Download presentation
Presentation is loading. Please wait.
Published byMabel Flowers Modified over 9 years ago
1
Program Analysis and Verification Spring 2015 Program Analysis and Verification Lecture 2: Operational Semantics I Roman Manevich Ben-Gurion University
2
Agenda What is semantics and what is it useful for? Natural operational semantics (pages 19-32) 2
3
Tentative syllabus Semantics Natural Semantics Structural semantics Axiomatic Verification Static Analysis Automating Hoare Logic Control Flow Graphs Equation Systems Collecting Semantics Abstract Interpretation fundamentals LatticesFixed-Points Chaotic Iteration Galois Connections Domain constructors Widening/ Narrowing Analysis Techniques Numerical Domains Alias analysis Interprocedural Analysis Shape Analysis CEGAR Crafting your own Soot From proofs to abstractions Systematically developing transformers 3
4
4 http://www.daimi.au.dk/~bra8130/Wiley_book/wiley.html
5
What is formal semantics? 5 “Formal semantics is concerned with rigorously specifying the meaning, or behavior, of programs, pieces of hardware, etc.” / page 1
6
What is formal semantics? 6 “This theory allows a program to be manipulated like a formula – that is to say, its properties can be calculated.” Gérard Huet & Philippe Flajolet homage to Gilles Kahn
7
Why formal semantics? Implementation-independent definition of a programming language Automatically generating interpreters (and some day maybe full fledged compilers) Verification and debugging – if you don’t know what it does, how do you know its incorrect? 7
8
Levels of abstractions and applications 8 Program Semantics Assembly-level Semantics (Small-step) Static Analysis (abstract semantics)
9
Semantic description methods Operational semantics – Natural semantics (big step) [G. Kahn] – Structural semantics (small step) [G. Plotkin] Denotational semantics [D. Scott, C. Strachy] Axiomatic semantics [C. A. R. Hoare, R. Floyd] Trace semantics Collecting semantics [Instrumented semantics] 9 Today Next lecture We will mainly use as basis for static analysis Not in this course Used for verification
10
The while language 10
11
Syntactic categories n Numnumerals x Varprogram variables a Aexparithmetic expressions b Bexpboolean expressions S Stmstatements 11
12
A simple imperative language: While Concrete syntax: a ::= n | x | a 1 + a 2 | a 1 a 2 | a 1 – a 2 b ::= true | false | a 1 = a 2 | a 1 a 2 | b | b 1 b 2 S ::= x := a | skip | S 1 ; S 2 | if b then S 1 else S 2 | while b do S 12
13
Concrete syntax may be ambiguous 13 a y := x S a z y Sa x z S ; S ; S a x z S a y x S ; S ; S a z y S z:=x; x:=y; y:=z z:=x; (x:=y; y:=z)(z:=x; x:=y); y:=z
14
A simple imperative language: While Abstract syntax: Notation: n [ l a, r b ] – a node labeled with n and two children l and r. The children may be labeled to indicate their role for easier reading a ::= n | x | + [ a 1, a 2 ] | [ a 1, a 2 ] | – [ a 1, a 2 ] b ::= true | false | = [ a 1, a 2 ] | [ a 1, a 2 ] | [ b ] | [ b 1, b 2 ] S ::= := [ x, a ] | skip | ; [ S 1, S 2 ] | if [ b, S 1 then, S 2 else ] | while [ b condition, S body ] 14 n lr a b
15
Exercise: draw an AST 15 :=while ; y:=1; while (x=1) do (y:=y*x; x:=x-1)
16
Semantic values 16
17
Semantic categories Z Integers {0, 1, -1, 2, -2, …} T Truth values { ff, tt } State Var Z Example state: =[ x 5, y 7, z 0] Lookup: x = 5 Update: [ x 6] = [ x 6, y 7, z 0] 17
18
Example state manipulations [ x 1, y 7, z 16] y = [ x 1, y 7, z 16] t = [ x 1, y 7, z 16][ x 5] = [ x 1, y 7, z 16][ x 5] x = [ x 1, y 7, z 16][ x 5] y = 18
19
Semantics of expressions 19
20
Semantics of arithmetic expressions Arithmetic expressions are side-effect free Semantic function A Aexp : State Z Defined by induction on the syntax tree A n = n A x = x A a 1 + a 2 = A a 1 + A a 2 A a 1 - a 2 = A a 1 - A a 2 A a 1 * a 2 = A a 1 A a 2 A (a 1 ) = A a 1 --- not needed A - a = 0 - A a 1 Compositional Properties can be proved by structural induction 20
21
Arithmetic expression exercise Suppose x = 3 Evaluate A x+1 21
22
Semantics of boolean expressions Boolean expressions are side-effect free Semantic function B Bexp : State T Defined by induction on the syntax tree B true = tt B false = ff B a 1 = a 2 = B a 1 a 2 = B b 1 b 2 = B b = 22
23
Operational semantics 23
24
Operational semantics Concerned with how to execute programs – How statements modify state – Define transition relation between configurations Two flavors – Natural semantics: describes how the overall results of executions are obtained So-called “big-step” semantics – Structural operational semantics: describes how the individual steps of a computations take place So-called “small-step” semantics 24
25
25 Big Step (natural) Semantics By Luke (personally authorized right to use this image), via Mighty Optical IllusionsLukeMighty Optical Illusions S, ’
26
Natural operating semantics Developed by Gilles Kahn [STACS 1987]STACS 1987 Configurations S, Statement S is about to execute on state Terminal (final) state Transitions S, ’ Execution of S from will terminate with the result state ’ – Ignores non-terminating computations 26
27
Natural operating semantics defined by rules of the form The meaning of compound statements is defined using the meaning immediate constituent statements 27 S 1, 1 1 ’, …, S n, n n ’ S, ’ if… premise conclusion side condition
28
Natural semantics for While 28 x := a, [x A a ] [ass ns ] skip, [skip ns ] S 1, ’, S 2, ’ ’’ S 1 ; S 2, ’’ [comp ns ] S 1, ’ if b then S 1 else S 2, ’ if B b = tt [if tt ns ] S 2, ’ if b then S 1 else S 2, ’ if B b = ff [if ff ns ] axioms
29
Natural semantics for While 29 S, ’, while b do S, ’ ’’ while b do S, ’’ if B b = tt [while tt ns ] while b do S, if B b = ff [while ff ns ] Non-compositional
30
Executing the semantics 30
31
Example Let 0 be the state which assigns zero to all program variables 31 x:=x+1, 0 skip, 0 0 0 [x 1] skip, 0 0, x:=x+1, 0 0 [x 1] skip ; x:=x+1, 0 0 [x 1] x:=x+1, 0 0 [x 1] if x=0 then x:=x+1 else skip, 0 0 [x 1]
32
Derivation trees Using axioms and rules to derive a transition S, ’ gives a derivation tree – Root: S, ’ – Leaves: axioms – Internal nodes: conclusions of rules Immediate children: matching rule premises 32
33
Derivation tree example 1 Assume 0 =[x 5, y 7, z 0] 1 =[x 5, y 7, z 5] 2 =[x 7, y 7, z 5] 3 =[x 7, y 5, z 5] 33 ( z:=x; x:=y); y:=z, 0 3 ( z:=x; x:=y), 0 2 y:=z, 2 3 z:=x, 0 1 x:=y, 1 2 [ass ns ] [comp ns ]
34
Derivation tree example 1 Assume 0 =[x 5, y 7, z 0] 1 =[x 5, y 7, z 5] 2 =[x 7, y 7, z 5] 3 =[x 7, y 5, z 5] 34 ( z:=x; x:=y); y:=z, 0 3 ( z:=x; x:=y), 0 2 y:=z, 2 3 z:=x, 0 1 x:=y, 1 2 [ass ns ] [comp ns ]
35
Top-down evaluation via derivation trees Given a statement S and an input state find an output state ’ such that S, ’ Start with the root and repeatedly apply rules until the axioms are reached – Inspect different alternatives in order Theorem: In While, ’ and the derivation tree are unique 35
36
Top-down evaluation example Factorial program with x = 2 Shorthand: W= while (x=1) do (y:=y*x; x:=x-1) 36 y:=1; while (x=1) do (y:=y*x; x:=x-1), [y 2][x 1] y:=1, [y 1] W, [y 1] [y 2, x 1] y:=y*x; x:=x-1, [y 1] [y 2][x 1] W, [y 2][x 1] [y 2, x 1] y:=y*x, [y 1] [y 2] x:=x-1, [y 2] [y 2][x 1] [ass ns ] [comp ns ] [ass ns ] [comp ns ] [while ff ns ] [while tt ns ] [ass ns ]
37
Properties of natural semantics 37
38
Program termination Given a statement S and input – S terminates on if there exists a state ’ such that S, ’ – S loops on if there is no state ’ such that S, ’ Given a statement S – S always terminates if for every input state , S terminates on – S always loops if for every input state , S loops on 38
39
Semantic equivalence S 1 and S 2 are semantically equivalent if for all and ’ S 1, ’ if and only if S 2, ’ Simple example while b do S is semantically equivalent to: if b then (S; while b do S) else skip – Read proof in pages 26-27 39
40
Properties of natural semantics Equivalence of program constructs – skip; skip is semantically equivalent to skip – ((S 1 ; S 2 ); S 3 ) is semantically equivalent to (S 1 ; (S 2 ; S 3 )) – (x:=5; y:=x*8) is semantically equivalent to (x:=5; y:=40) 40
41
Equivalence of (S 1 ; S 2 ); S 3 and S 1 ; (S 2 ; S 3 ) 41
42
Equivalence of (S 1 ; S 2 ); S 3 and S 1 ; (S 2 ; S 3 ) 42 (S 1 ; S 2 ), 12, S 3, 12 ’ (S 1 ; S 2 ); S 3, ’ S 1, 1, S 2, 1 12 S 1, 1, (S 2 ; S 3 ), 12 ’ S 1 ; (S 2 ; S 3 ), ’ S 2, 1 12, S 3, 12 ’ Assume (S 1 ; S 2 ); S 3, ’ then the following unique derivation tree exists: Using the rule applications above, we can construct the following derivation tree: And vice versa.
43
Deterministic semantics for While Theorem: for all statements S and states 1, 2 if S, 1 and S, 2 then 1 = 2 The proof uses induction on the shape of derivation trees (pages 29-30) – Prove that the property holds for all simple derivation trees by showing it holds for axioms – Prove that the property holds for all composite trees: For each rule assume that the property holds for its premises (induction hypothesis) and prove it holds for the conclusion of the rule 43 single node #nodes>1
44
The semantic function S ns The meaning of a statement S is defined as a partial function from State to State S ns : Stm (State State) Examples: S ns skip = S ns x:=1 = [x 1] S ns while true do skip = undefined 44 S ns S = ’ if S, ’ undefined else
45
Next lecture: operational semantics II
46
Natural semantics for While 46 x := a, [x A a ] [ass ns ] skip, [skip ns ] S 1, ’, S 2, ’ ’’ S 1 ; S 2, ’’ [comp ns ] S 1, ’ if b then S 1 else S 2, ’ if B b = tt [if tt ns ] S 2, ’ if b then S 1 else S 2, ’ if B b = ff [if ff ns ] while b do S, if B b = ff [while ff ns ] S, ’, while b do S, ’ ’’ while b do S, ’’ if B b = tt [while tt ns ]
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.