Download Formal Semantics: Defining Program Meaning Precisely - Prof. Jingke Li and more Papers Computer Science in PDF only on Docsity!
Formal Semantics
Jingke Li
Portland State University
Jingke Li (Portland State University) CS321 Formal Semantics 1 / 15
Formal Semantics
Semantics deals with the meaning of a program. Common approaches for defining semantics are informal, e.g. “natural language” or “concrete implementation”.
Formal semantics tries to define semantics precisely (and concisely).
- (^) Denotational Semantics — Describing the semantics of a programming language by defining mappings of the syntactic constructs of the language into abstract “meaning” objects in an appropriate domain.
- Axiomatic Semantics — Giving semantics in terms of axioms or assertions that describe a program’s expected behavior.
- Operational Semantics — Giving semantics in terms of the actual steps executed by some simple, precisely-defined abstract computer.
Denotational Semantics
An Example: Defining means for binary numbers.
Syntax: B → 0 | 1 | B 0 | B 1
Semantic Domain: N = { 0 , 1 , 2 , ...}
Semantic Function: F : B → N
F[[0]] = 0 F[[1]] = 1 F[[B0]] = 2 × F[[N]] F[[B1]] = 2 × F[[N]] + 1
For a concreted number 1101, we have
F[[1101]] = 2 × F[[110]] + 1 = 2 × ( 2 × F[[11]]) + 1 = 2 × ( 2 × ( 2 × F[[1]] + 1 )) + 1 = 2 × ( 2 × ( 2 × 1 + 1 )) + 1 = 13
Jingke Li (Portland State University) CS321 Formal Semantics 3 / 15
Semantic Domains and Mapping Functions
Semantic Domains: var variables value expression values state = var → value program states
Mapping Functions:
- For Expressions: E : exp → (state → value) The meaning of an expression is given by the function that gives the value of the expression relative to the current state.
- (^) For Statements: C : stmt → (state → state) The meaning of a statement is given by a state transition function.
- For Programs: M : prog → (value → value) A program is considered to have an input and an output. It’s unique meaning is given by the function which maps every possible input value into the corresponding output value.
Reasoning About the Program
M[[read x; to x do y := succ y ; write y ] 3 =] E[[y ]] σf where σf = C[[to x do y := succ y ]](σ 0 [x 7 → 3]) where σ 0 [[x] = 0] , σ 0 [[y ]] = 0.
Let σ 1 = σ 0 [x 7 → 3], then σ 1 [[x]] = 3, σ 1 [[y ] = 0.]
σf = C[[to x do y := succ y ]] σ 1 = ((C[[y := succ y ]])E[[x]]σ^1 ) σ 1 = ((C[[y := succ y ]])^3 ) σ 1 = C[[y := succ y ]] ◦ C[[y := succ y ]] ◦ C[[y := succ y ]] σ 1 = C[[y := succ y ]] ◦ C[[y := succ y ]] σ 1 [y 7 → E[[succ y ]]σ 1 ] = C[[y := succ y ]] ◦ C[[y := succ y ]] σ 2 where σ 2 [[x]] = 3, σ 2 [[y ] = 1] = · · ·
⇒ σf [[x] = 3] , σf [[y ]] = 3
Therefore,
M[[read x; to x do y := succ y ; write y ] 3 =] E[[y ]]σf = 3
Jingke Li (Portland State University) CS321 Formal Semantics 7 / 15
Another Example
E → 0 | 1 | − E | not E | E + E | E = E | (E ) | id | procedure S S → null | id := E | call E | S; S | begin S end | if E then S else S | while E do S P → program (id); S.
Semantic Domains:
B boolean values I integer values V = B+I basic values S = id →V+P program states P = S→S procedures
Semantic Functions
(In the following e = E[[E ]]σ, ei = E[[Ei ]]σ.) E[0][]σ = 0, E[[1]]σ = 1, E[[(E )]]σ = e E[[−E ]]σ = e ∈ I → −e, err E[not[ E ]]σ = e ∈ B → ¬e, err E[[E 1 + E 2 ]]σ = e 1 ∈ I ∧ e 2 ∈ I → e 1 + e 2 , err E[[E 1 = E 2 ]]σ = e 1 ∈ V ∧ e 2 ∈ V → e 1 = e 2 , err E[[id]]σ = s[[id]] ∈ V+P → s[[id]], err E[procedure[ S]]σ = C[[S]] C[null][ ]σ = s, C[[begin S end]]σ = C[[S]]σ C[[id := E ]]σ = e ∈ V+P → s[id 7 → e], err C[call[ E ]]σ = e ∈ P → e, err C[[S 1 ; S 2 ]]σ = g ∈ S → C[[S 2 ]](C[[S 1 ]]σ), err C[if[ E then S 1 else S 2 ]]σ = e → C[[S 1 ]]σ, C[[S 2 ]]σ C[while[ E do S]]σ = limi →∞ pi where, for all σ′, pi +1(σ′) = E[[E ]]σ′^ → (C[[S]]σ′^ ∈ S → pi (C[[S]]σ′), err ), σ′ M[[program (id); S.]]v = g ∈ S ∧ g[[id]] ∈ V → g[[id]], err where g = C[[S]](σ[id 7 → v]) where, for all id′, σ[[id′]] = undefined Jingke Li (Portland State University) CS321 Formal Semantics 9 / 15
Axiomatic Semantics
Observation:
All the properties of a program and all the consequences of executing it in any environment can in principle, be derived from the text of the program.
Idea:
Reasoning about programs are based on axioms and rules of inference.
Notation: {P} S {Q} “If the assertion P (precondition) is true before initiation of a program S, then the assertion Q (post-condition) will be true on its completion.”
If there is no precondition: {true} S {Q}
If the claim can be proved in the formal system: ⊢ {P} S {Q}
Rules of Program Reasoning
- Axiom of Assignment: D0: {P(expr)} x := expr {P(x)} The precondition P(expr) is obtained from the post-condition P(x) by substituting expr for all occurrences of x.
- (^) Rule of Consequence: D1: If {P}S{Q} and Q ⇒ R then {P}S{R}. D2: If {P}S{Q} and R ⇒ P then {R}S{Q}.
- (^) Rule of Composition: D3: If {P}S 1 {Q} and {Q}S 2 {R} then {P}S 1 ; S 2 {R}.
- Rule of Iteration: D4: If {P ∧ B}S{P} then {P} while B do S{P ∧ ¬B}.
- (^) Rule of Selection: D5: If {P ∧ B}S 1 {Q} and {P ∧ ¬B}S 2 {Q} then {P} if B then S 1 else S 2 {Q}.
Jingke Li (Portland State University) CS321 Formal Semantics 13 / 15
Example
Finding the quotient q and remainder r for x/y. Program: r := x; q := 0; while y ≤ r do (r := r − y ; q := 1 + q) Theorem: {true} S {¬y ≤ r ∧ x = r + y × q} Proof:
- true ⇒ x = x + y × 0 Lemma
- (x = r + y × q) ∧ y ≤ r ⇒ x = (r − y) + y × (1 + q) Lemma
- {x = x + y × 0 } r := x {x = r + y × 0 } D
- {x = r + y × 0 } q := 0 {x = r + y × q} D
- {true} r := x {x = r + y × 0 } D2,1,
- {true} r := x; q := 0 {x = r + y × q} D3,4,
- {x = (r − y) + y × (1 + q)} r := r − y {x = r + y × (1 + q)} D
- {x = r + y × (1 + q)} q := 1 + q {x = r + y × q} D
- {x = (r − y) + y × (1 + q)} r := r − y; q := 1 + q {x = r + y × q} D3,7,
- {(x = r + y × q) ∧ y ≤ r} r := r − y; q := 1 + q {x = r + y × q} D2,2,
- {x = r + y × q} while y ≤ r do (r := r − y; q := 1 + q) {¬y ≤ r ∧ x = r + y × q} D4,
- {true} r := x; q := 0; while y ≤ r do (r := r − y; q := 1 + q) {¬y ≤ r ∧ x = r + y × q} D3,6,
Operational Semantics
An operational semantics for a programming language describes how any particular valid program in the language is interpreted as a sequence of computational steps. This sequence then is the meaning of the program.
Example:
(Fn x => x + 2) (3 + 2 + 5) -> (Fn x => x + 2) (5 + 5) -> (Fn x => x + 2) (10) -> 10 + 2 -> 12
Here computation is carried out by transforming (rewriting) the program text. Each -> is an atomic “step” of computation, corresponding a semantic rule precisely defined for the involved operation.
