C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 C LAUS B RABRAND © 2005, University of Aarhus [ ] [ ] S EMANTICS (Q1,’05) W EEK 7: ” PROGRAM EQUIVALENCE AND IMPERATIVE FEATURES ”
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 2 ] O CT 13, 2005 Course Structure Introduction [background]: Prerequisitional Math // 1 week Part I [describe/explain/analyze]: Structural Operational Semantics // 3 weeks Part II [compare/reason]: Concurrency and Communication (CCS) // 1 week Part III [compare/prove/apply]: Equivalence: Bisimulation and Games // 1 week Practice [link to real world]: Imperative Features + Sem in Practice // 1 week
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 3 ] O CT 13, 2005 Week 7 - Outline Issues from week 6 Course Evaluation Program Equivalence Imperative Blocks Sketch: Various Language Extensions “The Environment-Store Model” Other Semantic Formalisms “Semantics in Practice” [at 13:15] (Peter Gorm Larsen, IHA)
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 4 ] O CT 13, 2005 “3x3 main issues” from week 6 Project: 1. sample solutions (which and when) ? [today] 2. how to specify an infinite trace ? [sample solutions] 3. grades (when) ? [Monday 17/10] Exam: 4. prefer weekly hand-ins over project !!![me+TAs too!!!] 5. size of exam: |exam| ~ |project| ? [slightly smaller] 6. more practical information ! [specific questions?] FYI (message from TAs): 7. “read” the project (and the exam) ! 8. “argue” vs. “prove” ! 9. Q/A session (on next Monday) ! Main Entry: 1 read Pronunciation: 'rEd Function: verb Inflected Form(s): read /'red/; read·ing /'rE-di[ng]/ 1a to receive or take in the sense of (as letters or symbols) especially by sight or touch Meriam Webster(“ read ”)
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 5 ] O CT 13, 2005 Example Exam Exercise: Prove by structural induction determinism for the SOS:
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 C OURSE E VALUATION
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 7 ] O CT 13, 2005 Course Evaluation “Tilfredshedsundersøgelse”: From an Evaluation-Theoretical perspective:
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 8 ] O CT 13, 2005 Course Evaluation Your e aluation is important and matters!: Gives you a chance to voice your opinion Helps improve next year’s course Helps improve my teaching (in general) Impacts ( + / - ) my personal employment opportunities at uni May influence larger didactic strategies for whole dept. / uni Invariables (beyond my influence): Fixed project form (i.e., one (exam-like) project) as opposed to weekly hand-ins (with a distributed workload)! Fixed exam form (i.e., 2-3 days “take-home”) as opposed to 4-hr-written / oral exam Material situation not easy to find adequate textbook (plan to write notes next year)
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 P ROGRAM E QUIVALENCE
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 10 ] O CT 13, 2005 Program Equivalence ( )? Program equivalence ( ) ?: x 1 FV(E 2 ) x 2 FV(E 1 )... How do we know they are “equivalent” ? …and what does that mean ? C ; nilnil ; CC if B then C else C’if ~B then C’ else C (C 1 ; C 2 ) ; C 3 C 1 ; (C 2 ; C 3 ) repeat C until BC ; while ~B do C x 1 := E 1 ; x 2 := E 2 x 2 := E 2 ; x 1 := E 1 nilnil ; nil
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 11 ] O CT 13, 2005 Behavior and Behavioral Equivalence Assume deterministic language L: Def: Behavior: Partial function : exec(C, ) = Def: Behavioral equivalence ( C C’ ): ’ if * ’ undefotherwise e.g. nontermination, abnormal termination exec : Com Store Store Store: exec(C, ) = exec(C’, ) i.e. the two commands produce the same resulting store, ’, (but not necessarily in the same number of steps) if both defined
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 12 ] O CT 13, 2005 Congruence ( ) Theorem: “ ” is a congruence [proof omitted] i.e., we can substitute equivalent fragments in programs! Example (Java): C C’ => P[C] P[C’], for all contexts P[] class C { D void m() { S’ for (E 1 ; E 2 ; E 3 ) S 0 S” } safe transformation who: compiler, homo-sapiens, combination (refactoring tools), … why: readability, optimization, simplification, … class C { D void m() { S’ { E 1 ; while (E 2 ) { S 0 E 3 ; }} S” } class C { D void m() { S’ [ ] S’’ }
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 13 ] O CT 13, 2005 How to Prove Behavioral Equivalence? How do we prove: (for given C, C’ )? i.e.: For derivation sequences of any length, n C C’ , ’: ( * ’) ( * ’) Store: exec(C, ) = exec(C’, ) if both defined , ’: ( * ’) ( * ’) , ’: ( * ’) ( * ’) , ’: ( n ’) ( * ’) , ’: ( * ’) ( n ’)
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 14 ] O CT 13, 2005 Induction on the Length of Derivation Seq’s Base case: P(k=0) Prove that the property, P, holds for all derivation sequences of length 0 (zero) Inductive step: P(k) P(k+1) Assume P(k): that the property holds for derivation sequences of length k Prove P(k+1): that it holds for derivation sequences of length k+1 Then: n: P(n) Property P holds for all derivation sequences (any length)
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 15 ] O CT 13, 2005 …Or How do we prove: (for given C, C’ )? i.e.: For some intermediate configuration, C C’ , ’: ( * ’) ( * ’) Store: exec(C, ) = exec(C’, ) if both defined , ’: ( * ’) ( * ’) , ’: ( * ’) ( * ’) : ( * ) ( * ) : ( * ) ( * )
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 16 ] O CT 13, 2005 Example (Proof Structure) Example: Prove “ ” (let be given w/o assumptions): Assume [LHS]: Show [RHS]: Case analysis on possible derivations for [LHS]… if B then C else C’if ~B then C’ else C * * for some *
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 17 ] O CT 13, 2005 Example (cont’d) Case [B * tt]: Then construct: Analogous for [B * ff] Symmetric for the other direction “ ” C1C1 <B,><B,> B*B* [IF 1 ] C1C1 B1B1 [IF 2 ] <B,><B,> B*B* [NEG 1 ] proof C*C* C*C* ’’ ’’ proof ’
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 I MPERATIVE B LOCKS
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 19 ] O CT 13, 2005 Blocks Consider the language ABCD: Example: A ::= z | v | A 0 + A 1 | A 0 - A 1 | A 0 A 1 B ::= b | ~ B | B 0 or B 1 | A 0 = A 1 C ::= skip | x := A | if B then C else C’ | while B do C | begin D ; C end // local block D ::= nil | var x := A | D 0 ; D 1 // local definitions if (~ (x = y)) then begin var z := x ; x := y ; y := z end else skip
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 20 ] O CT 13, 2005 Semantics of Definitions Semantics of Definitions: [ NIL ] D D D ’[x=z] [ VAR ] D A * D [ SEQ 1 ] D D [ SEQ 2 ] D D ’ extend store Note: [Plotkin] does this differently (through env-store model); read it yourselves…
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 21 ] O CT 13, 2005 Semantics of Blocks Semantics of Blocks: [ BLK 1 ] C C D ’ [ BLK 2 ] C C [ BLK 3 ] C C ( ’ \ V) [ 0 ] C ’ remember shadowed values : 0 = | V remember set of locally defined variables : V = DV(D) purge locally defined variables and restore old shadowed values Def: | V := {v= (v)|v V DV( )} Def: \V := {v= (v)|v DV( )\V}
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 22 ] O CT 13, 2005 Dynamic vs. Static Scope Rules Example: x := 2 ; begin var x := 7 ; nil end // here: x has the value... [ BLK 3 ] C C ( ’ \ V) [ 0 ] C ’ purge locally defined variables and restore old shadowed values “Static Scope Rules” x = 2 “Dynamic Scope Rules” x = 7 restoring old shadowed values not restoring …
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 23 ] O CT 13, 2005 Inaccessible Val’s (Garbage Collection) Example: [ BLK 3 ] C C ( ’ \ V) [ 0 ] C ’ purge locally defined variables and restore old shadowed values // x undefined begin var x := 7 ; nil end // here x is... “No Inaccessible Values” x isn’t in the store (garbage collection)! “Inaccessible Values” x is in the store (but inaccessible)! purging locally defined vars not purging …
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 L ANGUAGE E XTENSIONS
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 25 ] O CT 13, 2005 Language Extensions Language extensions: Simple language without variables: E E’ Adding variables (=> environments): | - E E’ : VAR VAL Adding assignments (=> stores): : VAR VAL Adding output (=> output “tape”): VAL*
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 26 ] O CT 13, 2005 SOS Extensions (cont’d) …more extensions: Adding stack operations (=> value stack) s VAL* Runtime-errors (=> error values): E error K = Exp {error K } Exceptions (=> exception values): E exception K = Exp {exception K } Adding jumps/gotos (=> labels and label map) L | - C C’ L : LABEL COM
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 27 ] O CT 13, 2005 SOS Extensions (cont’d) …even more extensions: Adding functions (=> function environment): F | - E E’ F : FNAME EXP Adding statically scoped functions: F | - E E’ F : FNAME EXP ENV Adding procedures (=> procedure environment): P | - C C’ P : PNAME COM Adding statically scoped procedures: P | - C C’ P : PNAME COM ENV
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 28 ] O CT 13, 2005 SOS Extensions (cont’d) …still more extensions: “First class” functions (=> function values: “closures”) | - E E’ : VAR CLOSURE Adding call-by-refence / pointers / arrays / … (=> abstract locations / “the environment-store model”): | - : VAR LOC : LOC VAL Adding pointer arithmetic / “address-of” / … (=> phys. locations / addresses): | - : VAR ADDR : ADDR VAL …
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 29 ] O CT 13, 2005 Expressible / Denotable / Storeable Values Expressible Values: Values of expressions (i.e., E = E VAL ) Denotable Values: Values of identifiers/variables (i.e. : VAR D VAL ) Storeable Values: Values in the store (i.e. : LOC S VAL ) Printable Values: Values in the output (i.e. P VAL *)
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 T HE E NVIRONMENT- S TORE M ODEL
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 31 ] O CT 13, 2005 “The Environment-Store Model” “The Environment-Store Model”: Introducing abstract locations: Transitions: | - x ℓ v VARLOC VAL environmentstore (x) ( (x)) x : VAR LOC, : LOC VAL env : doesn’t change w/ exec store: mutates with execution
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 32 ] O CT 13, 2005 Examples (C-like) Pointers (for the C-hackers: :) Static Semantics: Dynamic Semantics: ptr p = 0xCAFEBABE; // p Loc Z 0xff is a location constant int x = *p; // *p Z(since p Loc Z ) [ DER ] |- * E : |- E : LOC [ DER 2 ] |- v = (ℓ) |- v = (ℓ) [ DER 1 ] |- #define ptr (int*)
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 33 ] O CT 13, 2005 Examples (cont’d) Aliasing (similarly with call-by-reference): Explicit allocation: Explicit deallocation: { ptr p = malloc(1); // p Loc Z *p = 42; // side-effecting: ’ = [ ℓ =42] } // ℓ , but is an “inaccessible reference”(!) ptr p =...; free(p); // (p)=ℓ, but ℓ ; aka. “dangling reference”! ptr q = p; // location aliasing: (p) = ℓ = (q) *p = 42; // side-effecting: ’ = [ ℓ =42] // now *q also has the value 42: ( (q)) is 42
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 O THER S EMANTIC F ORMALISMS
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 35 ] O CT 13, 2005 Operational Semantics Operational Semantics: Labelled Transition System: 0 = 1 = 2 = 3 = result = [x=2,y=1,z=1] Variations in step-sizes (small-step, big-step, …) The meaning of a construct is specified by the computation it induces when it is executed on a machine. In particular, it is of interest how the effect of a computation is produced. -- [Nielson & Nielson, “Semantics with Applications”, ’93]
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 36 ] O CT 13, 2005 Denotational Semantics Denotational Semantics: Describe everything as mathematical functions: [[ z=x;(x=y;y=z) ]] = [[ x=y;y=z ]] o [[ z=x ]] = [[ y=z ]] o [[ x=y ]] o [[ z=x ]] = s.s[y=s(z)] o s.s[x=s(y)] o s.s[z=s(x)] = s.s[x=s(y),y=s(x),z=s(x)] Loops are expressed as fixed-points of rec’sive functors i.e., functions that takes functions as arguments Meanings are modelled by mathematical objects that represent the effect of executing the constructs. Thus, only the effect is of interest, not how it is obtained. -- [Nielson & Nielson, “Semantics with Applications”, ’93]
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 37 ] O CT 13, 2005 Axiomatic Semantics Axiomatic Semantics: Partial correctness; Command C is partially correct wrt. a pre and a post- condition if whenever the initial state fulfils the pre- condition and the program terminates, then the final state fulfils the post-condition. { x=a,y=b } z=x;x=y;y=z { x=b,y=a } Specific properties of the effect of executing the constructs are expressed as assertions. Thus, there may be aspects of the executions that are ignored. -- [Nielson & Nielson, “Semantics with Applications”, ’93] { pre } C { post }
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 39 ] O CT 13, 2005 Program Relationship (Example c) Program world Model world Concrete Abstract ~ P P’ M M’ 1. P ~ P’ ? 2. abstract 3. M ~ M’ ? 4. relate 5. M ~ M’ ! 6. concretize 7. P ~ P’ !
C LAUS B RABRAND S EMANTICS (Q1,’05) O CT 13, 2005 Next week: Revision Period ; then Exam Good Luck! Any Questions?
C LAUS B RABRAND © S EMANTICS (Q1,’05) [ 41 ] O CT 13, 2005 Note Note on Structural Induction vs. Transitive 1-Step: You have only seen structural induction in the “shape” of C for 1- step derivations where the induction hypothesis may be used to recompose insights according to 1-step SOS rules (not: * ’) Solution: induction in the length of the derivation sequence