Operational Semantics

Semantics with ApplicationsChapter 2

H. Nielson and F. Nielsonhttp://www.daimi.au.dk/~bra8130/Wiley_book/wiley.html

Outline Natural Semantics of IMP Properties of the Natural Semantics Structural Operational Semantics for IMP Equivalence Result Extensions to IMP

– Abort

– Non determinism

– Parallel constructs

– Blocks and procedures

Assignment Rule

[n/X](Y)=

n Y=X

YX (Y)

[X1, Y 2, Z1][5/X]= [X5, Y 2, Z1]

Natural Semantics (IMP)

<com1 , > ’, <com2, ’> ’’

<com1; com2, > ’’

<b, > true, <com1 , > ’

<if b then com1 else com2, > ’

<skip, > <X := a, > [m/X]

<a, > m

<b, > false, <com2 , > ’

<if b then com1 else com2, > ’

Natural Semantics (IMP)

<b, > true, <com , > ’, <while b do com, ’> ’’

<while b do com, > ’’

<b, > false

<while b do com, >

Semantic Equivalence

com1 and com2 are semantically equivalent if for all and ’<com1, > ’ if and only if <com2, > ’

Simple example“while b do com”is semantically equivalent to:“if b then (com ; while b do com) else skip”

Properties of Natural Semantics

Equivalence of program constructs– “skip ; com” is semantically equivalent to “com”

– “com; skip” is semantically equivalent to “com”

– “((com1 ; com2) ; com3)” is semantically equivalent to “(com1 ;( com2 ; com3))”

– “(X := 5 ; Y := X * 8)” is semantically equivalent to“(X :=5; Y := 40)”

Deterministic– If <com, > 1 and <com, > 2 then 1= 2

Deterministic Semantics for IMP

If <com, > 1 and <com, > 2

then 1=2

The proof uses induction on the shape of derivation trees– Prove that the property holds for all simple derivation

trees by showing it holds for axioms

– Prove that the property holds for all composite trees: » For each rule assume that the property holds for its premises

(induction hypothesis) and prove it holds for the conclusion of the rule

The Semantic Function Sns

The meaning of a command com is defined as a partial function from State to State

Sns: Com (State State)

Sns com() = ’ if <com, > ’ and otherwise Sns com () is undefined

Examples– Sns skip() =

– Sns X:=1() = [1/X]

– Sns while true do skip() = undefined

Structural Operational Semantics Emphasizes the individual steps Usually more suitable for static analysis For every command S, write meaning rules <com, >

“If the first step of executing the command com on leads to ”

Two possibilities for = <com’, ’>

» The execution of com is not completed, com’ is the remaining computation to be performed on ’

= ’ » The execution of com has terminated with a final state ’

is a stuck configuration when there are no transitions The meaning of a program P on an input state s is the set

of final states that can be executed in arbitrary finite steps

SOS (IMP)

<skip, > <X := a, > [m/X]

<a, > m

<com1 , > ’

<com1; com2, > <com2, ’>

<com1 , > <com1’, ’>

<com1; com2, > <com1’, com2, ’>

SOS (IMP)

<b, > true

<if b then com1 else com2, > <com1, >

<b, > false

<if b then com1 else com2, > <com2, >

SOS (IMP)

<while b do com, > <if b then (com;while b do com) else skip, >

Derivation Sequences A finite derivation sequence starting at <com, >

0, 1, 2 …, k such that

0=<com, >

i i+1

k is either stuck configuration or a final state

An infinite derivation sequence starting at <com, >0, 1, 2 … such that

0=<com, >

i i+1

0 i i in i steps

0 * i in finite number of steps

For each step there is a derivation tree

Example

Let 0 such that 0 (X) = 5 and 0 (Y) = 7

com = (Z:=X; X := Y); Y := Z

Factorial Program

Input state s such that (X) = 3

Y := 1; while (X=1) do Y := Y * X; X := X - 1

Program Termination

Given a command com and input – com terminates on if there exists a finite derivation

sequence starting at <com, >

– com terminates successfully on if there exists a finite derivation sequence starting at <com, > leading to a final state

– com loops on if there exists an infinite derivation sequence starting at <com, >

Properties of the Semantics com1 and com2 are semantically equivalent if:

– for all and ’<com1, > * ’ if and only if <com2, > * ’

– there is an infinite derivation sequence starting at <com1, > if and only if there is an infinite derivation sequence starting at <com2, >

Deterministic– If <com, > * 1 and <com, > * 2 then 1= 2

Sequential Composition If <com1; com2, > k ’’ then there exists a

state ’ and numbers k1 and k2 such that

– <com1, > k1 ’

– <com2, ’> k2 ’’

– and k = k1 + k2

The proof uses induction on the length of derivation sequences– Prove that the property holds for all derivation

sequences of length 0

– Prove that the property holds for all other derivation sequences:

» Show that the property holds for sequences of length k+1 using the fact it holds on all sequences of length k (induction hypothesis)

The Semantic Function Ssos

The meaning of a command com is defined as a partial function from State to State

Ssos: Com (State State)

Ssoscom = ’ if <com, > *’ and otherwise Ssos coms is undefined

An Equivalence Result

For every command com of the IMP language– Snatcom = Ssoscom

Extensions to IMP

Abort command (like C exit) Non determinism Parallelism Local Variables Procedures

– Static Scope

– Dynamic scope

IMP+ Abort

Abstract syntaxcom::= X := a | skip | com1 ; com2 | if b then com1 else com2 | while b do com| abort

Abort terminates the execution No new rules are needed in natural and structural

operational semantics commands

– skip– abort– while true do skip

Conclusion

The natural semantics cannot distinguish between looping and abnormal termination (unless the states are modified)

In the structural operational semantics looping is reflected by infinite derivations and abnormal termination is reflected by stuck configuration

IMP+ Non-Determinism

Abstract syntaxcom::= X := a | skip | com1 ; com2 | if b then com1 else com2 | while b do com| com1 or com2

Either com1 or com2 is executed

Example– X := 1 or (X :=2 ; X := X+2)

<com1 , > ’

<com1 or com2, > ’

IMP+Non-DeterminismNatural Semantics

<com2 , > ’

<com1 or com2, > ’

IMP+ Non-DeterminismSOS

IMP +Non-DeterminismExamples

X := 1 or (X :=2 ; X := X+2) (while true do skip) or (X :=2 ; X := X+2)

Conclusion

In the natural semantics non-determinism will suppress looping if possible (mnemonic)

In the structural operational semantics non-determinism does not suppress looping

IMP+ Parallel Constructs

Abstract syntaxcom::= X := a | skip | com1 ; com2 | if b then com1 else com2 | while b do com| com1 par com2

All the interleavings of com1 or com2 are executed

Example– X := 1 par (X :=2 ; X := X+2)

IMP+ Parallel ConstructsSOS

IMP+ Parallel ConstructsNatural Semantics

Conclusion

In the natural semantics immediate constituent is an atomic entity so we cannot express interleaving of computations

In the structural operational semantics we concentrate on small steps so interleaving of computations can be easily expressed

IMP + local variables

Abstract syntaxcom::= X := a | skip | com1 ; com2 | if b then com1 else com2 | while b do com| begin Vars com endVars ::= var X := a ; Vars |

Examplebegin

var Y := 1;

X := 1;

begin

var X :=2;

Y := X + 1

end;

X := Y + X

end

Conclusions Local Variables

The natural semantics can “remember” local states Need to introduce stack or heap into state of the

structural semantics

IMP + local variables and procedures

Abstract syntaxcom::= X := a | skip | com1 ; com2 | if b then com1 else com2 | while b do com| begin Vars Procs com end | call pVars ::= var X := a ; Vars | Procs ::= proc p is com ; Procs |

Conclusions

Structural operational semantics allows us to simulate low level computations without getting bugged into too many details

Natural semantics allows to abstract more– Local memory

– Non termination