Semantics with Applications Mooly Sagivmsagiv@postSchrirber 317 03-640-7606

html://www.cs.tau.ac.il/~msagiv/courses/sem08.html

Textbooks:Winskel The Formal Semantics of Programming Languages Types and Programming Languages Benjamin C. Pierce

Outline• Course requirements• What is semantics• Who needs semantics• Forms of semantics• Tentative Plan• Trace semantics• Introduction to operational semantics

Course Requirements• Prerequisites

– Compiler Course– Basic set theory and logic

• A theoretical course– Forms of induction– Domain theory– No algorithms

• Grade– Course Notes 10%– Assignments 60%

• Mostly theoretical with some programming

– Home exam 30%

Modern Programming Languages• Imperative

– PL/1– Pascal– C

• Object Oriented– C++– Java– C#

• Functional– Scheme– ML– Ocaml– F#– Haskel

• Logic– Prolog

Programming Languages• Syntax

– Which string is a legal program?

– Usually defined using context free grammar+ contextual constraints

• Semantics– What does a program mean?

– What is the output of the program on a given run?

– When does a runtime error occur?

– A formal definition

Benefits of Formal Semantics• Programming language design

– hard-to-define= hard-to-implement=hard-to-use– Avoid design mistakes

• Programming language implementation– Compiler Correctness

• Correctness of program optimizations• Design of Static Analysis

• Programming language understanding• Program correctness

– Type checking

• Program equivalence• Automatic generation of interpreter• Techniques used in software engineering

Desired Features of PL Semantics

• Tractable– as simple as possible without losing the ability to express

behavior accurately

• Abstract– uncluttered by irrelevant detail

• Computational– an accurate abstraction from runtime behavior

• Compositional– The meaning of compound language construct is defined using

the meaning of subconstructs– Supports modular reasoning

Alternative Formal Semantics• Operational Semantics [Plotkin, Kahn]

– The meaning of the program is described “operationally”

– Trace based Semantics

– Structural Operational Semantics

– Natural Semantics

• Denotational Semantics [Strachey, Scott]– The meaning of the program is an input/output relation

• Axiomatic Semantics [Floyd, Hoare]– The meaning of the program is observed properties

– Proof rules to show that the program is correct

• Complement each other

Tentative Plan• A simple programming language IMP

– Natural Semantics of IMP– Structural operational Semantics of IMP– Denotational Semantics of IMP

• Axiomatic Semantics– IMP– Non-Determinism and Parallelism– Rely Guarantee Axiomatic Semantics– Separation Logic

• Type inference/checking

IMP: A Simple Imperative Language

• numbers N– Positive and negative numbers– n, m N

• truth values T={true, false}• locations Loc

– X, Y Loc• arithmetic Aexp

– a Aexp• boolean expressions Bexp

– b Bexp• commands Com

– c Com

(3+5 ) 3 + 5

3 + 5 5+ 3

Abstract Syntax for IMP• Aexp

– a ::= n | X | a0 + a1 | a0 – a1 | a0 a1

• Bexp– b ::= true | false | a0 = a1 | a0 a1 | b | b0 b1

| b0 b1

• Com– c ::= skip | X := a | c0 ; c1 | if b then c0 else c1

| while b do c

2+34-5

(2+(34))-5 ((2+3)4))-5

Example Program

Y := 1;

while (X=1) do

Y := Y * X;

X := X - 1

But what about semantics

Trace Based Semantics

• For every program P define a set potential states (P)

• Let be the set of finite and infinite traces over = (P)* (P)

• The meaning of P is a set of maximal traces P

Example Program

1: while 2:(X>0) do

3:X := X – 1

4:

[pc1, x 2]

[pc2, x 2]

[pc3, x 2]

[pc2, x 1]

[pc3, x 1]

[pc2, x 0]

[pc4, x 0]

[pc1, x -7]

[pc2, x -7]

[pc4, x -7] ..

Example Program

1: while 2:(true) do

3: skip

4:

[pc1, x 2]

[pc2, x 2]

[pc3, x 2][pc2, x 2][pc3, x 2][pc2, x 2][pc3, x 2]

..

Limitations of trace based semantics

• The program counter is an implementation detail

• Equivalent programs do not necessarily have the same set of traces

• Hard to define semantics by induction on the syntax

• Hard to prove properties of the programming language

Chapter 2

Introduction to

Operational Semantics

Expression Evaluation • States

– Mapping locations to values - The set of states

: Loc N(X)= X=value of X in = [ X 5, Y 7]

– The value of X is 5– The value of Y is 7– The value of Z is undefined

– For a Exp, , n N,• <a, > n

– a is evaluated in to n

Evaluating (a0 + a1) at • Evaluate a0 to get a number n0 at

• Evaluate a1 to get a number n1 at

• Add n0 and n1

Expression Evaluation Rules

• Numbers– <n, > n

• Locations– <X, > (X)

• Sums

• Subtractions

• Products

10,10

1,1,0,0nnnwhere

naa

nana

10,10

1,1,0,0nnnwhere

naa

nana

10,10

1,1,0,0nnnwhere

naa

nana

Axiom

s

Derivations• A rule instance

– Instantiating meta variables with corresponding values

632

3322

,

0,,0,

1232

4332

,

0,,0,

Derivation (Tree)

• Axioms in the leafs• Rule instances at

internal nodes

0Init 0 , 55 0 , 77 0 , 99 0 ,

55)Init( 0 , 1697 0 ,

219)(75)Init( 0 ,

Computing a derivation

• We write <a, > n when there exists a derivation tree whose root is <a, > n

• Can be computed in a top-down manner• At every node try all derivations “in parallel”

0Init 0 , 55 0 , 77 0 , 99 0 ,

?5)Init( 0 , ?97 0 ,

?9)(75)Init( 0 ,

5 16

21

Recap

• Operational Semantics– The rules can be implemented easily– Define interpreter

• Natural semantics

Equivalence of IMP expressions

a0 a1 iff

nanaNn ,,. 10

Boolean Expression Evaluation Rules• <true, > true• <false, > false

•

•

•

•

mnifaa

mana

true

,10

,1,,0

mnifaa

mana

false

,10

,1,,0

mnifaa

mana

true,10

,1,,0

mnnotifaa

mana

false

,10

,1,,0

Boolean Expression Evaluation Rules(cont)

•

•

•

•

otherwisetand

whentwhere 10

,10

,1,0,0 1

false

truetrue

tt

tbb

tbtb

false

true

,

,

b

b

true

false

,

,

b

b

otherwisetand

whentwhere 10

,10

,1,0,0 1

true

falsefalse

tt

tbb

tbtb

Equivalence of Boolean expressions

b0 b1 iff

tbtbTt ,,. 10

Extensions

• Shortcut evaluation of Boolean expressions

• “Parallel” evaluation of Boolean expressions

• Other data types

The execution of commands• <c, > ’

– c terminates on in a final state ’

• Initial state 0

0(X)=0 for all X

• Handling assignments <X:=5, > ’•

XY

XYnYXn

if(Y)

if{)](/[

•<X:=5, > [5/X]

Rules for commands

• <skip, >

•

• Sequencing:

• Conditionals:

]/[: ,

,

XmaX

ma

'

'

,10

,0,

ccb

cb

elsethenif

true

Atom

ic

'

'

,10

,1,

ccb

cb

elsethenif

false

'

'''''

,10

,1,0

cc

cc

;

Rules for commands (while)

,

,

cb

b

dowhile

false

'

'''

,

,,

cb

cbb

dowhile

dowhile '' c, true

Example Program

Y := 1;

while (X=1) do

Y := Y * X;

X := X - 1

Equivalence of commands

c0 c1 iff

',',.', 10 cc

Proposition 2.8

while b do c if b then (c; while b do c) else skip

Small Step Operational Semantics

• The natural semantics defines evaluation in large steps– Abstracts “computation time”

• It is possible to define a small step operational semantics– <a, > 1 <a’, ’>

• “one” step of executing a in a state yields a’ in a state ’

SOS for Additions

,101,10

,01,0

'

'

aaaa

aa

,11,1

,11,1

'

'

anan

aa

mnpwherepmn

,1,

SOS Rules for commands

• <skip, > 1

•

• Sequencing:

]/[1:

1

,

,

XmaX

na

Atom

ic

',;'1

','1

10,10

0,0

cccc

cc

;

',1

'11

1,10

,

ccc

c

;

SOS Rules for commands

• Conditionals:

<if b then c1 else c2, > 1 <c1, >

<b, > 1 true

<if b then c1 else c2, > 1 <c2, >

<b, > 1 false

SOS rules for while

<while b do c, > 1 < if b then (c; while b do c) else skip, >

Summary• Operational semantics enables to naturally

express program behavior• Can handle

– Non determinism– Concurrency– Procedures– Object oriented– Pointers and dynamically allocated structures

• But remains very closed to the implementation– Two programs which compute the same

functions are not necessarily equivalent