Download presentation
Presentation is loading. Please wait.
Published byΑμύντας Λόντος Modified over 5 years ago
1
Spring 2016 Program Analysis and Verification Operational Semantics
Roman Manevich Ben-Gurion University
3
Agenda What is semantics and what is it useful for?
Operational semantics (pages 32-50)
4
Tentative syllabus Program Verification Program Analysis Basics
Operational semantics Axiomatic Verification Program Analysis Basics Control Flow Graphs Equation Systems Collecting Semantics Using Soot Abstract Interpretation fundamentals Lattices Fixed-Points Chaotic Iteration Galois Connections Domain constructors Widening/ Narrowing Analysis Techniques Numerical Domains Alias analysis Interprocedural Analysis Shape Analysis CEGAR
5
What is formal semantics?
“Formal semantics is concerned with rigorously specifying the meaning, or behavior, of programs, pieces of hardware, etc.” / page 1
6
Why formal semantics? Implementation-independent definition of a programming language Automatically generating interpreters (and some day maybe full fledged compilers) Verification and debugging if you don’t know what it does, how do you know its incorrect?
7
Semantic description methods
Operational semantics Structural semantics (small step) [G. Plotkin] Natural semantics (big step) [G. Kahn] Denotational semantics [D. Scott, C. Strachy] Axiomatic semantics [C. A. R. Hoare, R. Floyd] Trace semantics Collecting semantics [Instrumented semantics] Today Not in this course Used for verification Christopher Strachey & Dana S. Scott We will mainly use as basis for static analysis
8
The while language
9
Syntactic categories n Num numerals x Var program variables a Aexp arithmetic expressions b Bexp boolean expressions S Stm statements
10
A simple imperative language: While
Concrete syntax: a ::= n | x | a1 + a2 | a1 a2 | a1 – a2 b ::= true | false | a1 = a2 | a1 a2 | b | b1 b2 S ::= x := a | skip | S1; S2 | if b then S1 else S2 | while b do S
11
Concrete syntax may be ambiguous
z:=x; x:=y; y:=z S S S ; S S ; S z := a S ; S S ; S y := a x x := a y := a z := a x := a z y z x y z:=x; (x:=y; y:=z) (z:=x; x:=y); y:=z
12
A simple imperative language: While
Abstract syntax: Notation: n[la,rb] – a node labeled with n and two children l and r. The children may be labeled to indicate their role for easier reading a ::= n | x | + [a1, a2] | [a1, a2] | –[a1, a2] b ::= true | false | =[a1, a2] | [ a1, a2] | [b] | [b1, b2] S ::= :=[x, a] | skip | ;[S1, S2] | if[b, S1then, S2else] | while[bcondition, Sbody] n a b l r
13
y:=1; while (x=1) do (y:=y*x; x:=x-1)
Exercise: draw an AST y:=1; while (x=1) do (y:=y*x; x:=x-1) ; := while
14
Semantic values
15
Semantic categories Z Integers {0, 1, -1, 2, -2, …} T Truth values {ff, tt} State Var Z Example state: =[x5, y7, z0] Lookup: x = 5 Update: [x6] = [x6, y7, z0]
16
Example state manipulations
[x1, y7, z16] y = [x1, y7, z16] t = [x1, y7, z16][x7, y1] = [x1, y7, z16][x5] x = [x1, y7, z16][x5] y =
17
Semantics of expressions
18
Semantics of arithmetic expressions
Arithmetic expressions are side-effect free Semantic function A Aexp : State Z Defined by induction on the syntax tree A n = n A x = x A a1 + a2 = A a1 + A a2 A a1 - a2 = A a1 - A a2 A a1 * a2 = A a1 A a2 A (a1) = A a1 not needed A - a = 0 - A a1 Compositional Properties can be proved by structural induction
19
Arithmetic expression exercise
Suppose x = 3 Evaluate A x+1
20
Semantics of boolean expressions
Boolean expressions are side-effect free Semantic function B Bexp : State T Defined by induction on the syntax tree B true = tt B false = ff B a1 = a2 = B a1 a2 = B b1 b2 = B b =
21
Operational semantics
Concerned with how to execute programs How statements modify state Define transition relation between configurations Structural operational semantics: describes how the individual steps of a computations take place So-called “small-step” semantics
22
S, Small Step Semantics first step
By Vanillase (Own work) [CC BY-SA 3.0 ( via Wikimedia Commons This file is licensed under the Creative Commons Attribution-Share Alike 3.0 Unported license.
23
Structural operational semantics
Developed by Gordon Plotkin Configurations: has one of two forms: S, Statement S is about to execute on state Terminal (final) state Transitions S, = S’, ’ Execution of S from is not completed and remaining computation proceeds from intermediate configuration = ’ Execution of S from has terminated and the final state is ’ S, is stuck if there is no such that S, first step PLOTKIN G .D., “A Structural Approach to Operational Semantics”, DAIMI FN-19, Computer Science Department, Aarhus University, Aarhus, Denmark, September 1981.
24
Structural semantics for While
x:=a, [xAa] [ass] skip, [skip] S1, S1’, ’ S1; S2, S1’; S2, ’ [comp1] When does this happen? S1, ’ S1; S2, S2, ’ [comp2] if b then S1 else S2, S1, if B b = tt [iftt] if b then S1 else S2, S2, if B b = ff [ifff]
25
Structural semantics for While
while b do S, if b then S; while b do S) else skip, [while]
26
Factorial (n!) example Input state such that x = 3
y := 1; while (x=1) do (y := y * x; x := x – 1) y :=1 ; W, W, [y1] if (x =1) then ((y := y * x; x := x – 1); W) else skip, [y1] ((y := y * x; x := x – 1); W), [y1] (x := x – 1; W), [y3] W , [y3][x2] if (x =1) then ((y := y * x; x := x – 1); W) else skip, [y3][x2] ((y := y * x; x := x – 1); W), [y3] [x2] (x := x – 1; W) , [y6] [x2] W, [y6][x1] if (x =1) then ((y := y * x; x := x – 1); W) else skip, [y6][x1] skip, [y6][x1] [y6][x1]
27
Structural operational semantics and termination
28
Program termination Given a statement S and input
S terminates on if there exists a finite derivation sequence starting at S, S terminates successfully on if there exists a finite derivation sequence starting at S, leading to a final state S loops on if there exists an infinite derivation sequence starting at S,
29
Semantic equivalence
30
Semantic equivalence S1 and S2 are semantically equivalent if:
for all and which is either final or stuck S1, * if and only if S2, * there is an infinite derivation sequence starting at S1, if and only if there is an infinite derivation sequence starting at S2,
31
Properties of structural semantics
while b do S is semantically equivalent to: if b then (S; while b do S) else skip Equivalence of program constructs Both (S; skip) and (skip; S) are semantically equivalent to S ((S1; S2); S3) is semantically equivalent to (S1; (S2; S3)) (x:=5; y:=x*8) is semantically equivalent to (x:=5; y:=40)
32
Properties of Structural operational semantics
33
Theorem: While is deterministic: Proof: … ?
Determinism Theorem: While is deterministic: If S, * 1 and S, * 2 then 1=2 Proof: … ?
34
The semantic function ’ if S, *’ undefined else S =
The meaning of a statement S is defined as a partial function from State to State Stm (State State) Examples: skip = x:=1 = [x 1] while true do skip = undefined S = ’ if S, *’ undefined else
35
Language extensions abort Non-determinism Parallelism Local Variables
Procedures Static Scope Dynamic scope
36
While + abort Syntax S ::= x := a | skip | S1; S2 | if b then S1 else S2 | while b do S | abort Abort terminates the execution In “skip; S” the statement S executes In“abort; S” the statement S should never execute Structural semantics rules: …?
37
Comparing behaviors abort abort; S skip; S while true do skip
if x = 0 then abort else y := y / x
38
Comparing behaviors abort Derivation sequence: abort,
abort; S Derivation sequence: abort; S, skip; S Equivalent to S while true do skip Infinite derivation sequence if x = 0 then abort else y := y / x Derivation sequence: stuck after one step if x = 0
39
While + abort conclusion
abort does not affect the state, only the flow of control In the structural operational semantics looping is reflected by infinite derivations and abnormal termination is reflected by stuck configuration
40
Extending While with non-deterministic choice
41
While + non-determinism
Syntax S ::= x := a | skip | S1; S2 | if b then S1 else S2 | while b do S | S1 or S2 Either S1 is executed or S2 is executed Example: x:=1 or (x:=2; x:=x+2) Possible outcomes for x: 1 and 4
42
Rules for non-determinism
? [or1] ? [or2] Is the semantic function for non-deterministic statements well-defined?
43
While + random Syntax S ::= x := a | skip | S1; S2 | if b then S1 else S2 | while b do S | x := random()
44
Extending While with parallel statements
45
While + parallelism Syntax
S ::= x := a | skip | S1; S2 | if b then S1 else S2 | while b do S | S1 S2 All the interleavings of S1 and S2 are executed Example: x:=1 (x:=2; x:=x+2) Possible outcomes for x: 1, 3, 4
46
Rules for parallelism S1, S1’, ’ S1S2, S1’S2, ’
47
Example: derivation sequences of a parallel statement
x:=1 (x:=2; x:=x+2),
48
Operational semantics summary
SOS is powerful enough to describe imperative programs Can define the set of traces Can represent program counter implicitly Handle goto statements and other non-trivial control constructs (e.g., exceptions) Thinking in terms of concrete semantics is essential for a compiler writer / verifier
49
Assignment 1 Exercise on operational semantics
LaTeX: THE way to produce scientific documents Recommended editor
50
See you next time
51
Levels of abstractions and applications
Static Analysis (abstract semantics) Program Semantics Assembly-level Semantics (Small-step)
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.