1 / 86

Noam Rinetzky Lecture 3: Program Semantics

Program Analysis and Verification 0368- 4479 http://www.cs.tau.ac.il/~maon/teaching/2013-2014/paav/paav1314b.html. Noam Rinetzky Lecture 3: Program Semantics. Slides credit: Roman Manevich , Mooly Sagiv , Eran Yahav. Good manners. Mobiles. Admin. Grades

vala
Download Presentation

Noam Rinetzky Lecture 3: Program Semantics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Program Analysis and Verification 0368-4479http://www.cs.tau.ac.il/~maon/teaching/2013-2014/paav/paav1314b.html Noam Rinetzky Lecture 3: Program Semantics Slides credit: Roman Manevich, MoolySagiv, EranYahav

  2. Good manners • Mobiles

  3. Admin • Grades • First home assignment will be published on Tuesday. • Due lesson 5 • Scribes (this week) • Scribes (next week)

  4. Today • Operational semantics • Advanced features • Traces semantics • Denotational Semantics

  5. What do we mean? שלום syntax semantics

  6. What do we mean? P P: x7 syntax semantics

  7. Why formal semantics? • Implementation-independent definition of a programming language • Automatically generating interpreters (and some day maybe full fledged compilers) • Verification and debugging • if you don’t know what it does, how do you know its incorrect?

  8. Programming Languages • Syntax • “how do I write a program?” • BNF • “Parsing” • Semantics • “What does my program mean?” • …

  9. Program semantics • State-transformer • Set-of-states transformer • Trace transformer • Predicate-transformer • Functions • …

  10. What semantics do we want? • Captures the aspects of computations we care about • “adequate” • Hides irrelevant details • “fully abstract” • Compositional

  11. A simple imperative language: While Abstract syntax: a ::= n | x | a1+a2 | a1a2 | a1–a2 b ::=true|false|a1=a2|a1a2|b|b1b2 S::=x:=a | skip | S1;S2| ifbthenS1elseS2 | whilebdoS

  12. Syntactic categories n Num numerals x Var program variables a Aexp arithmetic expressions b Bexp boolean expressions S Stm statements

  13. Semantic categories ZIntegers {0, 1, -1, 2, -2, …} T Truth values {ff, tt} StateVar Z Example state: s=[x5, y7, z0] Lookup: s x = 5 Update: s[x6] = [x6, y7, z0]

  14. Semantics of expressions • Arithmetic expressions are side-effect free • Semantic functionA  Aexp  : State Z • Defined by induction on the syntax tree A  n  s = n A  x  s = s x A  a1 + a2  s = A  a1  s + A  a2  s A  a1 - a2  s = A  a1  s - A  a2  s A  a1*a2  s = A  a1  s A  a2  s A  (a1)  s = A  a1  s --- not needed A  - a s = 0 - A  a1  s • Compositional • Properties can be proved by structural induction • Similarly for Boolean expressions

  15. Operational Semantics (Recap)

  16. Operational Semantics The meaning of a program in the language is explained in terms of a hypothetical computer which performs the set of actions which constitute the elaboration of that program. [Algol68, Section 2]

  17. Operational Semantics It is all very well to aim for a more ‘abstract’ and a ‘cleaner’ approach to semantics, but if the plan is to be any good, the operational aspects cannot be completely ignored. [Scott70]

  18. Operational semantics • Concerned with how to execute programs • How statements modify state • Define transition relation between configurations • Two flavors • Structural operational semantics: describes how the individual steps of a computations take place • So-called “small-step” semantics • Natural semantics: describes how the overallresults of executions are obtained • So-called “big-step” semantics

  19. Structural operating semantics (SOS) S, s S’, s’ first step • aka “Small-step semantics”

  20. Structural operational semantics first step • Developed by Gordon Plotkin [TR 1981] • Configurations:  has one of two forms: S, s Statement S is about to execute on state s s Terminal (final) state • Transitions S, s  • = S’, s’ Execution of S from s is not completed and remaining computation proceeds from intermediate configuration  • = s’ Execution of S from s has terminated and the final state is s’ • S, s is stuck if there is no  such that S, s 

  21. Structural semantics for While x:=a, ss[xAas] [asssos] skip, ss [skipsos] S1, sS1’, s’ S1; S2, sS1’; S2, s’ S1, ss’ S1; S2, sS2, s’ [comp1sos] [comp2sos] if bthenS1elseS2, sS1, s if bthenS1elseS2, sS2, s • if B b s = tt • if B b s = ff [ifttsos] [ifffsos]

  22. Derivation sequences • A derivation sequence of a statement S starting in state s is either • A finite sequence 0, 1, 2 …, k such that • 0 = S, s • i  i+1 • k is either stuck configuration or a final state • An infinitesequence 0, 1, 2, … such that • 0 = S, s • i  i+1 • Notations: • 0 k k 0 derives k in k steps • 0 *  0 derives in a finite number of steps

  23. Natural operating semantics (NS) S, s s’ all steps • aka “Large-step semantics”

  24. Natural operating semantics • Developed by Gilles Kahn [STACS 1987] • Configurations S, s Statement S is about to execute on state s s Terminal (final) state • Transitions S, s s’ Execution of S from s will terminate with the result state s’ • Ignores non-terminating computations

  25. Natural operating semantics side condition premise conclusion S1, s1 s1’, … , Sn, sn sn’ S, s s’ if…  defined by rules of the form The meaning of compound statements is defined using the meaning immediate constituent statements

  26. Natural semantics for While x := a, ss[x Aas] [assns] axioms skip, ss [skipns] S1, ss’, S2, s’s’’S1; S2, s  s’’ [compns] S1, ss’ if bthenS1elseS2, ss’ S2, ss’ if bthenS1elseS2, ss’ • if B b s = tt • if B b s = ff [ifttns] [ifffns]

  27. Derivation trees • Using axioms and rules to derive a transition S, s s’ gives a derivation tree • Root: S, s s’ • Leaves: axioms • Internal nodes: conclusions of rules • Immediate children: matching rule premises

  28. Evaluation via derivation sequences • For any While statement S and state s it is always possible to find at least one derivation sequence from S, s • Apply axioms and rules forever or until a terminal or stuck configuration is reached • Proposition: there are no stuck configurations in While

  29. The semantic function Ssos • S: What a statement S means to the context: P[S] • S1 = x:=x+2 • S2= x:=x+1 ; x:=x+1 • P[S] = z:=x; S; y:=x; s’ if S, s* s’undefined otherwise SsosS s = • The meaning of a statement S is defined as a partial function from State to StateSsos: Stm (State State) • Examples: Ssosskip s = s Ssosx:=1 s = s [x 1] Ssoswhile true do skip s = undefined

  30. The semantic function Sns s’ if S, s s’undefined otherwise SnsS s = • The meaning of a statement S is defined as a partial function from State to StateSns: Stm (State State) • Examples: Snsskips = s Snsx:=1s = s [x 1] Snswhile true do skips = undefined

  31. An equivalence result • S1 and S2 are semantically equivalent if for all s and s’ S1, s s’ if and only if S2, s s’ • Same semantics • SOS and NS • For every statement in WhileSnsS = SsosS • Proof in pages 40-43

  32. While in WHILE

  33. Semantic equivalence • S1 and S2 are semantically equivalent if for all s and s’ S1, s s’ if and only if S2, s s’ • Simple examplewhilebdoSis semantically equivalent to:ifbthen (S; whilebdoS) else skip • Read proof in pages 26-27

  34. Structural semantics for while while bdoS, s ifbthenS; while bdoS) else skip, s [whilesos]

  35. Natural semantics for While Non-compositional S, s s’, while bdoS, s’s’’while bdoS, ss’’ while bdoS, ss • if B b s = ff • if B b s = tt [whilettns] [whileffns]

  36. Comparing semantics • The natural semantics cannot describe looping executions • Every execution is represented by a finite derivation tree • The structural operational semantics can describe both • Looping executions have infinite derivation sequences • Every step in the derivation sequence is justified by a finite derivation tree • Terminating executions have a finite one

  37. What is a semanticsgood for? • Allows to “evaluate” a program • Properties of programming language semantics holds for all programs …

  38. What is a semanticsgood for? • Allows to “evaluate” a program • Properties of programming language semantics holds for all programs … • NS: more abstract • Fewer rules, top-down interpreter, simpler proofs • SOS: more “accurate” • Order of evaluation, non-termination

  39. Operational Semantics (paceR)

  40. Operational Semantics (Extended language)

  41. Language Extensions • abort statement (like C’s exit w/o return value) • Non-determinism • Parallelism • Local Variables • Procedures • Static Scope • Dynamic scope

  42. While + abort • Abstract syntax S::=x:=a | skip | S1; S2| ifbthenS1elseS2 | whilebdoS|abort • Abort terminates the execution • In “skip; S” the statement S executes • In “abort; S” the statement S should never execute • Natural semantics rules: …? • Structural semantics rules: …?

  43. Comparing semantics • The natural semantics cannot distinguish between looping and abnormal termination • Unless we add a special error state • The structural operational semantics can distinguish • looping is reflected by infinite derivations and abnormal termination is reflected by stuck configuration

  44. While + non-determinism • Abstract syntax S::=x:=a | skip | S1; S2| ifbthenS1elseS2 | whilebdoS|S1orS2 • Either S1 is executed or S2 is executed • Example: x:=1 or (x:=2; x:=x+2) • Possible outcomes for x: 1 and 4

  45. While + non-determinism:natural semantics S1, s s’S1orS2, s  s’ S2, s s’S1orS2, s  s’ [or1ns] [or2ns]

  46. While + non-determinism:structural semantics [or1sos] [or2sos] ? ?

  47. While + non-determinism • What about the definitions of the semantic functions? • Sns S1orS2  s • Ssos S1orS2  s

  48. Comparing semantics • In the natural semantics non-determinism will suppress non-termination (looping) if possible • In the structural operational semantics non-determinism does not suppress non-terminating statements

  49. While + parallelism Abstract syntaxS::=x := a | skip | S1; S2| ifbthenS1elseS2 | whilebdoS|S1S2 • All the interleaving of S1 and S2 are executed • Example: x:=1  (x:=2; x:=x+2) • Possible outcomes for x: 1, 3, 4

  50. While + parallelism:structural semantics S1, sS1’, s’ S1S2, sS1’S2, s’ S1, ss’S1S2, sS2, s’ S2, sS2’, s’ S1S2, sS1S2’, s’ S2, ss’S1S2, sS1, s’ [par1sos] [par2sos] [par3sos] [par4sos]

More Related