Download Document

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
Document related concepts

Homological algebra wikipedia , lookup

Corecursion wikipedia , lookup

Transcript 
Spring 2015
Program Analysis and Verification
Lecture 3: Operational Semantics II
Roman Manevich
Ben-Gurion University
Tentative syllabus
Semantics
Static
Analysis
Abstract
Interpretation
fundamentals
Analysis
Techniques
Crafting your
own
Natural
Semantics
Automating
Hoare Logic
Lattices
Numerical
Domains
Soot
Structural
semantics
Control Flow
Graphs
Fixed-Points
Alias analysis
From proofs
to abstractions
Axiomatic
Verification
Equation
Systems
Chaotic
Iteration
Interprocedural
Analysis
Systematically
developing
transformers
Collecting
Semantics
Galois
Connections
Shape
Analysis
Domain
constructors
CEGAR
Widening/
Narrowing
2
Agenda
• Structural operational semantics
(pages 32-50)
• Equivalence of natural semantics and
structural semantics for While
• Extending the semantics
3
Small Step
Semantics
S,   
first step
By Vanillase (Own work) [CC BY-SA 3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons
This file is licensed under the Creative Commons Attribution-Share Alike 3.0 Unported license.
4
Structural operational semantics
• Developed by Gordon Plotkin
• Configurations:  has one of two forms:
S, 

Statement S is about to execute on state 
Terminal (final) state
• Transitions S,   
first step
 = S’, ’ Execution of S from  is not completed
and remaining computation proceeds
from intermediate configuration 
 = ’
Execution of S from  has terminated
and the final state is ’
• S,  is stuck if there is no  such that S,   
5
Structural semantics for While
[asssos]
x:=a,  
[xAa]
[skipsos]
skip,   
[comp1sos]
[comp2sos]
S1,   S1’, ’
S1; S2,   S1’; S2, ’
S1,   ’
S1; S2,   S2, ’
When does
this happen?
[ifttsos]
if b then S1 else S2,   S1, 
if B b  = tt
[ifffsos]
if b then S1 else S2,   S2, 
if B b  = ff
6
Structural semantics for While
[whilesos]
while b do S,  
if b then
S; while b do S)
else
skip, 
7
Factorial (n!) example
• Input state  such that  x = 3
y := 1; while (x=1) do (y := y * x; x := x – 1)
y :=1 ; W, 
 W, [y1]
 if (x =1) then ((y := y * x; x := x – 1); W) else skip, [y1]
 ((y := y * x; x := x – 1); W), [y1]
 (x := x – 1; W), [y3]
 W , [y3][x2]
 if (x =1) then ((y := y * x; x := x – 1); W) else skip, [y3][x2]
 ((y := y * x; x := x – 1); W), [y3] [x2]
 (x := x – 1; W) , [y6] [x2]
 W, [y6][x1]
 if (x =1) then ((y := y * x; x := x – 1); W) else skip, [y6][x1]
 skip, [y6][x1]
 [y6][x1]
8
Structural operational
semantics and termination
9
Program termination
• Given a statement S and input 
– S terminates on  if there exists a finite derivation
sequence starting at S,  
– S terminates successfully on  if there exists a
finite derivation sequence starting at S,  
leading to a final state
– S loops on  if there exists an infinite derivation
sequence starting at S,  
10
Properties of Structural
operational semantics
11
Properties of structural operational semantics
• S1 and S2 are semantically equivalent if:
– for all  and  which is either final or stuck
S1,   *  if and only if S2,   * 
– there is an infinite derivation sequence starting at
S1,  if and only if there is an infinite derivation
sequence starting at S2, 
• Theorem: While is deterministic:
– If S,  * 1 and S,  * 2 then 1=2
12
Sequential composition
• Lemma: If S1; S2,  k ’’ then
there exists ’ and k=m+n such that
S1,  m ’ and S2, ’ n ’’
• The proof (pages 37-38) uses induction on the
length of derivation sequences
– Prove that the property holds for all derivation
sequences of length 0
– Prove that the property holds for all other derivation
sequences:
• Show that the property holds for sequences of length k+1
using the fact (induction hypothesis) that it holds on all
sequences of length k
13
The semantic function Ssos
• The meaning of a statement S is defined as a
partial function from State to State
Ssos: Stm  (State State)

’
Ssos S 
=
if S,  *’
undefined else
• Examples:
Ssos skip  = 
Ssos x:=1  =  [x 1]
Ssos while true do skip  = undefined
14
An equivalence result
• For every statement in While
Sns S = Ssos S
• Proof in pages 40-43
15
•
•
•
•
•
Language
extensions
abort
Non-determinism
Parallelism
Local Variables
Procedures
– Static Scope
– Dynamic scope
16
While + abort
• Syntax
S ::= x := a | skip | S1; S2
| if b then S1 else S2
| while b do S
| abort
• Abort terminates the execution
– In “skip; S” the statement S executes
– In“abort; S” the statement S should never execute
• Natural semantics rules: …?
• Structural semantics rules: …?
17
Comparing semantics
Statement
Natural
semantics
abort
No derivation tree Derivation sequence:
abort, 
abort; S
No derivation tree Derivation sequence:
abort; S, 
Equivalent to S
Equivalent to S
skip; S
while true do skip
Structural
semantics
No derivation tree Infinite derivation
sequence
if x = 0 then abort else y := y / x No derivation tree Derivation sequence
stuck after one step
if  x = 0
if  x = 0
18
While + abort conclusion
• abort does not affect the state,
only the flow of control
• The natural semantics cannot distinguish
between looping and abnormal termination
‒ Unless we add a special error state
• In the structural operational semantics
looping is reflected by infinite derivations and
abnormal termination is reflected by stuck
configuration
19
Extending While
with non-deterministic choice
20
While + non-determinism
• Syntax
S ::= x := a | skip | S1; S2
| if b then S1 else S2
| while b do S
| S1 or S2
• Either S1 is executed or S2 is executed
• Example: x:=1 or (x:=2; x:=x+2)
– Possible outcomes for x: 1 and 4
21
While + non-determinism:
natural semantics
[or1ns]
S1,   ’
S1 or S2,   ’
[or2ns]
S2,   ’
S1 or S2,   ’
22
While + non-determinism:
structural semantics
[or1sos]
?
[or2sos]
?
23
Comparing semantics
Natural
semantics
Statement
Structural
semantics
x:=1 or (x:=2; x:=x+2)
(while true do skip) or (x:=2; x:=x+2)
Conclusions
• In the natural semantics non-determinism will suppress
non-termination (looping) if possible
• Can be used for guessing
• In the structural operational semantics non-determinism
does not suppress non-terminating statements
24
While + random
• Syntax
S ::= x := a | skip | S1; S2
| if b then S1 else S2
| while b do S
| x := random()
25
Extending While
with parallel statements
26
While + parallelism
• Syntax
S ::= x := a | skip | S1; S2
| if b then S1 else S2
| while b do S
| S1
S2
• All the interleavings of S1 and S2 are executed
• Example: x:=1
(x:=2; x:=x+2)
– Possible outcomes for x: 1, 3, 4
27
While + parallelism:
structural semantics
[par1sos]
S1,   S1’, ’
S1 S2,   S1’ S2, ’
[par2sos]
S1,   ’
S1 S2,   S2, ’
[par3sos]
S2,   S2’, ’
S1 S2,   S1 S2’, ’
[par4sos]
S2,   ’
S1 S2,   S1, ’
28
While + parallelism:
natural semantics
Challenge problem:
Give a formal proof that this
is in fact impossible
Idea: try to prove on a
restricted version of While
without loops/conditions
29
Example: derivation sequences
of a parallel statement
x:=1
(x:=2; x:=x+2),  
30
While + parallelism conclusion
• In the structural operational semantics we
concentrate on small steps so interleaving
of computations can be easily expressed
• In the natural semantics immediate
constituent is an atomic entity so we cannot
express interleaving of computations
31
Operational semantics
summary
32
Operational semantics: natural vs. structural
Aspect
Form of transitions
Natural
S, 
Structural
’
S,   ’ and
S,   S’, ’
How transitions are
witnessed
Derivation tree
How non-termination
is observed
Non-existence of derivation tree Infinite derivation sequence
Semantic function
undefined
Non-existent derivation tree
Infinite derivation sequence or
stuck configurations
Equivalence
S1 and S2 equivalent if for every
state 
S1,  ’ if and only if
S2,  ’
S1 and S2 equivalent if for every
state 
S1,  * ’ if and only if
S2,  * ’
and there existing an infinite
derivation for S1 iff there exists an
infinite derivation for S2
How proofs are
conducted
Induction on the shape of the
derivation tree
Induction on the length of the
derivation sequence
Derivation sequence
33
Operational semantics summary
• SOS is powerful enough to describe imperative
programs
– Can define the set of traces
– Can represent program counter implicitly
– Handle goto statements and other non-trivial control
constructs (e.g., exceptions)
• Natural operational semantics is an abstraction
and is thus limited in constructs it may express
• Different semantics may be used to justify
different behaviors
• Thinking in terms of concrete semantics is
essential for a compiler writer / verifier
34
Assignment 1
• Exercise on operational semantics
• Due on April 12 by 13:00
• LaTeX: THE way to produce scientific
documents
– Recommended editor
35
Next lecture:
axiomatic semantics
Related documents
Desired articles in the philosophy of language If you are interested
Desired articles in the philosophy of language If you are interested
formato Word
formato Word
Lecture 10 Notes
Lecture 10 Notes
Formal Semantics of Programming Languages
Formal Semantics of Programming Languages
Database Systems and Security Research
Database Systems and Security Research
Semantic Computing in Social Media
Semantic Computing in Social Media
Principles of Programming Languages
Principles of Programming Languages
Lecture 32 : Course Summary
Lecture 32 : Course Summary
Document
Document
Document 8399475
Document 8399475