Operational Semantics Part I Jim Royer CIS 352 February 12, 2019 - - PowerPoint PPT Presentation

operational semantics
SMART_READER_LITE
LIVE PREVIEW

Operational Semantics Part I Jim Royer CIS 352 February 12, 2019 - - PowerPoint PPT Presentation

Apr 10, 2024 427 likes •713 views

[Syntax] [Big Steps] [Small Steps] Operational Semantics Part I Jim Royer CIS 352 February 12, 2019 1 / 22 [Syntax] [Big Steps] [Small Steps] References Andrew Pitts Lecture Notes on Semantics of Programming Languages

slide-1
SLIDE 1

[Syntax] [Big Steps] [Small Steps]

Operational Semantics

Part I Jim Royer

CIS 352

February 12, 2019

1 / 22

slide-2
SLIDE 2

[Syntax] [Big Steps] [Small Steps]

References

Andrew Pitts’ Lecture Notes on Semantics of Programming Languages

http://www.inf.ed.ac.uk/teaching/courses/lsi/sempl.pdf.

We’ll be following the Pitts’ notes for a while and mostly using his notation. Matthew Hennessy’s Semantics of programming languages:

https: //www.scss.tcd.ie/Matthew.Hennessy/splexternal2015/LectureNotes/Notes14%20copy.pdf

is very readable and very good. There are many of other good references in Hennessy’s reading list:

https://www.scss.tcd.ie/Matthew.Hennessy/splexternal2015/reading.php

2 / 22

slide-3
SLIDE 3

[Syntax] [Big Steps] [Small Steps]

Aexp, A little language for arithmetic expressions Grammar

a ::= n | (a1 + a2) | (a1 − a2) | (a1 ∗ a2) n ::= . . .

Syntactic categories

n ∈ Num Numerals a ∈ Aexp Arithmetic expressions

Conventions

Metavariables: n, a, b, w, x, etc. We write 35 for the numeral 35.

Examples

2 (2 + 5) (((2 + 5) ∗ 13) − 9)

3 / 22

slide-4
SLIDE 4

[Syntax] [Big Steps] [Small Steps]

Syntax

Concrete syntax ≈ phonemes, characters, words, tokens — the raw stuff of language Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor inci- didunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, . . . Grammar ≈ collection of formation rules to organize parts into a whole. E.g.,

words into noun phrases, verb phrases, . . . , sentences key words, tokens, . . . into expressions, statements, . . . , programs

Abstract syntax ≈ a structure (e.g., labeled tree or data structure) showing how a “phrase” breaks down into pieces according to a specific rule.

4 / 22

slide-5
SLIDE 5

[Syntax] [Big Steps] [Small Steps]

Aexp’s abstract syntax

Grammar a ::= n

| (a1 + a2) | (a1 − a2) | (a1 ∗ a2)

n ::= . . . In Haskell

data AExp = Num Integer | Plus AExp AExp | Minus AExp AExp | Times AExp AExp (((2 + 5) ∗ 13) − 9) Minus (Times (Plus (Num 2) (Num 5)) (Num 13)) (Num 9)

As a Parse Tree

  • *

9 + 13 2 5

5 / 22

slide-6
SLIDE 6

[Syntax] [Big Steps] [Small Steps]

What do Aexp expression mean? Big-step rules

a ::= n | (a1 + a2) | (a1 − a2) | (a1 ∗ a2)

PLUS: a1 ⇓ v1

a2 ⇓ v2 (a1 + a2) ⇓ v (v = v1 + v2)

MINUS: a1 ⇓ v1

a2 ⇓ v2 (a1 − a2) ⇓ v (v = v1 − v2)

MULT: a1 ⇓ v1

a2 ⇓ v2 (a1 ∗ a2) ⇓ v (v = v1 ∗ v2)

NUM: n ⇓ v (N [[n]] = v) Notes a ⇓ v ≡ expression a evaluates to value v. ⇓ is an evaluation relation. Upstairs assertions are called premises. Downstairs assertions are called conclusions. Parenthetical equations on the side are called side conditions. N : numerals → Z. I.e., N [[ −43 ]] = −43. The NUMBSS rule is an example of an axiom.

6 / 22

slide-7
SLIDE 7

[Syntax] [Big Steps] [Small Steps]

Digression: Rules, 1

General Format for Rules

Name: premise1

· · · premisek conclusion (side condition) Example 1.

Modus Ponens: p =

⇒ q p q

Transitivity: x ≡ y

y ≡ z x ≡ z

PLUS: a1 ⇓ v1

a2 ⇓ v2 (a1 + a2) ⇓ v (v = v1 + v2)

7 / 22

slide-8
SLIDE 8

[Syntax] [Big Steps] [Small Steps]

Digression: Rules, 2

General Format for Rules

Name: premise1

· · · premisek conclusion (side condition) Definition 2. A rule with no premises is an axiom. Definition 3. A rule is sound if and only if the conclusion is true whenever the premises (and side-condition—if any) are true. Question So an axiom is sound when . . . ?

8 / 22

slide-9
SLIDE 9

[Syntax] [Big Steps] [Small Steps]

Digression: Rules, 3

General Format for Rules

Name: premise1

· · · premisek conclusion (side condition) Proofs from gluing together rule applications

Num: 2 ⇓ 2 Num: 5 ⇓ 5 Plus: ( 2 + 5 = 7 )

(2 + 5) ⇓ 7

Num: 13 ⇓ 13 Times: ( 7 ∗ 13 = 91 )

((2 + 5) ∗ 13) ⇓ 91

9 / 22

slide-10
SLIDE 10

[Syntax] [Big Steps] [Small Steps]

Rules can also be the basis of a computation

. . . ((2 + 5) ∗ 13) ⇓ ??

10 / 22

slide-11
SLIDE 11

[Syntax] [Big Steps] [Small Steps]

Rules can also be the basis of a computation

. . . ((2 + 5) ∗ 13) ⇓ ??

  • .

. . (2 + 5) ⇓ ?? 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

10 / 22

slide-12
SLIDE 12

[Syntax] [Big Steps] [Small Steps]

Rules can also be the basis of a computation

. . . ((2 + 5) ∗ 13) ⇓ ??

  • .

. . (2 + 5) ⇓ ?? 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

  • 2 ⇓ 2

5 ⇓ 5 (2 + 5) ⇓ ?? 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

10 / 22

slide-13
SLIDE 13

[Syntax] [Big Steps] [Small Steps]

Rules can also be the basis of a computation

. . . ((2 + 5) ∗ 13) ⇓ ??

  • .

. . (2 + 5) ⇓ ?? 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

  • 2 ⇓ 2

5 ⇓ 5 (2 + 5) ⇓ ?? 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

  • 2 ⇓ 2

5 ⇓ 5 (2 + 5) ⇓ 7 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

10 / 22

slide-14
SLIDE 14

[Syntax] [Big Steps] [Small Steps]

Rules can also be the basis of a computation

. . . ((2 + 5) ∗ 13) ⇓ ??

  • .

. . (2 + 5) ⇓ ?? 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

  • 2 ⇓ 2

5 ⇓ 5 (2 + 5) ⇓ ?? 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

  • 2 ⇓ 2

5 ⇓ 5 (2 + 5) ⇓ 7 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ ??

  • 2 ⇓ 2

5 ⇓ 5 (2 + 5) ⇓ 7 13 ⇓ 13 ((2 + 5) ∗ 13) ⇓ 91

10 / 22

slide-15
SLIDE 15

[Syntax] [Big Steps] [Small Steps]

The big-step semantics in Haskell

A Haskell version of the abstract syntax

data Aexp = Num Integer | Add Aexp Aexp | Sub Aexp Aexp | Mult Aexp Aexp

The big-step semantics as an evaluator function

aBig (Add a1 a2) = (aBig a1) + (aBig a2) aBig (Sub a1 a2) = (aBig a1) - (aBig a2) aBig (Mult a1 a2) = (aBig a1) * (aBig a2) aBig (Num n) = n

11 / 22

slide-16
SLIDE 16

[Syntax] [Big Steps] [Small Steps]

Do these rules make sense?

Theorem 4. Suppose e ∈ Aexp. Then there is a unique integer v such that e ⇓ v. Proof (by rule induction). CASE: NUM. This is immediate. CASE: PLUS. By IH, there are unique v1 and v2 such that a1 ⇓ v1 and a2 ⇓ v2. By arithmetic, there is a unique v such that v = v1 + v2. Hence, there is a unique v such that a1 + a2 ⇓ v. CASES: MINUS and MULT. These follow mutatis mutandis.

PLUSBSS: a1 ⇓ v1 a2 ⇓ v2 (a1 + a2) ⇓ v (v = v1 + v2) . . . NUMBSS: n ⇓ v (N [[n]] = v)

12 / 22

slide-17
SLIDE 17

[Syntax] [Big Steps] [Small Steps]

What do Aexp expression mean? Small-step rules

a ::= n | (a1 + a2) | (a1 − a2) | (a1 ∗ a2) | v

PLUS-1SSS:

a1 → a′

1

(a1 + a2) →(a′

1 + a2)

PLUS-2SSS:

a2 → a′

2

(a1 + a2) →(a1 + a′

2)

PLUS-3SSS: (v1 + v2) → v (v = v1 + v2)

. . .

NUMSSS: n → v (N [[n]] = v) Notes These are rewrite rules. We now allow values in expressions. a → a′ is a transition. a → a′ ≡ expression a evaluates (or rewrites) to a′ in one-step. v is a terminal expression. The rules for − and ∗ follow the same pattern as the +-rules.

13 / 22

slide-18
SLIDE 18

[Syntax] [Big Steps] [Small Steps]

Class exercise

Show: (((3 ∗ 2) + (8 − 3)) ∗ (5 − 2)) →                ((6 + (8 − 3)) ∗ (5 − 2)) (((3 ∗ 2) + 5) ∗ (5 − 2)) (((3 ∗ 2) + (8 − 3)) ∗ 3)

14 / 22

slide-19
SLIDE 19

[Syntax] [Big Steps] [Small Steps]

Some full small-step derivations of transitions

MINUS3 (8 − 3) → 5 PLUS2 (6 + (8 − 3)) →(6 + 5) MULT1 ((6 + (8 − 3)) ∗ (5 − 2)) →((6 + 5) ∗ (5 − 2)) PLUS3 (6 + 5) → 11 MULT1 ((6 + 5) ∗ (5 − 2)) → 11 ∗ (5 − 2) MINUS3 (5 − 2) → 3 MULT2 (11 ∗ (5 − 2)) → 11 ∗ 3 MULT3 (11 ∗ 3) → 33 The derivations show that the steps in the transition sequence below are legal (i.e., follow from the rules). ((6 + (8 − 3)) ∗ (5 − 2)) → ((6 + 5) ∗ (5 − 2)) → 11 ∗ (5 − 2) → 11 ∗ 3 → 33

15 / 22

slide-20
SLIDE 20

[Syntax] [Big Steps] [Small Steps]

There is a lattice of transitions

(((3*2)+(8-3))*(5-2)) ((6+(8-3))*(5-2)) (((3*2)+5)*(5-2)) (((3*2)+(8-3))*3) ((6+5)*(5-2)) ((6+(8-3))*3) (11*(5-2)) ((6+5)*3) (11*3) 33 (((3*2)+5)*3)

16 / 22

slide-21
SLIDE 21

[Syntax] [Big Steps] [Small Steps]

Properties of operational semantics

Definition 5. A transition system (Γ, ❀, T) is deterministic when for all a, a1, and a2: If a ❀ a1 and a ❀ a2, then a1 = a2. Theorem 6. The big-step semantics for Aexp is deterministic. The proof is an easy rule induction. Theorem 7. The given small-step semantics (Aexp ∪ Z, ⇒, Z) fails to be deterministic, but for all a ∈ Aexp and v1, v2 ∈ Z, if a ⇒∗ v1 and a ⇒∗ v2, then v1 = v2. This proof is tricky because of the nondeterminism.

17 / 22

slide-22
SLIDE 22

[Syntax] [Big Steps] [Small Steps]

Very sketchy proof-sketch

Theorem 8. The given small-step semantics (Aexp ∪ Z, ⇒, Z) fails to be deterministic, but for all a ∈ Aexp and v1, v2 ∈ Z, if a ⇒∗ v1 and a ⇒∗ v2, then v1 = v2. Proof-sketch. The argument is by induction on the number of operators (i.e., +, −, and ∗)

  • ccurring in a.

Base case: a is a numeral, so it hasn’t any operators and is a terminal expression. Hence if a ⇒∗ v, then v = a is our only choice. Induction step: Suppose by induction the theorem is true for all expressions of n or fewer operators and suppose a = a1 + a2 has n + 1 many operators. (The arguments for a = a1 − a2 and a = a1 ∗ a2 will be similar.) . . . more

18 / 22

slide-23
SLIDE 23

[Syntax] [Big Steps] [Small Steps]

Very sketchy proof-sketch, continued

Theorem 8. The given small-step semantics (Aexp ∪ Z, ⇒, Z) fails to be deterministic, but for all a ∈ Aexp and v1, v2 ∈ Z, if a ⇒∗ v1 and a ⇒∗ v2, then v1 = v2. The a1 and a2 are expressions with n or fewer operators. The last step in any transition sequence a ⇒∗ v is of the form v1 + v2 ⇒ v and justified by PLUS3. In each step before the last, the final rule in the step-justification was either a PLUS1

  • r a PLUS2. [Clarify!]

If we look at the premises of the PLUS1’s, they give a small-step derivation a1 ⇒∗ v1. By the IH, we know that any ⇒-reduction sequence for a1 that ends with a value must produce v1. Similarly, a2 ⇒∗ v2 is also determined. So, it follows that if a ⇒∗ v, we must have v = v1 + v2.

19 / 22

slide-24
SLIDE 24

[Syntax] [Big Steps] [Small Steps]

A deterministic small-step semantics for Aexp

a ::= n | (a1 + a2) | (a1 − a2) | (a1 ∗ a2) | v

PLUS-1′

SSS:

a1 → a′

1

a1 + a2 → a′

1 + a2

PLUS-2′

SSS:

a2 → a′

2

v1 + a2 → v1 + a′

2

PLUS-3′

SSS: v1 + v2 → v (v = v1 + v2)

. . .

NUMSSS: n → v (N [[n]] = v)

20 / 22

slide-25
SLIDE 25

[Syntax] [Big Steps] [Small Steps]

The leftmost path through the lattice of transitions

(((3*2)+(8-3))*(5-2)) ((6+(8-3))*(5-2)) (((3*2)+5)*(5-2)) (((3*2)+(8-3))*3) ((6+5)*(5-2)) ((6+(8-3))*3) (11*(5-2)) ((6+5)*3) (11*3) 33 (((3*2)+5)*3)

21 / 22

slide-26
SLIDE 26

[Syntax] [Big Steps] [Small Steps]

Why multiple flavors of semantics?

They provide different views of computations. Big-step is good for reasoning about how the (big) pieces of things fit together. Small step is good at reasoning about the (small) steps of a computation fit together. Small step semantics is much better at modeling inherent nondeterminism (e.g., in concurrent programs). . . . and there are other flavors (e.g., denotational) for other purposes (e.g., obtaining stronger forms of soundness).

22 / 22