From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail From: Paul Rubin Newsgroups: comp.lang.ada Subject: Re: How to get Ada to =?utf-8?Q?=E2=80=9Ccross?= the =?utf-8?Q?ch?= =?utf-8?Q?asm=E2=80=9D=3F?= Date: Fri, 20 Apr 2018 10:41:18 -0700 Organization: A noiseless patient Spider Message-ID: <87604lvkqp.fsf@nightsong.com> References: <1c73f159-eae4-4ae7-a348-03964b007197@googlegroups.com> <878t9nemrl.fsf@nightsong.com> <87h8o7lowg.fsf@nightsong.com> <8736zqkwat.fsf@nightsong.com> <6839088c-f221-4650-a6ea-1841ae539486@googlegroups.com> <1e5f5681-0e2a-43cc-9437-2bd38078da08@googlegroups.com> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: reader02.eternal-september.org; posting-host="c64f90128f27b36aa0215bf95afe8b2a"; logging-data="8179"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX197IE5EDTBVDfUrPBo3jPIf" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) Cancel-Lock: sha1:A26BcHa7eBfSp+fGRX+Ndn2NK48= sha1:gSsQh5hDSXjeHf0Vu2SUcIaxsH0= Xref: reader02.eternal-september.org comp.lang.ada:51646 Date: 2018-04-20T10:41:18-07:00 List-Id: Shark8 writes: > for an Ada+VHDL IDE Dan'l Miller also mentioned Ada+VHDL. What is it? I don't see many search results. Of course there is a well-known general resemblance between Ada and VHDL, but I don't know of any meaningful composition of them. > - Written in 100% Ada; SPARK proving for the compiler-proper. Why would you want to do that, when a ton of SPARK verification conditions are about proving integer overflow safety, memory boundedness, and other freedom from exceptions? E.g. I think it stops you from using natural programming techniques like recursion (at least, MISRA C does not allow recursion). That is all crucial for realtime systems, but a compiler is not a realtime system. If you use CompCert's approach (use recursion and unbounded arithmetic and automatic memory management in the compiler as much as you want, prove that the compiler won't generate bad code, use ordinary software testing to give reasonable assurance that the compiler doesn't crash, and call it a day) you can probably save a heck of a lot of work. Is it even possible to guarantee that a compiler can accept every valid program and also never crash? If Ada programs can have nested parenthesized expressions or begin/end blocks of arbitrary depth, then any sane approach to parsing will eventually run out of memory if the nesting is deep enough. CompCert itself is already a magnificant feat. I have no idea whether a fully proven compiler in SPARK is feasible at all. Has anyone ever done anything like that? > - Application of SPARK provers to VHDL. Does anyone do that? There's some work on HDL verification but it uses completely different approaches.