c 0 : an imperative programming language for n00bs
DESCRIPTION
C 0 : an Imperative Programming Language for N00bs. Motivation. Intro Curriculum Redesign. Old. New. Intro Curriculum Redesign. Old. New. 15-122. Goal. Let students focus on writing correct code Good error messages Safety Fully defined behavior - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/1.jpg)
![Page 2: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/2.jpg)
C0: an Imperative Programming Language for N00bs
![Page 3: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/3.jpg)
3
MOTIVATION
![Page 4: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/4.jpg)
4
15-11015-122
15-213
15-214
15-21015-150
15-10015-121 15-211
15-212
15-21315-123
Intro Curriculum RedesignOld
New
![Page 5: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/5.jpg)
5
Python??
C
Java
MLML?
JavaJava Java
ML
CC / Perl
Intro Curriculum RedesignOld
New
![Page 6: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/6.jpg)
6
15-122
Java/Python N00bs
15-122• Data Structures• Reasoning• Unix Skills
Proto Competent
Systems Hackers
![Page 7: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/7.jpg)
7
Goal
• Let students focus on writing correct code– Good error messages– Safety– Fully defined behavior
• Only as powerful as needed for the course– Can always grow more
• Easily incorporate existing libraries
![Page 8: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/8.jpg)
8
Why not Java?
• public static void main(string[] args)
• Complex for beginners• Constraining
![Page 9: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/9.jpg)
9
Why not C?
• Still too complex for novices– Manual memory management
• Undefined semantics– Integer overflow– Division– Numerical range and representation
• Poor tools– gcc/gdb are not user friendly
![Page 10: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/10.jpg)
10
Java Environment
• APIs for graphics, sound, text, I/O– Enables interesting assignments
• Eclipse is helpful– Good error UI– Integrated debugger
![Page 11: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/11.jpg)
11
C0: REASONABLY REFINED C
![Page 12: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/12.jpg)
12
Overview
Concrete language
Abstract language
![Page 13: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/13.jpg)
13
Booleans and Integers
bool x = true;bool y = !x && (z > 0);• Required for all control flow checksint z = 4 + 9 / 0;• Signed 32 bit integers– two’s complement representation– modular arithmetic– guaranteed exception
![Page 14: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/14.jpg)
14
Booleans and Integers
Concrete!a
-a
a + b
a > 0
Abstractmonop(lognot, a) : bool
monop(neg, a) : int
binop(add, a, b) : int
binop(cmpg, a, b) : bool
![Page 15: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/15.jpg)
15
Strings and Characters
string s = “hello, world”• Immutable• Opaque representationchar c = ‘4’;char z = ‘\0’;• ASCII
![Page 16: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/16.jpg)
16
Declarations and Assignment
• Explicitly typed• Block-delimited scope• No shadowing• Mutable• Variables must be
defined before use
int x;{ int y; y = 9;}// Errorx = y + 4;
![Page 17: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/17.jpg)
17
Declarations and Assignment
Concreteint x;x = 4;
int x;int y;y = 9;x = y;
Abstractdecl(x, int, assign(x, 4)) : cmd
decl(x, int, decl(y, int, binop(seq, assign(y, 9), assign(x, y)))) : cmd
![Page 18: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/18.jpg)
18
Conditions
Concreteif (x > 0) y = 0;else y = 9;
y = x > 0 ? 0 : 9;
Abstractif(binop(cmpg, x, 0), assign(y, 0), assign(y, 9)) : cmd
assign(y, if(binop(cmpg, x, 0), 0, 9)) : cmd
![Page 19: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/19.jpg)
19
while Loops
Concretewhile (x > 0) { x--;}
while (true) { break;}
Abstractloop( binop(cmpg, x, 0), assign(x, binop(sub, x, 1)) )) : cmd
loop(true, break) : cmd
![Page 20: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/20.jpg)
20
{ int i = 0; while (i < 10) { if (i % 2 == 0) { i++; continue; } i++;}}
{ int i = 0; for (; i < 10;) { if (i % 2 == 0) { i++; continue; } i++;}}
for Loopsfor(int i = 0; i < 10; i++) { if (i % 2 == 0) continue;}
{ int i = 0; for (; i < 10; i++) { if (i % 2 == 0) continue; }}
![Page 21: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/21.jpg)
21
Functions
Concreteint triarea(int b, int h){ return sqrarea(b, h) / 2;}
Abstractfunc(b, h, return( binop(div, call(ptr(sqrarea), (b, h)), 2) )) : tuple(int, int) int
![Page 22: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/22.jpg)
22
Hello World0
int foo() { return 0;}
func(return(0)) : tuple() → int
K ; ∙ ▷ return(0)K ; return(∙) ▷ 0K ; return(∙) ◁ 0K ◁ 0
![Page 23: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/23.jpg)
23
Hello World
Concretevoid hello(){ print(“hello, world\n”);}
Abstractfunc( binop(seq, monop(ign, call(ptr(print), (“hello, world\n”) )), return(()))) : tuple() tuple()
![Page 24: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/24.jpg)
24
Pointers
int *p = alloc(int);int zero = *p;• Either NULL or valid heap address– No pointer arithmetic– No casting
• Garbage collected heap• Heap values always initialized
![Page 25: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/25.jpg)
25
Pointers
ConcreteNULL;
alloc(bool)
int *x;*x
*x = 9
Abstractptr(null) : τ*
alloc(bool) : bool*
monop(read, x) : int
binop(write, x, 9) : int
![Page 26: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/26.jpg)
26
Heap (μ)
• A function which maps addresses a to values v• Signature Σ maps addresses a to types τ• if a dom(∀ ∈ μ). Σ μ(a) : Σ(a) then μ : Σ
![Page 27: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/27.jpg)
27
Arrays
Concreteint[] A;alloc_array(int, 4)
A[4] = 9
A[0]
Abstractdecl(A, int[], …) : cmdallocarray(int, 4) : int[]binop(write, binop(arrayindex, A, 4), 9) : intmonop(read, binop(arrayindex, A, 0)): int
![Page 28: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/28.jpg)
28
ArraysA[4]
monop(read, binop(arrayindex, A, 4)) : int
F ▷ monop(read, binop(arrayindex, A, 4))F, monop(read,∙) ▷ binop(arrayindex, A, 4)F, monop(read,∙), binop(arrayindex, ∙, 4) ▷ AF, monop(read,∙), binop(arrayindex, ∙, 4) ◁ array(a, )F, monop(read,∙), binop(arrayindex, array(a, ), ∙) ▷ 4F, monop(read,∙), binop(arrayindex, array(a, ), ∙) ◁ 4F, monop(read,∙) ◁ ptr(a + 4)if μ(a+4) = v then F ◁ velse F ◁ exn
![Page 29: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/29.jpg)
29
Structures
• Nominally typed• Cannot be used as– parameter types– return types– local variable types
• Heap allocated• May nest
struct Node { struct Node *next; int i;};
int head(struct Node *n){ return n->i;}
![Page 30: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/30.jpg)
30
Structures
Concretestruct S { int x;};
struct S *s;s->x
Abstractstruct(∙, S$x : int)
monop(read, monop(field(S$x), s) : int
![Page 31: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/31.jpg)
31
Formal Semantics
ProgressIf and theneither finalor
PreservationIf and and then and and
![Page 32: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/32.jpg)
32
Summary
• Basic types:– bool, int, char, string, pointers, arrays, structures
• Basic control flow• Simple memory model• Abstract semantics– Simple elaboration– Formally defined
![Page 33: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/33.jpg)
33
C0 IN ACTIONWhere have we gone from here?
![Page 34: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/34.jpg)
34
Libraries
• Used for exposing OS APIs in a safe manner• Currently C/C++-only• Libraries provide:– a C0 header– a native shared library
• Very easy to wrap existing C/C++ libraries
![Page 35: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/35.jpg)
35
Libraries
C0
boolintT*T[]charstring
C/C++boolintT*c0_array*charc0_string
![Page 36: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/36.jpg)
36
Specifications
• Embedded as special comments• Optional dynamic checking– Static checking someday!
• Primary means reasoning about code– loop invariants– pre/post conditions– assertions
• Slight superset of expressions
![Page 37: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/37.jpg)
37
Specificationsint binsearch(int[] A, int len, int e) //@ requires \length(A) == len{ int lower = 0; int upper = len-1; while (lower < upper) //@ loop_invariant lower >= 0 && upper < len { … }}
![Page 38: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/38.jpg)
38
Specifications
//@ requires \length(A) == len// @ensures issorted(\result)int[] mergesort(int[] A, int len);
//@ requires \length(L) == len//@ requires \length(R) == len//@ ensures issorted(\result)int[] merge(int[] L, int[] R, int len);
![Page 39: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/39.jpg)
39
MISSING FEATURESMaybe later, maybe never
![Page 40: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/40.jpg)
40
Immutable values / constvoid strrev(char[] dest, const char[] src){ int len = strlen(src); for (int i = 0; i < len; i++) //@ loop_invariant partial_rev(dest, src, i) dest[len – i - 1] = src[i]; dest[len] = ‘\0’;}
strrev(A, A);// Now what?
![Page 41: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/41.jpg)
41
Immutable values / conststruct Node { struct Node *next; int i;};
int length(const struct Node *n) { // Foiled! n->i = 9;
// Success! struct Node *next = n->next; next->next = NULL; return 2;}
![Page 42: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/42.jpg)
42
Address-of (&)
int parse_int(string s, bool *p);
int tonum(string s) { int i; bool b; i = parse_int(s, &b); assert(b, “Bad input string”); return i;}
![Page 43: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/43.jpg)
43
Unions
union Value { int i; bool b; Value *p;};
int main() { Value v; // Writes tag b v.b = false; // Fails return v.i;}
![Page 44: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/44.jpg)
44
Unionsstruct Box { int tag; // 0 for int, 1 for pointer union U { int i; int *p; } value;};
int *f(Box *b, int *p) { b->tag = 1; b->value.p = p; return p;}
void cisawesome () { Box b; b.tag = 0; b.value.i = 0; int *s = f(&b, &b.value.i); // Can now get a pointer // to arbitrary memory *s = 40;}
![Page 45: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/45.jpg)
45
Unionsint main () { Box b = Int (0); Box *pb = &b; SomeComputation(&b); switch (b) { case Int i: *pb = Pointer(alloc(int)); return i; case Pointer p: *pb = Int(0); return *p; }}
union Box { int Int; int* Ptr;};
void SomeComputation(Box *b);
![Page 46: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/46.jpg)
46
Module System
• Global namespace is bad• A single file goes only so far• C doesn’t have a good solution• Partial solutions– Libraries– Compiler accepts multiple files
![Page 47: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/47.jpg)
47
Contributions
• C0
– Simple to learn– Very similar to C– Formally specified– Emphasizes reasoning
• Simple library system– Easy to bind existing libraries– Several already written
![Page 48: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/48.jpg)
48
Extra Slides
![Page 49: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/49.jpg)
49
Types
Concrete (T)boolint
T*T[]struct F { … }
Abstract (τ)boolintτ τ’τ*τ[]struct(p)cmdtuple(τ1,…,τn)
![Page 50: C 0 : an Imperative Programming Language for N00bs](https://reader036.vdocuments.site/reader036/viewer/2022062315/56816683550346895dda2b0a/html5/thumbnails/50.jpg)
50
Formal Semantics
• Types τ = bool | int | τ* | cmd | …• Values v = true | | ptr(a) | …• Addresses a = l | a + n | a + f• Expressions
e = v | binop(op, e1, e2) | call(ef, e) | x | decl(x, τ, e) | assign(x, e) | return(e) | loop(ec, e) | break | alloc(τ) | allocarray(τ, e) | …