C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 C LAUS B RABRAND © , University of Aarhus [ ] [ ] S EMANTICS (Q1,’06) W EEK 7: ” PROGRAM EQUIVALENCE AND IMPERATIVE FEATURES ”

C LAUS B RABRAND [ 2 ] S EMANTICS (Q1,’06) O CT 12, 2006 Week 7 - Outline Bisimulation The Bisimulation Game SOS Implementation (Interpretation) Course Evaluation Program Equivalence Imperative Blocks “The Environment-Store Model” Sketch: Various Language Extensions Other Semantic Formalisms

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 S TRONG B ISIMULATION: ( ~ )

C LAUS B RABRAND [ 4 ] S EMANTICS (Q1,’06) O CT 12, 2006 Def: A Strong Bisimulation Let (Proc, Act,  ) be a LTS Def: a bin. rel. R  Proc  Proc is a strong bisimulation iff whenever ( s, t )  R :  a  Act : if s  s’ then t  t’ for some t’ such that ( s’, t’ )  R if t  t’ then s  s’ for some s’ such that ( s’, t’ )  R Note: 1. Definition on LTS (not necessarily wrt. processes) 2. Definition relative to a (SOS) semantics (via LTS) a a a a a Intuition: “Only equate as consistently allowed by the semantics”

C LAUS B RABRAND [ 5 ] S EMANTICS (Q1,’06) O CT 12, 2006 Def: Strongly Bisimilar ( ~ ) A Strong Bisimulation: Def: a bin. rel. R  Proc  Proc is a strong bisimulation iff whenever ( s, t )  R :  a  Act : if s  s’ then t  t’ for some t’ such that ( s’, t’ )  R if t  t’ then s  s’ for some s’ such that ( s’, t’ )  R The Strong Bisimilarity relation ( ~ ): Def: two (processes) s and t are strongly bisimilar ( s ~ t ) iff  strong bisimulation R : ( s, t )  R. i.e. a a a a ‘ ~ ’ :=  { R | R is a strong bisimulation }

C LAUS B RABRAND [ 6 ] S EMANTICS (Q1,’06) O CT 12, 2006 Basic Properties of ( ~ ) Theorem: ‘ ~ ’ is an equivalence relation Theorem: ‘ ~ ’ is the largest strong bisimulation i.e. for any bisimulation R we have that: R  ‘ ~ ’ Theorem: s ~ t iff  a  Act : if s  s’ then t  t’ for some t’ such that s’ ~ t’ if t  t’ then s  s’ for some s’ such that s’ ~ t’ a a a a

C LAUS B RABRAND [ 7 ] S EMANTICS (Q1,’06) O CT 12, 2006 How to Prove Strong Bisimilarity ? How to prove strong bisimilarity for two processes ? i.e. ?: Exhibit a (any) bisimulation R, for which: By definition we get that: since ‘ ~ ’ was the largest bisimulation ( s, t )  R  ‘ ~ ’ ( s, t )  R p ~ qp ~ q

C LAUS B RABRAND [ 8 ] S EMANTICS (Q1,’06) O CT 12, 2006 Example Proof of Bisimilarity Example: Buffer (capacity 1): Buffer (capacity 2): Prove that: A 0 = def in. A 1 A 1 = def out. A 0 B 0 = def in. B 1 B 1 = def in. B 2 + out. B 0 B 2 = def out. B 1 B 0 ~ A 0 |A 0 B0B0 B1B1 B2B2 A 0 |A 0 A 1 |A 0 A 0 |A 1 A 1 |A 1 R = { ( B 0, A 0 |A 0 ), ( B 1, A 1 |A 0 ), ( B 1, A 0 |A 1 ), ( B 2, A 1 |A 1 ) } Visualization of R

C LAUS B RABRAND [ 9 ] S EMANTICS (Q1,’06) O CT 12, 2006 How to Prove Non-Bisimilarity ? How to prove non-bisimilarity ? i.e. ? Enumerate all binary relations: Check that none are bisimulations and contain (p,q) However: extremely expensive O(2 |p||q| ) Use “Feynman Problem-Solving Algorithm”: (1). Write down the problem; (2). Think very hard; (3). Write down the answer. Or… s ~ ts ~ t

C LAUS B RABRAND [ 10 ] S EMANTICS (Q1,’06) O CT 12, 2006 The Bisimulation Game It’s Amazing… The Bisimulation Game ® Special Family Edition (w/ TV cables & remote control) Beat your sister at Process Algebra simulation… “Special Family Edition!” “ The Bisimulation Game ” Only $31,95 The Bisimulation Game

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 ( ~ ) B ISIMULATION G AMES

C LAUS B RABRAND [ 12 ] S EMANTICS (Q1,’06) O CT 12, 2006 The (Strong) Bisimulation Game Let (Proc, Act,  ) be a LTS and s, t  Proc Define 2-player game: [ attacker v defender ] The game is played in “rounds” and the configurations of the game are (Proc  Proc); The game starts (first round) in ( s, t )  Proc  Proc Intuition (objectives): The defender wants to show that: The attacker wants to show that: a s ~ ts ~ t s ~ ts ~ t

C LAUS B RABRAND [ 13 ] S EMANTICS (Q1,’06) O CT 12, 2006 Rules of the Bisimulation Game In round k the players change the current configuration ( s k, t k ) as follows: First, the attacker chooses: 1) one of the processes (e.g. t k ); i.e., left or right; 2) a legal action from that process: a  Act; 3) a legal transition according to the LTS: t k  t k+1 Then, the defender chooses: -) a “counter-move” using same action, a: s k  s k+1 ( s k+1, t k+1 ) becomes the next round’s configuration… Winning: If one player cannot make a move, the other player wins If the game is infinite (repeats configuration), the defender wins a a

C LAUS B RABRAND [ 14 ] S EMANTICS (Q1,’06) O CT 12, 2006 Game Characterization of ( ~ ) Theorem: States (processes) s and t are not strongly bisimilar iff the attacker has a universal winning strategy States (processes) s and t are strongly bisimilar iff the defender has a universal winning strategy ( s ~ t ) basically means that: “the ‘perfect attacker’ always wins” ( s ~ t ) basically means that: “the ‘perfect defender’ always wins”

C LAUS B RABRAND [ 15 ] S EMANTICS (Q1,’06) O CT 12, 2006 Let’s Play… Let’s play…: ~ / ~ ? show of hands… ~ ’ ’ ? coin. (coke + sprite) coin.coke + coin.sprite ’ ’ coin ’ ’ sprite coke

C LAUS B RABRAND [ 16 ] S EMANTICS (Q1,’06) O CT 12, 2006 Another Game… Are the following two LTS(/processes) s and t strongly bisimilar: s ~ t ? There’s a universal attack strategy  hence, they are not strongly bisimilar : s ~ t

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 ( ~ ) C ONGRUENCE

C LAUS B RABRAND [ 18 ] S EMANTICS (Q1,’06) O CT 12, 2006 ( ~ ) is a Congruence for CCS Theorem: Let P and Q be processes such that P ~ Q ; then: .P ~ .Q   Act P+R ~ Q+R  R  Proc R+P ~ R+Q  R  Proc P|R ~ Q|R  R  Proc R|P ~ R|Q  R  Proc P[f] ~ Q[f]  f : P(Act)  P(Act) relabellings P\a ~ Q\a  a  Act \ {  } i.e. ‘ ~ ’ is a congruence for CCS

C LAUS B RABRAND [ 19 ] S EMANTICS (Q1,’06) O CT 12, 2006 Other Properties of ( ~ ) The following properties hold  P, Q, R : P+Q ~ Q+P // ‘ + ’ commutative (P+Q)+R ~ P+(Q+R) // ‘ + ’ associative P|Q ~ Q|P // ‘ | ’ commutative (P|Q)|R ~ P|(Q|R) // ‘ | ’ associative P+0 ~ P // ‘ 0 ’ neutral wrt. ‘ + ’ P|0 ~ P // ‘ 0 ’ neutral wrt. ‘ | ’...

C LAUS B RABRAND [ 20 ] S EMANTICS (Q1,’06) O CT 12, 2006 Summary: Strong Bisimilarity ( ~ ) Properties of ( ~ ): an equivalence relation: reflexive, symmetric, and transitive the largest strong bisimulation: for proving bisimilarity (exhibit a bisimulation) strong bisimulation game: for proving non-bisimilarity (winning attack strategy) a congruence: P ~ Q => C[P] ~ C[Q] obeys the following algebraic laws: ‘ + ’ and ‘ | ’ commutative, associative, and ‘ 0 ’ neutrality, …

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 M ODEL- C HECKING

C LAUS B RABRAND [ 22 ] S EMANTICS (Q1,’06) O CT 12, 2006 Dictionary: “ model ” In this course (we use): 3+4 : as in “Model-based design” (designing a model of a concurrent system) 12 : as in “Model-checking” (checking implementation against declarative (logic) specification) Main Entry: 1 mod·el Pronunciation: 'mä-d & l Function: noun Etymology: Middle French modelle, from Old Italian modello, from (assumed) Vulgar Latin modellus, from Latin modulus small measure, from modus 1 obsolete : a set of plans for a building 2 dialect British : COPY, IMAGE 3 : structural design 4 : a usually miniature representation of something; also : a pattern of something to be made 5 : an example for imitation or emulation 6 : a person or thing that serves as a pattern for an artist; especially : one who poses for an artist 7 : ARCHETYPE 8 : an organism whose appearance a mimic imitates 9 : one who is employed to display clothes or other merchandise : MANNEQUIN 10 a : a type or design of clothing / b : a type or design of product (as a car) 11 : a description or analogy used to help visualize something (as an atom) that cannot be directly observed 12 : a system of postulates, data, and inferences presented as a mathematical description of an entity or state of affairs 13 : VERSION Webster’s(“ model ”):

C LAUS B RABRAND [ 23 ] S EMANTICS (Q1,’06) O CT 12, 2006 Model-Checking We have seen verification: In an operational setting: Check: (spec’ and impl’ are equiv’) Model-checking Declarative specification (  : logic property) Check: (impl’ satisfies property  ) Declarative (vs. operational): Abstraction: “what instead of how” Stability under reimplementation Easier to read, write, and modify Logic formulae can be very concise SPEC  IMPL IMPL | -   t,t’’: acq (t)  acq (t’’)   t’: t<t’<t’’  rel (t’)

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 CCS T OOLS Keywords: - Concurrency Workbench - CCS visualizer and simulator - The Bisimulation Game Game

C LAUS B RABRAND [ 25 ] S EMANTICS (Q1,’06) O CT 12, 2006 Concurrency Workbench [ Concurrency Workbench ]Concurrency Workbench P   testing (interactive simulation)  verification (via logic formulae)  dump transition graph (NFA) ... [ ] [ /users/courses/dSem/bin/cwb ]

C LAUS B RABRAND [ 26 ] S EMANTICS (Q1,’06) O CT 12, 2006 The Concurrency Workbench CWB: Recommendation: try it out (before the exam)! CWB:> input “PandQ.ccs”; CWB:> sim(P); // run the built-in simulator CWB:> output “P.graph”; // name output file CWB:> graph(P); // output for CCS visualizer and simulator CWB:> strongeq(P,Q); // strong bisimilarity CWB’s answer CWB:> eq(P,Q); // weak bisimilarity CWB’s answer

C LAUS B RABRAND [ 27 ] S EMANTICS (Q1,’06) O CT 12, 2006 CCS Visualizer and Simulator [ CCS Visualizer and Simulator ]CCS Visualizer and Simulator [ ] [ /users/courses/dSem/bin/cv ]

C LAUS B RABRAND [ 28 ] S EMANTICS (Q1,’06) O CT 12, 2006 The Bisimulation Game It’s Amazing… The Bisimulation Game ® Special Family Edition (w/ TV cables & remote control) Beat your sister at Process Algebra simulation… “Special Family Edition!” “ The Bisimulation Game ” Only $31,95 The Bisimulation Game [ ]

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 SOS Implementation Example: L

C LAUS B RABRAND [ 30 ] S EMANTICS (Q1,’06) O CT 12, 2006 Representation of Exp/BExp/Com type number = int type variable = string type truthvalue = bool datatype exp = Number of number | Variable of variable | Add of exp * exp | Sub of exp * exp | Mul of exp * exp datatype bexp= Truthvalue of truthvalue | Eq of exp * exp | Or of bexp * bexp | Not of bexp datatype com = Skip | Assign of variable * exp | Seq of com * com | If of bexp * com * com | While of bexp * com

C LAUS B RABRAND [ 31 ] S EMANTICS (Q1,’06) O CT 12, 2006 Representation of Store type store = (variable * number) list fun update s v n = let val s' = List.filter (fn (v', _) => v <> v') s in (v, n) :: s' end fun lookup s v = let val pair = List.find (fn (v', _) => v = v') s fun match (SOME (_, n)) = n | match NONE = raise (Fail "Stuck!") in match pair end

C LAUS B RABRAND [ 32 ] S EMANTICS (Q1,’06) O CT 12, 2006 Small-step semantics for Exp fun smallStepExp (Variable var, store) (* Var *) = let val n = lookup store var in (Number n, store) end | smallStepExp (Add (Number m, Number m'), store) (* Sum3 *) = let val n = m + m' in (Number n, store) end | smallStepExp (Add (Number m, e1), store) (* Sum2 *) = let val (e1', _) = smallStepExp (e1, store) in (Add (Number m, e1'), store) end | smallStepExp (Add (e0, e1), store) (* Sum1 *) = let val (e0', _) = smallStepExp (e0, store) in (Add (e0', e1), store) end

C LAUS B RABRAND [ 33 ] S EMANTICS (Q1,’06) O CT 12, 2006 Pretty Printing Exp fun prettyExp (Number n) = print (Int.toString n) | prettyExp (Variable var) = print var | prettyExp (Add (e1, e2)) = ( prettyExp e1; print " + "; prettyExp e2 ) | prettyExp (Sub (e1, e2)) = ( prettyExp e1; print " - "; prettyExp e2 ) | prettyExp (Mul (e1, e2)) = ( prettyExp e1; print " * "; prettyExp e2 ) fun prettyBExp... =... fun prettyCom... =...

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 C OURSE E VALUATION

C LAUS B RABRAND [ 35 ] S EMANTICS (Q1,’06) O CT 12, 2006 Course Evaluation Your e aluation matters!: Gives you a chance to voice your opinion Helps improve next year’s course Helps improve my teaching (in general) Impacts ( + / - ) my personal employment opportunities at uni May influence larger didactic strategies for whole dept. / uni

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 P ROGRAM E QUIVALENCE

C LAUS B RABRAND [ 37 ] S EMANTICS (Q1,’06) O CT 12, 2006 Program Equivalence (  )? Program equivalence (  ) ?:        x  FV(E 2 )  y  FV(E 1 )... How do we know they are “equivalent” ? …and what does that mean ? C ; nilnil ; CC if B then C else C’if ~B then C’ else C (C 1 ; C 2 ) ; C 3 C 1 ; (C 2 ; C 3 ) repeat C until BC ; while ~B do C x := E 1 ; y := E 2 y := E 2 ; x := E 1 nilnil ; nil

C LAUS B RABRAND [ 38 ] S EMANTICS (Q1,’06) O CT 12, 2006 Behavior and Behavioral Equivalence Assume deterministic language L: Def: Behavior: Partial function : exec(C,  ) = Def: Behavioral equivalence ( C  C’ ):  ’ if  *  ’ undefotherwise e.g. nontermination, abnormal termination exec : Com  Store  Store  Store: exec(C,  ) = exec(C’,  ) i.e. the two commands produce the same resulting store,  ’, (but not necessarily in the same number of steps) if both defined

C LAUS B RABRAND [ 39 ] S EMANTICS (Q1,’06) O CT 12, 2006 Congruence (  ) Theorem: “  ” is a congruence [proof omitted] i.e., we can substitute equivalent fragments in programs! Example (Java): C  C’ => P[C]  P[C’], for all contexts P[] class C { D void m() { S’ for (E 1 ; E 2 ; E 3 ) S 0 S” } safe transformation who: compiler, homo-sapiens, combination (refactoring tools), … why: readability, optimization, simplification, … class C { D void m() { S’ { E 1 ; while (E 2 ) { S 0 E 3 ; }} S” } class C { D void m() { S’ [ ] S’’ }

C LAUS B RABRAND [ 40 ] S EMANTICS (Q1,’06) O CT 12, 2006 How to Prove Behavioral Equivalence? How do we prove: (for given C, C’ )? i.e.: For derivation sequences of any length, n C  C’ ,  ’: (  *  ’)  (  *  ’)  Store: exec(C,  ) = exec(C’,  ) if both defined  ,  ’: (  *  ’)  (  *  ’)  ,  ’: (  *  ’)  (  *  ’)  ,  ’: (  n  ’)  (  *  ’) ,  ’: (  *  ’)  (  n  ’)  

C LAUS B RABRAND [ 41 ] S EMANTICS (Q1,’06) O CT 12, 2006 Induction on the Length of Derivation Seq’s Base case: P(k=1) Prove that the property, P, holds for all derivation sequences of length 1 (one) Inductive step: P(k)  P(k+1) Assume P(k): that the property holds for derivation sequences of length k Prove P(k+1): that it holds for derivation sequences of length k+1 Then:  n  1: P(n) Property P holds for all derivation sequences (any length)

C LAUS B RABRAND [ 42 ] S EMANTICS (Q1,’06) O CT 12, 2006 …Or How do we prove: (for given C, C’ )? i.e.: For some intermediate configuration,  C  C’ ,  ’: (  *  ’)  (  *  ’)  Store: exec(C,  ) = exec(C’,  ) if both defined  ,  ’: (  *  ’)  (  *  ’)  ,  ’: (  *  ’)  (  *  ’)   : (  *  )  (  *  )   : (  *  )  (  *  ) 

C LAUS B RABRAND [ 43 ] S EMANTICS (Q1,’06) O CT 12, 2006 Example (Proof Structure) Example:  Prove “  ” (let  be given w/o assumptions): Assume [LHS]: show [RHS]: Case analysis on possible derivations for [LHS]… if B then C else C’if ~B then C’ else C  *    *  for some   * 

C LAUS B RABRAND [ 44 ] S EMANTICS (Q1,’06) O CT 12, 2006 Example (cont’d) Case [B  * tt]: Then construct: Analogous for [B  * ff] Symmetric for the other direction “  ” C1C1 <B,><B,> B*B* [IF 1 ] C1C1 B1B1 [IF 2 ] <B,><B,> B*B* [NEG 1 ] proof C*C* C*C* ’’ ’’ proof ’

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 I MPERATIVE B LOCKS

C LAUS B RABRAND [ 46 ] S EMANTICS (Q1,’06) O CT 12, 2006 Blocks Consider the language ABCD: Example: A ::= z | v | A 0 + A 1 | A 0 - A 1 | A 0  A 1 B ::= b | ~ B | B 0 or B 1 | A 0 = A 1 C ::= skip | x := A | if B then C else C’ | while B do C | begin D ; C end // local block D ::= nil | var x := A | D 0 ; D 1 // local definitions if (~ (x = y)) then begin var t := x ; x := y ; y := t end else skip

C LAUS B RABRAND [ 47 ] S EMANTICS (Q1,’06) O CT 12, 2006 Semantics of Definitions Semantics of Definitions: [ NIL ] D  D   D  ’[x=n] [ VAR ] D  A *  D [ SEQ 1 ] D  D [ SEQ 2 ] D  D  ’ extend store Note: [Plotkin] does this differently (through env-store model); read it yourselves…

C LAUS B RABRAND [ 48 ] S EMANTICS (Q1,’06) O CT 12, 2006 Semantics of Blocks SOS for Blocks: [ BLK 1 ] C  C  D  ’ [ BLK 2 ] C  C [ BLK 3 ] C  C (  ’ \ V) [  0 ]  C  ’ remember values of shadowed variables :  0 =  | V remember set of locally defined variables : V = DV(D) purge locally defined variables and restore old shadowed values Def:  \V := {v=  (v)|v  DV(  )\V}

C LAUS B RABRAND [ 49 ] S EMANTICS (Q1,’06) O CT 12, 2006 Dynamic vs. Static Scope Rules Example: x := 2 ; begin var x := 7 ; nil end // here: x has the value... [ BLK 3 ] C  C (  ’ \ V) [  0 ]  C  ’ purge locally defined variables and restore old shadowed values “Static Scope Rules” x = 2 “Dynamic Scope Rules” x = 7 restoring old shadowed values not restoring …

C LAUS B RABRAND [ 50 ] S EMANTICS (Q1,’06) O CT 12, 2006 Inaccessible Val’s (Garbage Collection) Example: [ BLK 3 ] C  C (  ’ \ V) [  0 ]  C  ’ purge locally defined variables and restore old shadowed values // x undefined begin var x := 7 ; nil end // here x is... “No Inaccessible Values” x isn’t in the store (garbage collection)! “Inaccessible Values” x is in the store (but inaccessible)! purging locally defined vars not purging …

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 T HE E NVIRONMENT- S TORE M ODEL

C LAUS B RABRAND [ 52 ] S EMANTICS (Q1,’06) O CT 12, 2006 “The Environment-Store Model” “The Environment-Store Model”: Introducing abstract locations: Transitions:  | -  x ℓ v VARLOC VAL      environmentstore  (x)  (  (x)) x  : VAR  LOC,  : LOC  VAL env : doesn’t change w/ exec store: mutates with execution

C LAUS B RABRAND [ 53 ] S EMANTICS (Q1,’06) O CT 12, 2006 Examples (Pointers) Pointers Static Semantics: Dynamic Semantics: ptr p = 0xCAFEBABE; //  ( p)  Loc Z 0xff is a location const int x = *p; // *p  Z (since  ( p)  Loc Z ) [ DER ]  |- * E :   |- E : LOC  [ DER 2 ]  |-  n =  (ℓ) [ DER 1 ]  |-  #define ptr (int*) (for the C-hackers: :) "DER" for (pointer) dereference

C LAUS B RABRAND [ 54 ] S EMANTICS (Q1,’06) O CT 12, 2006 Examples (cont’d) Aliasing (similarly with call-by-reference): Explicit allocation: Explicit deallocation: { ptr p = allocate(1); //  (p) = ℓ fresh ℓ fresh  Loc Z *p = 42; // side-effecting:  ’ =  [ ℓ fresh =42] } // ℓ fresh , but is an “inaccessible ref”(!) ptr p =...; free(p); //  (p)=ℓ, but ℓ  ; aka. “dangling reference”! ptr q = p; // location aliasing:  (q) = ℓ =  (p) *p = 42; // side-effecting:  ’ =  [ ℓ =42] // now *q also has the value 42:  (  (q)) is 42

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 L ANGUAGE E XTENSIONS

C LAUS B RABRAND [ 56 ] S EMANTICS (Q1,’06) O CT 12, 2006 Language Extensions Language extensions: Simple language without variables: E  E’ Adding variables (=> environments):  | - E  E’  : VAR  VAL Adding assignments (=> stores):   : VAR  VAL Adding output (=> output “tape”):    VAL*

C LAUS B RABRAND [ 57 ] S EMANTICS (Q1,’06) O CT 12, 2006 SOS Extensions (cont’d) …more extensions: Adding stack operations (=> value stack)  s  VAL* Runtime-errors (=> error values): E  error K  = Exp  {error K } Exceptions (=> exception values): E  exception K  = Exp  {exception K } Adding jumps/gotos (=> labels and label map) L | - C  C’ L : LABEL  COM

C LAUS B RABRAND [ 58 ] S EMANTICS (Q1,’06) O CT 12, 2006 SOS Extensions (cont’d) …even more extensions: Adding functions (=> function environment): F | - E  E’ F : FNAME  EXP Adding statically scoped functions: F | - E  E’ F : FNAME  EXP  ENV Adding procedures (=> procedure environment): P | - C  C’ P : PNAME  COM Adding statically scoped procedures: P | - C  C’ P : PNAME  COM  ENV

C LAUS B RABRAND [ 59 ] S EMANTICS (Q1,’06) O CT 12, 2006 SOS Extensions (cont’d) …still more extensions: “First class” functions (=> function values: “closures”)  | - E  E’  : VAR  CLOSURE Adding call-by-refence / pointers / arrays / … (=> abstract locations / “the environment-store model”):  | -   : VAR  LOC  : LOC  VAL Adding pointer arithmetic / “address-of” / … (=> phys. locations / addresses):  | -   : VAR  ADDR  : ADDR  VAL …

C LAUS B RABRAND [ 60 ] S EMANTICS (Q1,’06) O CT 12, 2006 Expressible / Denotable / Storeable Values Expressible Values: Values of expressions (i.e.,  E = E VAL ) Denotable Values: Values of identifiers/variables (i.e.  : VAR  D VAL ) Storeable Values: Values in the store (i.e.  : LOC  S VAL ) Printable Values: Values in the output (i.e.   P VAL *)

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 O THER S EMANTIC F ORMALISMS

C LAUS B RABRAND [ 62 ] S EMANTICS (Q1,’06) O CT 12, 2006 Operational Semantics Operational Semantics: Labelled Transition System:  0 =   1 =   2 =   3 =  result = [x=2,y=1,z=1] Variations in step-sizes (small-step, big-step, …) The meaning of a construct is specified by the computation it induces when it is executed on a machine. In particular, it is of interest how the effect of a computation is produced. -- [Nielson & Nielson, “Semantics with Applications”, ’93]

C LAUS B RABRAND [ 63 ] S EMANTICS (Q1,’06) O CT 12, 2006 Denotational Semantics Denotational Semantics: Describe everything as mathematical functions: [[ z=x;(x=y;y=z) ]] = [[ x=y;y=z ]] o [[ z=x ]] = [[ y=z ]] o [[ x=y ]] o [[ z=x ]] = s.s[y=s(z)] o s.s[x=s(y)] o s.s[z=s(x)] = s.s[x=s(y),y=s(x),z=s(x)] Loops are expressed as fixed-points of rec’sive functors i.e., functions that takes functions as arguments Meanings are modelled by mathematical objects that represent the effect of executing the constructs. Thus, only the effect is of interest, not how it is obtained. -- [Nielson & Nielson, “Semantics with Applications”, ’93]

C LAUS B RABRAND [ 64 ] S EMANTICS (Q1,’06) O CT 12, 2006 Axiomatic Semantics Axiomatic Semantics: Partial correctness; Command C is partially correct wrt. a pre and a post- condition if whenever the initial state fulfils the pre- condition and the program terminates, then the final state fulfils the post-condition. { x=a,y=b } z=x;x=y;y=z { x=b,y=a } Specific properties of the effect of executing the constructs are expressed as assertions. Thus, there may be aspects of the executions that are ignored. -- [Nielson & Nielson, “Semantics with Applications”, ’93] {  pre } C {  post }

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006

C LAUS B RABRAND [ 66 ] S EMANTICS (Q1,’06) O CT 12, 2006 Program Relationship (Example c) Program world Model world Concrete Abstract ~ P P’ M M’ 1. P ~ P’ ? 2. abstract 3. M ~ M’ ? 4. relate 5. M ~ M’ ! 6. concretize 7. P ~ P’ !

C LAUS B RABRAND S EMANTICS (Q1,’06) O CT 12, 2006 Next week: Revision Period ; then Exam Good Luck! Any Questions?