Programming Language Semantics Mooly Sagiv msagiv@post Schrirber 317 03-640-7606 Eran Yahav yahave@post Open space 03-640-5358 html://www.cs.tau.ac.il/~msagiv/courses/sem03.html Textbook:Winskel The Formal Semantics of Programming Languages CS [email protected] Outline • Course note summary • Natural operational semantics – Commands – Example – Proving simple properties • Small step operational semantics – The main ideas • Proving properties of programs (Chapter 3) Course note summary • • • • Word format Add examples for every term Add strawman examples Self contained Abstract Syntax for IMP • Aexp – a ::= n | X | a0 + a1 | a0 – a1 | a0 a1 • Bexp – b ::= true | false | a0 = a1 | a0 a1 | b | b0 b1 | b0 b1 • Com – c ::= skip | X := a | c0 ; c1 | if b then c0 else c1 | while b do c Expression Evaluation • States – Mapping locations to values – - The set of states • : Loc N • (X)= X=value of X in • = [ X 5, Y 7] – The value of X is 5 – The value of Y is 7 – The value of Z is undefined – For a Exp, , n N, • <a, > n – a is evaluated in to n Expression Evaluation Rules • Numbers Axioms – <n, > n • Locations – <X, > (X) • Sums a0, n0, a1, n1 where a0 a1, n • Subtractions • Products n n0 n1 a0, n0, a1, n1 where a0 a1, n a0, n0, a1, n1 where a0 a1, n n n0 n1 n n0 n1 Equivalence of IMP expressions a0 a1 iff n N . a0, n a1, n 2+3 ~ 5 exp1+ exp2 ~ exp2 + exp1 Boolean Expression Evaluation Rules • <true, > true • <false, > false • a0, n, a1, m if a0 a1, true nm • a0, n, a1, m if a0 a1, false • a0, n, a1, m if a0 a1, true • a0, n, a1, m if a0 a1, true nm nm not n m Boolean Expression Evaluation Rules(cont) • b, true b, false • b, false b, true • • b0, t 0, b1, t 1 b0 b1, t b0, t 0, b1, t 1 b0 b1, t where t true and where when t false otherwise t false when and t 0 t1 true t 0 t1 false t true otherwise Equivalence of Boolean expressions b0 b1 iff t T . b0, t b1, t The execution of commands • <c, > ’ – c terminates on in a final state ’ • Initial state 0 – 0(X)=0 for all X • Handling assignments <X:=5, > ’ • { (Y) [m / X ](Y ) m if Y X if Y X •<X:=5, > [5/X] Rules for commands Atomic • <skip, > • a, n X : a, [n / X ] • Sequencing: • Conditionals: c0, ' ' c1, ' ' ' c 0 ; c1, ' b, true c0, ' if b then c0 else c1, ' b, false c1, ' if b then c0 else c1, ' Rules for commands (while) b, false while b do c , b, true c, ' ' while b do c , ' ' ' while b do c , ' Euclid while (M=N) do =[M6, N9] if M N then N := N – M else M := M - N Rules for commands (while) b, false while b do c , b, true c, ' ' while b do c , ' ' ' while b do c , ' Loop while true do skip Equivalence of commands c0 c1 iff , ' . c0, ' c1, ' Proposition 2.8 while b do c if b then (c; while b do c) else skip Theorem 3.10 For all states : (M) 1 & (N) 1 ’ : <Euclid, > ’ Small Step Operational Semantics • The natural semantics defines evaluation in large steps – Abstracts “computation time” • It is possible to define a small step operational semantics – <a, > 1 <a’, ’> • “one” step of executing a in a state yields a’ in a state ’ Small Step Semantics for Additions a 0, 1 a'0, a 0 a1, 1 a'0 a1, a1, 1 a'1, n a1, 1 n a'1, n m, 1 p, where p n m Homework Summary • Operational semantics enables to naturally express program behavior • Can handle – – – – – Non determinism Concurrency Procedures Object oriented Pointers and dynamically allocated structures • But remains very closed to the implementation – Two programs which compute the same functions are not necessarily equivalent Induction • Proving of program properties often uses mathematical induction • Prove properties of a programming language by proving a small finite set of claims • If a property is violated then there is a small finite set in which it is violated • Examples – <a, > m & <a, > m m = n – Euclid terminates – <c, > ’ & <c, ’’> ’ = ’’ Forms of induction • Mathematical induction – (P(0) & (m w. P(m) P(m+1))) m w. P(m) • Structural induction • Well-founded induction Structural Induction • Proposition 3.3 – <a, > m & <a, > m m = n • Bad example – <c, > ’ & <c, > ’’ ’ = ’’ Well-Founded Induction • A well-founded relation on a set A if – there are no infinite decreasing chains • … ai … a2 a1 – a b • a is a predecessor of b • Proposition 3.7 a binary relation on A is well-founded iff any nonempty subset Q of A has a minimal element, m Q: b m. b Q The Principle of Well Founded Induction • is a well founded relation on A • P is property • Then – a A: P(a) – Iff – a A: ([b a. P(b)] P(a) Applications of the well founded induction principle • • • • Mathematical induction Course-of-values induction Structural induction … Induction on Derivations • A set of rule instances R consists pairs X/y where X is a finite set and y is an element – X/y – rule instance – X – premises – y – conclusion • d R y – d is an R-derivation of y – (/y) R y if (/y) R – ({d1, …, dn}/y) R y if ({x1, …, xn}/y) R and d1 R x1 & … & dn R xn • R y – for some d d R y • Sub-derivation d 1 d’ if d(D/y) with d’ D • = 1+ • is well-founded Theorem 3.10 For all states : (M) 1 & (N) 1 ’ : <Euclid, > ’ Theorem 3.11 For all states ,’, ’’: –<c, > ’ & <c, > ’’ ’ = ’’ Proposition 3.12 For all states ,’: <while true do skip, > ’ Summary • Induction is a powerful tool in proving semantic properties • Can also be used in definitions – – – – length(a)= # of operators in a LocL(c) = left-hand-side variables Lval(a) Rval(a)
© Copyright 2026 Paperzz