assume you are familiar with such |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
105 |
grammars.\footnote{\url{http://en.wikipedia.org/wiki/Backus–Naur_Form}}
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
106 |
There are three main syntactic categories: \emph{statments}
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
107 |
and \emph{expressions} as well as \emph{programs}, which are
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
108 |
sequences of statements. Statements are either labels, |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
109 |
variable assignments, conditional jumps (\pcode{jmp?}) and
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
110 |
unconditional jumps (\pcode{goto}). Labels are just strings,
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
111 |
which can be used as the target of a jump. The conditional |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
112 |
jumps and variable assignments involve (arithmetic) |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
113 |
expressions. Expressions are either numbers, variables or |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
114 |
compound expressions built up from \pcode{+}, \pcode{*} and
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
115 |
\emph{=} (for simplicity reasons we do not consider any other
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
116 |
operations). We assume we have negative and positive numbers, |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
117 |
\ldots \pcode{-2}, \pcode{-1}, \pcode{0}, \pcode{1},
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
118 |
\pcode{2}\ldots{} An example program that calculates the
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
119 |
factorial of 5 is as follows: |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
120 |
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
121 |
\begin{lstlisting}[language={},xleftmargin=10mm]
|
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
122 |
a := 1 |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
123 |
n := 5 |
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
124 |
top: |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
125 |
jmp? n = 0 done |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
126 |
a := a * n |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
127 |
n := n + -1 |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
128 |
goto top |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
129 |
done: |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
130 |
\end{lstlisting}
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
131 |
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
132 |
\noindent Each line of the program contains a statement. In |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
133 |
the first two lines we assign values to the variables |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
134 |
\pcode{a} and \pcode{n}. In line 4 we test whether \pcode{n}
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
135 |
is zero, in which case we jump to the end of the program |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
136 |
marked with the label \pcode{done}. If \pcode{n} is not zero,
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
137 |
we multiply the content of \pcode{a} by \pcode{n}, decrease
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
138 |
\pcode{n} by one and jump back to the beginning of the loop,
|
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
139 |
marked with the label \pcode{top}. Another program in our
|
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
140 |
language is shown in Figure~\ref{fib}. I let you think what it
|
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
141 |
calculates. |
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
142 |
|
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
143 |
\begin{figure}[t]
|
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
144 |
\begin{lstlisting}[numbers=none,
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
145 |
language={},xleftmargin=10mm]
|
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
146 |
n := 6 |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
147 |
m1 := 0 |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
148 |
m2 := 1 |
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
149 |
loop: |
|
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
150 |
jmp? n = 0 done |
|
346
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
151 |
tmp := m2 |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
152 |
m2 := m1 + m2 |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
153 |
m1 := tmp |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
154 |
n := n + -1 |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
155 |
goto top |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
156 |
done: |
|
5a6e8b7d20f7
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
338
diff
changeset
|
157 |
\end{lstlisting}
|
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
158 |
\caption{A mystery program in our idealised programming language.
|
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
159 |
Try to find out what it calculates! \label{fib}}
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
160 |
\end{figure}
|
|
338
f1491e0d7be0
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
337
diff
changeset
|
161 |
|
|
350
54d6fc856950
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
347
diff
changeset
|
162 |
Even if our language is rather small, it is still Turing |
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
163 |
complete---meaning quite powerful. However, discussing this |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
164 |
fact in more detail would lead us too far astray. Clearly, our |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
165 |
programming is rather low-level and not very comfortable for |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
166 |
writing programs. It is inspired by machine code, which is the |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
167 |
code that is actually executed by a CPU. So a more interesting |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
168 |
question is what is missing in comparison with real machine |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
169 |
code? Well, not much\ldots{}in principle. Real machine code,
|
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
170 |
of course, contains many more arithmetic instructions (not |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
171 |
just addition and multiplication) and many more conditional |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
172 |
jumps. We could add these to our language if we wanted, but |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
173 |
complexity is really beside the point here. Furthermore, real |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
174 |
machine code has many instructions for manipulating memory. We |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
175 |
do not have this at all. This is actually a more serious |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
176 |
simplification because we assume numbers to be arbitrary |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
177 |
precision, which is not the case with real machine code. In |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
178 |
real code basic number formats have a range and might |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
179 |
over-flow or under-flow from this range. Also the numbers of |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
180 |
variables in our programs is unlimited, while memory, of |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
181 |
course, is always limited somehow on any actual machine. To |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
182 |
sum up, our language might look very simple, but it is not |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
183 |
completely removed from practically relevant issues. |
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
184 |
|
|
351
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
185 |
|
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
186 |
\subsubsection*{An Interpreter}
|
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
187 |
|
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
188 |
Designing a language is like being god: you can say what |
|
cd8d18f7b7ac
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
350
diff
changeset
|
189 |
each part of the program should mean. |
|
276
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
190 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
191 |
\end{document}
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
192 |
|
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
193 |
%%% Local Variables: |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
194 |
%%% mode: latex |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
195 |
%%% TeX-master: t |
|
d7109c6e721d
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
196 |
%%% End: |