C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 C LAUS B RABRAND © , University of Aarhus [ ] [ ] S EMANTICS (Q1,’06) W EEK 3: ” BIG- vs. SMALL, ERRORS, TYPE CHECKING”

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 2 ] S EP 14, 2006 Week 3 - Outline Repetition: small-step SOS for L Small-step vs. big-step (a comparison): Non-termination, abnormal termination, non-determinism, and parallelism Runtime-errors Exceptions and Exception Handling Type Errors Type Checking Structural Induction

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 Small-step SOS for "L"

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 4 ] S EP 14, 2006 Recall ”L” Recall "L": Arithmetic Expressions ( e  Exp): Boolean Expressions ( b  BExp): Commands ( c  Com): e ::= n | v | e + e’ | e – e’ | e  e’ b ::= t | e = e’ | b or b’ | ~ b c ::= nil | v := e | c ; c’ | if b then c else c’ | while b do c

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 5 ] S EP 14, 2006 A: [ SUM 1 ]  A [ SUM 2 ] [ SUM 3 ]  A m = n 0 + n 1  A [ VAR ] m =  (v)

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 6 ] S EP 14, 2006  B [ EQ ] B  A * t = tt, n 0 = n 1 ff, n 0  n 1  B [ OR 1 ] B [ OR 2 ] B  B [ OR 3 ] B t = t 0  t 1  A *  B [ NEG 1 ] B  B [ NEG 2 ] B t' =  t B:

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 7 ] S EP 14, 2006  C  [ NIL ] C  C  "  A * [ ASS ] C  " =  '[m/v]  C [ SEQ 1 ] C  C  C  ’ [ SEQ 2 ] C  C  B * [ IF 1 ] C  C  B * [ IF 2 ] C  C  B * [ WH 1 ] C  C  '  B * [ WH 2 ] C C:

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 B IG-STEP vs. S MALL-STEP

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 9 ] S EP 14, 2006 Big-step vs. Small-step: SOS Big-step SOS: Small-step SOS:  SS [ WH 1 ] SS  SS  [ WH 2 ] SS [ WH 1 ] BS [ WH 2 ] BS  BS  ”  BS   BS  ”  BS  ’  | _ b  B * tt  | _ b  B * ff  | _ b  B * tt  | _ b  B * ff

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 10 ] S EP 14, 2006 Big-step vs. Small-step: Looping Big-step: Small-step: Looping described as: infinite transition sequence  ?     …  ? …   Looping described as: infinite inference tree (actually no inference tree)! “vertically infinite” “horizontally infinite”

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 11 ] S EP 14, 2006 Extension: Abnormal Termination Language L: Commands ( c  Com): Big-step SOS ? Small-step SOS ? c ::= nil | v := e | c ; c’ | if b then c else c’ | while b do c | abort

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 12 ] S EP 14, 2006 Big-step vs. Small-step: Abnormal Termination Big-step: Small-step: Stuck conf.'s described as: terminating transition sequence (  looping)  ?   ?   Stuck configurations described as: no inference tree (as with looping)! NB: Big-step cannot distinguish looping and abnormal termination! NB: Small-step can distinguish looping and abnormal termination! stuck

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 13 ] S EP 14, 2006 Extension: Non-determinism Language L: Commands ( c  Com): Big-step SOS ? Small-step SOS ? c ::= nil | v := e | c ; c’ | if b then c else c’ | while b do c | c alt c’

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 14 ] S EP 14, 2006 Big-step vs. Small-step: Non-determinism Big-step: Small-step: Small-step will commit to a choice (right here, right now)      Big-step will look ahead for “good” choices (here, only 1 inf. tree exists) NB: Big-step will suppress non-termination (and abnormal termination)! NB: Small-step will not suppress looping (or abortion);  or   stuck

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 15 ] S EP 14, 2006 Extension: Parallelism Language L: Commands ( c  Com): Big-step SOS ? Small-step SOS ? c ::= nil | v := e | c ; c’ | if b then c else c’ | while b do c | c par c’ with “interleaving semantics”

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 16 ] S EP 14, 2006 Big-step vs. Small-step: Parallelism Big-step: Small-step: Small-step can evaluate one step of c 0, then c 1, then c 0, …   ”    ’ Big-step will have to (chose) evaluate either c 0 (or c 1 ) completely first NB: Big-step cannot express (interleaving) parallelism! NB: Small-step can easily express (interleaving) parallelism!    ”

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 R UNTIME-ERRORS

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 18 ] S EP 14, 2006 SOS for division SOS for division: Stuck configuration?: [ DIV 1 ]  [ DIV 2 ] [ DIV 3 ]  m = n 0 / n 1  Store = Var  Z  stuck  n 1  0

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 19 ] S EP 14, 2006 Recall: Terminal Trans. Sys. A Terminal Transition System is a structure:  is the set of configurations      is the transition relation T   is a set of final configurations …satisfying: i.e. “all configurations in ‘T’ really are terminal”. …but not the “converse”: However, in practise achieved through runtime-errors!  , , T     T :   ’   :    ’    T :   ’   :    ’

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 20 ] S EP 14, 2006 So what about “Division by Zero” We would like: Add configuration: …and rule: …but now what about:  runtime-error [ DIV 4 ]  runtime-error n 1 = 0  L := Exp  Store  { runtime-error } stuck?!?

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 21 ] S EP 14, 2006 Add runtime-errors for [add]/[sub]/.. Propagation of runtime-errors: [ SUM 3 ]  runtime-error [ SUM 4 ]  runtime-error [ SUB 3 ]  runtime-error [ SUB 4 ]  runtime-error

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 22 ] S EP 14, 2006 Propagation… Even for Boolean Expressions: And Commands: [ SEQ 3 ] C  C runtime-error …  B runtime-error [ NOT 2 ] B …

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 23 ] S EP 14, 2006 All this just for Division by Zero? Yes Note: the same thing happens in prog. lang.’s) Same thing for (depending on lang.): Arithmetic overflow Square root of a negative number Overstepping array bounds Reading uninitialized variable Dereferencing null-pointers Dynamic type failure (in dynamically typed lang.s) …

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 E XCEPTIONS AND Exc - H ANDLING

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 25 ] S EP 14, 2006 Exception Handling Suppose we want to recover from div-by-zero Turn it into an exception (instead): And add exception handler construct: Commands ( c  Com): For simplicity, let’s assume x is always dbz exception  c ::= nil | v := e | c ; c’ | if b then c else c’ | while b do c try c catch x recover c’

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 26 ] S EP 14, 2006 SOS for try-catch-recover SOS for “try-catch-recover”: [ TRY 1 ]  [ TRY 2 ] [ TRY 3 ]    ’ Recall that x is always dbz exception

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 T YPE E RRORS

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 28 ] S EP 14, 2006 Consider Variant of L; L’ Basic Syntactic Sets: Operators Derived Syntactic Sets: (Mixed) Expressions ( e  Exp): Commands ( c  Com): e ::= n | t | v | e o e’ | ~ e c ::= nil | v := e | c ; c’ | if e then c else c’ | while e do c o  { +, -, , /, =, or } Store = Var  Z Assume variables can only hold integers:

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 29 ] S EP 14, 2006 Tons of Problems...(?) Now what about expressions like…: … Well, we could make them runtime-errors or we could have "fake, almost-like-booleans" (as C) However, compile-time errors (much better) !!! 2 + tt ~ 42 if 5 then c 0 else c 1 while 87 do c x := tt ?

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 30 ] S EP 14, 2006 Runtime- vs. compile-time errors Runtime-error (aka. dynamic error): i.e., maybe intercepted when the program is run ! Compile-time error (aka. static error): i.e., always intercepted when program is compiled ! int n;.. x = n / 0; // runtime-error (exception) int n;.. if (n) x = 42; // compile-time error [Java]

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 31 ] S EP 14, 2006 Dynamically vs. Statically Typed Lang.’s Dynamically Typed Language: i.e., error found only when the program is run (maybe) Statically Typed Language: i.e., error found when the program is compiled $beer = true; // dynamically typed vars.. $x = $beer - 42; // runtime-error boolean b = true; // statically typed vars.. x = b - 42; // compile-time error [Basic] [Java]

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 32 ] S EP 14, 2006 However, … Not all runtime-errors can be “turned into” compile-time errors: Consider division-by-zero (in Java): runtime-error here  e’ evaluates to 0 We would really like: runtime-error  compile-time error However, we cannot do (compile-time) “static analysis”; Since the error depends on the runtime value of e’, we can only evaluate e’ in a particular store,  e / e’

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 33 ] S EP 14, 2006 What about Type Errors Again, we would really like: runtime error  compile-time type error However, again: If we could invent some stronger requirement: runtime error => compile-time type error Then (by contraposition; i.e. ): no compile-time type error => no runtime error if (  e  ) b := 7; else b := tt; b := ~ b; // potential runtime-error Again, the (potential) error depends on the runtime value of e P => Q  ~Q => ~P

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 34 ] S EP 14, 2006 Type Declarations(!) Add type declarations (bool, int, …) And make sure they are respected (everywhere in the program) However, now we need to do (static) type checking [in 4 slides…] bool b; // type declaration (b always bool) if (e) b := 7; // static type error else b := tt; // okay b := ~ b; // okay

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 35 ] S EP 14, 2006 Approximative Solution Potential error… …maybe it never happens(!?): The Type Checking Approximation: if (ff) b := 7; else b := tt; b := ~ b; // never an error!!! never error maybe error Type safe!. ?.. never error maybe error undecidable type-checking: safe (over-)approximation above program Quality of a type-system ~ size of “slack” (wrongfully rejected programs)

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 T YPE C HECKING

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 37 ] S EP 14, 2006 Recall L’ Basic Syntactic Sets: Operators Derived Syntactic Sets: (Mixed) Expressions ( e  Exp): Commands ( c  Com): e ::= n | t | v | e o e’ | ~ e c ::= nil | v := e | c ; c’ | if e then c else c’ | while e do c o  { +, -, , /, =, or } Store = Var  Z Assume variables can only hold integers:

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 38 ] S EP 14, 2006 Introducing Types Define a set of types:   Types = { int, bool } Define (static) type relation: | _  Exp x Types We shall write instead of Meaning: “the expression 42 has type int ” We would like: whereas for any   Types | _ 42 : int ( 42, int )  ‘| _ ’ | _ 3+5 : int | _ 3=5 : bool | _ 7+tt : 

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 39 ] S EP 14, 2006 Basic Syn. Sets (Inherently Typed) Expressions: Numbers: for any n Truthvalues: for any t Variables: for any v (assumption: vars only hold ints) | _ n : int | _ t : bool e ::= n | t | v | e  e’ | ~ e | _ v : int Store = Var  Z Assume variables can only hold integers:

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 40 ] S EP 14, 2006 Expressions: Negation: (i.e., only defined if ) Binary Operators: Where: i.e. a partial function Composite Definitions e ::= n | t | v | e  e’ | ~ e | _ e : bool | _ ~e : bool | _ e 0 :  0 | _ e 1 :  1 | _ e 0  e 1 :  2 | _ e : bool | _ ~e : bool  2 = type  (  0,  1 ) type  : Types x Types  Types type + := [int,int |  int] type = := [int,int |  bool] type or := [bool,bool |  bool]   { +, -, , /, =, or } Examples:

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 41 ] S EP 14, 2006 Type Checking Example Type check: How? ~ (ff or ((1 + 2) = 3))

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 42 ] S EP 14, 2006 Commands: Well-formedness Commands: Define (static) well-formedness relation: | _ wfc  Com We shall write instead of Meaning: “ c is well-formed (i.e., has no type errors)” We would like: whereas nil | v := e | c ; c’ | if e then c else c’ | while e do c | _ wfc c c  ‘| _ wfc ’ | _ wfc x := (1+2) | _ wfc if ~(1=2) then nil else y := 3 | _ wfc if 5 then c else c’

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 43 ] S EP 14, 2006 WFC: Nil, Ass., and Seq. Commands: Nil: Assignment: Sequence: nil | v := e | c ; c’ | if e then c else c’ | while e do c | _ wfc nil | _ e : int | _ wfc v := e | _ wfc c 0 ; c 1 | _ wfc c 0 | _ wfc c 1

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 44 ] S EP 14, 2006 WFC: if-then-else and while-do. Commands: if-then-else: while-do: nil | v := e | c ; c’ | if e then c else c’ | while e do c | _ wfc if e then c 0 else c 1 | _ wfc c 0 | _ wfc c 1 | _ e : bool | _ wfc while e do c | _ wfc c | _ e : bool

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 45 ] S EP 14, 2006 Type Checking Examples (wfc) Type check: How? x := 1 ; y:= 2 while ~ff do nil if tt then nil else x := tt

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 S TRUCTURAL I NDUCTION Keywords: Induction, base case, induction hypothesis, induction step structural induction

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 47 ] S EP 14, 2006 Principle of Mathematical Induction Let P be a predicate (i.e. a boolean function): then we have that: Intuitive: ? P: N  { true, false }  n  N : P(n) P(0)  induction stepbase case Principle of mathematical induction: P(n)  P(n+1)  P(3) P(0)P(0) => P(1)P(1) => P(2)P(2) => P(3) 

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 48 ] S EP 14, 2006 Example Induction Proof Example: Base case (i.e. prove P(0) ): Induction step (i.e. prove P(n) => P(n+1) ): Assume the induction hypothesis (I.H.) (i.e. assume P(n) ): Now prove P(n+1) : P(n)  [ … + 2 n = 2 n+1 – 1 ] P(0)  [ 2 0 = – 1 ]  [ … + 2 n = 2 n+1 – 1 ] [ … + 2 n+1 = 2 (n+1)+1 – 1 ] … + 2 n + 2 n+1 ( … + 2 n ) + 2 n+1 = (2 n+1 – 1) + 2 n+1 == 2*2 n+1 – 1 = 2 (n+1)+1 – 1  I.H.

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 49 ] S EP 14, 2006 Structural Induction (for Exp) Given: Arithmetic Expressions ( e  Exp) e ::= n | v | e 0 +e 1  e  Exp : P(e) P(n)  composite (inductive) case base cases Principle of structural induction: P(e 0 )  P(e 1 )  P(e 0 +e 1 )  P(v) and

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 50 ] S EP 14, 2006 Intuition: Induction vs. Str’ Induction Induction: Holds for ? Structural Induction: Holds for ? P(0)P(0) => P(1)P(1) => P(2)P(2) => P(3)  P(3) P(7+(x+y)) P(7) P(x) P(y) P(x+y) P(7+(x+y))     

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 51 ] S EP 14, 2006 Structural Induction (for BExp) Boolean Expressions ( b  BExp): Live exercise… :) [Think 3 mins; then interactively on the blackboard] b ::= t | b or b’ | ~ b

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 52 ] S EP 14, 2006 Structural Induction Examples Given: Arithmetic Expressions ( e  Exp) Property A: Evaluation of arithmetic expressions (using a small-step operational semantics) is deterministic Property B: Evaluation of arithmetic expressions (using a small-step operational semantics) always terminates e ::= n | v | e 0 +e 1

C LAUS B RABRAND © S EMANTICS (Q1,’06) [ 53 ] S EP 14, 2006 "Three minutes paper" Please spend three minutes writing down the most important things that you have learned today (now). After 1 day After 1 week After 3 weeks After 2 weeks Immediately

C LAUS B RABRAND S EMANTICS (Q1,’06) S EP 14, 2006 Next week: Def's: static vs. dynamic semantics Any Questions?